last executing test programs: 15m20.045328623s ago: executing program 0 (id=2367): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0) 15m19.609314759s ago: executing program 0 (id=2371): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) socket(0x10, 0x803, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831373f00000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) 15m19.279083166s ago: executing program 0 (id=2375): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e00"], 0x48) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x400, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f00000004c0)=@assoc_value={0x0}, &(0x7f00000010c0)=0x8) r3 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000600)={r2, 0x7, 0x1, 0x5, 0x800, 0xe1e, 0xfffb, 0x4, {r1, @in6={{0xa, 0x4e21, 0x7, @loopback, 0xa01}}, 0x800, 0x1, 0x800, 0x7, 0x4}}, &(0x7f0000000300)=0xb0) 15m19.066290423s ago: executing program 0 (id=2376): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000540)='./file0/file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891008, 0x0) 15m18.899942687s ago: executing program 0 (id=2379): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) r4 = socket(0x10, 0x803, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0) 15m18.174249586s ago: executing program 0 (id=2383): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10) sendmsg$tipc(r2, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2400c09d}, 0x20) 15m17.589361084s ago: executing program 32 (id=2383): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10) sendmsg$tipc(r2, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2400c09d}, 0x20) 10m7.27023291s ago: executing program 2 (id=3738): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_int(r0, 0x0, 0x1a, 0x0, &(0x7f00000001c0)=0x2) r1 = socket$can_raw(0x1d, 0x3, 0x1) poll(&(0x7f0000000040), 0x1f, 0x3) setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@data_ordered}, {@noload}, {@grpid}, {@grpjquota, 0x22}, {@init_itable}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") socket$nl_route(0x10, 0x3, 0x0) 10m4.56885224s ago: executing program 2 (id=3750): prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) socket$can_bcm(0x1d, 0x2, 0x2) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x20004811) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r1, 0xffffffffffffffff, 0x0) 10m4.32198951s ago: executing program 2 (id=3752): socket$inet6_udp(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 10m3.802079623s ago: executing program 2 (id=3755): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3", 0x5}], 0x1}, 0x4048081) bind$can_j1939(r1, &(0x7f00000001c0)={0x1d, r2, 0x1, {0x2, 0xf0, 0x3}, 0xff}, 0x18) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xffff, 0x15}, {0x1, 0x5}, {0xfff2, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x90) 10m3.361451129s ago: executing program 2 (id=3756): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x8}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x51, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0) 10m2.175892415s ago: executing program 2 (id=3758): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x54}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect$hid(0x4, 0x3f, 0x0, 0x0) sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) socket(0x10, 0x803, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r6, 0x89f8, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f00000004c0)={'sit0\x00', 0x0, 0x1, 0x20, 0x0, 0x3, {{0x43, 0x4, 0x2, 0x3a, 0x10c, 0x64, 0x0, 0x2, 0x4, 0x0, @empty, @private=0xa010102, {[@cipso={0x86, 0xc, 0x3, [{0x2, 0x6, "e2c403ff"}]}, @timestamp_prespec={0x44, 0xc, 0x47, 0x3, 0xf, [{@multicast1, 0x4}]}, @timestamp_addr={0x44, 0x44, 0xc1, 0x1, 0xe, [{@dev={0xac, 0x14, 0x14, 0x2e}, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1b}, {@rand_addr=0x64010101, 0x3}, {@multicast2, 0xfffff05c}, {@multicast2, 0x2}, {@local, 0xff}, {@multicast2, 0xd}, {@private=0xa010100, 0xb}]}, @timestamp_prespec={0x44, 0x4c, 0xdf, 0x3, 0x9, [{@broadcast, 0x7}, {@local, 0xb}, {@remote, 0xcdd}, {@rand_addr=0x64010100, 0xf}, {@remote, 0x8}, {@loopback}, {@dev={0xac, 0x14, 0x14, 0x27}}, {@local, 0x2}, {@remote, 0xf905}]}, @generic={0x86, 0x9, "60d7ae753c51cb"}, @rr={0x7, 0x13, 0xa1, [@dev={0xac, 0x14, 0x14, 0x2f}, @empty, @empty, @local]}, @timestamp_prespec={0x44, 0x34, 0xfb, 0x3, 0x6, [{@multicast2, 0x1}, {@multicast1, 0x101}, {@rand_addr=0x64010100, 0x1}, {@private=0xa010100, 0x3}, {@rand_addr=0x64010100, 0x5}, {@dev={0xac, 0x14, 0x14, 0x2b}, 0x151}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'}) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r3, 0x58, &(0x7f00000003c0)}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000680)={r3, 0x58, &(0x7f0000000600)}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r8, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffff02ffffffffffffffffffffffff200004000a004e2000000401000000006d5a00000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d400", @ANYRES16=r7], 0x21c}}, 0x0) 9m47.054325018s ago: executing program 33 (id=3758): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x54}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect$hid(0x4, 0x3f, 0x0, 0x0) sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) socket(0x10, 0x803, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r6, 0x89f8, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f00000004c0)={'sit0\x00', 0x0, 0x1, 0x20, 0x0, 0x3, {{0x43, 0x4, 0x2, 0x3a, 0x10c, 0x64, 0x0, 0x2, 0x4, 0x0, @empty, @private=0xa010102, {[@cipso={0x86, 0xc, 0x3, [{0x2, 0x6, "e2c403ff"}]}, @timestamp_prespec={0x44, 0xc, 0x47, 0x3, 0xf, [{@multicast1, 0x4}]}, @timestamp_addr={0x44, 0x44, 0xc1, 0x1, 0xe, [{@dev={0xac, 0x14, 0x14, 0x2e}, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1b}, {@rand_addr=0x64010101, 0x3}, {@multicast2, 0xfffff05c}, {@multicast2, 0x2}, {@local, 0xff}, {@multicast2, 0xd}, {@private=0xa010100, 0xb}]}, @timestamp_prespec={0x44, 0x4c, 0xdf, 0x3, 0x9, [{@broadcast, 0x7}, {@local, 0xb}, {@remote, 0xcdd}, {@rand_addr=0x64010100, 0xf}, {@remote, 0x8}, {@loopback}, {@dev={0xac, 0x14, 0x14, 0x27}}, {@local, 0x2}, {@remote, 0xf905}]}, @generic={0x86, 0x9, "60d7ae753c51cb"}, @rr={0x7, 0x13, 0xa1, [@dev={0xac, 0x14, 0x14, 0x2f}, @empty, @empty, @local]}, @timestamp_prespec={0x44, 0x34, 0xfb, 0x3, 0x6, [{@multicast2, 0x1}, {@multicast1, 0x101}, {@rand_addr=0x64010100, 0x1}, {@private=0xa010100, 0x3}, {@rand_addr=0x64010100, 0x5}, {@dev={0xac, 0x14, 0x14, 0x2b}, 0x151}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00'}) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r3, 0x58, &(0x7f00000003c0)}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000680)={r3, 0x58, &(0x7f0000000600)}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r8, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffff02ffffffffffffffffffffffff200004000a004e2000000401000000006d5a00000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d400", @ANYRES16=r7], 0x21c}}, 0x0) 10.506075738s ago: executing program 1 (id=5713): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), &(0x7f0000000880)="22cff58056", 0x5, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$inet6(0x10, 0x80000, 0x3) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@bridge_newneigh={0x28, 0x1c, 0x401, 0x70bd2b, 0x25dddbfe, {0x7, 0x0, 0x0, r3, 0x80, 0xee, 0x4}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040040) dup(r1) r4 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r4, 0xc040565e, &(0x7f00000000c0)={0x5, 0x0, 0x0, {0xffff, 0x3, 0xb0c, 0x8}}) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0x40086602, 0x0) socket(0x400000000010, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x646, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x7, 0x1, 0x4}) ioctl$vim2m_VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f0000000140)=@fd={0x3, 0x1, 0x4, 0x800, 0x7, {0x0, 0xea60}, {0x4, 0x1, 0x2, 0x3, 0xb2, 0x6, "c809ecaa"}, 0x1000, 0x4, {}, 0x1ff}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6d3a3068091d62b58999e0a046f9509cb8ddc2a9ad4e0f1f85e5f076218b4b931acdff0c34fc5bdbad17ec481f1c9b17727c14e053e315d0d8d03c24ddaba65c5ce5b1aa04d1f767e25662b155d49460ec720d54044ac2856c11407835f341e2614bcae270000000001000000df7f736aab5d713240b2f40ec7be8251eba969686b2670ddc1a84df6ab12ab3e0cf8747837062233935704ebbd943ef0c5fef29513c7c1d6d2611796dccb45bdfd9e6533ad3574be5b9ea70e0c3b41a32067c03f5f8ed147cd0655c90d656f66eaed18a3c284c4f19417b5d91431759356db5d45ea40c9866957105b6252b0c028c672049ce163126f143f5758faf2a43f4c4f45a69b4e9113f85ae531085c11c75edbdee5af454757cdaff396c15ab9b210c202ffaea96d1bac60c6d6c56a4babc659858789bd479334e13e1c7876f95429431e61400815788c1397b260600d78e7513c58d9ac9474d392cc06f789753e1e7ebf5f1b55e2a64b9150c6580bf48e7bff763034801cccf403108d127b959ffc425a563ea2b90fbe779fd7d2ebfe94"], &(0x7f0000000280)='GPL\x00'}, 0x48) r7 = socket$kcm(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r7, 0x1, 0x32, &(0x7f0000000000)=r6, 0x4) r8 = socket$kcm(0x2, 0x1000000000000002, 0x0) sendmsg$inet(r8, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e1f, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xf}, @multicast2}}}], 0x20}, 0x0) unshare(0x42000000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) 9.62821122s ago: executing program 3 (id=5715): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x4, 0x6, 0x8, 0x8}, 0x8, 0x0, 0x6, 0x9, 0xf8, 0x10, 0xc, 0x19, 0x3, 0x101, {0x6, 0x9, 0x4, 0x7, 0x7fffffff, 0x2}}}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r2, 0x0, 0x20004804) 8.933723587s ago: executing program 3 (id=5719): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="90", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="17", 0x1}], 0x1}}], 0x2, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x244, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9}}}]}}]}}, 0x0) syz_open_dev$rtc(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='illinois\x00', 0x9) shutdown(r0, 0x2) 7.579763588s ago: executing program 5 (id=5725): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x14}}, 0x0) 6.611806358s ago: executing program 5 (id=5726): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x100000000, 0x8, 0x0, 0x3}, 0x0) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x0) r2 = shmget$private(0x0, 0x4000, 0x10, &(0x7f0000000000/0x4000)=nil) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000011c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x438, 0x250, 0x940c, 0x3002, 0x0, 0x2c0, 0x368, 0x3d8, 0x3d8, 0x368, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x208, 0x250, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x2, 0x3, 'syz0\x00'}}, @common=@inet=@iprange={{0x68}, {@ipv4=@broadcast, @ipv4=@broadcast, @ipv4=@multicast2, @ipv4=@remote, 0x2}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00', {0xfffffffffffffffe}}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'veth1\x00', {0xb8cd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x498) shmat(r2, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') lseek(r4, 0x1000000, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20050081) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r7 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001c80)=@newqdisc={0x1c8, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x198, 0x2, [@TCA_GRED_LIMIT={0x8, 0x5, 0xb96}, @TCA_GRED_PARMS={0x38, 0x1, {0x1, 0x7, 0xfffffff9, 0x8, 0x3ff, 0x8, 0x148, 0x62b, 0x2, 0x6c6, 0xc, 0x1c, 0xa, 0x9, 0x5, 0xfffffffd}}, @TCA_GRED_LIMIT={0x8, 0x5, 0x9}, @TCA_GRED_LIMIT={0x8, 0x5, 0xc}, @TCA_GRED_PARMS={0x38, 0x1, {0xfffffffd, 0x40, 0x5, 0x8, 0x5, 0x1003, 0x7, 0x2, 0x3d, 0xc88a, 0x21, 0x16, 0x1, 0x1, 0x5, 0x5}}, @TCA_GRED_STAB={0x104, 0x2, "00559446a386a6437f9b8e0b240a39da782ff0f4d94bc93cf96924149ce0daab8c929f675a06bb6f8c3b5d7c255f2aea9eb0bb26b7813e99f62f1c3a448051f2795358ca7deea38bc54f318137f4e0dcb8638368f710005fefbce63cc4558556cbe799ba955e7350cc37aa572ce87310b2612eeffe4cd38bf8b4318bb73db294a108330d0534ef7679b8365253821be0d2f419761499165762da9eb2b8f7db0cad2b6ae42d340bd631fca1a59b71fdc0ab63aaba4787601311c280d25ba58d6de1257ed22599757a49fd3be6371d096fe15115d8d68f1132dd29eb8a5afb8a709fb88f161127e9806600d3fdce7324c2a0d6c02a1a289afb3ac7ebfeac2f3dd4"}, @TCA_GRED_LIMIT={0x8, 0x5, 0x51d}]}}]}, 0x1c8}}, 0x0) write$tun(r4, 0x0, 0x10da) r9 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r9, &(0x7f0000000600)={0x2020}, 0x2020) connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x284000, @empty, 0x3}, 0x1c) creat(&(0x7f0000004780)='./file0\x00', 0x200) openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) 5.530243396s ago: executing program 3 (id=5728): gettid() socket(0x2, 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}}, 0x0) 5.400381617s ago: executing program 4 (id=5729): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {0x0, 0x1}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0x0, 0x4}, {}, {0x0, 0x20000000, 0x0, 0xffffffff, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {0xd5}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x10}, {0x80000000}, {0x8eb9, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x4, 0x0, 0x7ee}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9}, {}, {}, {}, {}, {0x3, 0x0, 0x0, 0x0, 0xc}, {}, {0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {0x0, 0x20000009, 0xfffffffc, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x2}, {}, {}, {}, {}, {}, {0x10000}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x2, 0x1}, {}, {0x0, 0x3}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x7) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2) prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000bbdffc)) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) 5.043670486s ago: executing program 1 (id=5730): socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) setsockopt$CAIFSO_LINK_SELECT(0xffffffffffffffff, 0x116, 0x7f, &(0x7f0000000000)=0x7, 0x4) r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, 0x0) sched_setattr(0x0, 0x0, 0x0) r5 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r5, 0x84, 0x16, 0x0, &(0x7f00000000c0)) r6 = memfd_create(&(0x7f0000000a00)='/dev/loop#\x00\xee\b\xce\xde\xe9\x8d\xd2\xd59\xe8\xda\b\xd6\xb2\x15\xf6F\xb8\xb4{r.\xd2\xea\xec\xdbXe&J \xe9\x16\x82\xe8=\x83\x88sN\x83N`\xf9\xec\xe1\xb16\xfb*\xf5\xd5\\\xa7\xebe\xbe\x9d\xd7\xf5\xb9<\xb2\xc4\xf9:\xef\xc0g\xc3\xb5\x7f\xc0\xcck.5=\xcc\x10Y\xad^*\x10\x00\x00\x00\x00\x00\x00\x00\x0e%\x84\x95bXy\x81;o\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa9{b\xab\x91\x88\xba\xa5J\xfd\xd2\x96R\x06\xeeP\x0f\xb0\xad_\x0e\xf6\xe7k\xbf\x93)\x02yX\x91\xc0\x8c\xeb\xd9\xda=\\\xa0\xdeke\xb6\xef\x10\xd2\xbd9\x87<[BKq\t*t\x9e\xf9\xa6\xb5\xda\tb\xcc%?\x14Y\x9b\x18nx\x19\x11\xb7\x9d~\xc5{O\xd0S\xbdi\xf8\"P>4\x05E|h?\x0f\xf5\xf8\x8c\xce\xebXN\xb7\xc0F\xbao\xf7\xab\xedO\x96\xa1(\n\x1e\xf9\xbe/.\xe2^\xb0\xb6{\x1fdX\x100v\xab\xce\x05\x00i\x85\xf63\x05\b\xd8\xeb\xdf\x00\x00]N\xe1\x9di&\r\xd2pw\x85\vQ \x82v\x8a7\xb6\xf8\x1c\x8c\xf0\xaf\xfa\x17\xbeD\a\vM\x87\xc0Q\x94\xd4\xd3\xc7I@Z\t\xa9\xf0\x9d4c\xb1^\xeeF\x96\xa1{OV\xe0\x1e#\xb3w\xc7\x87\xdd\'c\xcf.\x04\x8b\x9e\xef-b\xbe\x17T\xee\xe1\xf7\'+s\x15\xeb\xb1D\x86\x93\x1e\xf9\xf1L\x0f\x9b7/\xd9D\x91\xc47hI\xbc\x13.@R\x8b\xe2x\x97:A\xf1\xb6\xe2\xc8\xb2\x9bD\xb2P\xdc\xd4\xb1\xa50\x9f\x83~)\x9b7-\x80&r\xbc\xf60xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c) sendto$inet6(r1, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) recvmmsg(r1, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f00000000c0), 0x1, &(0x7f00000003c0)=""/21, 0x21}, 0x1ff}], 0x73d, 0x40000040, 0x0) 3.797482818s ago: executing program 5 (id=5732): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0) syz_usb_disconnect(r0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(0xffffffffffffffff, 0x47ba, 0x0, 0x0, 0x0, 0x0) 3.576350707s ago: executing program 4 (id=5733): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_STATION(r3, &(0x7f0000007380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x40, r1, 0xe096044a3fc9e6f1, 0xffffffff, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0xfa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x200000d0}, 0x8050) 3.543693879s ago: executing program 1 (id=5734): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[], 0x14}}, 0x0) 3.462738506s ago: executing program 1 (id=5735): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x4, 0x6, 0x8, 0x8}, 0x8, 0x0, 0x6, 0x9, 0xf8, 0x10, 0xc, 0x19, 0x3, 0x101, {0x6, 0x9, 0x4, 0x7, 0x7fffffff, 0x2}}}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) 3.395097232s ago: executing program 4 (id=5736): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {0x0, 0x1}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0x0, 0x4}, {}, {0x0, 0x20000000, 0x0, 0xffffffff, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {0xd5}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x10}, {0x80000000}, {0x8eb9, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x4, 0x0, 0x7ee}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9}, {}, {}, {}, {}, {0x3, 0x0, 0x0, 0x0, 0xc}, {}, {0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {0x0, 0x20000009, 0xfffffffc, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x2}, {}, {}, {}, {}, {}, {0x10000}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x2, 0x1}, {}, {0x0, 0x3}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x7) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', 0x0, &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2) prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000bbdffc)) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) 3.274234201s ago: executing program 1 (id=5737): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="90", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="17", 0x1}], 0x1}}], 0x2, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x244, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9}}}]}}]}}, 0x0) syz_open_dev$rtc(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='illinois\x00', 0x9) shutdown(r0, 0x2) 2.263977454s ago: executing program 4 (id=5738): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='illinois\x00', 0x9) 2.135882285s ago: executing program 4 (id=5739): gettid() socket(0x2, 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x3}, {{0x1, 0x1, 0x1, 0x1}, {0x4, 0x1, 0x0, 0x1}}}}]}]}]}}]}, 0x50}}, 0x0) 1.999305185s ago: executing program 4 (id=5740): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x100000000, 0x8, 0x0, 0x3}, 0x0) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x0) r2 = shmget$private(0x0, 0x4000, 0x10, &(0x7f0000000000/0x4000)=nil) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000011c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x438, 0x250, 0x940c, 0x3002, 0x0, 0x2c0, 0x368, 0x3d8, 0x3d8, 0x368, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x208, 0x250, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x2, 0x3, 'syz0\x00'}}, @common=@inet=@iprange={{0x68}, {@ipv4=@broadcast, @ipv4=@broadcast, @ipv4=@multicast2, @ipv4=@remote, 0x2}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00', {0xfffffffffffffffe}}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'veth1\x00', {0xb8cd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x498) shmat(r2, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00') lseek(r4, 0x1000000, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20050081) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r7 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001c80)=@newqdisc={0x1c8, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x198, 0x2, [@TCA_GRED_LIMIT={0x8, 0x5, 0xb96}, @TCA_GRED_PARMS={0x38, 0x1, {0x1, 0x7, 0xfffffff9, 0x8, 0x3ff, 0x8, 0x148, 0x62b, 0x2, 0x6c6, 0xc, 0x1c, 0xa, 0x9, 0x5, 0xfffffffd}}, @TCA_GRED_LIMIT={0x8, 0x5, 0x9}, @TCA_GRED_LIMIT={0x8, 0x5, 0xc}, @TCA_GRED_PARMS={0x38, 0x1, {0xfffffffd, 0x40, 0x5, 0x8, 0x5, 0x1003, 0x7, 0x2, 0x3d, 0xc88a, 0x21, 0x16, 0x1, 0x1, 0x5, 0x5}}, @TCA_GRED_STAB={0x104, 0x2, "00559446a386a6437f9b8e0b240a39da782ff0f4d94bc93cf96924149ce0daab8c929f675a06bb6f8c3b5d7c255f2aea9eb0bb26b7813e99f62f1c3a448051f2795358ca7deea38bc54f318137f4e0dcb8638368f710005fefbce63cc4558556cbe799ba955e7350cc37aa572ce87310b2612eeffe4cd38bf8b4318bb73db294a108330d0534ef7679b8365253821be0d2f419761499165762da9eb2b8f7db0cad2b6ae42d340bd631fca1a59b71fdc0ab63aaba4787601311c280d25ba58d6de1257ed22599757a49fd3be6371d096fe15115d8d68f1132dd29eb8a5afb8a709fb88f161127e9806600d3fdce7324c2a0d6c02a1a289afb3ac7ebfeac2f3dd4"}, @TCA_GRED_LIMIT={0x8, 0x5, 0x51d}]}}]}, 0x1c8}}, 0x0) write$tun(r4, 0x0, 0x10da) r9 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r9, &(0x7f0000000600)={0x2020}, 0x2020) connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x284000, @empty, 0x3}, 0x1c) creat(&(0x7f0000004780)='./file0\x00', 0x200) 1.722748558s ago: executing program 3 (id=5741): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 1.611960177s ago: executing program 3 (id=5742): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@resgid={'resgid', 0x3d, 0xee00}}, {@user_xattr}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {0x0, 0x1}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x2}, {0x0, 0x0, 0x4}, {}, {0x0, 0x20000000, 0x0, 0xffffffff, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {0xd5}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x10}, {0x80000000}, {0x8eb9, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x4, 0x0, 0x4, 0x0, 0x7ee}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x9}, {}, {}, {}, {}, {0x3, 0x0, 0x0, 0x0, 0xc}, {}, {0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {0x0, 0x20000009, 0xfffffffc, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4, 0x2}, {}, {}, {}, {}, {}, {0x10000}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x2, 0x1}, {}, {0x0, 0x3}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000240)=ANY=[], 0x835, 0x0) truncate(&(0x7f0000000100)='./file0/file0\x00', 0x7) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x2) prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000bbdffc)) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) 1.438226932s ago: executing program 5 (id=5743): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[], 0x14}}, 0x0) 1.244352358s ago: executing program 5 (id=5744): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000015000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.152982675s ago: executing program 1 (id=5745): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r1, 0x1000) r2 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) r3 = dup(r2) ioctl$KDSKBMETA(r3, 0x4b63, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) dup3(r4, r0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x2a, [0x8003, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xff7fff01, 0x6, 0x3, 0x7, 0x7, 0x4, 0x0, 0x7, 0x3c5e, 0x1, 0x24, 0xd, 0x20001, 0x0, 0xffffffff, 0xe661, 0xffffebf2, 0x7, 0x3, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xb, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8e, 0x2, 0x106, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x9, 0x0, 0x7, 0x2006, 0x8, 0x4000074, 0x1, 0xe], [0x10000007, 0x9, 0x8000012f, 0x100, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0x384, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x3, 0x4007, 0x7fff, 0x6, 0x400, 0x401, 0x4, 0x1, 0xff, 0x5, 0x7, 0x5f31, 0xd, 0x4e0, 0x80000002, 0x4, 0xb, 0x4, 0x5662, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x80000000, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x1, 0x1, 0x3, 0x10000003, 0xbc45, 0x48c93690, 0x80, 0x3], [0x7, 0x408, 0x4, 0x4005, 0xfffffffe, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0x80b, 0x4, 0x5, 0x800, 0x0, 0x4d4, 0x5, 0x8, 0x86, 0x3, 0xcc, 0x3e7, 0xb, 0x3, 0x2, 0x6, 0x3, 0x2000000b, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0x10000aca, 0xbf, 0x2, 0x3, 0x3, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x7, 0x120000, 0x3, 0x6, 0x712, 0xc, 0x25], [0x9, 0xbb35, 0x7b304120, 0x3ff, 0x5, 0x938, 0x6, 0x6, 0x0, 0x8, 0x7f, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x3f51, 0x8, 0x1, 0xffff, 0xa620, 0x1, 0x5, 0x2000001, 0x2000002, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0x1000c8, 0x1, 0xfffff000, 0x9, 0x3, 0x7e, 0x100, 0xa, 0x7, 0xaf, 0x8, 0xa, 0x226, 0x5, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x6, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x1000d5, 0x200, 0x9, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 0s ago: executing program 5 (id=5746): r0 = dup(0xffffffffffffffff) syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x2a382) r1 = memfd_create(0x0, 0x1) pwritev(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)}], 0x1, 0xc00, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f00000006c0)=ANY=[@ANYRES32=r1], &(0x7f0000000040)='GPL\x00', 0x6, 0x25, &(0x7f0000000200)=""/37, 0x41100, 0x8, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) syz_emit_ethernet(0x3e, &(0x7f0000000a00)=ANY=[@ANYBLOB], 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) syz_open_dev$dri(0x0, 0x40100001, 0x189002) ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, 0x0) r4 = syz_io_uring_setup(0x7392, &(0x7f0000000740)={0x0, 0xbe47, 0x10100, 0x0, 0x2dd, 0x0, r3}, &(0x7f0000000480)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r4, 0x2ded, 0x14003, 0x8, 0x0, 0x0) r7 = socket$tipc(0x1e, 0x2, 0x0) r8 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r8, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0xfffffffd}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10) sendmsg$tipc(r7, &(0x7f0000000140)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x0, 0x2}, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000050}, 0x0) kernel console output (not intermixed with test programs): d38eb69 code=0x7ffc0000 [ 1086.538870][T20206] fuse: Bad value for 'user_id' [ 1086.553408][ T5879] usb 4-1: Using ep0 maxpacket: 16 [ 1086.557291][ T28] audit: type=1326 audit(1754079576.152:7283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20196 comm="syz.5.4928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1086.584121][ T5879] usb 4-1: config 0 has no interfaces? [ 1086.607319][ T5879] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 1086.616537][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1086.656550][ T5879] usb 4-1: config 0 descriptor?? [ 1086.695659][T20208] loop5: detected capacity change from 0 to 1024 [ 1086.705207][T20208] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1086.734414][T20208] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1086.777054][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1086.885447][T20194] usb 39-1: recv xbuf, 0 [ 1086.891905][T16276] vhci_hcd: stop threads [ 1086.896227][T16276] vhci_hcd: release socket [ 1086.907593][ T5879] usb 4-1: USB disconnect, device number 29 [ 1086.916121][T16276] vhci_hcd: disconnect device [ 1087.216787][T15165] vhci_hcd: vhci_device speed not set [ 1087.253020][T20218] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4936'. [ 1088.168753][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1088.368178][T20224] loop3: detected capacity change from 0 to 8192 [ 1088.668660][T20233] loop4: detected capacity change from 0 to 1024 [ 1088.678332][T20233] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1088.692999][T20236] fuse: Bad value for 'user_id' [ 1088.735002][T20233] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1089.713875][T20251] loop3: detected capacity change from 0 to 1024 [ 1089.727950][T20251] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1089.776840][T20251] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1089.938953][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1090.150402][T20256] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4947'. [ 1090.619531][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1091.367138][ T28] kauditd_printk_skb: 121 callbacks suppressed [ 1091.367155][ T28] audit: type=1326 audit(1754079581.452:7405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.532196][ T28] audit: type=1326 audit(1754079581.452:7406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.611416][T20267] loop3: detected capacity change from 0 to 8192 [ 1091.619365][ T28] audit: type=1326 audit(1754079581.512:7407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.689246][ T28] audit: type=1326 audit(1754079581.512:7408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.718460][T20279] program syz.5.4954 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1091.733931][ T28] audit: type=1326 audit(1754079581.512:7409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.775870][T20281] loop4: detected capacity change from 0 to 1024 [ 1091.788189][ T28] audit: type=1326 audit(1754079581.512:7410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.823299][T20281] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1091.839965][ T28] audit: type=1326 audit(1754079581.512:7411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.957614][ T28] audit: type=1326 audit(1754079581.512:7412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1091.982378][ T28] audit: type=1326 audit(1754079581.512:7413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1092.005057][ T28] audit: type=1326 audit(1754079581.512:7414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20266 comm="syz.3.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ed9f8eb69 code=0x7ffc0000 [ 1092.048393][T20281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1092.139804][T20286] lo speed is unknown, defaulting to 1000 [ 1092.147360][T20286] lo speed is unknown, defaulting to 1000 [ 1092.408288][T15165] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 1093.047330][T15165] usb 2-1: Using ep0 maxpacket: 16 [ 1093.095585][T15165] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1093.111955][T15165] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1093.129892][T15165] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 1093.151431][T15165] usb 2-1: New USB device found, idVendor=04f3, idProduct=074d, bcdDevice= 0.40 [ 1093.161263][T15165] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.169702][T15165] usb 2-1: Product: syz [ 1093.174241][T15165] usb 2-1: Manufacturer: syz [ 1093.179180][T15165] usb 2-1: SerialNumber: syz [ 1093.586490][T20278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1094.443277][T20278] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1094.481054][T20278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1094.500326][T20278] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1095.546806][T15758] IPVS: starting estimator thread 0... [ 1095.771073][T20305] IPVS: using max 26 ests per chain, 62400 per kthread [ 1096.088703][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1096.287144][ T5879] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 1096.497070][ T5879] usb 4-1: Using ep0 maxpacket: 32 [ 1096.509547][ T5879] usb 4-1: config index 0 descriptor too short (expected 35577, got 27) [ 1096.537187][ T5879] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1096.558215][ T5879] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1096.570007][ T5879] usb 4-1: config 1 has no interface number 0 [ 1096.577138][ T5879] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1096.607001][ T5879] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1096.621138][ T5879] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1096.637082][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1096.667839][ T5879] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found [ 1097.111094][T15165] usb 2-1: USB disconnect, device number 5 [ 1097.195057][ T5879] snd_usb_pod 4-1:1.1: set_interface failed [ 1097.228803][ T5879] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected [ 1097.254167][ T5879] snd_usb_pod: probe of 4-1:1.1 failed with error -71 [ 1097.272889][ T5879] usb 4-1: USB disconnect, device number 30 [ 1097.468391][T20323] loop3: detected capacity change from 0 to 1024 [ 1097.479500][T20323] EXT4-fs: Ignoring removed i_version option [ 1097.505903][T20323] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1098.257705][T20323] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:478: comm syz.3.4965: Invalid block bitmap block 0 in block_group 0 [ 1098.273181][T20323] __quota_error: 39 callbacks suppressed [ 1098.273222][T20323] Quota error (device loop3): write_blk: dquota write failed [ 1098.287035][T20323] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1098.297548][T20323] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.4965: Failed to acquire dquot type 0 [ 1098.311375][T20323] EXT4-fs error (device loop3): ext4_free_blocks:6681: comm syz.3.4965: Freeing blocks not in datazone - block = 0, count = 4096 [ 1098.325949][T20323] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.4965: Invalid inode bitmap blk 0 in block_group 0 [ 1098.351488][T20323] EXT4-fs error (device loop3) in ext4_free_inode:363: Corrupt filesystem [ 1098.361918][T20323] EXT4-fs (loop3): 1 orphan inode deleted [ 1098.373828][T20323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1099.317056][T16295] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-8 [ 1099.326569][T16295] EXT4-fs error (device loop3): ext4_release_dquot:6974: comm kworker/u4:41: Failed to release dquot type 0 [ 1099.572731][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1099.602383][ T28] audit: type=1326 audit(1754079589.692:7454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.1.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1099.737174][ T28] audit: type=1326 audit(1754079589.692:7455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.1.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1099.826360][ T28] audit: type=1326 audit(1754079589.692:7456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.1.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1099.936678][ T28] audit: type=1326 audit(1754079589.692:7457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.1.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1100.136829][ T28] audit: type=1326 audit(1754079589.692:7458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.1.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1100.160325][ T28] audit: type=1326 audit(1754079589.692:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.1.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1100.183357][ T28] audit: type=1326 audit(1754079589.692:7460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20329 comm="syz.1.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1101.036105][T20340] fuse: Bad value for 'fd' [ 1101.317263][ T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 1101.639744][ T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1101.655139][ T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1101.674766][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1101.683081][ T9] usb 6-1: Product: syz [ 1101.695059][ T9] usb 6-1: Manufacturer: syz [ 1101.723247][ T9] usb 6-1: SerialNumber: syz [ 1101.758139][ T9] hub 6-1:1.0: bad descriptor, ignoring hub [ 1101.776358][ T9] hub: probe of 6-1:1.0 failed with error -5 [ 1103.252733][T20369] loop4: detected capacity change from 0 to 1024 [ 1103.260141][T20369] EXT4-fs: Ignoring removed i_version option [ 1104.336312][T20369] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1105.330884][T20369] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.4976: Invalid block bitmap block 0 in block_group 0 [ 1105.347348][T20369] __quota_error: 28 callbacks suppressed [ 1105.347366][T20369] Quota error (device loop4): write_blk: dquota write failed [ 1105.360959][T20369] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 1105.371020][T20369] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.4976: Failed to acquire dquot type 0 [ 1106.351942][T20369] EXT4-fs error (device loop4): ext4_free_blocks:6681: comm syz.4.4976: Freeing blocks not in datazone - block = 0, count = 4096 [ 1106.366551][T20369] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.4976: Invalid inode bitmap blk 0 in block_group 0 [ 1106.385177][T20369] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem [ 1106.394306][T20369] EXT4-fs (loop4): 1 orphan inode deleted [ 1106.401628][T20369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1107.102162][T16295] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-8 [ 1107.111706][T16295] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:41: Failed to release dquot type 0 [ 1107.180193][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1107.477645][T15165] usb 6-1: USB disconnect, device number 7 [ 1107.521516][ T28] audit: type=1326 audit(1754079597.612:7489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20376 comm="syz.5.4980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1107.574018][ T28] audit: type=1326 audit(1754079597.632:7490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20376 comm="syz.5.4980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1107.607438][T20379] bridge0: port 2(bridge_slave_1) entered disabled state [ 1107.614972][T20379] bridge0: port 1(bridge_slave_0) entered disabled state [ 1107.648237][ T28] audit: type=1326 audit(1754079597.632:7491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20376 comm="syz.5.4980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1107.688344][T20382] bridge_slave_1: left allmulticast mode [ 1107.727492][T20382] bridge_slave_1: left promiscuous mode [ 1107.748725][T20382] bridge0: port 2(bridge_slave_1) entered disabled state [ 1107.766460][ T28] audit: type=1326 audit(1754079597.632:7492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20376 comm="syz.5.4980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1107.825344][T20382] bridge_slave_0: left allmulticast mode [ 1107.834489][T20378] loop5: detected capacity change from 0 to 8192 [ 1107.847026][T20382] bridge_slave_0: left promiscuous mode [ 1107.848355][ T28] audit: type=1326 audit(1754079597.632:7493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20376 comm="syz.5.4980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1107.909274][ T28] audit: type=1326 audit(1754079597.632:7494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20376 comm="syz.5.4980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1107.918079][T20382] bridge0: port 1(bridge_slave_0) entered disabled state [ 1107.949857][ T28] audit: type=1326 audit(1754079597.632:7495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20376 comm="syz.5.4980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1108.789513][T15165] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 1109.119961][T15165] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1109.158891][T15165] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1109.195025][T15165] usb 4-1: Product: syz [ 1109.220821][T15165] usb 4-1: Manufacturer: syz [ 1109.234913][T15165] usb 4-1: SerialNumber: syz [ 1109.271441][T15165] usb 4-1: config 0 descriptor?? [ 1109.548124][T20407] loop4: detected capacity change from 0 to 1024 [ 1109.559406][T20407] EXT4-fs: Ignoring removed i_version option [ 1109.586041][T20407] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1109.737628][T20407] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.4987: Invalid block bitmap block 0 in block_group 0 [ 1109.754267][T20407] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.4987: Failed to acquire dquot type 0 [ 1109.768704][T20407] EXT4-fs error (device loop4): ext4_free_blocks:6681: comm syz.4.4987: Freeing blocks not in datazone - block = 0, count = 4096 [ 1109.784751][T20407] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.4987: Invalid inode bitmap blk 0 in block_group 0 [ 1109.810343][T20407] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem [ 1109.821449][T20407] EXT4-fs (loop4): 1 orphan inode deleted [ 1109.834071][T20407] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1109.888073][T16276] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:22: Failed to release dquot type 0 [ 1110.418799][ T5841] usb 4-1: USB disconnect, device number 31 [ 1110.445406][ T28] kauditd_printk_skb: 74 callbacks suppressed [ 1110.445427][ T28] audit: type=1326 audit(1754079600.532:7567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f832eb8d61f code=0x7ffc0000 [ 1110.654884][ T28] audit: type=1326 audit(1754079600.742:7568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f832eb8ebf7 code=0x7ffc0000 [ 1111.315527][ T28] audit: type=1326 audit(1754079600.772:7569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f832eb8d4d0 code=0x7ffc0000 [ 1111.343668][ T28] audit: type=1326 audit(1754079600.772:7570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f832eb8d7ca code=0x7ffc0000 [ 1111.491467][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1111.504823][ T28] audit: type=1326 audit(1754079601.572:7571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1111.528735][ T28] audit: type=1326 audit(1754079601.572:7572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1111.554014][ T28] audit: type=1326 audit(1754079601.622:7573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1111.667175][ T28] audit: type=1326 audit(1754079601.622:7574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1111.723269][ T28] audit: type=1326 audit(1754079601.622:7575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1111.813783][ T28] audit: type=1326 audit(1754079601.642:7576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20410 comm="syz.1.4991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f832eb8eb69 code=0x7ffc0000 [ 1114.983559][T20449] loop5: detected capacity change from 0 to 8192 [ 1114.998790][T20445] delete_channel: no stack [ 1115.183838][T20456] loop3: detected capacity change from 0 to 1024 [ 1115.203896][T20456] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1115.278147][T20456] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1118.217957][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1118.224595][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1118.266160][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1119.390962][ T28] kauditd_printk_skb: 52 callbacks suppressed [ 1119.390976][ T28] audit: type=1326 audit(1754079609.482:7629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.445867][ T28] audit: type=1326 audit(1754079609.512:7630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.523015][ T28] audit: type=1326 audit(1754079609.512:7631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.562772][ T28] audit: type=1326 audit(1754079609.512:7632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.594378][ T28] audit: type=1326 audit(1754079609.512:7633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.633477][ T28] audit: type=1326 audit(1754079609.512:7634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.679949][T20493] loop4: detected capacity change from 0 to 8192 [ 1119.693382][ T28] audit: type=1326 audit(1754079609.512:7635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.718737][ T28] audit: type=1326 audit(1754079609.512:7636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.807932][ T28] audit: type=1326 audit(1754079609.512:7637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1119.857681][ T28] audit: type=1326 audit(1754079609.512:7638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20492 comm="syz.4.5015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1120.077039][T15758] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 1120.173194][T20502] loop4: detected capacity change from 0 to 1024 [ 1120.184012][T20502] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1120.446124][T15758] usb 2-1: config 0 has an invalid interface number: 18 but max is 0 [ 1120.467383][T15758] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1120.478772][T15758] usb 2-1: config 0 has no interface number 0 [ 1120.485521][T15758] usb 2-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4 [ 1120.495598][T15758] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1120.783683][T15758] usb 2-1: config 0 descriptor?? [ 1120.794546][T15758] usb 2-1: bad CDC descriptors [ 1120.954112][T15758] usb 2-1: bad CDC descriptors [ 1121.019455][T20502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1121.037286][T15758] usb 2-1: USB disconnect, device number 6 [ 1122.059570][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1123.198601][T20537] loop4: detected capacity change from 0 to 8192 [ 1123.540880][T20545] loop4: detected capacity change from 0 to 1024 [ 1124.159453][T20545] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1124.190873][T20541] loop5: detected capacity change from 0 to 1024 [ 1124.199676][T20541] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1124.892532][T20541] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1125.172095][T20545] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1126.215146][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1127.486457][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1127.670598][ T28] kauditd_printk_skb: 84 callbacks suppressed [ 1127.670610][ T28] audit: type=1326 audit(1754079617.762:7723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1127.764158][ T28] audit: type=1326 audit(1754079617.792:7724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1127.827108][ T28] audit: type=1326 audit(1754079617.792:7725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1127.929912][ T28] audit: type=1326 audit(1754079617.792:7726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1127.961840][ T28] audit: type=1326 audit(1754079617.792:7727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1127.988266][ T28] audit: type=1326 audit(1754079617.792:7728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1128.016542][ T28] audit: type=1326 audit(1754079617.792:7729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1128.054132][ T28] audit: type=1326 audit(1754079617.792:7730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1128.133267][ T28] audit: type=1326 audit(1754079617.792:7731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1128.148480][T20582] loop5: detected capacity change from 0 to 8192 [ 1128.162766][T20586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5039'. [ 1128.178868][ T28] audit: type=1326 audit(1754079617.792:7732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20581 comm="syz.5.5037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1128.663907][T20595] loop5: detected capacity change from 0 to 1024 [ 1128.720437][T20595] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1128.796157][T20595] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1129.975878][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1130.036430][T20613] loop4: detected capacity change from 0 to 1024 [ 1130.049051][T20613] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1130.129478][T20613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1130.527455][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1131.038532][T20636] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5051'. [ 1131.063742][T20628] loop5: detected capacity change from 0 to 8192 [ 1134.919950][ T28] kauditd_printk_skb: 89 callbacks suppressed [ 1134.919969][ T28] audit: type=1326 audit(1754079625.012:7822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.005384][ T28] audit: type=1326 audit(1754079625.042:7823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.058568][ T28] audit: type=1326 audit(1754079625.042:7824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.097107][ T5841] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 1135.125395][ T28] audit: type=1326 audit(1754079625.042:7825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.155000][T20669] loop4: detected capacity change from 0 to 8192 [ 1135.192385][ T28] audit: type=1326 audit(1754079625.042:7826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.218895][ T28] audit: type=1326 audit(1754079625.042:7827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.243148][T20671] fuse: Bad value for 'rootmode' [ 1135.249465][ T28] audit: type=1326 audit(1754079625.042:7828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.274305][ T28] audit: type=1326 audit(1754079625.042:7829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.297645][ T28] audit: type=1326 audit(1754079625.042:7830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.320613][ T28] audit: type=1326 audit(1754079625.042:7831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20668 comm="syz.4.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1135.343469][ T5841] usb 6-1: Using ep0 maxpacket: 16 [ 1135.431660][T20662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1135.441181][T20662] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1136.355677][T20684] loop3: detected capacity change from 0 to 1024 [ 1136.378049][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 1136.392567][T20684] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1136.516156][T20684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1136.775606][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 1136.813899][ T9] usb 2-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 1137.599265][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1137.607744][ T9] usb 2-1: Product: syz [ 1137.612043][ T9] usb 2-1: Manufacturer: syz [ 1137.616671][ T9] usb 2-1: SerialNumber: syz [ 1137.658404][ T9] usb 2-1: config 0 descriptor?? [ 1137.684432][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1137.699301][ T9] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 1137.913181][T20700] loop3: detected capacity change from 0 to 1024 [ 1137.952508][T20700] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1138.044685][T20700] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1138.578878][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1139.097097][ T5841] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1139.105832][ T5841] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 1139.137567][ T5841] usb 6-1: can't read configurations, error -71 [ 1139.289038][T20711] loop3: detected capacity change from 0 to 8192 [ 1139.337545][T20715] fuse: Bad value for 'rootmode' [ 1140.246485][T19228] usb 2-1: USB disconnect, device number 7 [ 1140.377154][T15165] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 1140.424728][T20729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5077'. [ 1140.577277][T15165] usb 4-1: Using ep0 maxpacket: 16 [ 1140.585680][T15165] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 1140.602914][T15165] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1140.613893][T15165] usb 4-1: config 0 has no interface number 0 [ 1140.630220][T15165] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 1140.654616][T15165] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1140.690396][T15165] usb 4-1: Product: syz [ 1140.713863][T15165] usb 4-1: Manufacturer: syz [ 1140.744217][T15165] usb 4-1: SerialNumber: syz [ 1140.764222][T15165] usb 4-1: config 0 descriptor?? [ 1140.789435][T15165] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 1140.819773][T15165] usb 4-1: No valid video chain found. [ 1140.870095][T20738] fuse: Bad value for 'rootmode' [ 1141.094066][T15165] usb 4-1: USB disconnect, device number 32 [ 1141.295773][ T28] kauditd_printk_skb: 88 callbacks suppressed [ 1141.295791][ T28] audit: type=1326 audit(1754079631.382:7920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.332796][ T28] audit: type=1326 audit(1754079631.382:7921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.355880][ T28] audit: type=1326 audit(1754079631.392:7922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.397240][ T28] audit: type=1326 audit(1754079631.392:7923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.420166][ T28] audit: type=1326 audit(1754079631.392:7924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.448491][ T28] audit: type=1326 audit(1754079631.392:7925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.472187][ T28] audit: type=1326 audit(1754079631.392:7926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.526657][ T28] audit: type=1326 audit(1754079631.392:7927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.570013][T20744] loop5: detected capacity change from 0 to 8192 [ 1141.585290][ T28] audit: type=1326 audit(1754079631.392:7928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.621847][ T28] audit: type=1326 audit(1754079631.392:7929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20743 comm="syz.5.5082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1141.937985][T20759] loop3: detected capacity change from 0 to 512 [ 1142.079276][T20759] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1142.088070][T20759] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 1142.105396][T20759] EXT4-fs (loop3): 1 truncate cleaned up [ 1142.117002][T20759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1142.375718][ T5841] IPVS: starting estimator thread 0... [ 1142.405502][T20762] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 1142.557480][T20764] IPVS: using max 17 ests per chain, 40800 per kthread [ 1142.878299][T20766] fuse: Unknown parameter 'use00000000000000000000' [ 1142.994510][T20769] loop5: detected capacity change from 0 to 1024 [ 1143.036150][T20769] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1143.081704][T20769] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1143.131067][T20775] netlink: 88 bytes leftover after parsing attributes in process `syz.1.5092'. [ 1144.066083][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1144.307610][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1144.646057][T20796] loop4: detected capacity change from 0 to 1024 [ 1144.656963][T20796] EXT4-fs: Ignoring removed i_version option [ 1144.715261][T20796] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1144.799759][T20796] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.5097: Invalid block bitmap block 0 in block_group 0 [ 1144.819669][T20796] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.5097: Failed to acquire dquot type 0 [ 1144.834990][T20796] EXT4-fs error (device loop4): ext4_free_blocks:6681: comm syz.4.5097: Freeing blocks not in datazone - block = 0, count = 4096 [ 1144.851197][T20796] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.5097: Invalid inode bitmap blk 0 in block_group 0 [ 1144.865194][T20796] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem [ 1144.875238][T20796] EXT4-fs (loop4): 1 orphan inode deleted [ 1144.887335][T20796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1144.958924][T16294] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:40: Failed to release dquot type 0 [ 1145.570621][T20807] fuse: Unknown parameter 'use00000000000000000000' [ 1146.991318][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1148.785386][ T28] kauditd_printk_skb: 75 callbacks suppressed [ 1148.785405][ T28] audit: type=1326 audit(1754079638.872:8002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1148.911174][ T28] audit: type=1326 audit(1754079638.872:8003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.007029][ T28] audit: type=1326 audit(1754079638.872:8004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.021368][T20830] loop4: detected capacity change from 0 to 8192 [ 1149.097113][ T28] audit: type=1326 audit(1754079638.872:8005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.138085][T20838] fuse: Unknown parameter 'use00000000000000000000' [ 1149.234542][ T28] audit: type=1326 audit(1754079638.872:8006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.417084][ T28] audit: type=1326 audit(1754079638.872:8007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.518739][ T28] audit: type=1326 audit(1754079638.872:8008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.572914][ T28] audit: type=1326 audit(1754079638.872:8009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.595974][ T28] audit: type=1326 audit(1754079638.872:8010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.621094][ T28] audit: type=1326 audit(1754079638.872:8011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20829 comm="syz.4.5106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1149.650525][ T5841] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1149.837611][ T5841] usb 4-1: Using ep0 maxpacket: 32 [ 1149.845225][ T5841] usb 4-1: config 0 has no interfaces? [ 1149.853479][ T5841] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1149.887894][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1149.910586][ T5841] usb 4-1: Product: syz [ 1149.920827][ T5841] usb 4-1: Manufacturer: syz [ 1149.931288][ T5841] usb 4-1: SerialNumber: syz [ 1149.953364][ T5841] usb 4-1: config 0 descriptor?? [ 1150.192616][ T5841] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 1150.258772][ T5841] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1150.294410][ T9] usb 4-1: USB disconnect, device number 33 [ 1150.492645][T20848] loop5: detected capacity change from 0 to 1024 [ 1150.510105][T20848] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1150.570549][T20848] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1151.107747][T20865] fuse: Unknown parameter 'user_i00000000000000000000' [ 1151.173576][T20867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5120'. [ 1151.217563][ T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 1151.343929][T20871] program syz.3.5121 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1151.404562][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1151.507490][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 1151.533018][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1151.565205][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1151.601979][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1151.616656][ T9] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1151.847365][T20875] siw: device registration error -23 [ 1151.876217][T20875] lo speed is unknown, defaulting to 1000 [ 1151.883628][T20875] lo speed is unknown, defaulting to 1000 [ 1151.977111][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1152.874684][ T9] usb 5-1: config 0 descriptor?? [ 1153.256905][T20892] fuse: Unknown parameter 'user_i00000000000000000000' [ 1153.291637][T15165] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 1153.357373][ T9] HID 045e:07da: Invalid code 65791 type 1 [ 1153.388280][ T9] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0005/input/input16 [ 1153.436808][ T9] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 1153.477576][T15165] usb 2-1: Using ep0 maxpacket: 16 [ 1153.505281][T15165] usb 2-1: config 0 has an invalid interface number: 8 but max is 0 [ 1153.517307][T15165] usb 2-1: config 0 has no interface number 0 [ 1153.523485][T15165] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11 [ 1153.534868][T15165] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024 [ 1153.563984][T15165] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 1153.576818][T15165] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 1153.585125][T15165] usb 2-1: Product: syz [ 1153.594542][T19228] usb 5-1: USB disconnect, device number 6 [ 1153.607020][T15165] usb 2-1: SerialNumber: syz [ 1153.628510][T15165] usb 2-1: config 0 descriptor?? [ 1153.643369][T15165] cm109 2-1:0.8: invalid payload size 1024, expected 4 [ 1153.667426][T15165] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input17 [ 1153.773219][T20901] loop5: detected capacity change from 0 to 1024 [ 1153.786764][T20901] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1153.841126][T20901] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1154.476660][ C1] cm109 2-1:0.8: cm109_urb_irq_callback: urb status -71 [ 1154.476933][ T5841] usb 2-1: USB disconnect, device number 8 [ 1154.483769][ C1] cm109 2-1:0.8: cm109_urb_irq_callback: usb_submit_urb (urb_ctl) failed -19 [ 1154.997642][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1155.007806][ T5841] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 1155.027125][ T50] Bluetooth: hci4: command 0x0406 tx timeout [ 1155.165563][T20910] loop3: detected capacity change from 0 to 1024 [ 1155.181803][T20912] program syz.5.5133 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1155.192994][T20910] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1155.260876][T20910] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1155.569096][T20918] lo speed is unknown, defaulting to 1000 [ 1155.576436][T20918] lo speed is unknown, defaulting to 1000 [ 1157.520385][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1157.683662][T20933] fuse: Unknown parameter 'user_i00000000000000000000' [ 1158.336981][ T5171] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 1158.946975][ T5171] usb 5-1: Using ep0 maxpacket: 16 [ 1158.964433][ T5171] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1159.002799][ T5171] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1159.148314][ T5171] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1159.170624][ T5171] usb 5-1: config 0 descriptor?? [ 1159.194085][ T5171] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input18 [ 1159.441545][ T5141] bcm5974 5-1:0.0: could not read from device [ 1159.462530][ T5141] bcm5974 5-1:0.0: could not read from device [ 1159.477300][ T5171] usb 5-1: USB disconnect, device number 7 [ 1160.179051][T20965] fuse: Unknown parameter 'user_id00000000000000000000' [ 1160.657394][T20980] program syz.5.5156 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1162.589366][T20984] lo speed is unknown, defaulting to 1000 [ 1162.596769][T20984] lo speed is unknown, defaulting to 1000 [ 1163.028993][T20990] fuse: Bad value for 'fd' [ 1163.405356][T20997] loop4: detected capacity change from 0 to 1024 [ 1163.424320][T20997] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1163.458312][T20999] fuse: Unknown parameter 'user_id00000000000000000000' [ 1163.497160][T20997] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1164.415474][T21011] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5157'. [ 1164.560605][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1164.703981][T21011] lo speed is unknown, defaulting to 1000 [ 1164.729449][T21011] lo speed is unknown, defaulting to 1000 [ 1164.876209][T21015] loop5: detected capacity change from 0 to 1024 [ 1164.910002][T21015] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1164.987368][T21015] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1166.218835][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1166.383590][T21034] fuse: Bad value for 'fd' [ 1166.507726][T18112] Bluetooth: hci4: command 0x0406 tx timeout [ 1166.562284][T21041] fuse: Unknown parameter 'user_id00000000000000000000' [ 1166.792237][T21047] loop5: detected capacity change from 0 to 1024 [ 1166.820170][T21047] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1166.990568][T15774] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 1167.062452][T21047] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1167.090321][T21053] program syz.3.5175 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1167.452876][T15774] usb 2-1: Using ep0 maxpacket: 8 [ 1167.490184][T21053] siw: device registration error -23 [ 1167.584487][T21053] lo speed is unknown, defaulting to 1000 [ 1167.597019][T21053] lo speed is unknown, defaulting to 1000 [ 1167.826670][T15774] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 17 [ 1167.888146][T15774] usb 2-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=c8.07 [ 1168.303176][T15774] usb 2-1: New USB device strings: Mfr=209, Product=185, SerialNumber=60 [ 1168.317091][T15774] usb 2-1: Product: syz [ 1168.321335][T15774] usb 2-1: Manufacturer: syz [ 1168.326061][T15774] usb 2-1: SerialNumber: syz [ 1168.371373][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1168.383459][T15774] usb 2-1: config 0 descriptor?? [ 1168.630061][T15774] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 1169.037482][T21065] loop5: detected capacity change from 0 to 1024 [ 1169.055145][T21065] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1169.901267][T21065] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1169.951843][T15774] gspca_sunplus: reg_w_riv err -71 [ 1169.978219][T15774] sunplus: probe of 2-1:0.0 failed with error -71 [ 1170.173135][T15774] usb 2-1: USB disconnect, device number 9 [ 1170.448978][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1170.682648][T21080] fuse: Bad value for 'fd' [ 1170.740826][T21083] fuse: Bad value for 'fd' [ 1170.883356][T21088] loop4: detected capacity change from 0 to 1024 [ 1170.905666][T21091] program syz.3.5186 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1170.918034][T21088] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1171.197206][T21088] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1172.927181][T21101] siw: device registration error -23 [ 1173.129808][T21101] lo speed is unknown, defaulting to 1000 [ 1173.137286][T21101] lo speed is unknown, defaulting to 1000 [ 1174.475458][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1175.053397][T21128] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5195'. [ 1177.543658][T21141] loop5: detected capacity change from 0 to 512 [ 1178.367757][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1178.374159][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1179.629313][T21141] EXT4-fs: error -4 creating inode table initialization thread [ 1179.637437][T21141] EXT4-fs (loop5): mount failed [ 1181.734312][ T28] kauditd_printk_skb: 34 callbacks suppressed [ 1181.734330][ T28] audit: type=1326 audit(1754079671.822:8046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1181.834484][ T28] audit: type=1326 audit(1754079671.822:8047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1181.966997][ T28] audit: type=1326 audit(1754079671.882:8048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1182.010349][T21153] program syz.1.5202 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1182.037147][ T28] audit: type=1326 audit(1754079671.882:8049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1182.270749][ T28] audit: type=1326 audit(1754079671.882:8050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1182.296256][T21150] loop5: detected capacity change from 0 to 8192 [ 1182.348862][T21155] siw: device registration error -23 [ 1182.378136][T21155] lo speed is unknown, defaulting to 1000 [ 1182.385513][T21155] lo speed is unknown, defaulting to 1000 [ 1183.120046][ T28] audit: type=1326 audit(1754079671.882:8051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1183.185567][ T28] audit: type=1326 audit(1754079671.882:8052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1183.227258][ T28] audit: type=1326 audit(1754079671.902:8053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1183.277366][ T28] audit: type=1326 audit(1754079671.902:8054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1183.307168][ T28] audit: type=1326 audit(1754079671.902:8055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21148 comm="syz.5.5200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1183.779535][T21163] loop3: detected capacity change from 0 to 1024 [ 1184.031168][T21163] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1184.335876][T21163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1184.362603][T21172] netlink: 68 bytes leftover after parsing attributes in process `syz.5.5206'. [ 1184.989218][T21182] loop5: detected capacity change from 0 to 512 [ 1185.739317][T21182] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1185.748083][T21182] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 1185.765385][T21182] EXT4-fs (loop5): 1 truncate cleaned up [ 1185.776949][T21182] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1186.665167][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1188.668978][ T28] kauditd_printk_skb: 38 callbacks suppressed [ 1188.669000][ T28] audit: type=1326 audit(1754079678.742:8094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1188.733760][ T28] audit: type=1326 audit(1754079678.742:8095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1188.802722][ T28] audit: type=1326 audit(1754079678.742:8096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1188.852644][T21196] loop4: detected capacity change from 0 to 8192 [ 1188.865430][ T28] audit: type=1326 audit(1754079678.742:8097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1188.928865][ T28] audit: type=1326 audit(1754079678.742:8098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1188.973193][ T28] audit: type=1326 audit(1754079678.742:8099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1189.006475][ T28] audit: type=1326 audit(1754079678.742:8100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1189.035241][ T28] audit: type=1326 audit(1754079678.742:8101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1189.062285][ T28] audit: type=1326 audit(1754079678.742:8102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1189.085508][ T28] audit: type=1326 audit(1754079678.742:8103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21195 comm="syz.4.5212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f935bd8eb69 code=0x7ffc0000 [ 1189.188467][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1189.454637][T21201] loop5: detected capacity change from 0 to 1024 [ 1189.464423][T21201] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1189.934871][T21201] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1190.131684][T21210] fuse: Bad value for 'fd' [ 1190.414807][T21216] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5217'. [ 1191.097624][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1191.203063][T21226] binder: 21224:21226 ioctl c0306201 200000000240 returned -11 [ 1191.220802][T21227] fuse: Bad value for 'fd' [ 1191.534350][ T9] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 1192.970323][T21238] loop5: detected capacity change from 0 to 1024 [ 1192.980943][T21238] EXT4-fs: Ignoring removed i_version option [ 1193.008948][ T9] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1193.119805][T21238] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1194.783659][T21238] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:478: comm syz.5.5221: Invalid block bitmap block 0 in block_group 0 [ 1194.799089][T21238] __quota_error: 32 callbacks suppressed [ 1194.799130][T21238] Quota error (device loop5): write_blk: dquota write failed [ 1194.812641][T21238] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 1194.823117][T21238] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.5221: Failed to acquire dquot type 0 [ 1194.836654][T21238] EXT4-fs error (device loop5): ext4_free_blocks:6681: comm syz.5.5221: Freeing blocks not in datazone - block = 0, count = 4096 [ 1194.851981][T21238] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.5221: Invalid inode bitmap blk 0 in block_group 0 [ 1194.865590][T21238] EXT4-fs error (device loop5) in ext4_free_inode:363: Corrupt filesystem [ 1194.875313][T21238] EXT4-fs (loop5): 1 orphan inode deleted [ 1194.887372][T21238] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1195.114862][T16299] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-8 [ 1195.567551][T16299] EXT4-fs error (device loop5): ext4_release_dquot:6974: comm kworker/u4:45: Failed to release dquot type 0 [ 1195.721410][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1195.979450][T21245] fuse: Unknown parameter '0x0000000000000003' [ 1196.066807][T21247] netlink: 68 bytes leftover after parsing attributes in process `syz.4.5228'. [ 1197.016068][T21254] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5229'. [ 1198.244635][T21263] fuse: Bad value for 'fd' [ 1199.251159][ T5171] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 1199.268741][ T5171] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1199.577570][T21275] xfrm0: entered promiscuous mode [ 1199.582829][T21275] xfrm0: entered allmulticast mode [ 1199.718868][T21281] loop4: detected capacity change from 0 to 1024 [ 1199.726183][T21281] EXT4-fs: Ignoring removed i_version option [ 1199.881768][T21281] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1201.587397][T21281] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.5236: Invalid block bitmap block 0 in block_group 0 [ 1201.601432][T21281] Quota error (device loop4): write_blk: dquota write failed [ 1201.609269][T21281] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 1201.619408][T21281] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.5236: Failed to acquire dquot type 0 [ 1202.576654][T21281] EXT4-fs error (device loop4): ext4_free_blocks:6681: comm syz.4.5236: Freeing blocks not in datazone - block = 0, count = 4096 [ 1203.280630][T21281] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.5236: Invalid inode bitmap blk 0 in block_group 0 [ 1203.294135][T21281] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem [ 1203.303413][T21281] EXT4-fs (loop4): 1 orphan inode deleted [ 1203.310717][T21281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1203.324214][T16294] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-8 [ 1203.467571][T16294] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:40: Failed to release dquot type 0 [ 1203.513271][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1203.597951][T21285] loop3: detected capacity change from 0 to 1024 [ 1203.666194][T21285] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1203.904520][T21285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1206.425018][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1206.627544][T21304] fuse: Bad value for 'fd' [ 1207.973964][T21324] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 1207.980742][T21324] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1208.018217][T21324] vhci_hcd vhci_hcd.0: Device attached [ 1208.050508][T15756] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 1208.219520][ T5171] vhci_hcd: vhci_device speed not set [ 1208.287163][ T5171] usb 39-1: new full-speed USB device number 3 using vhci_hcd [ 1208.592065][T21324] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(5) [ 1208.598669][T21324] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1209.580273][T15756] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1209.590248][T21331] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(8) [ 1209.596821][T21331] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1209.860229][T21324] vhci_hcd vhci_hcd.0: Device attached [ 1209.870291][T21335] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(11) [ 1209.877108][T21335] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1209.897168][T21331] vhci_hcd vhci_hcd.0: Device attached [ 1209.927045][T21339] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(7) [ 1209.933682][T21339] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1209.957367][T21335] vhci_hcd vhci_hcd.0: Device attached [ 1209.975985][T21339] vhci_hcd vhci_hcd.0: Device attached [ 1209.996635][T21324] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1210.034517][T21331] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1210.087019][T21324] vhci_hcd vhci_hcd.0: pdev(3) rhport(7) sockfd(16) [ 1210.093693][T21324] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1210.163030][T21324] vhci_hcd vhci_hcd.0: Device attached [ 1210.189642][T21331] vhci_hcd vhci_hcd.0: port 0 already used [ 1210.215789][T21340] vhci_hcd: connection closed [ 1210.216316][T21337] vhci_hcd: connection closed [ 1210.216809][T21330] vhci_hcd: connection closed [ 1210.221320][T21334] vhci_hcd: connection closed [ 1210.226252][T21325] vhci_hcd: connection reset by peer [ 1210.231415][T16290] vhci_hcd: stop threads [ 1210.256133][T16290] vhci_hcd: release socket [ 1210.276016][T16290] vhci_hcd: disconnect device [ 1210.308992][T16290] vhci_hcd: stop threads [ 1210.326499][T16290] vhci_hcd: release socket [ 1210.337620][T16290] vhci_hcd: disconnect device [ 1210.347324][T16290] vhci_hcd: stop threads [ 1210.351733][T16290] vhci_hcd: release socket [ 1210.367764][T21344] vhci_hcd: connection closed [ 1210.397429][T16290] vhci_hcd: disconnect device [ 1210.437104][T16290] vhci_hcd: stop threads [ 1210.446997][T16290] vhci_hcd: release socket [ 1210.461951][T16290] vhci_hcd: disconnect device [ 1210.474625][T16290] vhci_hcd: stop threads [ 1210.488433][T16290] vhci_hcd: release socket [ 1210.503811][T16290] vhci_hcd: disconnect device [ 1210.528534][T16290] vhci_hcd: stop threads [ 1210.532931][T16290] vhci_hcd: release socket [ 1210.570185][T16290] vhci_hcd: disconnect device [ 1211.069761][T21357] loop5: detected capacity change from 0 to 1024 [ 1211.129515][T21357] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1211.218554][T21357] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1212.222397][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1212.601024][T21379] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5256'. [ 1213.399051][T15756] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 1213.457506][T15756] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1213.613192][T21396] fuse: Unknown parameter 'fd0x0000000000000003' [ 1213.871492][ T5171] vhci_hcd: vhci_device speed not set [ 1214.149344][T21405] loop4: detected capacity change from 0 to 1024 [ 1214.234481][T21405] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1214.365746][T21405] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1215.576111][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1216.906007][T15755] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 1216.955654][T15755] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1217.245218][T21442] loop5: detected capacity change from 0 to 1024 [ 1217.258723][T21442] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1217.301742][T21442] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1217.418274][T21434] binder: 21433:21434 ioctl c0306201 200000000240 returned -11 [ 1218.382682][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1220.083132][ T9] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 1220.099527][ T9] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1221.071533][T15755] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 1221.098834][T15755] hid-generic 0000:0000:0000.000C: hidraw1: HID v0.00 Device [syz1] on syz0 [ 1222.562190][T21491] binder_alloc: 21490: binder_alloc_buf, no vma [ 1222.777020][T15758] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 1222.955451][T21506] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1222.977091][T15758] usb 4-1: Using ep0 maxpacket: 16 [ 1222.990230][T15758] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 1223.013542][T15758] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1223.038643][T15758] usb 4-1: config 0 has no interface number 0 [ 1223.048905][T15758] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 1223.080688][T15758] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1223.091450][T15758] usb 4-1: Product: syz [ 1223.095902][T15758] usb 4-1: Manufacturer: syz [ 1223.103184][T15758] usb 4-1: SerialNumber: syz [ 1223.113703][T15758] usb 4-1: config 0 descriptor?? [ 1223.132823][T15758] usb 4-1: Found UVC 0.00 device syz (046d:08f3) [ 1223.145534][T15758] usb 4-1: No valid video chain found. [ 1223.379144][T15756] usb 4-1: USB disconnect, device number 34 [ 1224.919221][T21538] fuse: Bad value for 'fd' [ 1225.061952][ T5841] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 1225.079581][ T5841] hid-generic 0000:0000:0000.000D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1225.421426][T21543] binder_alloc: 21542: binder_alloc_buf, no vma [ 1225.617749][ T5841] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 1225.649432][ T5841] hid-generic 0000:0000:0000.000E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1227.339470][T21560] fuse: Bad value for 'fd' [ 1227.520768][T21566] fuse: Bad value for 'fd' [ 1227.676264][T15758] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 1227.734668][T15758] hid-generic 0000:0000:0000.000F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1227.991460][T21578] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1228.837883][ T5841] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 1228.857648][ T5841] hid-generic 0000:0000:0000.0010: hidraw1: HID v0.00 Device [syz1] on syz0 [ 1228.957351][T21585] fuse: Bad value for 'fd' [ 1229.097172][T21570] binder_alloc: 21569: binder_alloc_buf, no vma [ 1229.239163][T21592] fuse: Bad value for 'fd' [ 1229.424649][T21600] loop3: detected capacity change from 0 to 1024 [ 1229.439995][T21600] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1229.617415][T21600] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1231.490423][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1231.597644][T21619] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1233.132811][T21641] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5345'. [ 1233.275144][T21643] loop3: detected capacity change from 0 to 1024 [ 1233.294093][T15756] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 1233.313261][T21643] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1233.325131][T15756] hid-generic 0000:0000:0000.0011: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1233.382086][T21643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1234.411090][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1235.968558][T21674] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1236.128091][T18112] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 1236.141737][T18112] CPU: 0 PID: 18112 Comm: kworker/u5:1 Not tainted 6.6.101-syzkaller #0 [ 1236.150145][T18112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1236.160258][T18112] Workqueue: hci1 hci_rx_work [ 1236.165007][T18112] Call Trace: [ 1236.168344][T18112] [ 1236.171318][T18112] dump_stack_lvl+0x16c/0x230 [ 1236.176052][T18112] ? show_regs_print_info+0x20/0x20 [ 1236.181320][T18112] ? load_image+0x3b0/0x3b0 [ 1236.185911][T18112] sysfs_create_dir_ns+0x256/0x280 [ 1236.191097][T18112] ? hci_rx_work+0x43a/0xd80 [ 1236.195828][T18112] ? sysfs_warn_dup+0xa0/0xa0 [ 1236.200585][T18112] ? do_raw_spin_unlock+0x121/0x230 [ 1236.205839][T18112] kobject_add_internal+0x6b8/0xc70 [ 1236.211101][T18112] kobject_add+0x156/0x220 [ 1236.215772][T18112] ? __rwlock_init+0x150/0x150 [ 1236.220607][T18112] ? kobject_init+0x1e0/0x1e0 [ 1236.225353][T18112] ? _raw_spin_unlock+0x28/0x40 [ 1236.230273][T18112] ? get_device_parent+0x366/0x390 [ 1236.235462][T18112] device_add+0x408/0xc20 [ 1236.239855][T18112] hci_conn_add_sysfs+0xd5/0x1e0 [ 1236.244855][T18112] le_conn_complete_evt+0xc37/0x1220 [ 1236.250196][T18112] ? hci_event_packet+0x4a7/0x1210 [ 1236.255473][T18112] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 1236.261934][T18112] ? __copy_skb_header+0xa7/0x550 [ 1236.267008][T18112] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 1236.272675][T18112] ? skb_pull_data+0xfb/0x200 [ 1236.277622][T18112] hci_le_enh_conn_complete_evt+0x189/0x460 [ 1236.283726][T18112] ? hci_le_remote_conn_param_req_evt+0xcc0/0xcc0 [ 1236.290251][T18112] ? hci_remote_host_features_evt+0x160/0x160 [ 1236.296452][T18112] hci_event_packet+0x795/0x1210 [ 1236.301436][T18112] ? bis_list+0x290/0x290 [ 1236.305803][T18112] ? lockdep_hardirqs_on+0x98/0x150 [ 1236.311232][T18112] ? hci_send_to_monitor+0xd7/0x4f0 [ 1236.316473][T18112] hci_rx_work+0x43a/0xd80 [ 1236.321013][T18112] ? process_scheduled_works+0x957/0x15b0 [ 1236.326852][T18112] process_scheduled_works+0xa45/0x15b0 [ 1236.332459][T18112] ? assign_work+0x400/0x400 [ 1236.337074][T18112] ? assign_work+0x39e/0x400 [ 1236.341693][T18112] worker_thread+0xa55/0xfc0 [ 1236.346319][T18112] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 1236.352252][T18112] ? _raw_spin_unlock+0x40/0x40 [ 1236.357149][T18112] kthread+0x2fa/0x390 [ 1236.361235][T18112] ? pr_cont_work+0x560/0x560 [ 1236.365934][T18112] ? kthread_blkcg+0xd0/0xd0 [ 1236.370553][T18112] ret_from_fork+0x48/0x80 [ 1236.374988][T18112] ? kthread_blkcg+0xd0/0xd0 [ 1236.379594][T18112] ret_from_fork_asm+0x11/0x20 [ 1236.384394][T18112] [ 1236.391233][T18112] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 1236.405695][T18112] Bluetooth: hci1: failed to register connection device [ 1237.078322][T21702] loop4: detected capacity change from 0 to 1024 [ 1237.086799][T21702] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1237.527111][T21702] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1238.772360][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1238.919992][T21723] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1239.234982][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1239.244553][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.560491][T21741] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5378'. [ 1239.831931][T21743] program syz.4.5379 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1240.198315][T21747] siw: device registration error -23 [ 1240.313438][T21747] lo speed is unknown, defaulting to 1000 [ 1240.327538][T21747] lo speed is unknown, defaulting to 1000 [ 1241.717321][T21774] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1241.824381][T21768] gretap0: entered promiscuous mode [ 1241.840271][T21768] vlan2: entered promiscuous mode [ 1242.358500][ T9] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 1242.373492][ T9] hid-generic 0000:0000:0000.0012: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1243.526972][T15165] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 1243.562518][T21802] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1245.449373][T15165] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1245.477673][T15165] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1245.490854][T15165] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1245.502749][T15165] usb 4-1: config 0 descriptor?? [ 1245.722469][T15165] usbhid 4-1:0.0: can't add hid device: -71 [ 1245.737171][ T5841] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1245.745109][T15165] usbhid: probe of 4-1:0.0 failed with error -71 [ 1245.772742][T15165] usb 4-1: USB disconnect, device number 35 [ 1245.933177][ T5841] usb 6-1: config 0 has no interfaces? [ 1245.960026][ T5841] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 1246.052319][ T5841] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1246.078078][T15756] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 1246.103046][T15756] hid-generic 0000:0000:0000.0013: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1246.217362][ T5841] usb 6-1: Product: syz [ 1246.221604][ T5841] usb 6-1: Manufacturer: syz [ 1246.277107][T15165] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 1246.310788][ T5841] usb 6-1: SerialNumber: syz [ 1246.377738][ T5841] usb 6-1: config 0 descriptor?? [ 1246.467252][T15165] usb 4-1: Using ep0 maxpacket: 16 [ 1246.494389][T15165] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1246.586443][T15165] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1246.607223][T15165] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1246.632902][T15165] usb 4-1: config 0 descriptor?? [ 1247.893622][T21835] loop4: detected capacity change from 0 to 512 [ 1249.773770][T21835] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 1249.774347][T21835] EXT4-fs: failed to create workqueue [ 1249.789554][T21835] EXT4-fs (loop4): mount failed [ 1251.162686][T15165] usbhid 4-1:0.0: can't add hid device: -71 [ 1251.179487][T15165] usbhid: probe of 4-1:0.0 failed with error -71 [ 1251.198659][T21839] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1251.207006][T15165] usb 4-1: USB disconnect, device number 36 [ 1251.526729][ T5841] usb 6-1: USB disconnect, device number 10 [ 1251.612640][T21852] bridge_slave_0: entered promiscuous mode [ 1251.771628][ T5841] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 1251.830873][ T5841] hid-generic 0000:0000:0000.0014: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1253.605811][T21862] lo speed is unknown, defaulting to 1000 [ 1253.753248][T21862] lo speed is unknown, defaulting to 1000 [ 1255.568406][T21876] loop5: detected capacity change from 0 to 512 [ 1256.588540][T21876] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 1256.596992][T21876] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 1256.606601][T21876] EXT4-fs (loop5): 1 truncate cleaned up [ 1256.613985][T21876] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1257.550254][T21879] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 1257.669810][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1258.185503][T21892] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1258.559880][T21902] tipc: Started in network mode [ 1258.565440][T21902] tipc: Node identity 3a74056b553, cluster identity 4711 [ 1258.574161][T21902] tipc: Enabled bearer , priority 0 [ 1258.702371][T21904] loop5: detected capacity change from 0 to 1024 [ 1258.713014][T21904] EXT4-fs: Ignoring removed i_version option [ 1258.780736][T21904] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1258.824381][T21907] syzkaller0: entered promiscuous mode [ 1258.871753][T21904] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:478: comm syz.5.5429: Invalid block bitmap block 0 in block_group 0 [ 1258.887528][T21904] Quota error (device loop5): write_blk: dquota write failed [ 1258.895197][T21904] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 1258.905671][T21904] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.5429: Failed to acquire dquot type 0 [ 1258.924483][T21904] EXT4-fs error (device loop5): ext4_free_blocks:6681: comm syz.5.5429: Freeing blocks not in datazone - block = 0, count = 4096 [ 1258.940204][T21904] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.5429: Invalid inode bitmap blk 0 in block_group 0 [ 1258.959656][T21904] EXT4-fs error (device loop5) in ext4_free_inode:363: Corrupt filesystem [ 1258.970158][T21904] EXT4-fs (loop5): 1 orphan inode deleted [ 1258.982215][T21904] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1259.068774][T20055] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-8 [ 1259.142503][T21907] syzkaller0: entered allmulticast mode [ 1259.217910][T20055] EXT4-fs error (device loop5): ext4_release_dquot:6974: comm kworker/u4:0: Failed to release dquot type 0 [ 1259.495020][T21902] tipc: Resetting bearer [ 1259.584557][T21901] tipc: Resetting bearer [ 1259.697827][T21901] tipc: Disabling bearer [ 1261.150750][T15165] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0 [ 1261.197386][T15165] hid-generic 0000:0000:0000.0015: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1261.449555][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1261.736933][T15758] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 1261.836716][T21920] binder_alloc: 21918: binder_alloc_buf, no vma [ 1261.855700][T21920] binder: 21918:21920 ioctl c0306201 200000000240 returned -11 [ 1261.928789][T15758] usb 4-1: Using ep0 maxpacket: 8 [ 1261.943289][T15758] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 1261.957014][T15758] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1261.973659][T15758] usb 4-1: Product: syz [ 1261.983810][T15758] usb 4-1: Manufacturer: syz [ 1261.997040][T15758] usb 4-1: SerialNumber: syz [ 1262.029678][T15758] usb 4-1: config 0 descriptor?? [ 1262.044174][ T28] audit: type=1326 audit(1754079752.112:8136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21933 comm="syz.5.5439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1262.078887][T15758] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 1262.117052][T15758] usb 4-1: setting power ON [ 1262.126517][T15758] dvb-usb: bulk message failed: -22 (2/0) [ 1262.161372][ T28] audit: type=1326 audit(1754079752.112:8137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21933 comm="syz.5.5439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1262.198394][T15758] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1262.237979][T15758] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 1262.268087][T15758] usb 4-1: media controller created [ 1262.287044][ T28] audit: type=1326 audit(1754079752.122:8138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21933 comm="syz.5.5439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1262.332668][T21911] netlink: 'syz.3.5431': attribute type 16 has an invalid length. [ 1262.382144][ T28] audit: type=1326 audit(1754079752.122:8139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21933 comm="syz.5.5439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1262.430197][T21911] dvb-usb: bulk message failed: -22 (3/0) [ 1262.438685][ T28] audit: type=1326 audit(1754079752.212:8140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21933 comm="syz.5.5439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1262.553069][ T28] audit: type=1326 audit(1754079752.212:8141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21933 comm="syz.5.5439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1262.558313][T15758] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1262.692628][T15758] usb 4-1: selecting invalid altsetting 6 [ 1262.711825][T21942] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1262.736913][T15758] usb 4-1: digital interface selection failed (-22) [ 1262.750982][T15758] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 1262.782280][T15758] usb 4-1: setting power OFF [ 1262.793232][ T28] audit: type=1326 audit(1754079752.212:8142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21933 comm="syz.5.5439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f787d38eb69 code=0x7ffc0000 [ 1262.874356][T15758] dvb-usb: bulk message failed: -22 (2/0) [ 1262.881607][T15758] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 1262.894807][T15758] (NULL device *): no alternate interface [ 1263.308857][T21938] pim6reg: entered allmulticast mode [ 1263.422683][T21939] pim6reg: left allmulticast mode [ 1263.833162][T15165] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 1263.852350][T15165] hid-generic 0000:0000:0000.0016: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1264.153056][T15758] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 1264.208071][T15758] usb 4-1: USB disconnect, device number 37 [ 1264.440950][T21961] loop3: detected capacity change from 0 to 512 [ 1264.623997][T21961] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1264.632760][T21961] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 1264.648923][T21961] EXT4-fs (loop3): 1 truncate cleaned up [ 1264.660808][T21961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1265.270924][ T5841] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 1265.402628][ T5841] hid-generic 0000:0000:0000.0017: hidraw1: HID v0.00 Device [syz1] on syz0 [ 1265.551114][T21947] binder_alloc: 21946: binder_alloc_buf, no vma [ 1265.729561][T21971] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1266.140887][T21967] binder_alloc: 21964: binder_alloc_buf, no vma [ 1266.173275][T21967] binder: 21964:21967 ioctl c0306201 200000000240 returned -11 [ 1266.752973][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1266.817451][T21986] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5454'. [ 1267.034670][ T5841] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 1267.049348][T21999] program syz.5.5459 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1267.073107][ T5841] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1267.551106][T22002] lo speed is unknown, defaulting to 1000 [ 1267.565677][T22002] lo speed is unknown, defaulting to 1000 [ 1268.457030][T21996] binder_alloc: 21995: binder_alloc_buf, no vma [ 1268.670493][T22012] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1268.770617][ T9] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0 [ 1268.797262][ T9] hid-generic 0000:0000:0000.0019: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1269.174168][T22025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5467'. [ 1269.542229][T22038] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5472'. [ 1269.551692][T22038] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5472'. [ 1269.581960][T22038] bridge0: port 3(vlan2) entered blocking state [ 1269.583982][T15165] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0 [ 1269.605243][T22038] bridge0: port 3(vlan2) entered disabled state [ 1269.618971][T15165] hid-generic 0000:0000:0000.001A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1269.631504][T22038] vlan2: entered allmulticast mode [ 1269.648976][T22038] bridge0: entered allmulticast mode [ 1269.664788][T22038] vlan2: left allmulticast mode [ 1269.674091][T22038] bridge0: left allmulticast mode [ 1269.891503][T22047] program syz.1.5475 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1270.176339][T22051] loop5: detected capacity change from 0 to 1024 [ 1270.195502][T22051] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1270.245842][T22052] lo speed is unknown, defaulting to 1000 [ 1270.253265][T22052] lo speed is unknown, defaulting to 1000 [ 1271.064381][T22051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1271.099786][T22040] binder: 22039:22040 ioctl c0306201 200000000240 returned -11 [ 1272.134097][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1272.368646][ T5841] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 1272.398687][ T5841] hid-generic 0000:0000:0000.001B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1272.838864][T22071] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1273.145412][T22084] fuse: Bad value for 'group_id' [ 1273.502321][T15755] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 1273.534710][T15755] hid-generic 0000:0000:0000.001C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1273.542453][T22099] program syz.4.5489 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1273.708755][T15165] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1273.838748][T22101] lo speed is unknown, defaulting to 1000 [ 1273.846154][T22101] lo speed is unknown, defaulting to 1000 [ 1274.701235][T15165] usb 6-1: config 0 has no interfaces? [ 1274.710672][T15165] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 1274.720073][T15165] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1274.737638][T15165] usb 6-1: Product: syz [ 1274.747163][T15165] usb 6-1: Manufacturer: syz [ 1274.751840][T15165] usb 6-1: SerialNumber: syz [ 1274.781413][T15165] usb 6-1: config 0 descriptor?? [ 1274.798295][ T5841] IPVS: starting estimator thread 0... [ 1274.946972][T22106] IPVS: using max 19 ests per chain, 45600 per kthread [ 1275.072284][T22092] IPVS: dh: UDP 224.0.0.2:0 - no destination available [ 1275.128344][T22110] loop3: detected capacity change from 0 to 1024 [ 1275.136949][T22110] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1275.161810][T22097] binder: 22096:22097 ioctl c0306201 200000000240 returned -11 [ 1275.198387][T22110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1275.488741][T15755] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 1276.130422][T15755] hid-generic 0000:0000:0000.001D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1276.287048][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1276.425698][T22125] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5494'. [ 1277.063842][T15755] usb 6-1: USB disconnect, device number 11 [ 1277.110152][T22136] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1277.223589][T15165] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0 [ 1277.243601][T15165] hid-generic 0000:0000:0000.001E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1277.504690][T22150] program syz.3.5505 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1277.675228][T22141] binder: 22139:22141 ioctl c0306201 200000000240 returned -11 [ 1277.985333][T22161] lo speed is unknown, defaulting to 1000 [ 1277.999837][T22161] lo speed is unknown, defaulting to 1000 [ 1278.791787][T22165] syzkaller1: entered promiscuous mode [ 1278.803404][ T5841] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 1278.808397][T22165] syzkaller1: entered allmulticast mode [ 1278.824078][ T5841] hid-generic 0000:0000:0000.001F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1279.440967][T22194] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5516'. [ 1279.501750][T22194] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5516'. [ 1279.735461][T22201] program syz.1.5517 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1280.030636][T22204] lo speed is unknown, defaulting to 1000 [ 1280.038122][T22204] lo speed is unknown, defaulting to 1000 [ 1280.964143][T22197] lo speed is unknown, defaulting to 1000 [ 1280.971853][T22197] lo speed is unknown, defaulting to 1000 [ 1281.015049][T15165] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0 [ 1281.044371][T15165] hid-generic 0000:0000:0000.0020: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1281.530441][T22216] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1281.941988][T22224] loop5: detected capacity change from 0 to 1024 [ 1281.964018][T22224] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1281.994534][T22224] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1283.000381][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1283.122156][ T5841] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 1283.158210][ T5841] hid-generic 0000:0000:0000.0021: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1284.886557][T22257] loop4: detected capacity change from 0 to 1024 [ 1284.913806][T22257] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1285.033853][T22257] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1286.254900][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1286.676988][T22278] program syz.5.5537 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1287.575140][T22282] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1288.415341][T15165] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 1288.450873][T22281] lo speed is unknown, defaulting to 1000 [ 1288.458415][T22281] lo speed is unknown, defaulting to 1000 [ 1288.850536][T15165] hid-generic 0000:0000:0000.0022: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1289.514123][ T9] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 1289.537215][ T9] hid-generic 0000:0000:0000.0023: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1290.420466][T22302] loop3: detected capacity change from 0 to 1024 [ 1290.560176][T22302] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1290.694279][T22302] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1291.525861][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1292.074076][T22317] fuse: Unknown parameter 'grou00000000000000000000' [ 1292.170202][T22319] loop3: detected capacity change from 0 to 1024 [ 1292.217308][T22319] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1292.291519][T22319] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1292.397997][T15165] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0 [ 1292.417594][T15165] hid-generic 0000:0000:0000.0024: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1292.527076][T15755] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1293.317858][T21687] Bluetooth: hci1: command 0x0406 tx timeout [ 1293.325099][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1293.409536][T22337] loop4: detected capacity change from 0 to 1024 [ 1293.423027][T22337] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1293.436923][T15755] usb 6-1: Using ep0 maxpacket: 32 [ 1293.445513][T15755] usb 6-1: config 0 has no interfaces? [ 1293.459733][T15755] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1293.469842][T22340] loop3: detected capacity change from 0 to 1024 [ 1293.476415][T22337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1293.478593][T22340] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1293.496992][T15755] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1293.514744][T15755] usb 6-1: Product: syz [ 1293.519371][T15755] usb 6-1: Manufacturer: syz [ 1293.524027][T15755] usb 6-1: SerialNumber: syz [ 1293.561976][T15755] usb 6-1: config 0 descriptor?? [ 1293.715035][T22340] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1294.666894][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1294.681675][T15755] usb 6-1: USB disconnect, device number 12 [ 1295.515973][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1295.727313][T22356] lo speed is unknown, defaulting to 1000 [ 1295.767860][T22356] lo speed is unknown, defaulting to 1000 [ 1295.964294][T22369] program syz.4.5558 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1295.984093][T22370] fuse: Bad value for 'group_id' [ 1296.937061][T15756] page_pool_release_retry() stalled pool shutdown 50 inflight 61 sec [ 1296.939827][T22368] fuse: Unknown parameter 'grou00000000000000000000' [ 1296.961315][T22373] lo speed is unknown, defaulting to 1000 [ 1296.968223][T22373] lo speed is unknown, defaulting to 1000 [ 1297.559863][T15756] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0 [ 1297.589453][T15756] hid-generic 0000:0000:0000.0025: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1298.304769][T22398] fuse: Unknown parameter 'group_i00000000000000000000' [ 1298.520183][T22406] loop4: detected capacity change from 0 to 1024 [ 1298.571534][T22406] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1298.612183][T22406] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1298.731440][T15755] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0 [ 1298.755152][T15755] hid-generic 0000:0000:0000.0026: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1298.850837][ T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 1299.193114][ T9] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1299.291290][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1299.447046][ T9] usb 6-1: Product: syz [ 1299.461674][ T9] usb 6-1: Manufacturer: syz [ 1299.466709][ T9] usb 6-1: SerialNumber: syz [ 1299.566599][ T9] usb 6-1: config 0 descriptor?? [ 1299.667262][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1299.822970][T22430] fuse: Unknown parameter 'group_i00000000000000000000' [ 1299.836942][T15756] usb 6-1: USB disconnect, device number 13 [ 1300.106527][T22440] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5585'. [ 1300.398577][T22454] fuse: Unknown parameter 'group_i00000000000000000000' [ 1300.535714][T15756] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0 [ 1300.567124][T15756] hid-generic 0000:0000:0000.0027: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1300.671594][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.678138][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 1301.223796][T22478] fuse: Unknown parameter 'group_id00000000000000000000' [ 1301.426129][ T9] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 1301.455654][ T9] hid-generic 0000:0000:0000.0028: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1301.468060][T15756] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 1301.691986][T15756] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1301.703414][T15756] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1301.718872][T15756] usb 2-1: Product: syz [ 1301.723134][T15756] usb 2-1: Manufacturer: syz [ 1301.728207][T15756] usb 2-1: SerialNumber: syz [ 1301.734785][T15756] usb 2-1: config 0 descriptor?? [ 1301.956411][ T9] usb 2-1: USB disconnect, device number 10 [ 1302.477715][T22505] program syz.3.5612 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1302.541467][T22507] fuse: Unknown parameter 'group_id00000000000000000000' [ 1302.950488][T22513] lo speed is unknown, defaulting to 1000 [ 1302.964820][T22513] lo speed is unknown, defaulting to 1000 [ 1303.502679][T15165] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0 [ 1303.602295][T15165] hid-generic 0000:0000:0000.0029: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1303.881655][T22537] fuse: Unknown parameter 'group_id00000000000000000000' [ 1303.978271][T22539] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 1303.984965][T22539] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1303.993169][T22539] vhci_hcd vhci_hcd.0: Device attached [ 1304.013023][T22539] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(5) [ 1304.019587][T22539] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1304.027764][T22539] vhci_hcd vhci_hcd.0: Device attached [ 1304.037079][T22539] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(7) [ 1304.043756][T22539] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1304.057113][T22539] vhci_hcd vhci_hcd.0: Device attached [ 1304.069406][T22539] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(9) [ 1304.075966][T22539] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1304.083893][T22539] vhci_hcd vhci_hcd.0: Device attached [ 1304.094141][T22539] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(11) [ 1304.100794][T22539] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1304.113257][T22539] vhci_hcd vhci_hcd.0: Device attached [ 1304.122262][T22539] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1304.133639][T22539] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1304.144864][T22539] vhci_hcd vhci_hcd.0: pdev(5) rhport(7) sockfd(17) [ 1304.151544][T22539] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1304.161744][T22539] vhci_hcd vhci_hcd.0: Device attached [ 1304.207113][T15755] vhci_hcd: vhci_device speed not set [ 1304.227514][T22539] vhci_hcd vhci_hcd.0: port 0 already used [ 1304.243158][T22552] vhci_hcd: connection closed [ 1304.243976][T22550] vhci_hcd: connection closed [ 1304.244606][T20055] vhci_hcd: stop threads [ 1304.249071][T22540] vhci_hcd: connection closed [ 1304.249305][T22546] vhci_hcd: connection closed [ 1304.254311][T22548] vhci_hcd: connection closed [ 1304.258582][T22544] vhci_hcd: connection closed [ 1304.258900][T15774] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 1304.263657][T20055] vhci_hcd: release socket [ 1304.291840][T15755] usb 43-1: new full-speed USB device number 2 using vhci_hcd [ 1304.300423][T22542] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 1304.300592][T20055] vhci_hcd: disconnect device [ 1304.312090][T20055] vhci_hcd: stop threads [ 1304.316368][T20055] vhci_hcd: release socket [ 1304.321083][T20055] vhci_hcd: disconnect device [ 1304.326006][T20055] vhci_hcd: stop threads [ 1304.330778][T20055] vhci_hcd: release socket [ 1304.335563][T20055] vhci_hcd: disconnect device [ 1304.342825][T20055] vhci_hcd: stop threads [ 1304.347865][T20055] vhci_hcd: release socket [ 1304.355926][T20055] vhci_hcd: disconnect device [ 1304.361169][T20055] vhci_hcd: stop threads [ 1304.365532][T20055] vhci_hcd: release socket [ 1304.370759][T20055] vhci_hcd: disconnect device [ 1304.375678][T20055] vhci_hcd: stop threads [ 1304.380187][T20055] vhci_hcd: release socket [ 1304.384783][T20055] vhci_hcd: disconnect device [ 1304.467374][T15774] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1304.477352][T15774] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1304.485444][T15774] usb 5-1: Product: syz [ 1304.489849][T15774] usb 5-1: Manufacturer: syz [ 1304.494534][T15774] usb 5-1: SerialNumber: syz [ 1304.501019][T15774] usb 5-1: config 0 descriptor?? [ 1304.645775][T22559] loop3: detected capacity change from 0 to 1024 [ 1304.658929][T22559] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1304.697181][T22559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1304.698529][T22564] program syz.1.5628 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1304.731880][T15774] usb 5-1: USB disconnect, device number 8 [ 1306.771848][T22569] lo speed is unknown, defaulting to 1000 [ 1306.787274][T22569] lo speed is unknown, defaulting to 1000 [ 1307.314754][ T5841] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0 [ 1307.329048][ T5841] hid-generic 0000:0000:0000.002A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1307.352683][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1307.470380][T22580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5630'. [ 1307.551204][T22582] fuse: Bad value for 'user_id' [ 1308.055116][T22603] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 1308.061738][T22603] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1308.086499][T22603] vhci_hcd vhci_hcd.0: Device attached [ 1308.118603][T22603] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 1308.125214][T22603] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1308.151574][T22603] vhci_hcd vhci_hcd.0: Device attached [ 1308.172470][T22615] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 1308.179077][T22615] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1308.204441][T22615] vhci_hcd vhci_hcd.0: Device attached [ 1308.232572][T22603] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(9) [ 1308.239198][T22603] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1308.253047][T22603] vhci_hcd vhci_hcd.0: Device attached [ 1308.270989][T22603] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(11) [ 1308.277678][T22603] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 1308.285647][T15756] vhci_hcd: vhci_device speed not set [ 1308.292972][T22603] vhci_hcd vhci_hcd.0: Device attached [ 1308.301545][T22603] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1308.354923][T22621] xfrm0: entered promiscuous mode [ 1308.360276][T15756] usb 35-1: new full-speed USB device number 3 using vhci_hcd [ 1308.369221][T22621] xfrm0: entered allmulticast mode [ 1308.382481][T22615] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1308.476381][T22603] vhci_hcd vhci_hcd.0: pdev(1) rhport(7) sockfd(18) [ 1308.483398][T22603] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 1308.520124][T22615] vhci_hcd vhci_hcd.0: port 0 already used [ 1308.534930][T22603] vhci_hcd vhci_hcd.0: Device attached [ 1308.559459][T22626] vhci_hcd: connection closed [ 1308.559780][T16299] vhci_hcd: stop threads [ 1308.578453][T22610] vhci_hcd: connection closed [ 1308.581652][T22619] vhci_hcd: connection closed [ 1308.586625][T22616] vhci_hcd: connection closed [ 1308.591514][T22604] vhci_hcd: connection reset by peer [ 1308.603204][T22622] vhci_hcd: connection closed [ 1308.603543][T16299] vhci_hcd: release socket [ 1308.613336][T16299] vhci_hcd: disconnect device [ 1308.619521][T16299] vhci_hcd: stop threads [ 1308.623989][T16299] vhci_hcd: release socket [ 1308.628848][T16299] vhci_hcd: disconnect device [ 1308.633815][T16299] vhci_hcd: stop threads [ 1308.639690][T16299] vhci_hcd: release socket [ 1308.645269][T16299] vhci_hcd: disconnect device [ 1308.650411][T16299] vhci_hcd: stop threads [ 1308.654758][T16299] vhci_hcd: release socket [ 1308.659813][T16299] vhci_hcd: disconnect device [ 1308.664797][T16299] vhci_hcd: stop threads [ 1308.675415][T16299] vhci_hcd: release socket [ 1308.692083][T16299] vhci_hcd: disconnect device [ 1308.706419][T16299] vhci_hcd: stop threads [ 1308.713097][T16299] vhci_hcd: release socket [ 1308.721393][T16299] vhci_hcd: disconnect device [ 1309.387115][T15755] vhci_hcd: vhci_device speed not set [ 1309.726976][T15774] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 1309.778837][T15165] hid-generic 0000:0000:0000.002B: unknown main item tag 0x0 [ 1309.816016][T15165] hid-generic 0000:0000:0000.002B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1309.941010][T15774] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1309.972379][T15774] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1309.993926][T15774] usb 2-1: Product: syz [ 1310.006975][T15774] usb 2-1: Manufacturer: syz [ 1310.011658][T15774] usb 2-1: SerialNumber: syz [ 1310.048303][T15774] usb 2-1: config 0 descriptor?? [ 1310.307631][T15774] usb 2-1: USB disconnect, device number 11 [ 1310.308253][T22651] program syz.3.5647 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1310.675242][T22656] siw: device registration error -23 [ 1310.790834][T22656] lo speed is unknown, defaulting to 1000 [ 1310.804866][T22656] lo speed is unknown, defaulting to 1000 [ 1311.860084][T15758] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 1311.963819][ T9] hid-generic 0000:0000:0000.002C: unknown main item tag 0x0 [ 1311.993074][ T9] hid-generic 0000:0000:0000.002C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1312.087405][T15758] usb 4-1: Using ep0 maxpacket: 16 [ 1312.116955][T15758] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1312.143764][T15758] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1312.163201][T15758] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1312.196641][T15758] usb 4-1: config 0 descriptor?? [ 1312.221330][T15758] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input19 [ 1312.429745][ T5141] bcm5974 4-1:0.0: could not read from device [ 1312.468400][ T5141] bcm5974 4-1:0.0: could not read from device [ 1312.503313][T15758] usb 4-1: USB disconnect, device number 38 [ 1312.509967][ T5141] bcm5974 4-1:0.0: could not read from device [ 1313.407030][T15758] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 1313.467180][T15756] vhci_hcd: vhci_device speed not set [ 1313.634437][T15758] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1313.677799][T15758] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1313.694868][T15758] usb 5-1: Product: syz [ 1313.706395][T15758] usb 5-1: Manufacturer: syz [ 1313.724088][T15774] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0 [ 1313.725921][T15758] usb 5-1: SerialNumber: syz [ 1313.738598][T15774] hid-generic 0000:0000:0000.002D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1313.764883][T15758] usb 5-1: config 0 descriptor?? [ 1314.019216][ T9] usb 5-1: USB disconnect, device number 9 [ 1314.196920][T15774] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 1314.377104][T15774] usb 6-1: Using ep0 maxpacket: 16 [ 1314.399565][T15774] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1314.424421][T15774] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1314.444987][T15774] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1314.493510][T15774] usb 6-1: config 0 descriptor?? [ 1314.514434][T15774] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input20 [ 1314.745100][ T5141] bcm5974 6-1:0.0: could not read from device [ 1314.747268][T15165] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 1314.775887][ T5141] bcm5974 6-1:0.0: could not read from device [ 1314.870605][T15774] usb 6-1: USB disconnect, device number 14 [ 1314.876970][ T5141] bcm5974 6-1:0.0: could not read from device [ 1315.085895][T15165] usb 2-1: config 0 has no interfaces? [ 1315.124020][T15165] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 1315.138421][T15755] hid-generic 0000:0000:0000.002E: unknown main item tag 0x0 [ 1315.227062][T15165] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1315.242559][T15755] hid-generic 0000:0000:0000.002E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1315.252457][T15165] usb 2-1: Product: syz [ 1315.256672][T15165] usb 2-1: Manufacturer: syz [ 1315.261578][T15165] usb 2-1: SerialNumber: syz [ 1315.291744][T15165] usb 2-1: config 0 descriptor?? [ 1315.718640][T22749] binder: BINDER_SET_CONTEXT_MGR already set [ 1315.732760][T22749] binder: 22748:22749 ioctl 4018620d 2000000002c0 returned -16 [ 1315.752082][T22749] binder: 22748:22749 ioctl c0306201 200000000240 returned -11 [ 1316.100974][T22764] loop5: detected capacity change from 0 to 1024 [ 1316.108586][T22764] EXT4-fs: Ignoring removed i_version option [ 1317.946079][T22764] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1318.979627][T22764] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:478: comm syz.5.5689: Invalid block bitmap block 0 in block_group 0 [ 1318.994805][T22764] __quota_error: 31 callbacks suppressed [ 1318.994822][T22764] Quota error (device loop5): write_blk: dquota write failed [ 1319.008224][T22764] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 1319.018317][T22764] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.5689: Failed to acquire dquot type 0 [ 1319.030792][T22764] EXT4-fs error (device loop5): ext4_free_blocks:6681: comm syz.5.5689: Freeing blocks not in datazone - block = 0, count = 4096 [ 1319.044928][T22764] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.5689: Invalid inode bitmap blk 0 in block_group 0 [ 1319.070870][T22764] EXT4-fs error (device loop5) in ext4_free_inode:363: Corrupt filesystem [ 1319.080307][T22764] EXT4-fs (loop5): 1 orphan inode deleted [ 1319.088109][T22764] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1319.814936][T16299] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-8 [ 1319.856148][T16299] EXT4-fs error (device loop5): ext4_release_dquot:6974: comm kworker/u4:45: Failed to release dquot type 0 [ 1319.922601][T16653] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1320.212294][T15774] usb 2-1: USB disconnect, device number 12 [ 1320.424128][T22783] fuse: Bad value for 'group_id' [ 1320.427243][ T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 1320.466969][T15756] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 1320.534011][T15165] hid-generic 0000:0000:0000.002F: unknown main item tag 0x0 [ 1320.543304][T15165] hid-generic 0000:0000:0000.002F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1320.629792][ T9] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1320.646483][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1320.647044][T15756] usb 5-1: Using ep0 maxpacket: 16 [ 1320.655663][ T9] usb 6-1: Product: syz [ 1320.664253][ T9] usb 6-1: Manufacturer: syz [ 1320.670057][ T9] usb 6-1: SerialNumber: syz [ 1320.681239][ T9] usb 6-1: config 0 descriptor?? [ 1320.683752][T15756] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1320.710586][T15756] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1321.194887][ T9] usb 6-1: USB disconnect, device number 15 [ 1321.679348][T22787] binder: BINDER_SET_CONTEXT_MGR already set [ 1321.685687][T22787] binder: 22786:22787 ioctl 4018620d 2000000002c0 returned -16 [ 1321.694450][T22787] binder: 22786:22787 ioctl c0306201 200000000240 returned -11 [ 1321.956896][T15756] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1322.839878][T15756] usb 5-1: config 0 descriptor?? [ 1322.855700][T15756] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input21 [ 1323.107921][ T5141] bcm5974 5-1:0.0: could not read from device [ 1323.117375][T15758] usb 5-1: USB disconnect, device number 10 [ 1323.158787][ T9] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0 [ 1323.197133][ T9] hid-generic 0000:0000:0000.0030: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1323.470888][T22814] binder: 22813:22814 ioctl c0306201 200000000240 returned -11 [ 1323.537980][ T9] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 1323.617645][T15758] hid-generic 0000:0000:0000.0031: unknown main item tag 0x0 [ 1323.657129][T15758] hid-generic 0000:0000:0000.0031: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1323.751849][ T9] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1323.771803][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1323.802219][ T9] usb 6-1: Product: syz [ 1323.806463][ T9] usb 6-1: Manufacturer: syz [ 1323.830484][ T9] usb 6-1: SerialNumber: syz [ 1323.848132][ T9] usb 6-1: config 0 descriptor?? [ 1324.078040][ T5841] usb 6-1: USB disconnect, device number 16 [ 1324.989092][T22831] lo speed is unknown, defaulting to 1000 [ 1325.005420][T22831] lo speed is unknown, defaulting to 1000 [ 1325.482183][T22846] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1325.768458][T15758] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 1325.940512][T22859] loop4: detected capacity change from 0 to 1024 [ 1325.948009][T22859] EXT4-fs: Ignoring removed i_version option [ 1325.976906][T15758] usb 4-1: Using ep0 maxpacket: 16 [ 1325.992590][T15758] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1326.017794][T15758] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1326.047007][T15758] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1326.061184][T22859] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1326.397172][T22859] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:478: comm syz.4.5722: Invalid block bitmap block 0 in block_group 0 [ 1326.413456][T22859] Quota error (device loop4): write_blk: dquota write failed [ 1326.421201][T22859] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 1326.431620][T22859] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.5722: Failed to acquire dquot type 0 [ 1326.445577][T22859] EXT4-fs error (device loop4): ext4_free_blocks:6681: comm syz.4.5722: Freeing blocks not in datazone - block = 0, count = 4096 [ 1326.467952][T22859] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.5722: Invalid inode bitmap blk 0 in block_group 0 [ 1326.481944][T22859] EXT4-fs error (device loop4) in ext4_free_inode:363: Corrupt filesystem [ 1326.492526][T22859] EXT4-fs (loop4): 1 orphan inode deleted [ 1326.504286][T22859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1326.560955][T16299] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-8 [ 1326.757176][T16299] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:45: Failed to release dquot type 0 [ 1327.804061][T15758] usb 4-1: config 0 descriptor?? [ 1327.815301][T15758] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input22 [ 1327.934699][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1328.044783][ T5141] bcm5974 4-1:0.0: could not read from device [ 1328.065323][ T5141] bcm5974 4-1:0.0: could not read from device [ 1328.074220][ T5141] bcm5974 4-1:0.0: could not read from device [ 1328.081027][T15758] usb 4-1: USB disconnect, device number 39 [ 1328.433339][T22875] loop4: detected capacity change from 0 to 1024 [ 1328.642023][T22875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1328.665955][ T28] audit: type=1800 audit(1754079818.752:8174): pid=22874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5727" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 1328.982497][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1329.070790][T22884] loop4: detected capacity change from 0 to 1024 [ 1329.079083][T22884] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1329.118701][T22884] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1330.794428][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1330.917121][T15774] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 1331.012495][T22905] loop4: detected capacity change from 0 to 1024 [ 1331.021766][T22905] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1331.055073][T22905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1331.282232][T15774] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1331.291808][T15774] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1331.300008][T15774] usb 6-1: Product: syz [ 1331.304418][T15774] usb 6-1: Manufacturer: syz [ 1331.360535][T15774] usb 6-1: SerialNumber: syz [ 1331.378007][T15774] usb 6-1: config 0 descriptor?? [ 1332.088555][T15758] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 1332.112750][T15774] usb 6-1: USB disconnect, device number 17 [ 1332.121361][T19001] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1332.277123][T15758] usb 2-1: Using ep0 maxpacket: 16 [ 1332.284541][T15758] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1332.297740][T15758] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1332.307045][T15758] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1332.320039][T15758] usb 2-1: config 0 descriptor?? [ 1332.331038][T15758] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input23 [ 1332.532239][ T5141] bcm5974 2-1:0.0: could not read from device [ 1332.543365][ T5141] bcm5974 2-1:0.0: could not read from device [ 1332.553951][ T5141] bcm5974 2-1:0.0: could not read from device [ 1332.560876][T15758] usb 2-1: USB disconnect, device number 13 [ 1332.803575][T22927] loop3: detected capacity change from 0 to 1024 [ 1332.824295][T22927] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 1332.862401][T22927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1333.512558][T15774] hid-generic 0000:0000:0000.0032: unknown main item tag 0x0 [ 1333.547560][T15774] hid-generic 0000:0000:0000.0032: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1334.382732][T22942] [ 1334.385175][T22942] ============================================ [ 1334.391337][T22942] WARNING: possible recursive locking detected [ 1334.397593][T22942] 6.6.101-syzkaller #0 Not tainted [ 1334.402916][T22942] -------------------------------------------- [ 1334.409092][T22942] syz.3.5742/22942 is trying to acquire lock: [ 1334.415169][T22942] ffff88805480d288 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_truncate+0x91d/0x1060 [ 1334.424641][T22942] [ 1334.424641][T22942] but task is already holding lock: [ 1334.432124][T22942] ffff88805480e688 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x15fa/0x1c90 [ 1334.441561][T22942] [ 1334.441561][T22942] other info that might help us debug this: [ 1334.449742][T22942] Possible unsafe locking scenario: [ 1334.449742][T22942] [ 1334.457289][T22942] CPU0 [ 1334.460570][T22942] ---- [ 1334.463859][T22942] lock(&ei->i_data_sem/3); [ 1334.468474][T22942] lock(&ei->i_data_sem/3); [ 1334.473098][T22942] [ 1334.473098][T22942] *** DEADLOCK *** [ 1334.473098][T22942] [ 1334.481247][T22942] May be due to missing lock nesting notation [ 1334.481247][T22942] [ 1334.489662][T22942] 5 locks held by syz.3.5742/22942: [ 1334.494949][T22942] #0: ffff888062ee8418 (sb_writers#4){++++}-{0:0}, at: mnt_want_write+0x41/0x90 [ 1334.504131][T22942] #1: ffff88805480e810 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: do_truncate+0x187/0x220 [ 1334.514637][T22942] #2: ffff88805480e9a0 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_setattr+0xef3/0x1c90 [ 1334.524843][T22942] #3: ffff88805480e688 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x15fa/0x1c90 [ 1334.534625][T22942] #4: ffff88805480e4c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3dc/0x6e0 [ 1334.544915][T22942] [ 1334.544915][T22942] stack backtrace: [ 1334.550812][T22942] CPU: 1 PID: 22942 Comm: syz.3.5742 Not tainted 6.6.101-syzkaller #0 [ 1334.558978][T22942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1334.569048][T22942] Call Trace: [ 1334.572427][T22942] [ 1334.575372][T22942] dump_stack_lvl+0x16c/0x230 [ 1334.580247][T22942] ? show_regs_print_info+0x20/0x20 [ 1334.585464][T22942] ? print_deadlock_bug+0x435/0x5d0 [ 1334.590679][T22942] __lock_acquire+0x5d40/0x7c80 [ 1334.595607][T22942] ? __kernel_text_address+0xd/0x30 [ 1334.600835][T22942] ? verify_lock_unused+0x140/0x140 [ 1334.606133][T22942] ? verify_lock_unused+0x140/0x140 [ 1334.611344][T22942] ? ext4_get_group_desc+0x10e/0x4d0 [ 1334.616649][T22942] ? __lock_acquire+0x7c80/0x7c80 [ 1334.621719][T22942] lock_acquire+0x197/0x410 [ 1334.626238][T22942] ? ext4_truncate+0x91d/0x1060 [ 1334.631108][T22942] ? __might_sleep+0xe0/0xe0 [ 1334.635714][T22942] ? ext4_orphan_add+0x128/0x11e0 [ 1334.640875][T22942] ? read_lock_is_recursive+0x20/0x20 [ 1334.646414][T22942] ? mark_buffer_dirty+0x231/0x4d0 [ 1334.651647][T22942] ? __ext4_handle_dirty_metadata+0x2fd/0x800 [ 1334.657737][T22942] down_write+0x97/0x1f0 [ 1334.662023][T22942] ? ext4_truncate+0x91d/0x1060 [ 1334.666910][T22942] ? down_read_killable+0x340/0x340 [ 1334.672133][T22942] ext4_truncate+0x91d/0x1060 [ 1334.676849][T22942] ? __ext4_mark_inode_dirty+0x6e0/0x6e0 [ 1334.682687][T22942] ext4_evict_inode+0x8af/0xea0 [ 1334.687577][T22942] ? _raw_spin_unlock+0x28/0x40 [ 1334.692481][T22942] ? ext4_inode_is_fast_symlink+0x350/0x350 [ 1334.698400][T22942] ? do_raw_spin_unlock+0x121/0x230 [ 1334.703618][T22942] ? ext4_inode_is_fast_symlink+0x350/0x350 [ 1334.709529][T22942] evict+0x486/0x870 [ 1334.713444][T22942] ? __lock_acquire+0x7c80/0x7c80 [ 1334.718481][T22942] ? proc_nr_inodes+0x230/0x230 [ 1334.723345][T22942] ? do_raw_spin_unlock+0x121/0x230 [ 1334.728563][T22942] ? _raw_spin_unlock+0x28/0x40 [ 1334.733452][T22942] ? iput+0x70a/0x920 [ 1334.737456][T22942] ext4_xattr_set_entry+0x132e/0x1e90 [ 1334.742856][T22942] ext4_xattr_ibody_set+0x254/0x6a0 [ 1334.748077][T22942] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 1334.754004][T22942] __ext4_expand_extra_isize+0x306/0x400 [ 1334.759667][T22942] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 1334.765291][T22942] ext4_setattr+0x1673/0x1c90 [ 1334.769992][T22942] ? ext4_write_inode+0x550/0x550 [ 1334.775037][T22942] notify_change+0xb0d/0xe10 [ 1334.779646][T22942] do_truncate+0x19b/0x220 [ 1334.784187][T22942] ? put_page_bootmem+0x2c0/0x2c0 [ 1334.789330][T22942] ? bpf_lsm_path_truncate+0x9/0x10 [ 1334.794723][T22942] vfs_truncate+0x266/0x300 [ 1334.799241][T22942] do_sys_truncate+0xe0/0x1a0 [ 1334.803942][T22942] ? break_lease+0xd0/0xd0 [ 1334.808368][T22942] ? lockdep_hardirqs_on+0x98/0x150 [ 1334.813638][T22942] do_syscall_64+0x55/0xb0 [ 1334.818268][T22942] ? clear_bhb_loop+0x40/0x90 [ 1334.822965][T22942] ? clear_bhb_loop+0x40/0x90 [ 1334.827665][T22942] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1334.833583][T22942] RIP: 0033:0x7f1ed9f8eb69 [ 1334.838012][T22942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1334.857766][T22942] RSP: 002b:00007f1edad59038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 1334.866370][T22942] RAX: ffffffffffffffda RBX: 00007f1eda1b6240 RCX: 00007f1ed9f8eb69 [ 1334.874478][T22942] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000200000000100 [ 1334.882496][T22942] RBP: 00007f1eda011df1 R08: 0000000000000000 R09: 0000000000000000 [ 1334.891117][T22942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1334.899115][T22942] R13: 0000000000000001 R14: 00007f1eda1b6240 R15: 00007fffbebbd9b8 [ 1334.907311][T22942] [ 1335.223301][T19717] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.