last executing test programs: 18.548932452s ago: executing program 3 (id=392): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) syz_usb_connect(0x1, 0x51, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x9, 0x94, 0x73, 0x8, 0x1199, 0x6821, 0x9859, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x3f, 0x1, 0x0, 0x0, 0x20, 0x0, [{{0x9, 0x4, 0x3, 0x0, 0x5, 0x37, 0x5d, 0xd2, 0x0, [], [{{0x9, 0x5, 0x6, 0x3, 0x40, 0x7, 0xe, 0x5}}, {{0x9, 0x5, 0x7, 0x0, 0x0, 0x4, 0x2, 0x3}}, {{0x9, 0x5, 0x8, 0x0, 0x400, 0x4, 0xfe, 0x7}}, {{0x9, 0x5, 0x4, 0x0, 0x3ff, 0x3, 0x2, 0x4}}, {{0x9, 0x5, 0xa, 0x1c, 0x3ff, 0x1, 0xac, 0x8}}]}}]}}]}}, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8910, 0x0, 0x0) syz_usb_connect$uac1(0x3, 0x96, &(0x7f0000000700)=ANY=[@ANYBLOB="12011003000000406b1d010140000102030109028400030105a0100904000000010100000a24010400000201020924030105030202060524050408052404030109040100000102000009040101010102000009050109100002020107250100030600090402000001"], &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001100), 0xffffffffffffffff) r7 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x14003) ioctl$BLKGETDISKSEQ(r7, 0x80081280, &(0x7f0000000340)) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r5, &(0x7f0000001980)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001940)={&(0x7f0000000740)=ANY=[@ANYBLOB="f4000000", @ANYRES16=r6, @ANYBLOB="20002cbd7000fedbdf25390000000c009900050000007000000020005a800400008018000280140003000e00050006000700b03505000900070004005a80b0005a80600003800400020014000500ff01090000000104ff010900b1020400140003000200f7e6000010000100030000100500140008000700f8ff020005000900fbff02000600140003000700ff07280f0010000409007c10ffff050004007d000000080001800400020004000080040000803c00038005000600010000002900020054205054310a363e19510102201b25261e1456262009042d254c550318101c110405044b3c00000004000200245431466960c2d95267e733ce00b6da97c54d5805992324d84f7d936526f1ee89a78555044635205f77abf005d13267a781d14f0eabb385fbe942a9029f4708081d0330cdfd99e35f1b7cbce6e03961"], 0xf4}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r8, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x54, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x34080}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x7}, @IFLA_GRE_REMOTE={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x28}}]}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x54}}, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000000a3b83000000000000000005000008fd00024000000002040006000900010073797a31000000001400"], 0x54}, 0x1, 0x0, 0x0, 0x40800}, 0x4000) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x3, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7c, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x80000000, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x5, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x9, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x7, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xffffffff, 0x5, 0x7, 0x7fff, 0x5a80, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0xffffffff, 0x4, 0xb, 0x4, 0x9, 0x8, 0x8, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x1, 0x3, 0x6c0, 0xbc46, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x8, 0x7fff, 0x0, 0x5, 0x8, 0x4, 0x9, 0x2, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xfffffffa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2e9, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xd, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x1, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa21, 0xf40, 0x738, 0x1, 0x6c1b, 0x80, 0x4, 0x5, 0xb1e, 0x20000d7, 0x200, 0xffff3441, 0xfff]}, 0x45c) ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000200)={0x3, @vbi={0x6, 0x8, 0x3, 0x34363248, [0x6, 0x2], [0x4, 0x38], 0x1}}) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 14.628731009s ago: executing program 0 (id=398): r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) socket$inet(0x2, 0x1, 0x0) syz_clone3(&(0x7f00000004c0)={0xd0012000, 0x0, 0x0, 0x0, {}, 0x0, 0xfffffffffffffed2, 0x0, &(0x7f0000000480), 0x1}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10) arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x1) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884) inotify_add_watch(r0, &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000004) open_by_handle_at(r4, 0x0, 0x60380) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r6 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, 0x0) r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000040)={0x4, r5, 0x1}) ioctl$DMA_BUF_IOCTL_SYNC(r8, 0x40086200, &(0x7f0000000080)=0x7) r9 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000002c0)=ANY=[@ANYRES64, @ANYRES32=r4, @ANYRES16=r2, @ANYBLOB="0c961d1669620e5405205fc87900eb2b92a5139e68ebd398c4a2585f"], 0x9, 0x6da, &(0x7f0000000bc0)="$eJzs3cFvHFcdB/DvrNeON5TgtAnNoQgrkVqkiMSJlUK4YBBCOVSoKoeercRprG6TKnFRWiFIAcEJiUP/gILkGwcE4h4ULlzKrVcfKyFxiRCKelk0s7PrXXsd24m9dujnE43nvXkzb37zmzcz3nVWG+AL68rZNO+nyJWzr90t62ur8+211fkjdXM7SVluJM3uLMXNpHiQLJTtxcCUgfkmHy1ffuPTh2ufdWvNeqrWn+hvN72jkEfs4149Zbbub3bklpM76r/bVxVenktytZ4Pm9qmiy+PXLFM2pl6Dgeus8m93Wy+5fUOHH69p1PRfW5uMpMcrZ/M1e8E9d2hMb4I98eu7nIAAADwjPrk1kFHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+e+vv/i3pq1PPMpuh9//9Ub1ldPoQWdrzm/X2NAwAAAAAAAADG4+uP8ih3c6xX7xTV3/xPV5UT+byTfCnv5U6WcjvncjeLWclKbudCkpmBjqbuLq6s3L7Q37I0esuLI7e8OK4jBgAAAAAAAID/S79Ia/3v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBgUyUR3Vk0nkv+W88yk0cx6W+4l/0wyddDx7kIxauH98ccBAAAAT2X6Cbb5yqM8yt0c69U7RfmaP1+tXi9P573czEqWs5J2lnKtfg1dvupvrK3Ot9dW598pp7I+3O/3/r2rMKbqHiaq2qg9n6rWaOV6lqsl53K1CuZaGt19n0lO9eIZiGvAh2VMxXdrO4ysWae13NnvtnoXYU8MvxXReMyarfXgkn5G5urYyi2PdzNQVG/UJBszse3ZaQ7VZqpeJ/t7upBG/52fE/uQ86P1vDyeX+9rznern4lGqkxc7I2+8pp5fCaSV/76xzdvtG++feP6nbOH55C2MbHF8o1jYn4gEy8+05lo7nL9uSoTJ/v1K/lhfpyzmc3ruZ3l/CSLWclSOnX7Yj2ey58zj8/UwlDt9e0imarPS/ec7SSm2fygKi3mdLXtsSynyK1cy1Jerf5dzIV8K5dyKZcHzvDJLeOujq266hsbr/remf7byODPfKMulHe336zf5RYed8Rbjc690r33l3k9PpDX7qh/2F/r+MB1MDeQped72Zkc2fnu7o0b3mov9/HLbZ4T4zVTZ6K8gHpPiV50L3Qz0ayeRZvH+e875XZp3+x0biy+u0X/9zbUX67n5bBa/dp2a/eMPhV7qzxVz2e6vpMMj46y7YX+XWagrbM+lrttw0/ccruTVVtR9K7UH+VWNQA2X6lT9e9wm3u6WLW9OLJtvmo7NdA29PtWbqWda2PIHwBP4h9v9oszOTrV+lfrk9bHrV+1brRem/7+kW8feWkqk3+f/E5zbuLlxkvFn/Nxfrb++h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhyd97/4O3Fdnvp9uhCY+umoUIrG5ds1fOR0f0U9Rf67GBfh6vwypGlv4xomk4ytKT6nqOxR9jaGMamQufnydhT1/tOq9Hr/LYsNDeNqFGFhaElf9rc4Ye7jLDY2XWxj4VGxrvTiYweAAd4UwLG4vzKO++ev/P+B99cbiy+tfTW0s3JS5cuz12+9Or8+evL7aW57s+DjhLYD+sP/YOOBAAAAAAAAAAAANipUR8MOP3cdh8a2dFnPPzPQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBPXDmb5v0UuTB3bq6sr63Ot8upV15fs5mk0UiKnybFg2Qh3SkzA90V+cODdEbs56Ply298+nDts/W+mt31k0Y939rjW5Pcq6fMJpmo509hqL+rT91f8Z/eMZQJ+7zT6Sw8XXywN/4XAAD//+tA9MQ=") landlock_restrict_self(r9, 0x0) 13.705776265s ago: executing program 1 (id=399): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) unshare(0x2a020400) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000004c80)={0x2, r3}) r4 = dup(r0) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_SET_TIME(r5, 0x8008700b, &(0x7f0000000040)={0x0, 0x2c, 0x0, 0x6, 0x0, 0xa9, 0x3, 0x2, 0x1}) syz_io_uring_setup(0x5e2, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x8000000}, &(0x7f0000000040), &(0x7f0000000180)) socket$inet_sctp(0x2, 0x5, 0x84) r6 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0xc0601, 0x0) syz_open_dev$midi(&(0x7f0000000140), 0xf4a, 0xa86c1) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14) r7 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r8 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r7) pipe2$watch_queue(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r7, r9, 0x1e) r11 = add_key$fscrypt_v1(0x0, &(0x7f0000000280)={'fscrypt:', @desc3}, 0x0, 0x0, r7) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) unshare(0x8040480) unshare(0x2a020480) sendmmsg$unix(r10, 0x0, 0x0, 0x40040c0) keyctl$KEYCTL_MOVE(0x1e, r11, r7, r8, 0x0) capset(0x0, &(0x7f0000000180)={0x3, 0x0, 0x0, 0x0, 0x0, 0x2}) mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, 0x0) madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x14) 13.625295617s ago: executing program 0 (id=400): r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x80, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$TIOCGPKT(r0, 0x80045438, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x20) bind$bt_hci(r4, 0x0, 0x0) write$binfmt_misc(r4, &(0x7f0000000100), 0x6) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) r5 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000140)={'mpc624\x00', [0x9e1, 0x2166, 0x0, 0xffffe, 0x188d8, 0x8e, 0x1, 0x10, 0x1002, 0xffffffff, 0x200, 0x40008, 0x344, 0x7, 0x7, 0x3, 0x8, 0x803, 0xb, 0xe, 0x4, 0x3, 0x7, 0x8000000a, 0x5, 0x0, 0x22c, 0x7df, 0x6, 0x400007, 0x1]}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a40)={0x2c, r7, 0x5, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="d1"}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac06}]]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x488c0) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x3c, r9, 0x0, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x464c, 0x16}}}}, [@NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "cbef7a357f31dd782e0b1d355a"}, @NL80211_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000880}, 0x8080) 12.26144715s ago: executing program 0 (id=402): syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="043e0a03"], 0xd) 12.013134984s ago: executing program 0 (id=403): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x17, 0x7, 0x8c, 0x401, 0x1bcd9, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x50) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r3, &(0x7f0000000000), 0xd) close(0xffffffffffffffff) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000180)=0x40000007, 0x4) sendmmsg(r4, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}}], 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r5) sendmsg$NLBL_CIPSOV4_C_REMOVE(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004004}, 0x0) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r6, 0x1, 0x7ffffc, 0x0, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_TYPE={0x5}]}, 0x34}}, 0x0) 12.012218444s ago: executing program 1 (id=405): r0 = socket(0x2a, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r2, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES8=r0, @ANYRES32=r4, @ANYBLOB="0000feff00000000b700d2fd00000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd608a37f200082c"], 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000440), 0x8) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r9, 0x6, 0x13, 0x0, 0x0) connect$inet6(r9, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r9, 0x6, 0x1f, &(0x7f0000000540), 0x3c) setsockopt$inet6_tcp_TLS_TX(r9, 0x11a, 0x1, &(0x7f0000000280)=@gcm_256={{0x303}, "41328ac34a4ad2ba", "e8582491a0c405000000be6a7957d2e5c59500000000000000396700", "61241765", "89b06a0bed0000fd"}, 0x38) ioctl$EXT4_IOC_SETFSUUID(r3, 0x4008662c, &(0x7f00000002c0)={0x10, 0x0, "f652d32d54b1d55a732faf9515cc5475"}) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r10}, 0x10) acct(&(0x7f00000001c0)='./file0\x00') sendmsg$inet(r9, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4000) 9.862390251s ago: executing program 1 (id=407): openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000330001002bbd7000fedbdb2505"], 0x24}, 0x1, 0x0, 0x0, 0x2404c804}, 0x4000000) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[], 0x50) socket$nl_generic(0x10, 0x3, 0x10) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f00000009c0)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$loop(0x0, 0x7fffffffffffffff, 0x20000) ioctl$BLKFLSBUF(r1, 0x1261, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_udp(0xa, 0x2, 0x0) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000f1a000/0x2000)=nil, 0x2000, &(0x7f0000000000)) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f00000020c0)='smaps\x00') mlock(&(0x7f0000ff9000/0x7000)=nil, 0x7000) write$sysctl(r3, &(0x7f0000000000)='2\x00', 0x2) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) socket$l2tp(0x2, 0x2, 0x73) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x809}, {0xa, 0x8, 0xfffffffe, @empty}, 0x2, {[0x0, 0x1, 0xfffffffe, 0xfff, 0x2, 0x4]}}, 0x5c) sendmsg$IPVS_CMD_ZERO(r4, 0x0, 0x8000) syz_open_dev$vcsn(&(0x7f0000000180), 0x8, 0x642) 9.806266321s ago: executing program 2 (id=408): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b000003ffffffffffffe8000000040000430000195cdfc19558098f7e29ccf8e7c90ce594b929c90c438aa7402798751413e7df1eb03f4b4aeb8811dfdfc53836055bbadc4575ec5559fc41dbcd", @ANYRES32, @ANYBLOB="0000008000"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/20], 0x50) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25GCALLUSERDATA(r2, 0x89e4, &(0x7f0000000bc0)={0x7d, "9984a69e26edfdb7000300000000000000ff03ba91f6a27a0603c6de995ae34b81fb4dec3d44ad144088e68b88dbaea386f1283b716c35f680777326309719e45e5b36835640fdd1dd6c7876adcaa1a9beb8d03de6dfcfdaecb9d67597e890bc9dd646e82aa45e00"}) preadv(r1, &(0x7f00000000c0)=[{0x0}, {0x0}], 0x2, 0x0, 0x3) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) pwritev2(r3, 0x0, 0x0, 0xe7b, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x0, 0x51, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5c08cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891f648bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8) connect$inet6(r4, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd8}, 0x94) r5 = socket$inet6(0xa, 0x80002, 0x0) r6 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) sendto$inet6(r5, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe20, 0x0, @mcast2}, 0x1c) sendto$inet6(r5, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b", 0x69, 0xc001, 0x0, 0x0) setsockopt$inet6_mtu(r5, 0x29, 0x17, 0x0, 0x0) setsockopt$inet6_udp_int(r5, 0x88, 0x1, &(0x7f0000000080), 0x4) 9.704770273s ago: executing program 3 (id=409): syz_mount_image$minix(&(0x7f0000000180), &(0x7f0000000300)='./file0\x00', 0x2000000, &(0x7f00000018c0)=ANY=[], 0x3, 0x1d4, &(0x7f0000000580)="$eJzs28tu00AUxvFvYjutW+6FDatIIMGGmKbiUrGBHZu+AlLVulWEC4iyaYRUISHxHDwRL8AjUAm2IGHkS5xiOypu4pom/99qTo9HPtN4kjMLC8Dc6qgjI+MM48MV4+hXmAStBgsDULtop/8Oq7GieQBmgPW96QoANOPoWdQFmKQZsJxCf/DVSE8lffvxfkutdiF/9EG66aZ5s6DFfH/xWboznG/c0vlLWX6pNH/31vD+y7qgi7qky7qiq7qW5rez+Tcm6ISA+WPUzcfd5FSQaGmnH/j3s9jRTn/52PXtON/LxWtZvBDH3a3XwXZtawBwOq3S/T9i5fa/HcerZ1cggNrsHwxebgaB/7by4MnPMKw+Kx5YkkpS6SmkLDW9QWhJpal2jTetNPhoxlQ4+aCjs1pFdFIspqIT55inbrHsgXyu/+NDscfsFPuE6YeSBl8kTaUMd2r/DVcnX3P8W6J47gdw/nnv9t54+weDe/29zV1/13/Ve9xbf7j2YPXRuhd3/t7f/T+A2TH60W+6EgAAAAAAAAAAAAAAcForup6O7NEfPzVVDQAAAIA6/dM7Qxu3N15M8MpR02sEAAAAAAAAAAAAAAAAAAAAZsWfAAAA//89Qw3O") 8.617995302s ago: executing program 3 (id=410): r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) socket$inet(0x2, 0x1, 0x0) syz_clone3(&(0x7f00000004c0)={0xd0012000, 0x0, 0x0, 0x0, {}, 0x0, 0xfffffffffffffed2, 0x0, &(0x7f0000000480), 0x1}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10) arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x1) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884) inotify_add_watch(r0, &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000004) open_by_handle_at(r4, 0x0, 0x60380) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r6 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, 0x0) r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000040)={0x4, r5, 0x1}) ioctl$DMA_BUF_IOCTL_SYNC(r8, 0x40086200, &(0x7f0000000080)=0x7) r9 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000002c0)=ANY=[@ANYRES64, @ANYRES32=r4, @ANYRES16=r2, @ANYBLOB="0c961d1669620e5405205fc87900eb2b92a5139e68ebd398c4a2585f"], 0x9, 0x6da, &(0x7f0000000bc0)="$eJzs3cFvHFcdB/DvrNeON5TgtAnNoQgrkVqkiMSJlUK4YBBCOVSoKoeercRprG6TKnFRWiFIAcEJiUP/gILkGwcE4h4ULlzKrVcfKyFxiRCKelk0s7PrXXsd24m9dujnE43nvXkzb37zmzcz3nVWG+AL68rZNO+nyJWzr90t62ur8+211fkjdXM7SVluJM3uLMXNpHiQLJTtxcCUgfkmHy1ffuPTh2ufdWvNeqrWn+hvN72jkEfs4149Zbbub3bklpM76r/bVxVenktytZ4Pm9qmiy+PXLFM2pl6Dgeus8m93Wy+5fUOHH69p1PRfW5uMpMcrZ/M1e8E9d2hMb4I98eu7nIAAADwjPrk1kFHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+e+vv/i3pq1PPMpuh9//9Ub1ldPoQWdrzm/X2NAwAAAAAAAADG4+uP8ih3c6xX7xTV3/xPV5UT+byTfCnv5U6WcjvncjeLWclKbudCkpmBjqbuLq6s3L7Q37I0esuLI7e8OK4jBgAAAAAAAID/S79Ia/3v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBgUyUR3Vk0nkv+W88yk0cx6W+4l/0wyddDx7kIxauH98ccBAAAAT2X6Cbb5yqM8yt0c69U7RfmaP1+tXi9P573czEqWs5J2lnKtfg1dvupvrK3Ot9dW598pp7I+3O/3/r2rMKbqHiaq2qg9n6rWaOV6lqsl53K1CuZaGt19n0lO9eIZiGvAh2VMxXdrO4ysWae13NnvtnoXYU8MvxXReMyarfXgkn5G5urYyi2PdzNQVG/UJBszse3ZaQ7VZqpeJ/t7upBG/52fE/uQ86P1vDyeX+9rznern4lGqkxc7I2+8pp5fCaSV/76xzdvtG++feP6nbOH55C2MbHF8o1jYn4gEy8+05lo7nL9uSoTJ/v1K/lhfpyzmc3ruZ3l/CSLWclSOnX7Yj2ey58zj8/UwlDt9e0imarPS/ec7SSm2fygKi3mdLXtsSynyK1cy1Jerf5dzIV8K5dyKZcHzvDJLeOujq266hsbr/remf7byODPfKMulHe336zf5RYed8Rbjc690r33l3k9PpDX7qh/2F/r+MB1MDeQped72Zkc2fnu7o0b3mov9/HLbZ4T4zVTZ6K8gHpPiV50L3Qz0ayeRZvH+e875XZp3+x0biy+u0X/9zbUX67n5bBa/dp2a/eMPhV7qzxVz2e6vpMMj46y7YX+XWagrbM+lrttw0/ccruTVVtR9K7UH+VWNQA2X6lT9e9wm3u6WLW9OLJtvmo7NdA29PtWbqWda2PIHwBP4h9v9oszOTrV+lfrk9bHrV+1brRem/7+kW8feWkqk3+f/E5zbuLlxkvFn/Nxfrb++h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhyd97/4O3Fdnvp9uhCY+umoUIrG5ds1fOR0f0U9Rf67GBfh6vwypGlv4xomk4ytKT6nqOxR9jaGMamQufnydhT1/tOq9Hr/LYsNDeNqFGFhaElf9rc4Ye7jLDY2XWxj4VGxrvTiYweAAd4UwLG4vzKO++ev/P+B99cbiy+tfTW0s3JS5cuz12+9Or8+evL7aW57s+DjhLYD+sP/YOOBAAAAAAAAAAAANipUR8MOP3cdh8a2dFnPPzPQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBPXDmb5v0UuTB3bq6sr63Ot8upV15fs5mk0UiKnybFg2Qh3SkzA90V+cODdEbs56Ply298+nDts/W+mt31k0Y939rjW5Pcq6fMJpmo509hqL+rT91f8Z/eMZQJ+7zT6Sw8XXywN/4XAAD//+tA9MQ=") landlock_restrict_self(r9, 0x0) 8.599073862s ago: executing program 2 (id=411): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0xc, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r3, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r3], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0) r5 = socket(0x10, 0x3, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x24, 0x29, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {}, {0xe, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x40c4) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x84, 0x0, 0x0) dup(0xffffffffffffffff) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, &(0x7f0000000080), 0x4) sendmmsg$inet(r7, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0) close(r8) socket$alg(0x26, 0x5, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0xffffffffffffffff}, 0x10) syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0) 6.841462923s ago: executing program 3 (id=412): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = syz_open_dev$ndb(&(0x7f0000000180), 0x0, 0x600000) ioctl$BLKOPENZONE(r4, 0x40101286, &(0x7f0000000300)={0x0, 0x7}) ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x17) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) accept4$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f00000005c0), 0x400) close(r1) getrandom(0x0, 0x0, 0x0) r7 = syz_open_dev$dri(0x0, 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000100)={0x0, &(0x7f0000000040), 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000600)={r8, 0x0, 0x0, 0x0, 0x0, [0x0], [], [], [0xd]}) ioctl$DRM_IOCTL_MODE_ADDFB2(0xffffffffffffffff, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r9], [0x2b8], [0x0, 0x5]}) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffe000/0x1000)=nil) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$usbfs(&(0x7f0000000340), 0x3, 0x490280) sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03080000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021440000000c0a09030000000000000000070000000900020073797a31000000000900010073797a300000000018000380140000800800034000000002050006405200000014000000110001"], 0xc8}}, 0x0) 5.910889839s ago: executing program 1 (id=413): socket(0x2, 0x1, 0x0) request_key(&(0x7f0000000000)='ceph\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0xfffffffffffffffb) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x37db}, 0x38) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x2404c010) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) socket$packet(0x11, 0x3, 0x300) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r1, 0x80003f00, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_io_uring_setup(0x1c4d, &(0x7f0000000400)={0x0, 0x707b, 0x40, 0x4, 0x80288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB='('], 0x28}, 0x0, 0x2000c000}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x6}, 0x94) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x23, 0x10}, 0xc) bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e23, 0x3, @empty}, 0x1c) sendto$inet6(r5, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @mcast1}, 0x1c) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8}, 0xe) sendmmsg$sock(r6, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0) shutdown(r6, 0x1) 5.321380519s ago: executing program 0 (id=414): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000380), 0x8) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a) accept4(r3, 0x0, 0x0, 0x80000) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000780)=ANY=[@ANYRESOCT=r0, @ANYRES8=r0, @ANYRESOCT=r2, @ANYRESDEC=r1, @ANYRESHEX=0x0, @ANYRESOCT=r1, @ANYRESOCT=r1, @ANYRES16=r0, @ANYRES32=r3], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x14, '\x00', r2, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) r6 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r6, 0xc1004110, &(0x7f0000000040)={0x0, [0x2, 0x8, 0x5], [{0x0, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x0, 0x3}, {0x0, 0x3}, {}, {0x0, 0x9}, {}, {}, {}, {}, {0x0, 0x5}], 0x20}) socket$nl_generic(0x10, 0x3, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{0x35}, {0x20, 0x0, 0x0, 0x1}, {0x6}]}) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67100000000000560602000fff00006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc67357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9ec7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dca20563e1c1e7624cc3b88b330ad416c4c1d8c60589b6445a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843240000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48) syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') ppoll(&(0x7f0000000080)=[{r7, 0x1130}, {r7, 0x4}], 0x2, 0x0, 0x0, 0x0) r8 = getpid() r9 = syz_pidfd_open(r8, 0x0) setns(r9, 0x24020000) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70200000200000085000000860000008500000050000000bf91000000000000b70200000000000085"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r11}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 4.68633383s ago: executing program 2 (id=415): sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=ANY=[@ANYBLOB="d8000000000201030000000000000000070000028800018006000340000300002c00018014000300fe80000000000000000000000000000d14000400fc02000000000000000000000000000006000340000200000c000280050001003a0000000c000280050001002f00000014000180080001000080000008000200ac14142306000340000000000c000280050001000600000006000340000319000800044000006b0506000740007369702d32303030300000000900060073797a31000000000e0006007369702d3230303030000000"], 0xd8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000) socket(0x10, 0x803, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='nmi_noise\x00', r0, 0x0, 0x2}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xa, 0x21bb, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000ff57ff57b9000000000000008500000041000000a20005ae7dac94c8769f7b937bc4593a7c567efdf6d6f52fe6a325"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x100) r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0) ioctl$COMEDI_POLL(r1, 0x640f) ioctl$COMEDI_POLL(r1, 0x640f) ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000080)={'dt2815\x00', [0xee, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x9, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x3, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x800, 0x400e2df, 0x9, 0x4e, 0x4, 0x3, 0x7, 0x5, 0x5]}) ioctl$COMEDI_DEVINFO(r1, 0x80b06401, &(0x7f0000000180)) bpf$PROG_LOAD(0x5, 0x0, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0) syz_open_dev$video4linux(&(0x7f0000000500), 0x20, 0x400) ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x6, 0x1000087}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) syz_open_dev$video4linux(&(0x7f0000000000), 0x71, 0x0) 2.9139627s ago: executing program 2 (id=416): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x15, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x28}, @jmp={0x5, 0x0, 0x9, 0x0, 0x4, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) 2.91310276s ago: executing program 3 (id=417): syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x8, 0x0, 0x411}}}, 0x7) 2.827416031s ago: executing program 1 (id=418): r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) socket$inet(0x2, 0x1, 0x0) syz_clone3(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884) inotify_add_watch(r0, &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000004) open_by_handle_at(r4, 0x0, 0x60380) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r6 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}}) r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000040)={0x4, r5, 0x1}) ioctl$DMA_BUF_IOCTL_SYNC(r8, 0x40086200, 0x0) r9 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0) syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000002c0)=ANY=[@ANYRES64, @ANYRES32=r4, @ANYRES16=r2, @ANYBLOB="0c961d1669620e5405205fc87900eb2b92a5139e68ebd398c4a2585f"], 0x9, 0x6da, &(0x7f0000000bc0)="$eJzs3cFvHFcdB/DvrNeON5TgtAnNoQgrkVqkiMSJlUK4YBBCOVSoKoeercRprG6TKnFRWiFIAcEJiUP/gILkGwcE4h4ULlzKrVcfKyFxiRCKelk0s7PrXXsd24m9dujnE43nvXkzb37zmzcz3nVWG+AL68rZNO+nyJWzr90t62ur8+211fkjdXM7SVluJM3uLMXNpHiQLJTtxcCUgfkmHy1ffuPTh2ufdWvNeqrWn+hvN72jkEfs4149Zbbub3bklpM76r/bVxVenktytZ4Pm9qmiy+PXLFM2pl6Dgeus8m93Wy+5fUOHH69p1PRfW5uMpMcrZ/M1e8E9d2hMb4I98eu7nIAAADwjPrk1kFHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+e+vv/i3pq1PPMpuh9//9Ub1ldPoQWdrzm/X2NAwAAAAAAAADG4+uP8ih3c6xX7xTV3/xPV5UT+byTfCnv5U6WcjvncjeLWclKbudCkpmBjqbuLq6s3L7Q37I0esuLI7e8OK4jBgAAAAAAAID/S79Ia/3v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBgUyUR3Vk0nkv+W88yk0cx6W+4l/0wyddDx7kIxauH98ccBAAAAT2X6Cbb5yqM8yt0c69U7RfmaP1+tXi9P573czEqWs5J2lnKtfg1dvupvrK3Ot9dW598pp7I+3O/3/r2rMKbqHiaq2qg9n6rWaOV6lqsl53K1CuZaGt19n0lO9eIZiGvAh2VMxXdrO4ysWae13NnvtnoXYU8MvxXReMyarfXgkn5G5urYyi2PdzNQVG/UJBszse3ZaQ7VZqpeJ/t7upBG/52fE/uQ86P1vDyeX+9rznern4lGqkxc7I2+8pp5fCaSV/76xzdvtG++feP6nbOH55C2MbHF8o1jYn4gEy8+05lo7nL9uSoTJ/v1K/lhfpyzmc3ruZ3l/CSLWclSOnX7Yj2ey58zj8/UwlDt9e0imarPS/ec7SSm2fygKi3mdLXtsSynyK1cy1Jerf5dzIV8K5dyKZcHzvDJLeOujq266hsbr/remf7byODPfKMulHe336zf5RYed8Rbjc690r33l3k9PpDX7qh/2F/r+MB1MDeQped72Zkc2fnu7o0b3mov9/HLbZ4T4zVTZ6K8gHpPiV50L3Qz0ayeRZvH+e875XZp3+x0biy+u0X/9zbUX67n5bBa/dp2a/eMPhV7qzxVz2e6vpMMj46y7YX+XWagrbM+lrttw0/ccruTVVtR9K7UH+VWNQA2X6lT9e9wm3u6WLW9OLJtvmo7NdA29PtWbqWda2PIHwBP4h9v9oszOTrV+lfrk9bHrV+1brRem/7+kW8feWkqk3+f/E5zbuLlxkvFn/Nxfrb++h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhyd97/4O3Fdnvp9uhCY+umoUIrG5ds1fOR0f0U9Rf67GBfh6vwypGlv4xomk4ytKT6nqOxR9jaGMamQufnydhT1/tOq9Hr/LYsNDeNqFGFhaElf9rc4Ye7jLDY2XWxj4VGxrvTiYweAAd4UwLG4vzKO++ev/P+B99cbiy+tfTW0s3JS5cuz12+9Or8+evL7aW57s+DjhLYD+sP/YOOBAAAAAAAAAAAANipUR8MOP3cdh8a2dFnPPzPQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBPXDmb5v0UuTB3bq6sr63Ot8upV15fs5mk0UiKnybFg2Qh3SkzA90V+cODdEbs56Ply298+nDts/W+mt31k0Y939rjW5Pcq6fMJpmo509hqL+rT91f8Z/eMZQJ+7zT6Sw8XXywN/4XAAD//+tA9MQ=") landlock_restrict_self(r9, 0x0) 2.825936762s ago: executing program 2 (id=426): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b000003ffffffffffffe8000000040000430000195cdfc19558098f7e29ccf8e7c90ce594b929c90c438aa7402798751413e7df1eb03f4b4aeb8811dfdfc53836055bbadc4575ec5559fc41dbcd", @ANYRES32, @ANYBLOB="0000008000"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/20], 0x50) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25GCALLUSERDATA(r2, 0x89e4, &(0x7f0000000bc0)={0x7d, "9984a69e26edfdb7000300000000000000ff03ba91f6a27a0603c6de995ae34b81fb4dec3d44ad144088e68b88dbaea386f1283b716c35f680777326309719e45e5b36835640fdd1dd6c7876adcaa1a9beb8d03de6dfcfdaecb9d67597e890bc9dd646e82aa45e00"}) preadv(r1, &(0x7f00000000c0)=[{0x0}, {0x0}], 0x2, 0x0, 0x3) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) pwritev2(r3, 0x0, 0x0, 0xe7b, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x0, 0x51, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5c08cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891f648bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8) connect$inet6(r4, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd8}, 0x94) socket$inet6(0xa, 0x80002, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) 2.616271695s ago: executing program 3 (id=419): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000180)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@block_validity}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@data_err_ignore}, {@grpquota}, {@mblk_io_submit}, {@nodiscard}, {@bh}, {@dioread_nolock}]}, 0x1, 0x55f, &(0x7f0000000fc0)="$eJzs3d9rW+UbAPDnpM1+f7cOxvgqIoVdOJlL19YfE7yYl6LDgd7P0J6V0XQZTTrWOnC7cDfeyBBEHIj3eu/l8B/wrxjoYMgoeuFN5aQnW7cmTdZmS2Y+HzjlffOe5D1PznnevifnhAQwtMazP4WIlyLi6yTiUEQkedto5I3j6+utPrg2ky1JrK198mfSWC+rN1+r+bz9eeX/EfHrlxEnCpv7rS2vzJcrlXQxr0/UFy5P1JZXTl5cKM+lc+mlqenp029NT737zts9i/X1c39/9/GdD05/dWz125/vHb6VxJk4kLdtjGMHrm+sjMd4/p4U48wTK072oLNBkvR7A9iWkTzPi5GNAYdiJM964L/vi4hYA4ZUIv9hSDXnAcX83L5H58EvjPvvr58ArW6Kf3T9s5HY0zg32reaPHZmlJ3vjvWg/6yPX/64fStbonefQwB0dP1GRJwaHd08/iX5+Nfe3g7tp7ro/8k+jH/w/NzJ5j9vtJr/FB7Of6LF/Gd/i9zdjs75X7jXg27ayuZ/70Xr+HNjI3ntf405XzG5cLGSZmPbwYg4HsXdWX2r6zmnV++utWvbOP/Llqz/5lww3457o7sff85suV7eScwb3b8R8XLL+W/ycP8nLfZ/9n6c67KPo+ntV9u1dY7/2Vr7MeK1lvv/0RWtZOvrkxON42GieVRs9tfNo7+167/f8Wf7f9/W8Y8lG6/X1p6+jx/2/JO2a3ss/uj++N+VfNoo78ofu1qu1xcnI3YlH21+fOrRc5v15vpZ/MePbT3+tTr+s7nPZ13Gf/PIT690FX+f9v/sU+3/py/c/fDz79v1393492ajdDx/pJvxr9sN3Ml7BwAAAAAAAIOmEBEHIimUHpYLhVJp/f6OI7GvUKnW6icuVJcuzUbju7JjUSw0r3Qf2nA/xGR+P2yzPvVEfToiDkfENyN7G/XSTLUy2+/gAQAAAAAAAAAAAAAAAAAAYEDsb/P9/8zvI/3eOuCZ85PfMLw65n8vfukJGEj+/8Pwkv8wvOQ/DC/5D8NL/sPwkv8wvOQ/DC/5DwAAAAAAAAAAAAAAAAAAAAAAAAAAAD117uzZbFlbfXBtJqvPXllemq9eOTmb1uZLC0szpZnq4uXSXLU6V0lLM9WFTq9XqVYvT07F0tWJelqrT9SWV84vVJcu1c9fXCjPpefT4nOJCgAAAAAAAAAAAAAAAAAAAF4steWV+XKlki4qKGyrMDoYm7HjwsGIGIDNGJhCv0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//VSs1PA==") sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1, 0x1, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) connect$inet6(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82) r6 = socket$inet6_icmp(0xa, 0x2, 0x3a) socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r6, 0x0, 0x0) bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x6dcb, @empty}, 0x1c) listen(r0, 0x0) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/timers\x00', 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000540)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r8, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX=r9, @ANYBLOB=',uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d11f57832035e96a1513231140da182ca77aeedc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x1, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==") mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200), 0x800, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r0}}) 2.519520007s ago: executing program 0 (id=420): openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) syz_open_dev$sndmidi(0x0, 0x2, 0x141101) socket$alg(0x26, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e) socket$nl_audit(0x10, 0x3, 0x9) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) remap_file_pages(&(0x7f0000cbc000/0x4000)=nil, 0x4000, 0x9, 0x6426, 0x40) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x2, 0xfffffffe, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0) r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r3 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x3) ftruncate(r3, 0xffff) fcntl$addseals(r3, 0x409, 0x7) ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000000)={r3, 0x0, 0x0, 0x8000}) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8afdbf514fd00"}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) open(&(0x7f0000000240)='./file0\x00', 0x40000, 0x122) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x300000d, 0x6031, 0xffffffffffffffff, 0xfded4000) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r5, r4, &(0x7f00000000c0)=0x58, 0x5) 77.528109ms ago: executing program 1 (id=421): r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r3, &(0x7f0000000740)={0x1f, @none}, 0x8) listen(r3, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r1) accept4(r3, 0x0, 0x0, 0x80800) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0) ioctl$SOUND_MIXER_READ_VOLUME(r4, 0xa0044d07, 0x0) recvfrom$netrom(0xffffffffffffffff, &(0x7f0000000000)=""/255, 0xff, 0x40000003, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001880)=ANY=[@ANYRES8=r3, @ANYRES16=r6, @ANYBLOB="01000000000000000000210000000e0001006e657464654a730a00000000000000006e65746478767369764b0000000000006c325f64726f7073000000000500830000000000"], 0x4c}}, 0x10040) r7 = dup(r0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r7, 0x40045542, &(0x7f0000000140)=0x293c) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r7, 0x330f, 0x6) lsetxattr$security_capability(&(0x7f0000000280)='./cgroup/cgroup.procs\x00', &(0x7f0000000180), &(0x7f0000000040)=@v2={0x2000000, [{0x6, 0x4}, {0x4, 0x1bf}]}, 0x14, 0x1) 0s ago: executing program 2 (id=422): r0 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x100, 0x5}, 0x0, &(0x7f0000002a00)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) socket(0xf, 0x1, 0x8001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x58}}, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0) ioctl$SNDCTL_TMR_TIMEBASE(r6, 0xc0045401, 0x0) fanotify_mark(0xffffffffffffffff, 0x101, 0x8000031, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x113042, 0x0) write$FUSE_INIT(r7, &(0x7f0000000000)={0x50}, 0x2000) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) r8 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) fchmodat(r8, &(0x7f00000000c0)='./file1\x00', 0x31) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.171' (ED25519) to the list of known hosts. [ 82.054178][ T5776] cgroup: Unknown subsys name 'net' [ 82.185076][ T5776] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.663715][ T5776] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.321661][ T5788] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.325797][ T5792] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.339569][ T5788] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.347934][ T5788] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.356053][ T5788] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.356637][ T5794] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.366265][ T5788] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.376645][ T5794] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.384108][ T5788] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.392317][ T5794] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.398486][ T5788] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.405507][ T5794] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.412496][ T5788] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.427527][ T5788] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.436659][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.451359][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.469805][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.478189][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.503680][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.516956][ T5794] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.533649][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.543901][ T5794] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.560610][ T5794] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.593290][ T5794] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.959332][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 86.089609][ T5793] chnl_net:caif_netlink_parms(): no params data found [ 86.184005][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 86.243673][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.254868][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.263057][ T5786] bridge_slave_0: entered allmulticast mode [ 86.271552][ T5786] bridge_slave_0: entered promiscuous mode [ 86.313674][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.322683][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.330077][ T5786] bridge_slave_1: entered allmulticast mode [ 86.338403][ T5786] bridge_slave_1: entered promiscuous mode [ 86.354704][ T5793] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.362466][ T5793] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.372122][ T5793] bridge_slave_0: entered allmulticast mode [ 86.379557][ T5793] bridge_slave_0: entered promiscuous mode [ 86.404120][ T5797] chnl_net:caif_netlink_parms(): no params data found [ 86.416643][ T5793] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.426578][ T5793] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.434888][ T5793] bridge_slave_1: entered allmulticast mode [ 86.442553][ T5793] bridge_slave_1: entered promiscuous mode [ 86.501864][ T5793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.517353][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.531265][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.582073][ T5793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.651083][ T5786] team0: Port device team_slave_0 added [ 86.657725][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.666462][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.675163][ T5789] bridge_slave_0: entered allmulticast mode [ 86.683090][ T5789] bridge_slave_0: entered promiscuous mode [ 86.692997][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.701302][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.710933][ T5789] bridge_slave_1: entered allmulticast mode [ 86.720284][ T5789] bridge_slave_1: entered promiscuous mode [ 86.747094][ T5786] team0: Port device team_slave_1 added [ 86.797318][ T5793] team0: Port device team_slave_0 added [ 86.808015][ T5793] team0: Port device team_slave_1 added [ 86.828004][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.843266][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.903868][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.912588][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.941269][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.964928][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.973863][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.983149][ T5797] bridge_slave_0: entered allmulticast mode [ 86.991438][ T5797] bridge_slave_0: entered promiscuous mode [ 87.006253][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.014338][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.044051][ T5793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.057628][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.065920][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.092866][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.117376][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.125165][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.134407][ T5797] bridge_slave_1: entered allmulticast mode [ 87.143496][ T5797] bridge_slave_1: entered promiscuous mode [ 87.165238][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.173836][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.204142][ T5793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.231063][ T5789] team0: Port device team_slave_0 added [ 87.280479][ T5789] team0: Port device team_slave_1 added [ 87.304166][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.337764][ T5793] hsr_slave_0: entered promiscuous mode [ 87.346464][ T5793] hsr_slave_1: entered promiscuous mode [ 87.357521][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.382030][ T5786] hsr_slave_0: entered promiscuous mode [ 87.390126][ T5786] hsr_slave_1: entered promiscuous mode [ 87.396468][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.405143][ T5786] Cannot create hsr debugfs directory [ 87.422745][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.430283][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.462214][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.468405][ T5788] Bluetooth: hci0: command tx timeout [ 87.507807][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.515401][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.543670][ T5788] Bluetooth: hci2: command tx timeout [ 87.544078][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.549849][ T5788] Bluetooth: hci1: command tx timeout [ 87.589638][ T5797] team0: Port device team_slave_0 added [ 87.637189][ T5797] team0: Port device team_slave_1 added [ 87.699072][ T5788] Bluetooth: hci3: command tx timeout [ 87.733535][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.742091][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.773714][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.821788][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.829493][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.858387][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.886810][ T5789] hsr_slave_0: entered promiscuous mode [ 87.894007][ T5789] hsr_slave_1: entered promiscuous mode [ 87.900990][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.909479][ T5789] Cannot create hsr debugfs directory [ 88.005685][ T5797] hsr_slave_0: entered promiscuous mode [ 88.012830][ T5797] hsr_slave_1: entered promiscuous mode [ 88.019854][ T5797] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.027640][ T5797] Cannot create hsr debugfs directory [ 88.197429][ T5786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.237179][ T5786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.265180][ T5786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.276073][ T5786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.397346][ T5793] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.413019][ T5793] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.434193][ T5793] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.464793][ T5793] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.531538][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.546072][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.562032][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.589052][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.682526][ T5797] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.696117][ T5797] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.707037][ T5797] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.745163][ T5797] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.798023][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.894111][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.917901][ T5793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.951239][ T2891] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.958927][ T2891] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.988947][ T2891] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.996968][ T2891] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.012982][ T5793] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.036407][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.065922][ T992] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.074418][ T992] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.109805][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.117196][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.150245][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.165326][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.203290][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.211760][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.240645][ T5797] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.286965][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.295193][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.314735][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.324173][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.347106][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.355665][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.377584][ T5793] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.541007][ T5788] Bluetooth: hci0: command tx timeout [ 89.564444][ T5789] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.619027][ T5788] Bluetooth: hci1: command tx timeout [ 89.625186][ T5788] Bluetooth: hci2: command tx timeout [ 89.780630][ T5788] Bluetooth: hci3: command tx timeout [ 89.907371][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.073415][ T5786] veth0_vlan: entered promiscuous mode [ 90.095836][ T5793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.115968][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.129959][ T5786] veth1_vlan: entered promiscuous mode [ 90.187639][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.244706][ T5786] veth0_macvtap: entered promiscuous mode [ 90.283066][ T5786] veth1_macvtap: entered promiscuous mode [ 90.313044][ T5797] veth0_vlan: entered promiscuous mode [ 90.345698][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.372311][ T5793] veth0_vlan: entered promiscuous mode [ 90.392885][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.404889][ T5797] veth1_vlan: entered promiscuous mode [ 90.426434][ T5789] veth0_vlan: entered promiscuous mode [ 90.437879][ T5786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.448265][ T5786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.458442][ T5786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.469182][ T5786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.487106][ T5793] veth1_vlan: entered promiscuous mode [ 90.503822][ T5789] veth1_vlan: entered promiscuous mode [ 90.578921][ T5797] veth0_macvtap: entered promiscuous mode [ 90.603603][ T5793] veth0_macvtap: entered promiscuous mode [ 90.646600][ T5793] veth1_macvtap: entered promiscuous mode [ 90.663884][ T5797] veth1_macvtap: entered promiscuous mode [ 90.685878][ T5789] veth0_macvtap: entered promiscuous mode [ 90.699558][ T5789] veth1_macvtap: entered promiscuous mode [ 90.765078][ T1083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.770461][ T5797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.792404][ T1083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.802601][ T5797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.817751][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.831488][ T5797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.844403][ T5797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.856336][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.869810][ T5797] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.880378][ T5797] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.890049][ T5797] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.903657][ T5797] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.938775][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.951118][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.964427][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.977514][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.991637][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.003581][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.017828][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.031166][ T5793] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.042264][ T5793] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.054480][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.100383][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.112725][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.125346][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.137396][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.150026][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.161366][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.172654][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.190974][ T5793] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.200191][ T5793] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.210925][ T5793] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.221726][ T5793] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.245938][ T3431] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.247989][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.266872][ T3431] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.280816][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.292163][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.310658][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.321623][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.333431][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.346097][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.389156][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.399967][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.409503][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.419018][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.471200][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.506309][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.600340][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.621360][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.631385][ T5788] Bluetooth: hci0: command tx timeout [ 91.698344][ T5788] Bluetooth: hci2: command tx timeout [ 91.698500][ T5794] Bluetooth: hci1: command tx timeout [ 91.727317][ T992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.748886][ T992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.858655][ T5794] Bluetooth: hci3: command tx timeout [ 91.873614][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.923733][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.995994][ T992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.030934][ T992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.874214][ T3431] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.895149][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.048948][ T3431] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.636016][ T5885] syz.3.4[5885]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 93.698322][ T5794] Bluetooth: hci0: command tx timeout [ 93.778820][ T5794] Bluetooth: hci2: command tx timeout [ 93.778837][ T5788] Bluetooth: hci1: command tx timeout [ 93.813584][ T5885] loop3: detected capacity change from 0 to 512 [ 93.855540][ T5885] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 93.872494][ T5885] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c01c, mo2=0002] [ 93.883022][ T5885] System zones: 1-12 [ 93.890328][ T5885] EXT4-fs (loop3): Can't support bigalloc feature without extents feature [ 93.890328][ T5885] [ 93.905299][ T5885] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features [ 93.920435][ T5885] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 93.948709][ T5794] Bluetooth: hci3: command tx timeout [ 93.968538][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.178712][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.637239][ T5900] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #2: block 3: comm syz.3.4: lblock 0 mapped to illegal pblock 3 (length 1) [ 95.023149][ T5901] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 95.114903][ T5900] EXT4-fs warning (device loop3): dx_probe:823: inode #2: lblock 0: comm syz.3.4: error -117 reading directory block [ 96.045625][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.145537][ T5908] loop1: detected capacity change from 0 to 128 [ 97.291799][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.539158][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 97.547908][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 97.598898][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.864807][ T9] cfg80211: failed to load regulatory.db [ 97.939084][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 98.009297][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 98.069421][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.085871][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.101857][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.117247][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.154879][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.169939][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.184559][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.197251][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.210262][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.223302][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.234555][ T5914] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 98.928384][ T28] audit: type=1800 audit(1753421751.444:2): pid=5908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.9" name="bus" dev="loop1" ino=1048592 res=0 errno=0 [ 99.166446][ T5921] batman_adv: batadv0: Adding interface: vxlan0 [ 99.214808][ T5921] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.256167][ T5921] batman_adv: batadv0: Not using interface vxlan0 (retrying later): interface not active [ 99.331803][ T5918] loop2: detected capacity change from 0 to 8192 [ 101.536486][ T5929] netlink: 60 bytes leftover after parsing attributes in process `syz.0.14'. [ 101.547310][ T5929] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14'. [ 101.558520][ T5929] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14'. [ 103.136099][ T5945] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 105.527184][ T5968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.20'. [ 108.234867][ T5980] loop2: detected capacity change from 0 to 128 [ 108.294166][ T28] audit: type=1800 audit(1753421760.854:3): pid=5980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.25" name="bus" dev="loop2" ino=1048595 res=0 errno=0 [ 108.537665][ T5985] process 'syz.0.34' launched '/dev/fd/-1/./file0' with NULL argv: empty string added [ 109.836627][ T28] audit: type=1326 audit(1753421762.394:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5987 comm="syz.0.27" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb3e7f8e9a9 code=0x0 [ 111.119533][ T5997] loop2: detected capacity change from 0 to 16 [ 111.206729][ T5990] loop0: detected capacity change from 0 to 32768 [ 111.222315][ T5997] erofs: (device loop2): mounted with root inode @ nid 36. [ 113.931138][ T6011] bridge_slave_0: left allmulticast mode [ 113.968839][ T6011] bridge_slave_0: left promiscuous mode [ 113.975747][ T6011] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.057115][ T6011] bridge_slave_1: left allmulticast mode [ 114.085925][ T6011] bridge_slave_1: left promiscuous mode [ 114.122220][ T6011] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.168179][ T6011] bond0: (slave bond_slave_0): Releasing backup interface [ 114.278862][ T6011] bond0: (slave bond_slave_1): Releasing backup interface [ 115.103096][ T6011] team0: Failed to send options change via netlink (err -105) [ 115.209214][ T6011] team0: Port device team_slave_0 removed [ 115.233590][ T6011] team0: Port device team_slave_1 removed [ 115.247632][ T6011] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 115.265673][ T6011] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 115.325643][ T6011] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 115.366047][ T6011] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 115.959601][ T6020] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=55 (110 ns) > initial count (64 ns). Using initial count to start timer. [ 116.029904][ T6012] team0: Mode changed to "loadbalance" [ 116.364281][ T6025] loop2: detected capacity change from 0 to 1024 [ 116.364841][ T6027] loop0: detected capacity change from 0 to 1024 [ 116.464746][ T6027] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.897305][ T6025] hfsplus: xattr searching failed [ 120.275447][ T5797] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.119524][ T28] audit: type=1326 audit(1753421773.644:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6047 comm="syz.2.43" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8b1798e9a9 code=0x0 [ 124.967140][ T6074] loop3: detected capacity change from 0 to 1024 [ 124.982384][ T6074] hfsplus: unable to parse mount options [ 125.906034][ T5779] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 126.626102][ T6082] loop1: detected capacity change from 0 to 1024 [ 126.646590][ T6089] loop3: detected capacity change from 0 to 1024 [ 126.703137][ T6089] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.718744][ T6082] hfsplus: xattr searching failed [ 130.466454][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.818211][ T6115] sp0: Synchronizing with TNC [ 131.887516][ T6115] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 133.537057][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.545707][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.355037][ T28] audit: type=1326 audit(1753421787.914:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6122 comm="syz.1.60" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f685fd8e9a9 code=0x0 [ 137.606931][ T6127] loop1: detected capacity change from 0 to 32768 [ 138.032516][ T6148] tipc: Started in network mode [ 138.040600][ T6148] tipc: Node identity 7e8039ba358f, cluster identity 4711 [ 138.059000][ T6148] tipc: Enabled bearer , priority 0 [ 138.363661][ T6148] tipc: Resetting bearer [ 138.433514][ T6147] tipc: Disabling bearer [ 142.998063][ C0] sched: RT throttling activated [ 143.377138][ T6170] sp0: Synchronizing with TNC [ 143.696443][ T6185] loop3: detected capacity change from 0 to 32768 [ 143.703555][ T6185] XFS: ikeep mount option is deprecated. [ 143.931263][ T6185] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 144.917221][ T6185] XFS (loop3): Ending clean mount [ 144.931243][ T6185] XFS (loop3): Quotacheck needed: Please wait. [ 145.030145][ T6185] XFS (loop3): Quotacheck: Done. [ 145.057505][ T6204] loop2: detected capacity change from 0 to 1024 [ 145.064696][ T6204] hfsplus: unable to parse mount options [ 145.106664][ T5799] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 146.015282][ T5793] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 146.514500][ T6212] loop1: detected capacity change from 0 to 1024 [ 146.529471][ T6212] hfsplus: unable to parse mount options [ 147.447290][ T5779] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 147.764969][ T6214] loop1: detected capacity change from 0 to 1024 [ 148.079507][ T6214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.523540][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.410567][ T6227] syz.0.83 (6227) used greatest stack depth: 20944 bytes left [ 155.900757][ T6263] loop2: detected capacity change from 0 to 1024 [ 155.907960][ T6263] hfsplus: unable to parse mount options [ 157.152717][ T6271] loop0: detected capacity change from 0 to 1024 [ 157.202860][ T6271] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.266917][ T6271] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.396916][ T6271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.528344][ T5779] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 157.673268][ T6277] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=55 (110 ns) > initial count (64 ns). Using initial count to start timer. [ 157.960144][ T6277] kvm: pic: non byte write [ 163.782465][ T6307] loop2: detected capacity change from 0 to 512 [ 163.866971][ T6307] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 163.906662][ T6307] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c01c, mo2=0002] [ 163.928448][ T6307] System zones: 1-12 [ 163.932825][ T6307] EXT4-fs (loop2): Can't support bigalloc feature without extents feature [ 163.932825][ T6307] [ 163.943889][ T6307] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features [ 163.954918][ T6307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 163.975959][ T6305] sctp_transport_update_pmtu: 49 callbacks suppressed [ 163.975969][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 163.994180][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 164.005367][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 164.016006][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 164.029190][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 164.051143][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 164.129042][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 165.301379][ T6319] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #2: block 3: comm syz.2.99: lblock 0 mapped to illegal pblock 3 (length 1) [ 167.620336][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 167.655832][ T6319] EXT4-fs warning (device loop2): dx_probe:823: inode #2: lblock 0: comm syz.2.99: error -117 reading directory block [ 167.729035][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 167.766582][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.768010][ T6305] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 169.414609][ T6335] loop2: detected capacity change from 0 to 64 [ 169.466666][ T5794] Bluetooth: hci1: unexpected Set CIG Parameters response data [ 169.509356][ T6338] netlink: 'syz.1.105': attribute type 4 has an invalid length. [ 170.356717][ T966] IPVS: starting estimator thread 0... [ 170.458440][ T6349] IPVS: using max 17 ests per chain, 40800 per kthread [ 170.588159][ T6348] netlink: 'syz.1.105': attribute type 4 has an invalid length. [ 170.689250][ T6351] xt_socket: unknown flags 0x8 [ 170.753013][ T6359] tipc: Enabling of bearer rejected, failed to enable media [ 171.053834][ T6365] hub 6-0:1.0: USB hub found [ 171.060217][ T6365] hub 6-0:1.0: 1 port detected [ 173.394860][ T6380] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 173.404217][ T6380] overlayfs: missing 'lowerdir' [ 173.573744][ T5794] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 173.585425][ T5794] Bluetooth: hci1: Injecting HCI hardware error event [ 174.589547][ T5794] Bluetooth: hci1: hardware error 0x00 [ 175.383035][ T6389] loop3: detected capacity change from 0 to 2048 [ 176.320743][ T6389] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.622614][ T28] audit: type=1804 audit(1753421829.094:7): pid=6389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.116" name="/newroot/29/file0/bus" dev="loop3" ino=18 res=1 errno=0 [ 177.618814][ T5794] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 178.163596][ T6406] binder: BINDER_SET_CONTEXT_MGR already set [ 178.170222][ T6406] binder: 6400:6406 ioctl 4018620d 200000000040 returned -16 [ 178.191272][ T6406] binder: 6400:6406 ioctl c0306201 200000001440 returned -11 [ 178.736357][ T6398] netlink: 28 bytes leftover after parsing attributes in process `syz.0.119'. [ 178.782881][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.268945][ T6416] tipc: Started in network mode [ 180.274056][ T6416] tipc: Node identity , cluster identity 4711 [ 180.280642][ T6416] tipc: Failed to obtain node identity [ 180.286314][ T6416] tipc: Enabling of bearer rejected, failed to enable media [ 180.299001][ T6416] syzkaller0: entered promiscuous mode [ 180.304535][ T6416] syzkaller0: entered allmulticast mode [ 183.734106][ T6450] loop1: detected capacity change from 0 to 8 [ 184.043931][ T6447] SQUASHFS error: Failed to read block 0x4e8: -5 [ 184.050949][ T6447] SQUASHFS error: Failed to read block 0x4de: -5 [ 184.058240][ T6447] SQUASHFS error: Failed to read block 0x4de: -5 [ 184.064803][ T6447] SQUASHFS error: Failed to read block 0x4de: -5 [ 184.072259][ T28] audit: type=1800 audit(1753421836.634:8): pid=6447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.130" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 184.092850][ T6451] loop2: detected capacity change from 0 to 64 [ 185.188417][ T6456] minix_free_block (loop2:1): bit already cleared [ 185.195200][ T6456] minix_free_block (loop2:4): bit already cleared [ 185.201768][ T6456] minix_free_block (loop2:3): bit already cleared [ 185.208539][ T6456] minix_free_block (loop2:2): bit already cleared [ 185.215151][ T6456] minix_free_block (loop2:1): bit already cleared [ 186.344144][ T6466] Bluetooth: MGMT ver 1.22 [ 188.020667][ T6477] Zero length message leads to an empty skb [ 188.662174][ T6473] tipc: Started in network mode [ 188.671683][ T6473] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 188.688258][ T6473] tipc: Enabled bearer , priority 0 [ 188.955834][ T6485] overlayfs: failed to clone upperpath [ 189.022749][ T6483] loop3: detected capacity change from 0 to 2048 [ 189.084369][ T6483] ======================================================= [ 189.084369][ T6483] WARNING: The mand mount option has been deprecated and [ 189.084369][ T6483] and is ignored by this kernel. Remove the mand [ 189.084369][ T6483] option from the mount to silence this warning. [ 189.084369][ T6483] ======================================================= [ 189.213993][ T6483] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 190.479176][ T5884] tipc: Node number set to 11578026 [ 190.562671][ T28] audit: type=1326 audit(1753422099.119:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6487 comm="syz.1.143" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x0 [ 191.877970][ T6508] loop9: detected capacity change from 0 to 7 [ 193.830295][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 193.839732][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 193.866255][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 193.875524][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 193.891891][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 193.901100][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 193.911141][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 193.920336][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 193.968441][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 193.977760][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 193.988349][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 193.997593][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 194.005579][ T6508] ldm_validate_partition_table(): Disk read failed. [ 194.048113][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 194.057435][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 194.084713][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 194.093977][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 194.102449][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 194.111664][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 194.120603][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 194.129872][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 194.137966][ T6508] Dev loop9: unable to read RDB block 0 [ 194.145495][ T6508] loop9: unable to read partition table [ 194.151516][ T6508] loop9: partition table beyond EOD, truncated [ 194.157842][ T6508] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 194.157842][ T6508] ) failed (rc=-5) [ 195.296175][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.303829][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.125332][ T6538] loop1: detected capacity change from 0 to 16 [ 199.138884][ T6538] erofs: (device loop1): mounted with root inode @ nid 36. [ 201.780126][ T6545] tipc: Started in network mode [ 201.785271][ T6545] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 201.794230][ T6545] tipc: Enabled bearer , priority 0 [ 203.392071][ T6560] loop2: detected capacity change from 0 to 1024 [ 203.399927][ T6560] hfsplus: unable to parse mount options [ 203.920535][ T5924] tipc: Node number set to 11578026 [ 206.370503][ T6575] sctp: failed to load transform for md5: -2 [ 206.985576][ T6589] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.720219][ T6589] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 207.832004][ T6589] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.839747][ T6589] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.469396][ T6606] tipc: Started in network mode [ 209.474340][ T6606] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 209.487691][ T6606] tipc: Enabled bearer , priority 10 [ 211.258273][ T5838] tipc: Node number set to 4269801488 [ 212.266213][ T5796] Bluetooth: hci0: command 0x0406 tx timeout [ 212.272294][ T5792] Bluetooth: hci2: command 0x0406 tx timeout [ 213.794305][ T28] audit: type=1326 audit(1753422122.319:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813445][ T28] audit: type=1326 audit(1753422122.319:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813499][ T28] audit: type=1326 audit(1753422122.329:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813543][ T28] audit: type=1326 audit(1753422122.329:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813584][ T28] audit: type=1326 audit(1753422122.329:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813627][ T28] audit: type=1326 audit(1753422122.329:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813671][ T28] audit: type=1326 audit(1753422122.329:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813714][ T28] audit: type=1326 audit(1753422122.329:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813757][ T28] audit: type=1326 audit(1753422122.329:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 214.813799][ T28] audit: type=1326 audit(1753422122.329:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.1.171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f685fd8e9a9 code=0x7ffc0000 [ 216.726605][ T6633] tty tty2: ldisc open failed (-12), clearing slot 1 [ 216.739250][ T6643] tty tty1: ldisc open failed (-12), clearing slot 0 [ 218.173280][ T6653] loop1: detected capacity change from 0 to 64 [ 219.475352][ T6657] minix_free_block (loop1:1): bit already cleared [ 219.481993][ T6657] minix_free_block (loop1:4): bit already cleared [ 219.489567][ T6657] minix_free_block (loop1:3): bit already cleared [ 219.496097][ T6657] minix_free_block (loop1:2): bit already cleared [ 219.502637][ T6657] minix_free_block (loop1:1): bit already cleared [ 221.053691][ T6662] loop1: detected capacity change from 0 to 1024 [ 221.061538][ T6662] hfsplus: unable to parse mount options [ 221.132080][ T6396] blk_print_req_error: 9 callbacks suppressed [ 221.132095][ T6396] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 221.867091][ T6679] loop9: detected capacity change from 0 to 7 [ 222.492899][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.492939][ C1] buffer_io_error: 9 callbacks suppressed [ 222.492949][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.495240][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.495269][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.503409][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.503443][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.504408][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.504436][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.506674][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.506711][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.518492][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.518533][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.519824][ T6679] ldm_validate_partition_table(): Disk read failed. [ 222.520164][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.520194][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.520676][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.520702][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.521269][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 222.521304][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.521732][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 222.522221][ T6679] Dev loop9: unable to read RDB block 0 [ 222.524220][ T6679] loop9: unable to read partition table [ 222.525727][ T6679] loop9: partition table beyond EOD, truncated [ 222.525885][ T6679] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 222.525885][ T6679] ) failed (rc=-5) [ 223.264039][ T6690] loop2: detected capacity change from 0 to 16 [ 224.231543][ T6690] erofs: (device loop2): mounted with root inode @ nid 36. [ 224.612855][ T5788] Bluetooth: hci3: command tx timeout [ 225.163178][ T6706] loop1: detected capacity change from 0 to 1024 [ 225.171021][ T6706] hfsplus: unable to parse mount options [ 225.300126][ T6705] syz.2.185: attempt to access beyond end of device [ 225.300126][ T6705] loop2: rw=0, sector=48, nr_sectors = 16 limit=16 [ 226.373950][ T6712] loop2: detected capacity change from 0 to 1024 [ 226.381859][ T6712] hfsplus: unable to parse mount options [ 227.204523][ T6396] blk_print_req_error: 5 callbacks suppressed [ 227.204541][ T6396] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 227.224245][ T6708] 9pnet_virtio: no channels available for device syz [ 227.267119][ T6340] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 229.084445][ T6727] loop3: detected capacity change from 0 to 1024 [ 229.219684][ T6729] loop1: detected capacity change from 0 to 512 [ 229.662820][ T6727] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 230.576302][ T6740] ip6t_rpfilter: unknown options [ 230.584818][ T6740] tipc: Can't bind to reserved service type 2 [ 230.962622][ T6729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.032358][ T6729] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 231.140917][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 231.140935][ T28] audit: type=1800 audit(1753422395.696:24): pid=6729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.194" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 231.302693][ T6748] dvmrp0: entered allmulticast mode [ 232.630169][ T6727] overlayfs: failed to resolve './bus': -2 [ 233.831171][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.845425][ T5793] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.874812][ T6764] loop2: detected capacity change from 0 to 2048 [ 233.905967][ T6764] NILFS (loop2): invalid segment: Magic number mismatch [ 233.913687][ T6764] NILFS (loop2): trying rollback from an earlier position [ 233.935896][ T6764] NILFS (loop2): recovery complete [ 233.951185][ T6765] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 234.037361][ T6767] loop3: detected capacity change from 0 to 16 [ 234.046794][ T6767] erofs: (device loop3): mounted with root inode @ nid 36. [ 234.729062][ T6773] syz.3.201: attempt to access beyond end of device [ 234.729062][ T6773] loop3: rw=0, sector=48, nr_sectors = 16 limit=16 [ 236.414729][ T966] libceph: connect (1)[c::]:6789 error -101 [ 236.806051][ T966] libceph: mon0 (1)[c::]:6789 connect error [ 236.821855][ T6785] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 236.848905][ T6790] "syz.0.202" (6790) uses obsolete ecb(arc4) skcipher [ 236.870345][ T5884] kernel read not supported for file /vga_arbiter (pid: 5884 comm: kworker/0:6) [ 237.139091][ T6799] warning: `syz.2.205' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 237.211989][ T966] libceph: connect (1)[c::]:6789 error -101 [ 238.045001][ T966] libceph: mon0 (1)[c::]:6789 connect error [ 238.063695][ T6780] ceph: No mds server is up or the cluster is laggy [ 239.636286][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.0.210'. [ 239.681807][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.0.210'. [ 239.751550][ T6820] loop1: detected capacity change from 0 to 128 [ 239.830142][ T6820] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 239.888417][ T6820] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 239.944619][ T6827] loop2: detected capacity change from 0 to 1024 [ 240.712181][ T6827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 241.033837][ T6395] Bluetooth: (null): Invalid header checksum [ 242.130187][ T6395] Bluetooth: (null): Invalid header checksum [ 242.487519][ T5789] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 242.820198][ T6850] netlink: 84 bytes leftover after parsing attributes in process `syz.3.217'. [ 244.951420][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.348155][ T6869] overlayfs: failed to resolve './file0': -2 [ 247.334273][ T6870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.221'. [ 248.103449][ T6882] netlink: 'syz.2.223': attribute type 20 has an invalid length. [ 248.755352][ T6868] netlink: 8 bytes leftover after parsing attributes in process `syz.3.221'. [ 251.755490][ T6903] binder: 6894:6903 ioctl c0306201 200000000080 returned -22 [ 252.364397][ T6918] loop2: detected capacity change from 0 to 1024 [ 252.405150][ T54] libceph: connect (1)[c::]:6789 error -101 [ 252.538594][ T54] libceph: mon0 (1)[c::]:6789 connect error [ 254.307331][ T5887] libceph: connect (1)[c::]:6789 error -101 [ 254.424808][ T5887] libceph: mon0 (1)[c::]:6789 connect error [ 254.970520][ T5884] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 255.640206][ T6917] ceph: No mds server is up or the cluster is laggy [ 255.676406][ T5887] libceph: connect (1)[c::]:6789 error -101 [ 255.690566][ T5887] libceph: mon0 (1)[c::]:6789 connect error [ 255.707273][ T3476] hfsplus: b-tree write err: -5, ino 4 [ 257.143985][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 257.163012][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.401963][ T5852] libceph: connect (1)[c::]:6789 error -101 [ 257.503819][ T5852] libceph: mon0 (1)[c::]:6789 connect error [ 257.609110][ T6947] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 257.616182][ T6947] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 257.918477][ T6947] vhci_hcd vhci_hcd.0: Device attached [ 258.082847][ T6955] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(13) [ 258.089537][ T6955] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 258.097666][ T6940] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 258.105228][ T6955] vhci_hcd vhci_hcd.0: Device attached [ 258.195703][ T5851] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 258.213095][ T6955] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 258.224173][ T6941] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 258.269543][ T6964] tipc: Enabling of bearer rejected, failed to enable media [ 258.283769][ T6947] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(12) [ 258.290447][ T6947] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 258.368308][ T6971] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(20) [ 258.374997][ T6971] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 258.416891][ T6947] vhci_hcd vhci_hcd.0: Device attached [ 258.489124][ T6975] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(19) [ 258.495804][ T6975] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 258.569870][ T6947] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 258.619358][ T6975] vhci_hcd vhci_hcd.0: Device attached [ 258.646745][ T6955] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 258.688516][ T6971] vhci_hcd vhci_hcd.0: Device attached [ 259.705295][ T6947] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 259.814168][ T6947] vhci_hcd vhci_hcd.0: port 0 already used [ 259.862839][ T6977] vhci_hcd: connection closed [ 259.868061][ T6949] vhci_hcd: connection reset by peer [ 259.883634][ T6959] vhci_hcd: connection closed [ 259.888396][ T6962] vhci_hcd: connection closed [ 259.894584][ T6972] vhci_hcd: connection closed [ 259.911478][ T35] vhci_hcd: stop threads [ 259.965509][ T35] vhci_hcd: release socket [ 260.013874][ T35] vhci_hcd: disconnect device [ 260.039797][ T35] vhci_hcd: stop threads [ 260.044135][ T35] vhci_hcd: release socket [ 260.066654][ T35] vhci_hcd: disconnect device [ 260.084397][ T35] vhci_hcd: stop threads [ 260.093884][ T35] vhci_hcd: release socket [ 260.338543][ T35] vhci_hcd: disconnect device [ 260.358448][ T35] vhci_hcd: stop threads [ 260.369021][ T35] vhci_hcd: release socket [ 260.377244][ T35] vhci_hcd: disconnect device [ 261.705749][ T7007] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 261.741141][ T35] vhci_hcd: stop threads [ 262.046695][ T35] vhci_hcd: release socket [ 262.062536][ T35] vhci_hcd: disconnect device [ 262.459566][ T7020] netlink: 'syz.0.243': attribute type 29 has an invalid length. [ 262.519408][ T7020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.243'. [ 262.638206][ T5852] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 262.851813][ T5852] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 262.890036][ T5852] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 262.930728][ T5852] usb 3-1: Product: syz [ 262.934976][ T5852] usb 3-1: Manufacturer: syz [ 262.963174][ T5852] usb 3-1: SerialNumber: syz [ 263.072820][ T5852] r8152-cfgselector 3-1: config 0 descriptor?? [ 263.629608][ T5852] r8152-cfgselector 3-1: Unknown version 0x0000 [ 263.636713][ T5852] r8152-cfgselector 3-1: bad CDC descriptors [ 263.698187][ T5851] vhci_hcd: vhci_device speed not set [ 264.116848][ T7032] loop3: detected capacity change from 0 to 8 [ 264.586621][ T7032] SQUASHFS error: xz decompression failed, data probably corrupt [ 264.594917][ T7032] SQUASHFS error: Failed to read block 0x108: -5 [ 264.601793][ T7032] SQUASHFS error: Unable to read metadata cache entry [106] [ 264.609706][ T7032] SQUASHFS error: Unable to read inode 0x11f [ 264.994179][ T6396] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 265.072978][ T5852] r8152-cfgselector 3-1: Unknown version 0x0000 [ 265.163398][ T5852] r8152-cfgselector 3-1: USB disconnect, device number 3 [ 265.633768][ T7052] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 265.660860][ T7052] CIFS mount error: No usable UNC path provided in device string! [ 265.660860][ T7052] [ 265.671317][ T7052] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 265.952047][ T54] usb usb38-port1: attempt power cycle [ 267.113259][ T7064] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 267.127359][ T7064] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 267.163683][ T7064] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 267.251420][ T7064] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 267.283117][ T7064] batman_adv: batadv0: Removing interface: vxlan0 [ 267.408595][ T54] usb usb38-port1: unable to enumerate USB device [ 267.444448][ T7072] loop2: detected capacity change from 0 to 64 [ 269.162617][ T5831] libceph: connect (1)[c::]:6789 error -101 [ 269.168950][ T5831] libceph: mon0 (1)[c::]:6789 connect error [ 269.228625][ T7080] tipc: Enabling of bearer rejected, failed to enable media [ 269.323797][ T7075] ceph: No mds server is up or the cluster is laggy [ 269.368182][ T7088] loop2: detected capacity change from 0 to 128 [ 270.630812][ T7095] syz.2.253: attempt to access beyond end of device [ 270.630812][ T7095] loop2: rw=2049, sector=145, nr_sectors = 896 limit=128 [ 271.563082][ T7104] loop2: detected capacity change from 0 to 4096 [ 271.732180][ T7104] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 271.746620][ T7104] ntfs3: loop2: Failed to load $Extend (-22). [ 271.753158][ T7104] ntfs3: loop2: Failed to initialize $Extend. [ 272.318092][ T7107] overlayfs: missing 'lowerdir' [ 272.989912][ T7110] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 276.408275][ T6933] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 276.519035][ T7142] tipc: Enabling of bearer rejected, failed to enable media [ 278.173987][ T5788] Bluetooth: hci3: link tx timeout [ 278.179923][ T5788] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 279.409954][ T6933] usb 4-1: string descriptor 0 read error: -71 [ 279.438420][ T6933] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 279.498110][ T6933] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.554439][ T6933] r8152-cfgselector 4-1: config 0 descriptor?? [ 279.695481][ T7167] hub 8-0:1.0: USB hub found [ 279.703761][ T7167] hub 8-0:1.0: 1 port detected [ 279.722022][ T7165] 9pnet_fd: Insufficient options for proto=fd [ 279.758981][ T6933] r8152-cfgselector 4-1: can't set config #0, error -71 [ 280.260176][ T5794] Bluetooth: hci3: command 0x0406 tx timeout [ 280.354170][ T6933] r8152-cfgselector 4-1: Unknown version 0x0000 [ 280.366110][ T6933] r8152-cfgselector 4-1: USB disconnect, device number 2 [ 281.628990][ T7180] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 282.316684][ T7184] dummy0 speed is unknown, defaulting to 1000 [ 282.848400][ T7184] dummy0 speed is unknown, defaulting to 1000 [ 282.858295][ T7184] dummy0 speed is unknown, defaulting to 1000 [ 282.872835][ T7184] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 282.891153][ T7184] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 283.241137][ T7184] dummy0 speed is unknown, defaulting to 1000 [ 283.390243][ T7184] dummy0 speed is unknown, defaulting to 1000 [ 283.408716][ T7184] dummy0 speed is unknown, defaulting to 1000 [ 283.573187][ T7191] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 283.853260][ T7184] dummy0 speed is unknown, defaulting to 1000 [ 284.253547][ T7193] loop2: detected capacity change from 0 to 40427 [ 284.349985][ T7193] F2FS-fs (loop2): invalid crc value [ 284.374323][ T7193] F2FS-fs (loop2): Found nat_bits in checkpoint [ 284.446116][ T7193] F2FS-fs (loop2): Start checkpoint disabled! [ 284.494161][ T7193] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 287.431404][ T7208] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 287.806274][ T7213] loop3: detected capacity change from 0 to 512 [ 287.830798][ T7213] ext4: Unknown parameter 'fsuuid' [ 288.423833][ T12] kworker/u4:1: attempt to access beyond end of device [ 288.423833][ T12] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427 [ 288.492747][ T12] kworker/u4:1: attempt to access beyond end of device [ 288.492747][ T12] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 288.554156][ T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 288.608167][ T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 288.640532][ T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 288.647886][ T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 292.648051][ T7223] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 293.291201][ T7239] loop3: detected capacity change from 0 to 128 [ 293.322450][ T7241] loop1: detected capacity change from 0 to 256 [ 293.396424][ T7239] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 293.501281][ T7239] ext4 filesystem being mounted at /64/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 296.792304][ T7257] loop1: detected capacity change from 0 to 64 [ 296.965308][ T5793] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 297.274846][ T7265] No such timeout policy "syz1" [ 301.577102][ T7297] No such timeout policy "syz1" [ 301.594665][ T7297] CIFS mount error: No usable UNC path provided in device string! [ 301.594665][ T7297] [ 301.604971][ T7297] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 304.212534][ T7311] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 306.173464][ T7337] overlayfs: missing 'workdir' [ 306.319985][ T7326] loop1: detected capacity change from 0 to 4096 [ 306.414945][ T7326] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 306.432325][ T7326] ntfs3: loop1: Failed to load $Extend (-22). [ 306.438787][ T7326] ntfs3: loop1: Failed to initialize $Extend. [ 306.823511][ T7343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 310.445742][ T5831] libceph: connect (1)[c::]:6789 error -101 [ 310.545067][ T5831] libceph: mon0 (1)[c::]:6789 connect error [ 310.604632][ T5831] libceph: connect (1)[c::]:6789 error -101 [ 310.631340][ T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 310.646891][ T5831] libceph: mon0 (1)[c::]:6789 connect error [ 310.665869][ T7364] ceph: No mds server is up or the cluster is laggy [ 311.218165][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 311.236340][ T23] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 8.00 [ 311.247024][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.311976][ T6933] libceph: connect (1)[c::]:6789 error -101 [ 311.352531][ T6933] libceph: mon0 (1)[c::]:6789 connect error [ 311.400843][ T23] usb 2-1: config 0 descriptor?? [ 311.529366][ T23] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 311.613661][ T23] usb 2-1: Detected FT4232H [ 311.817349][ T7380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 312.093826][ T7380] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 312.564507][ T7383] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 312.608240][ T23] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 312.626326][ T23] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 312.666471][ T23] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 312.720299][ T23] usb 2-1: USB disconnect, device number 2 [ 312.770124][ T23] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 312.795441][ T23] ftdi_sio 2-1:0.0: device disconnected [ 315.212226][ T7409] Cannot find add_set index 0 as target [ 315.459325][ T7408] netlink: 420 bytes leftover after parsing attributes in process `syz.3.310'. [ 318.266719][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.273996][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.738250][ T6933] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 319.045778][ T7423] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10) [ 319.052480][ T7423] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 319.063449][ T7423] vhci_hcd vhci_hcd.0: Device attached [ 319.077589][ T7423] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(12) [ 319.084276][ T7423] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 319.098978][ T7423] vhci_hcd vhci_hcd.0: Device attached [ 319.114778][ T7423] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(14) [ 319.121437][ T7423] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 319.140850][ T7423] vhci_hcd vhci_hcd.0: Device attached [ 319.164038][ T7423] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 319.203181][ T7423] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(18) [ 319.209826][ T7423] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 319.219743][ T6933] usb 4-1: Using ep0 maxpacket: 16 [ 319.233972][ T6933] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 319.245333][ T7423] vhci_hcd vhci_hcd.0: Device attached [ 319.257865][ T6933] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 319.267862][ T6933] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.277445][ T6933] usb 4-1: Product: syz [ 319.282447][ T6933] usb 4-1: Manufacturer: syz [ 319.287583][ T6933] usb 4-1: SerialNumber: syz [ 319.301906][ T6933] usb 4-1: config 0 descriptor?? [ 319.315370][ T7437] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(20) [ 319.317396][ T6933] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 319.322010][ T7437] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 319.338629][ T5887] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 319.340410][ T6933] usb 4-1: Detected FT232R [ 319.353466][ T7437] vhci_hcd vhci_hcd.0: Device attached [ 319.369549][ T7423] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 319.382462][ T7423] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 319.397886][ T7423] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 319.413635][ T7423] vhci_hcd vhci_hcd.0: port 0 already used [ 319.454257][ T7424] vhci_hcd: connection reset by peer [ 319.460138][ T7426] vhci_hcd: connection closed [ 319.460358][ T7431] vhci_hcd: connection closed [ 319.465259][ T7435] vhci_hcd: connection closed [ 319.491358][ T2891] vhci_hcd: stop threads [ 319.507815][ T2891] vhci_hcd: release socket [ 319.514449][ T2891] vhci_hcd: disconnect device [ 319.522777][ T6933] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 319.534442][ T2891] vhci_hcd: stop threads [ 319.539774][ T2891] vhci_hcd: release socket [ 319.544508][ T6933] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 319.552286][ T2891] vhci_hcd: disconnect device [ 319.560283][ T6933] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71 [ 319.571349][ T2891] vhci_hcd: stop threads [ 319.575876][ T2891] vhci_hcd: release socket [ 319.576181][ T6933] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 319.594241][ T7438] vhci_hcd: connection closed [ 319.603653][ T2891] vhci_hcd: disconnect device [ 319.615995][ T6933] usb 4-1: USB disconnect, device number 3 [ 319.629050][ T6933] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 319.639293][ T2891] vhci_hcd: stop threads [ 319.643692][ T2891] vhci_hcd: release socket [ 319.651082][ T2891] vhci_hcd: disconnect device [ 319.659992][ T6933] ftdi_sio 4-1:0.0: device disconnected [ 319.668737][ T2891] vhci_hcd: stop threads [ 319.679618][ T2891] vhci_hcd: release socket [ 319.684165][ T2891] vhci_hcd: disconnect device [ 321.334338][ T7455] netlink: 100 bytes leftover after parsing attributes in process `syz.0.325'. [ 322.477527][ T7456] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 327.044789][ T5887] vhci_hcd: vhci_device speed not set [ 327.622801][ T7483] loop2: detected capacity change from 0 to 128 [ 328.440273][ T7483] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 328.955148][ T7483] ext4 filesystem being mounted at /85/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 329.091252][ T5838] usb usb36-port1: attempt power cycle [ 330.371978][ T28] audit: type=1326 audit(1753422750.934:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7507 comm="syz.3.329" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x0 [ 330.605376][ T5838] usb usb36-port1: unable to enumerate USB device [ 334.871945][ T5786] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 336.459218][ T7550] siw: device registration error -23 [ 339.025622][ T7550] loop1: detected capacity change from 0 to 32768 [ 339.082576][ T7550] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 339.091443][ T7550] gfs2: fsid=syz:syz: Now mounting FS (format 1802)... [ 339.120909][ T7550] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 339.120909][ T7550] inode = 0 19 [ 339.120909][ T7550] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472 [ 339.139350][ T7550] gfs2: fsid=syz:syz.0: G: s:SH n:2/13 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 339.148667][ T7550] gfs2: fsid=syz:syz.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0xdb/0x320 [ 339.158093][ T7550] gfs2: fsid=syz:syz.0: I: n:0/19 t:4 f:0x00 d:0x00000000 s:0 p:0 [ 339.166498][ T7550] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 339.179532][ T7550] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 339.188375][ T7550] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 339.195389][ T7550] gfs2: fsid=syz:syz.0: File system withdrawn [ 339.201490][ T7550] CPU: 1 PID: 7550 Comm: syz.1.340 Not tainted 6.6.100-syzkaller #0 [ 339.209455][ T7550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 339.219613][ T7550] Call Trace: [ 339.222897][ T7550] [ 339.225853][ T7550] dump_stack_lvl+0x16c/0x230 [ 339.230525][ T7550] ? kobject_uevent_env+0x363/0x8c0 [ 339.235714][ T7550] ? show_regs_print_info+0x20/0x20 [ 339.240901][ T7550] ? load_image+0x3b0/0x3b0 [ 339.245413][ T7550] ? kobject_uevent_env+0x363/0x8c0 [ 339.250625][ T7550] gfs2_withdraw+0xf16/0x14b0 [ 339.255300][ T7550] ? gfs2_lm+0x220/0x220 [ 339.259546][ T7550] ? gfs2_consist_inode_i+0xf5/0x110 [ 339.264827][ T7550] gfs2_inode_refresh+0xb83/0xff0 [ 339.269858][ T7550] ? gfs2_inode_metasync+0xf0/0xf0 [ 339.274960][ T7550] ? gfs2_glock_nq+0xd4f/0x1420 [ 339.279823][ T7550] gfs2_instantiate+0x162/0x220 [ 339.284676][ T7550] gfs2_glock_wait+0x1d4/0x2a0 [ 339.289450][ T7550] init_journal+0xc6e/0x2260 [ 339.294039][ T7550] ? init_inodes+0xdb/0x320 [ 339.298533][ T7550] ? _compound_head+0x120/0x120 [ 339.303473][ T7550] ? vsnprintf+0x1957/0x1a40 [ 339.308097][ T7550] ? snprintf+0xdb/0x120 [ 339.312429][ T7550] ? init_inodes+0xdb/0x320 [ 339.316922][ T7550] ? vscnprintf+0x80/0x80 [ 339.321260][ T7550] ? gfs2_glock_nq_num+0x183/0x1c0 [ 339.326365][ T7550] init_inodes+0xdb/0x320 [ 339.330690][ T7550] gfs2_fill_super+0x1815/0x1f80 [ 339.335622][ T7550] ? gfs2_reconfigure+0xb10/0xb10 [ 339.340634][ T7550] ? init_locking+0xb8/0x200 [ 339.345302][ T7550] ? setup_bdev_super+0x56b/0x660 [ 339.350346][ T7550] get_tree_bdev+0x3e4/0x510 [ 339.354936][ T7550] ? end_current_label_crit_section+0x170/0x170 [ 339.361439][ T7550] ? gfs2_reconfigure+0xb10/0xb10 [ 339.366475][ T7550] ? setup_bdev_super+0x660/0x660 [ 339.371587][ T7550] gfs2_get_tree+0x51/0x1e0 [ 339.376107][ T7550] vfs_get_tree+0x8c/0x280 [ 339.380537][ T7550] do_new_mount+0x24b/0xa40 [ 339.385041][ T7550] __se_sys_mount+0x2da/0x3c0 [ 339.389739][ T7550] ? __x64_sys_mount+0xc0/0xc0 [ 339.394529][ T7550] ? lockdep_hardirqs_on+0x98/0x150 [ 339.399805][ T7550] ? __x64_sys_mount+0x20/0xc0 [ 339.404552][ T7550] do_syscall_64+0x55/0xb0 [ 339.408968][ T7550] ? clear_bhb_loop+0x40/0x90 [ 339.413641][ T7550] ? clear_bhb_loop+0x40/0x90 [ 339.418306][ T7550] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 339.424203][ T7550] RIP: 0033:0x7f685fd9014a [ 339.428602][ T7550] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.448215][ T7550] RSP: 002b:00007f6860b9de68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 339.456640][ T7550] RAX: ffffffffffffffda RBX: 00007f6860b9def0 RCX: 00007f685fd9014a [ 339.464605][ T7550] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007f6860b9deb0 [ 339.472571][ T7550] RBP: 0000200000000400 R08: 00007f6860b9def0 R09: 0000000001000004 [ 339.480559][ T7550] R10: 0000000001000004 R11: 0000000000000246 R12: 0000200000012500 [ 339.488522][ T7550] R13: 00007f6860b9deb0 R14: 00000000000126ae R15: 0000200000000000 [ 339.496497][ T7550] [ 339.500303][ T7550] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5 [ 340.918341][ T7572] loop3: detected capacity change from 0 to 256 [ 340.957789][ T7377] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 341.458706][ T54] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 341.798768][ T54] usb 4-1: Using ep0 maxpacket: 16 [ 341.883542][ T54] usb 4-1: too many configurations: 223, using maximum allowed: 8 [ 342.022402][ T54] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 342.189181][ T54] usb 4-1: can't read configurations, error -61 [ 342.299549][ T5924] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 342.478495][ T54] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 342.580226][ T5924] usb 3-1: Using ep0 maxpacket: 16 [ 342.602111][ T5924] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 8.00 [ 342.643469][ T5924] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.448166][ T54] usb 4-1: Using ep0 maxpacket: 16 [ 343.466753][ T5924] usb 3-1: config 0 descriptor?? [ 343.954124][ T54] usb 4-1: too many configurations: 223, using maximum allowed: 8 [ 344.009457][ T5924] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 344.116467][ T54] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 344.125158][ T5924] usb 3-1: Detected FT4232H [ 344.131748][ T54] usb 4-1: can't read configurations, error -71 [ 344.142962][ T54] usb usb4-port1: attempt power cycle [ 344.607153][ T7585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 344.769152][ T7585] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 345.912181][ T5924] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 345.941482][ T5924] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 345.953424][ T5924] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 346.177747][ T5924] usb 3-1: USB disconnect, device number 4 [ 346.539513][ T5924] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 346.684243][ T5924] ftdi_sio 3-1:0.0: device disconnected [ 347.230890][ T5788] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 349.163235][ T7625] No such timeout policy "syz1" [ 349.582762][ T7629] loop1: detected capacity change from 0 to 4096 [ 349.647639][ T7635] loop3: detected capacity change from 0 to 128 [ 349.770324][ T7637] loop2: detected capacity change from 0 to 1024 [ 349.782251][ T7637] hfsplus: unable to parse mount options [ 349.847017][ T7635] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 350.176709][ T7639] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 351.421513][ T7641] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 353.019356][ T7643] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 353.201749][ T7649] syz.2.362: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 353.218607][ T7649] CPU: 1 PID: 7649 Comm: syz.2.362 Not tainted 6.6.100-syzkaller #0 [ 353.226623][ T7649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 353.236702][ T7649] Call Trace: [ 353.240017][ T7649] [ 353.242978][ T7649] dump_stack_lvl+0x16c/0x230 [ 353.247696][ T7649] ? show_regs_print_info+0x20/0x20 [ 353.252924][ T7649] ? load_image+0x3b0/0x3b0 [ 353.257469][ T7649] ? __rcu_read_unlock+0x7c/0xd0 [ 353.262443][ T7649] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 353.268911][ T7649] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 353.275586][ T7649] warn_alloc+0x210/0x300 [ 353.280146][ T7649] ? stack_trace_save+0x9c/0xe0 [ 353.285135][ T7649] ? zone_watermark_ok_safe+0x230/0x230 [ 353.290818][ T7649] ? kasan_set_track+0x5f/0x70 [ 353.295613][ T7649] ? kasan_set_track+0x4e/0x70 [ 353.300411][ T7649] ? __kasan_kmalloc+0x8f/0xa0 [ 353.305231][ T7649] ? xsk_init_queue+0xb0/0x110 [ 353.310040][ T7649] ? xsk_setsockopt+0x43c/0x6f0 [ 353.314932][ T7649] ? do_sock_setsockopt+0x175/0x1a0 [ 353.320167][ T7649] ? __x64_sys_setsockopt+0x184/0x200 [ 353.325580][ T7649] __vmalloc_node_range+0x126/0x1320 [ 353.330943][ T7649] ? free_vm_area+0x50/0x50 [ 353.335492][ T7649] vmalloc_user+0x74/0x80 [ 353.339861][ T7649] ? xskq_create+0xbf/0x170 [ 353.347962][ T7649] xskq_create+0xbf/0x170 [ 353.352330][ T7649] xsk_init_queue+0xb0/0x110 [ 353.356948][ T7649] xsk_setsockopt+0x43c/0x6f0 [ 353.361664][ T7649] ? xsk_poll+0x670/0x670 [ 353.366032][ T7649] ? __fget_files+0x28/0x4d0 [ 353.370664][ T7649] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 353.376243][ T7649] ? security_socket_setsockopt+0x7e/0xa0 [ 353.381989][ T7649] ? xsk_poll+0x670/0x670 [ 353.386356][ T7649] do_sock_setsockopt+0x175/0x1a0 [ 353.391680][ T7649] ? __fdget+0x180/0x210 [ 353.395965][ T7649] __x64_sys_setsockopt+0x184/0x200 [ 353.401298][ T7649] do_syscall_64+0x55/0xb0 [ 353.405745][ T7649] ? clear_bhb_loop+0x40/0x90 [ 353.410460][ T7649] ? clear_bhb_loop+0x40/0x90 [ 353.415358][ T7649] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 353.421300][ T7649] RIP: 0033:0x7f8b1798e9a9 [ 353.425755][ T7649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.445478][ T7649] RSP: 002b:00007f8b18723038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 353.453928][ T7649] RAX: ffffffffffffffda RBX: 00007f8b17bb6160 RCX: 00007f8b1798e9a9 [ 353.461939][ T7649] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000b [ 353.469936][ T7649] RBP: 00007f8b17a10d69 R08: 0000000000000004 R09: 0000000000000000 [ 353.477932][ T7649] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 353.485926][ T7649] R13: 0000000000000000 R14: 00007f8b17bb6160 R15: 00007ffd948272d8 [ 353.494035][ T7649] [ 353.502887][ T7649] Mem-Info: [ 353.506416][ T7649] active_anon:8948 inactive_anon:0 isolated_anon:0 [ 353.506416][ T7649] active_file:3250 inactive_file:49557 isolated_file:0 [ 353.506416][ T7649] unevictable:2817 dirty:226 writeback:0 [ 353.506416][ T7649] slab_reclaimable:10481 slab_unreclaimable:94834 [ 353.506416][ T7649] mapped:27429 shmem:4761 pagetables:585 [ 353.506416][ T7649] sec_pagetables:0 bounce:0 [ 353.506416][ T7649] kernel_misc_reclaimable:0 [ 353.506416][ T7649] free:1334375 free_pcp:9139 free_cma:0 [ 353.583825][ T7649] Node 0 active_anon:35792kB inactive_anon:0kB active_file:13000kB inactive_file:198024kB unevictable:9732kB isolated(anon):0kB isolated(file):0kB mapped:109716kB dirty:900kB writeback:0kB shmem:17508kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11656kB pagetables:2340kB sec_pagetables:0kB all_unreclaimable? no [ 353.633709][ T7649] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 353.664202][ T7649] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 353.691456][ T7649] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 353.697952][ T7649] Node 0 DMA32 free:1421124kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:35744kB inactive_anon:0kB active_file:13000kB inactive_file:196708kB unevictable:9732kB writepending:900kB present:3129332kB managed:2589600kB mlocked:8192kB bounce:0kB free_pcp:19716kB local_pcp:17760kB free_cma:0kB [ 353.729569][ T7649] lowmem_reserve[]: 0 0 1 1 1 [ 353.734302][ T7649] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 353.761702][ T7649] lowmem_reserve[]: 0 0 0 0 0 [ 353.766437][ T7649] Node 1 Normal free:3901004kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:16960kB local_pcp:3680kB free_cma:0kB [ 353.796350][ T7649] lowmem_reserve[]: 0 0 0 0 0 [ 353.801086][ T7649] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 353.814190][ T7649] Node 0 DMA32: 1*4kB (M) 2*8kB (UM) 1*16kB (M) 1*32kB (U) 124*64kB (ME) 132*128kB (UME) 50*256kB (ME) 26*512kB (UME) 12*1024kB (UME) 5*2048kB (UM) 329*4096kB (UM) = 1421124kB [ 353.831803][ T7649] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 353.844302][ T7649] Node 1 Normal: 229*4kB (UME) 45*8kB (UME) 37*16kB (UME) 110*32kB (UME) 27*64kB (UME) 15*128kB (UME) 3*256kB (UME) 2*512kB (UE) 1*1024kB (U) 1*2048kB (E) 949*4096kB (M) = 3901004kB [ 353.862409][ T7649] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 353.872040][ T7649] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 353.881495][ T7649] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 353.891148][ T7649] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 353.900486][ T7649] 57562 total pagecache pages [ 353.905178][ T7649] 0 pages in swap cache [ 353.909894][ T7649] Free swap = 124192kB [ 353.914060][ T7649] Total swap = 124996kB [ 353.918244][ T7649] 2097051 pages RAM [ 353.922061][ T7649] 0 pages HighMem/MovableOnly [ 353.926746][ T7649] 416137 pages reserved [ 353.931014][ T7649] 0 pages cma reserved [ 354.569042][ T5851] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 356.291748][ T5851] usb 2-1: device descriptor read/all, error -71 [ 356.348008][ T28] audit: type=1326 audit(1753422776.904:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 357.579068][ T7658] loop3: detected capacity change from 0 to 32768 [ 358.054823][ T28] audit: type=1326 audit(1753422776.904:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.162147][ T28] audit: type=1326 audit(1753422776.914:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.184658][ T28] audit: type=1326 audit(1753422776.914:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.207792][ T28] audit: type=1326 audit(1753422776.914:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.249940][ T28] audit: type=1326 audit(1753422776.934:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.609495][ T28] audit: type=1326 audit(1753422776.944:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.641201][ T28] audit: type=1326 audit(1753422776.944:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.934938][ T28] audit: type=1326 audit(1753422776.944:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 358.963180][ T28] audit: type=1326 audit(1753422776.944:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7653 comm="syz.3.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 359.088064][ T7654] find_entry called with index = 0 [ 359.093429][ T7654] find_entry called with index = 0 [ 359.099306][ T7654] read_mapping_page failed! [ 359.103979][ T7654] ERROR: (device loop3): txCommit: [ 359.103979][ T7654] [ 367.549022][ T5794] Bluetooth: hci3: command 0x0406 tx timeout [ 367.780780][ T7693] loop2: detected capacity change from 0 to 1024 [ 367.787774][ T7693] EXT4-fs: Ignoring removed mblk_io_submit option [ 367.794415][ T7693] EXT4-fs: Ignoring removed bh option [ 367.802079][ T7693] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 367.880019][ T7693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 371.452346][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.831894][ T7729] loop3: detected capacity change from 0 to 40427 [ 371.875853][ T7729] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 371.883029][ T7729] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 371.893036][ T7729] F2FS-fs (loop3): invalid crc value [ 371.955632][ T7729] F2FS-fs (loop3): Found nat_bits in checkpoint [ 372.322577][ T7729] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 372.329767][ T7729] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 372.495895][ T7741] binder: 7736:7741 ioctl c0306201 0 returned -14 [ 373.112175][ T5788] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 373.412048][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 373.412068][ T28] audit: type=1326 audit(1753422793.794:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 373.443832][ T28] audit: type=1326 audit(1753422793.794:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 373.467828][ T28] audit: type=1326 audit(1753422793.794:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 373.491858][ T28] audit: type=1326 audit(1753422793.804:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 373.514943][ T28] audit: type=1326 audit(1753422793.954:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 373.554917][ T28] audit: type=1326 audit(1753422793.954:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 374.269672][ T28] audit: type=1326 audit(1753422794.774:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 374.527726][ T28] audit: type=1326 audit(1753422794.784:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 374.773580][ T28] audit: type=1326 audit(1753422794.784:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 374.833574][ T28] audit: type=1326 audit(1753422794.784:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a5898e9a9 code=0x7ffc0000 [ 375.022719][ T5793] syz-executor: attempt to access beyond end of device [ 375.022719][ T5793] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 375.044813][ T5793] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 375.160823][ T7753] loop1: detected capacity change from 0 to 256 [ 375.186666][ T7753] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 375.198121][ T7753] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 375.256245][ T7753] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 377.583607][ T7765] Cannot find add_set index 0 as target [ 378.858198][ T7771] loop2: detected capacity change from 0 to 1024 [ 378.866836][ T7771] hfsplus: unable to parse mount options [ 378.915805][ T7234] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 379.144168][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.151920][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.190419][ T7776] autofs4:pid:7776:autofs_fill_super: called with bogus options [ 379.891814][ T28] kauditd_printk_skb: 23 callbacks suppressed [ 379.891829][ T28] audit: type=1326 audit(1753422800.454:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 379.895786][ T5788] Bluetooth: hci3: unexpected event for opcode 0x1002 [ 380.074862][ T28] audit: type=1326 audit(1753422800.494:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 380.131686][ T28] audit: type=1326 audit(1753422800.494:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 380.174175][ T28] audit: type=1326 audit(1753422800.494:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 380.392471][ T28] audit: type=1326 audit(1753422800.504:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 380.870567][ T28] audit: type=1326 audit(1753422800.504:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 380.966536][ T28] audit: type=1326 audit(1753422800.504:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 380.994139][ T28] audit: type=1326 audit(1753422800.504:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 381.037805][ T28] audit: type=1326 audit(1753422800.504:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b1798e9a9 code=0x7ffc0000 [ 381.061938][ T28] audit: type=1326 audit(1753422800.624:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7777 comm="syz.2.390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8b17985967 code=0x7ffc0000 [ 381.219637][ T5838] usb 4-1: new low-speed USB device number 7 using dummy_hcd [ 381.428916][ T5838] usb 4-1: config 0 has an invalid interface number: 3 but max is 0 [ 381.437043][ T5838] usb 4-1: config 0 has no interface number 0 [ 381.462033][ T5838] usb 4-1: config 0 interface 3 altsetting 0 endpoint 0x6 has invalid maxpacket 64, setting to 8 [ 381.473189][ T5838] usb 4-1: config 0 interface 3 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 381.484258][ T5838] usb 4-1: config 0 interface 3 altsetting 0 endpoint 0x8 has invalid maxpacket 1024, setting to 8 [ 381.496337][ T5838] usb 4-1: config 0 interface 3 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 8 [ 381.507323][ T5838] usb 4-1: config 0 interface 3 altsetting 0 endpoint 0xA has invalid maxpacket 1023, setting to 8 [ 381.548091][ T5838] usb 4-1: New USB device found, idVendor=1199, idProduct=6821, bcdDevice=98.59 [ 381.765097][ T5838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 381.797701][ T5838] usb 4-1: config 0 descriptor?? [ 381.819057][ T7790] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 381.832205][ T5838] hub 4-1:0.3: bad descriptor, ignoring hub [ 381.838784][ T5838] hub: probe of 4-1:0.3 failed with error -5 [ 381.849130][ T5838] sierra 4-1:0.3: Sierra USB modem converter detected [ 382.135304][ T7801] loop1: detected capacity change from 0 to 4096 [ 383.217065][ T7807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 383.226376][ T7807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 383.518659][ T5788] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 384.358415][ T7807] netlink: 'syz.3.392': attribute type 1 has an invalid length. [ 385.088730][ T7801] ntfs3: loop1: Failed to read $UpCase (-4). [ 385.107857][ T7820] hub 8-0:1.0: USB hub found [ 385.135275][ T7820] hub 8-0:1.0: 1 port detected [ 385.486013][ T7807] 8021q: adding VLAN 0 to HW filter on device bond1 [ 386.491305][ T7817] bond1: (slave gretap1): making interface the new active one [ 386.517166][ T7832] loop2: detected capacity change from 0 to 128 [ 386.536056][ T7817] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 386.551814][ T7832] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 386.592482][ T7817] syz.3.392 (7817) used greatest stack depth: 17608 bytes left [ 386.836926][ T7832] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 386.884199][ T7832] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 386.914246][ T5838] usb 4-1: Sierra USB modem converter now attached to ttyUSB0 [ 386.996152][ T5838] usb 4-1: Sierra USB modem converter now attached to ttyUSB1 [ 389.179968][ T5831] usb 4-1: USB disconnect, device number 7 [ 389.205795][ T5831] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 389.432985][ T5831] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1 [ 389.444643][ T5831] sierra 4-1:0.3: device disconnected [ 389.800905][ T5788] Bluetooth: hci3: command 0x0406 tx timeout [ 389.813772][ T7859] loop3: detected capacity change from 0 to 64 [ 389.875998][ T7862] netlink: 16 bytes leftover after parsing attributes in process `syz.1.407'. [ 389.900860][ T7859] MINIX-fs: bad superblock or unable to read bitmaps [ 391.148625][ T7869] loop3: detected capacity change from 0 to 1024 [ 391.160772][ T7869] hfsplus: unable to parse mount options [ 391.431311][ T7234] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 391.470654][ T7870] netlink: 8 bytes leftover after parsing attributes in process `syz.2.411'. [ 395.378720][ T5794] Bluetooth: hci3: command 0x0406 tx timeout [ 396.156930][ T5794] Bluetooth: hci2: unexpected event for opcode 0x0411 [ 396.780856][ T7905] loop1: detected capacity change from 0 to 1024 [ 396.808000][ T7905] hfsplus: unable to parse mount options [ 397.107164][ T7908] mmap: syz.0.420 (7908) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 398.360590][ T7377] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 398.817342][ T7912] loop3: detected capacity change from 0 to 1024 [ 398.825814][ T7912] EXT4-fs: Ignoring removed mblk_io_submit option [ 398.832333][ T7912] EXT4-fs: Ignoring removed bh option [ 398.841915][ T7912] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 398.943837][ T7912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 399.628147][ C1] ================================================================== [ 399.636236][ C1] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x46a/0x4b0 [ 399.644121][ C1] Read of size 2 at addr ffff888024a81c2a by task kworker/1:1H/95 [ 399.652016][ C1] [ 399.654402][ C1] CPU: 1 PID: 95 Comm: kworker/1:1H Not tainted 6.6.100-syzkaller #0 [ 399.662475][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 399.672516][ C1] Workqueue: events_highpri snd_vmidi_output_work [ 399.678918][ C1] Call Trace: [ 399.682180][ C1] [ 399.685021][ C1] dump_stack_lvl+0x16c/0x230 [ 399.689774][ C1] ? __lock_acquire+0x7c80/0x7c80 [ 399.694776][ C1] ? show_regs_print_info+0x20/0x20 [ 399.699961][ C1] ? load_image+0x3b0/0x3b0 [ 399.704446][ C1] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 399.709892][ C1] ? __virt_addr_valid+0x18c/0x540 [ 399.714979][ C1] ? __virt_addr_valid+0x469/0x540 [ 399.720068][ C1] print_report+0xac/0x200 [ 399.724459][ C1] ? rose_timer_expiry+0x46a/0x4b0 [ 399.729559][ C1] kasan_report+0x117/0x150 [ 399.734042][ C1] ? rose_timer_expiry+0x46a/0x4b0 [ 399.739133][ C1] rose_timer_expiry+0x46a/0x4b0 [ 399.744053][ C1] call_timer_fn+0x16e/0x530 [ 399.748638][ C1] ? rose_start_t1timer+0xd0/0xd0 [ 399.753682][ C1] ? call_timer_fn+0xbf/0x530 [ 399.758361][ C1] ? __run_timers+0x7d0/0x7d0 [ 399.763037][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 399.768220][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 399.773409][ C1] ? rose_start_t1timer+0xd0/0xd0 [ 399.778414][ C1] __run_timers+0x52d/0x7d0 [ 399.782915][ C1] ? detach_timer+0x2b0/0x2b0 [ 399.787832][ C1] ? lock_chain_count+0x20/0x20 [ 399.792664][ C1] run_timer_softirq+0x67/0xf0 [ 399.797404][ C1] handle_softirqs+0x280/0x820 [ 399.802159][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 399.806909][ C1] ? do_softirq+0x180/0x180 [ 399.811391][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 399.816752][ C1] __irq_exit_rcu+0xc7/0x190 [ 399.821328][ C1] ? irq_exit_rcu+0x20/0x20 [ 399.825843][ C1] irq_exit_rcu+0x9/0x20 [ 399.830063][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 399.835689][ C1] [ 399.838601][ C1] [ 399.841511][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 399.847474][ C1] RIP: 0010:finish_task_switch+0x26a/0x920 [ 399.853445][ C1] Code: 0f 84 37 01 00 00 48 85 db 0f 85 56 01 00 00 e9 f6 04 00 00 4c 8b 75 d0 4c 89 e7 e8 f0 6a 1a 09 e8 fb a3 2f 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 399.873130][ C1] RSP: 0018:ffffc900024ff698 EFLAGS: 00000282 [ 399.879229][ C1] RAX: 24fffc33ebd24500 RBX: 0000000000000000 RCX: 24fffc33ebd24500 [ 399.887196][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaaba40 RDI: ffffffff8afc6700 [ 399.895155][ C1] RBP: ffffc900024ff6f0 R08: ffffffff90da362f R09: 1ffffffff21b46c5 [ 399.903128][ C1] R10: dffffc0000000000 R11: fffffbfff21b46c6 R12: ffff888018b10000 [ 399.911276][ C1] R13: dffffc0000000000 R14: ffff88802cb98000 R15: ffff8880b8f3cf08 [ 399.919337][ C1] ? finish_task_switch+0x265/0x920 [ 399.924532][ C1] __schedule+0x14da/0x44d0 [ 399.929020][ C1] ? asan.module_dtor+0x20/0x20 [ 399.933850][ C1] ? mark_lock+0x94/0x320 [ 399.938183][ C1] ? lock_chain_count+0x20/0x20 [ 399.943117][ C1] ? preempt_schedule+0xab/0xc0 [ 399.947962][ C1] preempt_schedule_common+0x82/0xc0 [ 399.953239][ C1] preempt_schedule+0xab/0xc0 [ 399.957949][ C1] ? schedule_preempt_disabled+0x20/0x20 [ 399.963593][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 399.969752][ C1] preempt_schedule_thunk+0x1a/0x30 [ 399.974938][ C1] _raw_spin_unlock_irqrestore+0xfa/0x110 [ 399.980656][ C1] ? _raw_spin_unlock+0x40/0x40 [ 399.985505][ C1] snd_rawmidi_transmit+0x9c/0xc0 [ 399.990543][ C1] snd_vmidi_output_work+0x1a4/0x410 [ 399.995818][ C1] ? snd_virmidi_output_drain+0x70/0x70 [ 400.001344][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 400.006531][ C1] ? process_scheduled_works+0x957/0x15b0 [ 400.012240][ C1] ? process_scheduled_works+0x957/0x15b0 [ 400.017964][ C1] process_scheduled_works+0xa45/0x15b0 [ 400.023527][ C1] ? assign_work+0x400/0x400 [ 400.028100][ C1] ? assign_work+0x39e/0x400 [ 400.032669][ C1] worker_thread+0xa55/0xfc0 [ 400.037237][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 400.043131][ C1] ? _raw_spin_unlock+0x40/0x40 [ 400.048059][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 400.053961][ C1] kthread+0x2fa/0x390 [ 400.058012][ C1] ? pr_cont_work+0x560/0x560 [ 400.062769][ C1] ? kthread_blkcg+0xd0/0xd0 [ 400.067334][ C1] ret_from_fork+0x48/0x80 [ 400.071732][ C1] ? kthread_blkcg+0xd0/0xd0 [ 400.076298][ C1] ret_from_fork_asm+0x11/0x20 [ 400.081056][ C1] [ 400.084060][ C1] [ 400.086369][ C1] Allocated by task 5158: [ 400.090689][ C1] kasan_set_track+0x4e/0x70 [ 400.095274][ C1] __kasan_kmalloc+0x8f/0xa0 [ 400.099854][ C1] kernfs_fop_open+0x3f5/0xcc0 [ 400.104634][ C1] do_dentry_open+0x8c6/0x1500 [ 400.109478][ C1] path_openat+0x274b/0x3190 [ 400.114073][ C1] do_filp_open+0x1c5/0x3d0 [ 400.118560][ C1] do_sys_openat2+0x12c/0x1c0 [ 400.123231][ C1] __x64_sys_openat+0x139/0x160 [ 400.128070][ C1] do_syscall_64+0x55/0xb0 [ 400.132563][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 400.138460][ C1] [ 400.140794][ C1] Freed by task 5158: [ 400.144834][ C1] kasan_set_track+0x4e/0x70 [ 400.149402][ C1] kasan_save_free_info+0x2e/0x50 [ 400.154402][ C1] ____kasan_slab_free+0x126/0x1e0 [ 400.159492][ C1] slab_free_freelist_hook+0x130/0x1b0 [ 400.164924][ C1] __kmem_cache_free+0xba/0x1f0 [ 400.169751][ C1] kernfs_fop_release+0x166/0x190 [ 400.174766][ C1] __fput+0x234/0x970 [ 400.178724][ C1] __se_sys_close+0x15f/0x220 [ 400.183374][ C1] do_syscall_64+0x55/0xb0 [ 400.187762][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 400.193635][ C1] [ 400.196026][ C1] Last potentially related work creation: [ 400.201718][ C1] kasan_save_stack+0x3e/0x60 [ 400.206371][ C1] __kasan_record_aux_stack+0xaf/0xc0 [ 400.211732][ C1] call_rcu+0x158/0x930 [ 400.215863][ C1] kthread_worker_fn+0x4d4/0xa90 [ 400.220786][ C1] kthread+0x2fa/0x390 [ 400.224837][ C1] ret_from_fork+0x48/0x80 [ 400.229239][ C1] ret_from_fork_asm+0x11/0x20 [ 400.233985][ C1] [ 400.236284][ C1] The buggy address belongs to the object at ffff888024a81c00 [ 400.236284][ C1] which belongs to the cache kmalloc-512 of size 512 [ 400.250313][ C1] The buggy address is located 42 bytes inside of [ 400.250313][ C1] freed 512-byte region [ffff888024a81c00, ffff888024a81e00) [ 400.264183][ C1] [ 400.266485][ C1] The buggy address belongs to the physical page: [ 400.272868][ C1] page:ffffea000092a000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24a80 [ 400.283011][ C1] head:ffffea000092a000 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 400.291941][ C1] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 400.299981][ C1] page_type: 0xffffffff() [ 400.304480][ C1] raw: 00fff00000000840 ffff888017841c80 ffffea00006fcc00 dead000000000002 [ 400.313039][ C1] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 400.321607][ C1] page dumped because: kasan: bad access detected [ 400.328166][ C1] page_owner tracks the page as allocated [ 400.333853][ C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1641, tgid 1641 (kworker/u4:5), ts 12190081984, free_ts 0 [ 400.354322][ C1] post_alloc_hook+0x1cd/0x210 [ 400.359072][ C1] get_page_from_freelist+0x195c/0x19f0 [ 400.364610][ C1] __alloc_pages+0x1e3/0x460 [ 400.369200][ C1] alloc_slab_page+0x5d/0x170 [ 400.373869][ C1] new_slab+0x87/0x2e0 [ 400.377922][ C1] ___slab_alloc+0xc6d/0x12f0 [ 400.382587][ C1] __kmem_cache_alloc_node+0x1a2/0x260 [ 400.388028][ C1] kmalloc_trace+0x2a/0xe0 [ 400.392423][ C1] alloc_bprm+0x56/0x9c0 [ 400.396664][ C1] kernel_execve+0x98/0x9c0 [ 400.401168][ C1] call_usermodehelper_exec_async+0x20b/0x350 [ 400.407212][ C1] ret_from_fork+0x48/0x80 [ 400.411607][ C1] ret_from_fork_asm+0x11/0x20 [ 400.416348][ C1] page_owner free stack trace missing [ 400.421705][ C1] [ 400.424006][ C1] Memory state around the buggy address: [ 400.429613][ C1] ffff888024a81b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 400.437666][ C1] ffff888024a81b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 400.445715][ C1] >ffff888024a81c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 400.453754][ C1] ^ [ 400.459104][ C1] ffff888024a81c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 400.467164][ C1] ffff888024a81d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 400.475207][ C1] ================================================================== [ 400.485339][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 400.492513][ C1] CPU: 1 PID: 95 Comm: kworker/1:1H Not tainted 6.6.100-syzkaller #0 [ 400.500568][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 400.510712][ C1] Workqueue: events_highpri snd_vmidi_output_work [ 400.517113][ C1] Call Trace: [ 400.520373][ C1] [ 400.523198][ C1] dump_stack_lvl+0x16c/0x230 [ 400.527865][ C1] ? show_regs_print_info+0x20/0x20 [ 400.533050][ C1] ? load_image+0x3b0/0x3b0 [ 400.537545][ C1] panic+0x2c0/0x710 [ 400.541428][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 400.545912][ C1] ? _raw_spin_unlock_irqrestore+0xa9/0x110 [ 400.551785][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 400.557760][ C1] ? _raw_spin_unlock+0x40/0x40 [ 400.562593][ C1] ? print_memory_metadata+0x314/0x400 [ 400.568030][ C1] ? rose_timer_expiry+0x46a/0x4b0 [ 400.573128][ C1] check_panic_on_warn+0x84/0xa0 [ 400.578064][ C1] ? rose_timer_expiry+0x46a/0x4b0 [ 400.583238][ C1] end_report+0x6f/0x140 [ 400.587557][ C1] kasan_report+0x128/0x150 [ 400.592038][ C1] ? rose_timer_expiry+0x46a/0x4b0 [ 400.597140][ C1] rose_timer_expiry+0x46a/0x4b0 [ 400.602058][ C1] call_timer_fn+0x16e/0x530 [ 400.606624][ C1] ? rose_start_t1timer+0xd0/0xd0 [ 400.611628][ C1] ? call_timer_fn+0xbf/0x530 [ 400.616314][ C1] ? __run_timers+0x7d0/0x7d0 [ 400.621009][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 400.626215][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 400.631410][ C1] ? rose_start_t1timer+0xd0/0xd0 [ 400.636438][ C1] __run_timers+0x52d/0x7d0 [ 400.641033][ C1] ? detach_timer+0x2b0/0x2b0 [ 400.645728][ C1] ? lock_chain_count+0x20/0x20 [ 400.650568][ C1] run_timer_softirq+0x67/0xf0 [ 400.655333][ C1] handle_softirqs+0x280/0x820 [ 400.660092][ C1] ? __irq_exit_rcu+0xc7/0x190 [ 400.664846][ C1] ? do_softirq+0x180/0x180 [ 400.669333][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 400.674520][ C1] __irq_exit_rcu+0xc7/0x190 [ 400.679175][ C1] ? irq_exit_rcu+0x20/0x20 [ 400.683677][ C1] irq_exit_rcu+0x9/0x20 [ 400.687911][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 400.693579][ C1] [ 400.696496][ C1] [ 400.699409][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 400.705392][ C1] RIP: 0010:finish_task_switch+0x26a/0x920 [ 400.711758][ C1] Code: 0f 84 37 01 00 00 48 85 db 0f 85 56 01 00 00 e9 f6 04 00 00 4c 8b 75 d0 4c 89 e7 e8 f0 6a 1a 09 e8 fb a3 2f 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 400.731350][ C1] RSP: 0018:ffffc900024ff698 EFLAGS: 00000282 [ 400.737397][ C1] RAX: 24fffc33ebd24500 RBX: 0000000000000000 RCX: 24fffc33ebd24500 [ 400.745526][ C1] RDX: dffffc0000000000 RSI: ffffffff8aaaba40 RDI: ffffffff8afc6700 [ 400.753475][ C1] RBP: ffffc900024ff6f0 R08: ffffffff90da362f R09: 1ffffffff21b46c5 [ 400.761433][ C1] R10: dffffc0000000000 R11: fffffbfff21b46c6 R12: ffff888018b10000 [ 400.769396][ C1] R13: dffffc0000000000 R14: ffff88802cb98000 R15: ffff8880b8f3cf08 [ 400.777357][ C1] ? finish_task_switch+0x265/0x920 [ 400.782544][ C1] __schedule+0x14da/0x44d0 [ 400.787031][ C1] ? asan.module_dtor+0x20/0x20 [ 400.791873][ C1] ? mark_lock+0x94/0x320 [ 400.796180][ C1] ? lock_chain_count+0x20/0x20 [ 400.801007][ C1] ? preempt_schedule+0xab/0xc0 [ 400.805842][ C1] preempt_schedule_common+0x82/0xc0 [ 400.811122][ C1] preempt_schedule+0xab/0xc0 [ 400.815884][ C1] ? schedule_preempt_disabled+0x20/0x20 [ 400.821510][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 400.827664][ C1] preempt_schedule_thunk+0x1a/0x30 [ 400.832898][ C1] _raw_spin_unlock_irqrestore+0xfa/0x110 [ 400.838615][ C1] ? _raw_spin_unlock+0x40/0x40 [ 400.843718][ C1] snd_rawmidi_transmit+0x9c/0xc0 [ 400.848741][ C1] snd_vmidi_output_work+0x1a4/0x410 [ 400.854013][ C1] ? snd_virmidi_output_drain+0x70/0x70 [ 400.859540][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 400.864717][ C1] ? process_scheduled_works+0x957/0x15b0 [ 400.870417][ C1] ? process_scheduled_works+0x957/0x15b0 [ 400.876117][ C1] process_scheduled_works+0xa45/0x15b0 [ 400.881647][ C1] ? assign_work+0x400/0x400 [ 400.886393][ C1] ? assign_work+0x39e/0x400 [ 400.890958][ C1] worker_thread+0xa55/0xfc0 [ 400.895538][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 400.901412][ C1] ? _raw_spin_unlock+0x40/0x40 [ 400.906238][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 400.912202][ C1] kthread+0x2fa/0x390 [ 400.916364][ C1] ? pr_cont_work+0x560/0x560 [ 400.921050][ C1] ? kthread_blkcg+0xd0/0xd0 [ 400.925630][ C1] ret_from_fork+0x48/0x80 [ 400.930117][ C1] ? kthread_blkcg+0xd0/0xd0 [ 400.934687][ C1] ret_from_fork_asm+0x11/0x20 [ 400.939434][ C1] [ 400.942678][ C1] Kernel Offset: disabled [ 400.946985][ C1] Rebooting in 86400 seconds..