last executing test programs: 1m7.53209692s ago: executing program 3 (id=3799): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) socket$kcm(0x29, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48) socket$kcm(0xa, 0x922000000003, 0x11) socket$kcm(0xa, 0x5, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x4}, 0x50) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r2}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1m7.314108264s ago: executing program 3 (id=3801): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f00000001c0), &(0x7f0000000200)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 1m6.987940776s ago: executing program 3 (id=3805): syz_mount_image$ext4(&(0x7f0000000680)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000340)={[{@data_ordered}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=") mknodat$loop(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x6004, 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x5, 0x2, 0x2}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000040)=0x3) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r5, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000080)=@x86={0x7f, 0x3, 0xd1, 0x0, 0x1, 0x7e, 0xcb, 0x10, 0x8, 0x5, 0xb, 0x8, 0x0, 0x10003, 0x9, 0xff, 0x4, 0x2, 0x12, '\x00', 0xb}) r6 = socket$nl_audit(0x10, 0x3, 0x9) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x1c, r8, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x6000000}, 0x4810) mkdirat(0xffffffffffffff9c, 0x0, 0x0) 1m5.519899332s ago: executing program 3 (id=3814): syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) creat(&(0x7f0000000380)='./bus\x00', 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]}) eventfd(0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) 1m3.223905123s ago: executing program 3 (id=3819): mbind(&(0x7f0000739000/0x4000)=nil, 0x4000, 0x4c3ab9d142c0e448, 0x0, 0x80000000, 0x6) 1m1.843664314s ago: executing program 3 (id=3825): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400}, 0x0) 1m1.213221154s ago: executing program 32 (id=3825): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400}, 0x0) 2.807124596s ago: executing program 1 (id=4079): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@discard}, {@bh}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2a08000, &(0x7f0000000140)={[{@user_xattr}, {@data_err_abort}]}, 0xfc, 0x474, &(0x7f00000003c0)="$eJzs3MtrXFUYAPBv7mTSpM/4qNqHGl9YfDRN+rALN4qCCwVBF9VdTNNSm1ppIthSTBSpSym4F5eCf4Er3Yi6EtzqXgpBsml8gFfunXvzfk0yyUTn94MJ59x7Zu75zrlncu65MxNA2+rN/lQidkfEL1k6ybMz0qJQVm566vrQH1PXhyqRpq/9Xsn33Z66PlSWLZ+3u8gcSSKSjytxaInjjl69dnFwZGT4SpHvG7v0bt/o1WtPX7g0eH74/PA7A6dPnzje/8ypgZNNiXNPVteDH1w+fOClN26+MnTm5ls/fNVR1nVBHM3SG73z2nKux5p9sBbbMydd6WhhRWhINSKy7qrl439fVGO28/bFix+1tHLApkrTNN27/O6JFPgfq0SrawC0RvmP/vZUd3Rt0nXwdjb5XP0CKIt7unjU93REUpSpLbi+baauYt3kzMSfn0fe/jvaqv0BgK33TTb/eao+/ykf9T09cc+ccnvz9eBsa8QdEXFnRNwVEXdHxP6IvOy9EXFfg8fvXZBfPP9Mbq0rsDXK5n/PFve25s//itnfP2lPtcjtie7oiVrl3IWR4WNFmxyJ2o4s37/CMb594edPl9vXW8z9ykd2/HIuWNTjVseO+c85Ozg2uLGoZ01+mK8Bji+Of/bOVZY6EBEH1/H62bz5whNfHl5u/+rxr6AJ95nSLyIer/f/RKwQ/8L7k93FvlMDJ/u6YmT4WF95Viz24083Xl3u+BuKvwmy/t+55Pk/E39PZe792tHGj3Hj10+WvaZp4Px/s9ySnf+dldfzdGex7f3BsbEr/RGdlZcXbx+YfbUyX5af3L0/4pGlx3/2HpedY1n8hyIiO4nvj4gHIuLBou4PRcTDkb/EUsanI+L75x99ez3xJ6s1bBNk/X92Xv/HKv3feKJ68buv1xN/Xdb/J/LUkWLLWt7/1lrBjbQdAAAA/Fck+WfgK8nRmXSSHD0asStf292ZjFweHXvy3OX3/jpb/6x8T9SScqWrvh5cXw/tL9aGy/zAgvzxYt34s2p3nt9Z3PsGWmfX3PGfLzjWx3/mt2qLKwdsPt/XgvZl/EP7Mv6hfRn/0L7WOv7TTa4HsPWWGv/jLagHsPXM/6F9Gf/Qvox/aF/GP7SljXyvX2KVxHjDzdsVK5Xp3CZx5YlI8kQ63sJq/F38DMvaCm9efcpfy1i9cK0Yd9uhB1dOtO49CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJn+DQAA//85XdxN") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1dc) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000140)={0x8, 0x2, 0x5}) 2.612095199s ago: executing program 0 (id=4080): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000000), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}}, 0x0) 2.506601426s ago: executing program 1 (id=4081): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000100)='./cgroup\x00', 0x40, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r0, @ANYRES16=r0, @ANYRES8=0x0, @ANYRES16=r0, @ANYRES16=r0], 0x4, 0xfdc, &(0x7f0000003900)="$eJzs3U9sHNX9APA3613biU28Bn5g4EdIoYhAwQ5JpKa3IBCXSohL76CQ0AhDUUMrEQExPSAqIYqEOFUcQFwolVKkIoEqVaintqdWvbUX1AuVqlQK6qFFSlzZfrPeHe9k/3h3dtb7+UjffX7zZuf7HXttz4zHbwMwsSqbj8ePLyUhvPPZ24+8/FTyycayOxprHNp8TGKvHkKoNfWTzPa+iAuuXH7pVLs2CUc3H9N+eOxS47lzIYS1cCh8Hurho5XVrz589+HDH782e9Ob5595ZUi735DdDwAA2Isu/nH1r/f+4w/3L3598eDJMNNYnh6f12N/Lh73H4kHyunxciW09pOmaDadWW8qRiWz3lRmvWomTzUnXy2znVrOetMd8k01LWu3nwAAADCO0vPaekgqyy39SmV5eeu8f8MXC9PJ8nNnV8+cG1GhAAAAQN/+fWHzptsxjtkS1CCysS99gfX2vI++2/tzdhWVgvNVC843MdHf600IIcoTUyWoQZQhHi1BDaLfcDwixiDWFwq82AAAAABMrGrTx9n5wnZYG+xMXY2t1bvLf+mhSvvnwwBkXn87p50Y8Ov/2vlnd65QaP42hp+/NuL819z/D171EwcAgP7t1aPJdL/S4+h0HoPsPIJTLc+am+r1/KOS2U61xzrz5hUcl/kG8+qcKriOfuXV3+vXcVTy6s/Oh1lWefVn5+ksq7z6Zwquo1959be58hPK+G2dV/++guvoV179+wuuo1959c8VXEe/8uqfL7iOfuXVf13BdfQrr/4DBdfRr7z6x+W22rz66wXX0a+8+he3mtIfRuTVf33BdfQrr/4bCq6jX3n131hwHaNye2zTz8PBnPXm2hz8le5gEAAAAGjrv2M//9+ERrUENQixm6iUoAYh1l7d+mXYuny2zbJiYs/+bK+UoIZhxb52ryEhJiHmSlCDKGMkW83I6xBt48LoLj0AAAAAJZH+X0D6X+/rUTo+tWP8b+9vPKbj1ebx2e0NpOO1Dtuf7jA+02EcAAAACOE3r5+55a1ke7677P/09zofXjpv1L7wydXQwzxGd8fb57LzEfaaf7fznu02f/sJR8ZlNjYAAAD2quTRz6/e98h7Lyx+ffHgyaaz36vxfDedB7Qarw18Gu8JSO8LSOfJbb5PYHMrJ1vzVHLWy14fuC5ve48PYGcBAABgQqXn7/WQVJabzrvroVJZXt4+H18KteTM2dXTR2I/fX+W3y/UZjaWP1hw3QAAAED3ts/325//p+/juxSmk+Xnzq6eObfVn28sr1WarwssbC9Pmq8L1DPLj+YsPxb78f07w/cX9m0uXz71g9WnBr3zAAAAMCHOvXj+mSdXV0//cHI+qIYQdrWdUIa98EGJPtj4TipBGQP9YNQ/mQAAgEH78su3az86Nv/brf//357/7mr84FDs1+Pcfn+Ky9P7BNL/A9jx//pPtOZZyFvv+db16pn1pmLMZOqebdpO2JxvsPV5i3n56q3bmc7JN5fJN5/Jl52noJpZP2kzl2BoMxNgut5CZnl2HsZqJkeSyX9nm1wAAACQWnnh2edXzr14/oGzzz759OmnTz937OiJ75w4ceTBbz+4snlf/0rz3f0AAADAOGq9hxkAAAAAAAAAAAAAAAAAAAAYhaLeHQ0AAAAYnX9dCCGsiYmMSpfrhBLUOu6RlKCG4cX6zOhrGGnUuv0e6fd7Kez6+7A66s+RECK+WfGoaxBCTG6M9rxv1jlFOWJ9PftO8wAAAADDdeXyS6ea2x3WkoHma2ytvtVcjXnTdv6BvyxuRLrapYdar5fsH2g1TLqiX//ylzX/TNvxD14dbP7NC/H17X7nn3+V1g2c3Hysxt6+bvPes/KLpUb+EMKt1S7zZ/f/8W4ztjqcyX9P6C7/+nuZ/E+09Crd5r83k39/l/l37P/zeRlmr5n/vph/KfYP39Vt/tZdnMlk6/YF8K3M/j8Vus2f2f96lwkz7o/5AWASNX6br18YbSEDlh4lpMfTc7Gf7m96wJq9+6HX4/9KZjvVXVfe2O7mLcXpcdDNcXnjqG6tNW+q1/rTz8t8bK/rvc62xuWukrz6B/V1HLa8+msF19GvvPqnC66jX3n1tz97L5+8+q999lgeefV3fSFixPLqH5frynn1zxVcR7/y6p8vuI5+5dXf6+/xUcmr/0DBdfQrr/6FguvoV179fV5WK1xe/YsF19GvvPqvL7iOfuXVf0PBdfQrr/4bC65jVG6Lbd75cHr+uRDH0n49059p87ns+o8hAAAAwFD9c+jzQMS/JPX0nKYrByWYI0EIUdLwM0II0RRTJahBiHGO/6xv6fV5s34fi13EpM8jXXSsr4/iqgNlkYzRveIADM5wZ7Og7Hz9J5uv/2Tz9eda0r/EJ5l+aqrDeLXDeK3D+HRmPMk8cSZvPLohs9319LpmdGOH8f+Le5A3fiDz/B9nxm/usP2lDuO3dBi/tcP4bR3GAQAAmAw3xdb5IQAAAOxdL//y0zd+fc8Tlxe/vnjwZJhuXAdI5/U7Evsz8W/rr8d+dt77VC3+zf8nsf9+bH8X279n1nf/CQAAAAxf+j4x/v4PAAAAe1f6PqXO/wEAAGDvWoyt838AAADYu66PrfN/AAAA2MOS2faLY5teF7gztt3O6wcAlN//x/b22B6M7R2x/UZs0+OAu2L7zYLqAwAG5+ff++mJt5Lt+f6PZcavxOVpu8Pa1pWCpNI6k/++2O6P7d1d1pN9P4Bu86cOdJlnWPkXdpkfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANg7KpuPx48vJSG889nbj/xs+o0/byy7o7HGoc3HJPbqIYRa43np6Hb/V3HFK5dfOtXcXo1tEo6GJCSN5eGxS41McyGEtXAofB7q4aOV1a8+fPfhwx+/NnvTm+efeWWIn4KW/evBzDDqAAAAgGH4XwAAAP//hWEPpQ==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000200)={0x1d, r5}, 0x10) sendmsg$can_bcm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r5, @ANYRES64=r4, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0) sendmsg$sock(r6, &(0x7f0000001940)={&(0x7f00000002c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000000), 0x5, &(0x7f00000008c0)=[@timestamping={{0x14}}], 0x18}, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, &(0x7f00000005c0)) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, 0x0) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4048080) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[], [], 0x2c}) 2.168026708s ago: executing program 0 (id=4084): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xf, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x2, 0x8001, 0x2, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1, 0x0, 0x2], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0xf209, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x6, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x40, 0x4771], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x9, 0x10000, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x800], [0x2, 0x0, 0x6, 0xfffffffe, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xe, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x800, 0x200000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe, 0x7ff]}, 0x45c) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000400)={[{@nolazytime}]}, 0x2, 0x522, &(0x7f00000006c0)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtlHVC+VUIVQJ0SOHbUicKIodR7FTmrCH7JE7EpU4wYkzByQOSD1xR+IANy7lgFRgBWqQkHDlsZ11/ji2sondjX8/aeQ38zz+3tvRvGd93swLYGLdioj9iLgWEe9GxFzneNLZ4s321nrfJ48eLB88erCcRLP5zj+TrL51LHrOaXmm85n5iPjBWxE/So4F/VNEfXdvY6lSKW93DhUb1a1ifXfv7np1aa28Vt4slRYXFudfv/da6cL6+lL1Nx9fj4jf/+7LH/1x/1s/aTVrtlPX24+L1O76zGGclumI+N5lBBuDqU5/rp3n5HOdxEVKI+JzEfFydv/PxVR2NY86epm+PcLWAQCXodmci+Zc7z4AcNWlWQ4sSQudXMBspGmh0M7hvRA30kqt3rizWtvZXGnnym7GTLq6XinPd3KFN2MmWV2fLi9k5e5+pVxKju7fi4jnI+JnuevZfmG5VlkZ5xcfAJhgzxyb//+Ta8//AMAVl39czI2zHQDA6OTH3QAAYOTM/wAwecz/ADB5zP8AMHnM/wAwecz/ADBRvv/2262tedB5/vXKe7s7G7X37q6U6xuF6s5yYbm2vVVYq9XWsmf2VAd9XqVW21p4NXbeLzbK9Uaxvrt3v1rb2Wzcz57rfb88M5JeAQBnef6lD/+SRMT+G9ezLXqe9z9wrn7xslsHXKZ03A0AxmZq3A0Axubkal/ApJCPh8n1/2azGT1r90bEw8NSz8NA+/4XoQ+GCpNaNxQ+e25/8Qny/8BTTf4fJtf58v++y8NVIP8Pk6vZTKz5DwATRo4fSAbU9/7+P9/s2Rnu938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4kmazLUkLnbXAZyNNC4WIZyPiZswkq+uV8nxEPBcRf87N5Fr7CxFh3SAAeJqlf08663/dnntl9njttdx/c9lrRPz4F+/8/P2lRmN7IeJa8q/D440POsdL42g/ADBId57uzuNdnzx6sNzdRtmej7/TXly0Ffegs7VrpmM6e81nuYYb/046+22t7ytTFxB//2FEfOG0/idZbuRmZ+XT4/FbsZ8dafz0SPw0q2u/tv4tPn8BbYFJ82Fr/HnztPsvjVvZ6+n3fz4boZ5cd/w7ODH+pYfj31Sf8e/WsDFe/cN3TxxszrXrHkZ8aTrioPvhPeNPN37SJ/4rQ8b/64tfeblfXfOXEbfjtP4nR2IVG9WtYn137+56dWmtvFbeLJUWFxbnX7/3WqmY5aiL3Uz1Sf94485z/eK3+n+jT/z8gP5/fcj+/+p/7/7wq2fE/+bXTr/+L5wRvzUnfmPI+Es3fpvvV9eKv9Kn/4Ou/50h43/0t72VEwcHLTgOAFya+u7exlKlUt5+8kL+zPekFxFiiEISsX/JIR4Xcr/+6VuD35wbWXvOWYh+VVOflRZemULuHGflL/Y+HbIw7pEJuGyPb/pxtwQAAAAAAAAAAAAAAOhnFH9ONO4+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHV9GgAA///+udUz") link(0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}, 0x1, 0x0, 0x0, 0x4040800}, 0x0) 2.056868875s ago: executing program 1 (id=4086): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0xe3, 0xdd, 0xef, 0x20, 0x1d50, 0x60a1, 0xa14f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x14, 0x4e}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000000)={0x0, 0x31}, 0x0, 0x0}) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1.931619683s ago: executing program 2 (id=4087): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a32000000000900010073797a300000000014000380080002400000000008000140"], 0x68}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000040000000000a40000000160a01080000000000000000020000000900020073797a30000000000900010073797a3000000000140003800800024000000000080001400000000014000000110001"], 0x68}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$kcm(0x10, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\n\x00'/21], 0x50) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) 1.892182136s ago: executing program 4 (id=4088): syz_mount_image$iso9660(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', 0x2, &(0x7f0000000000)={[{@utf8}, {@check_relaxed}, {}, {@nocompress}, {@sbsector={'sbsector', 0x3d, 0x1}}]}, 0x0, 0x519, &(0x7f0000000b00)="$eJzs3VFv01YbwPHHpZVKXon31fu+QqgqcCibVKQSnASCIq485yQ94NiR7aD2ClW0RRUpTJRJa6/GDduk7UNwu6+zz4F2uctNthNISRN3gTZV9f9FcE7ixz7PSSM/chvbAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxHLrtl2yxDN+Z02N5tbDoDVmeX97tw41vTGOGlfESv7J/LxcyV668v+Piy8n/y3JYvZsUeaTZl4O/nX5Pw/+NzvTX39MQqdib//g+Ua3u/Vq2olMSVP7JgpMy2lqZaJA1apV+85qI1IN4+loPYp1S7mhduIgVMvuLVWq1SpKF9eDjt+sO57uv3j/dtm2q+phsa2dMAr8Ow+LkbtqPM/4zTQmWZzE3E8+iI9MrGLttJTa3uluVcan+PufSVApbyZJUDkvqGyXy6VSuVyq3qvdu2/bs0Mv2J+QoYjpf2gxXSewFwcmM9Or/+KJEV86sibqyIcrdQklkNaI5T39+v/1HT123MH636/yVz4uXpC0/l/Lnl0bVf9H5HLoka56jLiJHnuyLwfyXDakK13ZklcnNtLZfDRFiy9GIgnESEuc9BXVe0VJTapSFVueyKo0JBIlDTHiiZZI1iWSWHT6iXIlFC2OxBJIKEqWxZVboqQkNalJRZRoKcq6BNIRX5pSFyfdyrbspO97ZUyOH4JKxwkqjwmi/uPzffF9ODCpv/r1HwAAAAAAnFtW+tv35Ph/Tq6mvYbxtD3ttAAAAAAAwBeU/uV/MWnmkt5VsTj+BwAAAADgvLHSc+wsESnI9azXPxOKXwIAAAAAAHBOpH//v5Y0haR3XSyO/wEAAAAAOG9+yrnGfrbwhz8kDOesN+2L/fWc3QtZ58KnW4wbC9al3kbSpjrbe+bqRat39csPF8F832u28671b2UJrH1l7TqTJiC/yI0s5sZm1m72l2SjFBrG00U38B6UxHEuzcR6Lf7uxc73kk7/Z791yZLtne5W8enL7maay5tkK292e+/T0HUUx+TyOr3eQnrOxZEznktPxOiNW8jGtQfnP5OtPvMPxnwrS1nMUiFrC4fnP5+MWSqOmn0vi9LQzIdyyMniZhZzc/lm1hyRRTkvi/JgFheHE/giWVTysqgMZjHBTwQApmU7pwpZMlR3J9jLnU51fyvLWczyQrpjnV04Yo9u5+3R7c+s678N3QNpVI1Nxv31k6r6Llnh3chxI69sJW/hhde738rlvf2D2zu7G8+2nm29KJcrVfuubd8ry1w6jV5D7QEAHCH/Hju5EdbdnKPq/374SkFRnspL6cqmrKRnG6TfODhyq4WBryGs5By1Fgbu8LKSc1RXGLjRy/FjK6fwkwAA4PQs5dTh49T/lZzj7sO1fPzR8WAtBwAAJ0OH761C/KMVhqb9pFSrlZx4VaswcB+p0NSbWhk/1qG76vhNrdphEAdu4CWdx6auIxV12u0gjFUjCFU7iMxaeud31bv1e6Rbjh8bN2p72om0cgM/dtxY1U3kqnbnG89EqzpMV47a2jUN4zqxCXwVBZ3Q1UWlIq0HAk1d+7FpmKTrq3ZoWk64rh4HXqelVV1HbmjacZBtsD+W8RtB2Eo3W5z2mw0AwBmxt3/wfKPb3Xp1gp1pzxEAABxGlQYAAAAAAAAAAAAAAAAAAAAA4Ow7jfP/6EzakbORBp0T6fz7bKQxojPtPROAk/Z3AAAA//8AuFQg") removexattr(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=@known='system.posix_acl_default\x00') 1.776339634s ago: executing program 0 (id=4089): r0 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3) fcntl$addseals(r0, 0x409, 0x8) fallocate(r0, 0x3, 0x2009140, 0x3) 1.716590378s ago: executing program 2 (id=4090): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000007c0)={'ip6tnl0\x00', &(0x7f00000004c0)={'syztnl0\x00', 0x0, 0x29, 0x3, 0xc, 0x400, 0x4, @ipv4={'\x00', '\xff\xff', @local}, @remote, 0x80, 0x7800, 0x8, 0xc0}}) 1.645530152s ago: executing program 4 (id=4091): write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="043e0b06c90006"], 0xe) 1.496277272s ago: executing program 0 (id=4092): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x77a, &(0x7f0000000b00)="$eJzs3E1oHOcZAOB3xlrJP3JXLYX+HErBBhuMV5J1sU9WL70ZDIZeXSGthNBIK7Qr16saavdccK1LSwul7TlHk1vAOLnnFgwJJOdASBzlEHzZMLsrOd5o1yvrZ4n8PDCe95uZb97v9Y4+7YBmAnhr/Tb/J4kYjYibEVFsb08jYrgZnYy43zpu6/m92XxJotG49WWSd4utRnHnXEl7fSaaXeKXEfG0EHHprz/MW61vLM1kWXmt3R6vLa+OV+sblxeXZxbKC+WVyalrE1enpq5OTL22hl/0Wev5P1w79ejD329ufvS49vA3Q5eTmG7WHe3a+jzNnrT+Twox3bF95TCSDVDSY9+7RzgOAAB6y7/nn4iIoea31GKcaEYAAADAcdIYaezJvx63+wEAAAA/Iol7eQAAADjmtv8OYPvZ3sN6DrabL34XEWO75R9qPkMccTIKEXF6K3nlyYSk1Q325f6DiHgy3Xn9/T+/wu7v89wTHe2k/bxNy/A+z85BeJLPP9O7zT/pzvwTu8w/Q9vvTtin7vPfy/wnusx/N/vM8d5/flXomv9BxK+Hdsuf7ORPuuT/Y5/5H27+7VEr+uyDzn2N/0Vc2PX3T/JKrh7vh5ieX8x6vX4gnr64+KxX/ae75U9617+60zrbs/4/b3291G0uyfNfPNf7898tf35N/P17c8qj9jpvb3bkOLf88fu96p+LaLz+83/R6Kz/vz2rfunTd0bu9nkoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANKURMRpJWtqJ07RUijgTET+P02lWqdYuzVfWV+byfRFjUUjnF7PyREQUW+0kb08245ftKx3tqYj46SenWkkXs3JptpLNDbp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdpyJiNFI0lJEpBHxTTFNS6WIoT76jhzB+AAAAIADMjboAQAAAACHzv0/AAAAHH9vev+fHPA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPt5o0b+dLYen5vNm/P3amvL1XuXJ4rV5dKy+uzpdnK2mppoVJZyMql2cry686XVSqrk9di/e54rVytjVfrG7eXK+srtduLyzML5dvlwpFUBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwF6NNpckLUVE2ozTtFSKOBsRY1FI5hez8kRE/CQinhULI3l7ctCDBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MBV6xtLM1lWXhMIBEcW/CUijjbpz4ZbP/H99hr0zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCBU6xtLM1lWXqvurd/YYQ0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAUk/TyIiXy4Uz4927h1Ovi021xHxp3/f+sfdmVptbTLf/tXO9to/29uvDGL8AAAA8Fa4vpeDt+/Tt+/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+lWtbyzNZFl5bX/B9ahvNJIuxwy6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M18FwAA//9BDsGw") chdir(&(0x7f0000000240)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) 1.433413916s ago: executing program 4 (id=4093): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f00000001c0), &(0x7f0000000200)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 1.396609659s ago: executing program 2 (id=4094): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000100)='./cgroup\x00', 0x40, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r0, @ANYRES16=r0, @ANYRES8=0x0, @ANYRES16=r0, @ANYRES16=r0], 0x4, 0xfdc, &(0x7f0000003900)="$eJzs3U9sHNX9APA3613biU28Bn5g4EdIoYhAwQ5JpKa3IBCXSohL76CQ0AhDUUMrEQExPSAqIYqEOFUcQFwolVKkIoEqVaintqdWvbUX1AuVqlQK6qFFSlzZfrPeHe9k/3h3dtb7+UjffX7zZuf7HXttz4zHbwMwsSqbj8ePLyUhvPPZ24+8/FTyycayOxprHNp8TGKvHkKoNfWTzPa+iAuuXH7pVLs2CUc3H9N+eOxS47lzIYS1cCh8Hurho5XVrz589+HDH782e9Ob5595ZUi735DdDwAA2Isu/nH1r/f+4w/3L3598eDJMNNYnh6f12N/Lh73H4kHyunxciW09pOmaDadWW8qRiWz3lRmvWomTzUnXy2znVrOetMd8k01LWu3nwAAADCO0vPaekgqyy39SmV5eeu8f8MXC9PJ8nNnV8+cG1GhAAAAQN/+fWHzptsxjtkS1CCysS99gfX2vI++2/tzdhWVgvNVC843MdHf600IIcoTUyWoQZQhHi1BDaLfcDwixiDWFwq82AAAAABMrGrTx9n5wnZYG+xMXY2t1bvLf+mhSvvnwwBkXn87p50Y8Ov/2vlnd65QaP42hp+/NuL819z/D171EwcAgP7t1aPJdL/S4+h0HoPsPIJTLc+am+r1/KOS2U61xzrz5hUcl/kG8+qcKriOfuXV3+vXcVTy6s/Oh1lWefVn5+ksq7z6Zwquo1959be58hPK+G2dV/++guvoV179+wuuo1959c8VXEe/8uqfL7iOfuXVf13BdfQrr/4DBdfRr7z6x+W22rz66wXX0a+8+he3mtIfRuTVf33BdfQrr/4bCq6jX3n131hwHaNye2zTz8PBnPXm2hz8le5gEAAAAGjrv2M//9+ERrUENQixm6iUoAYh1l7d+mXYuny2zbJiYs/+bK+UoIZhxb52ryEhJiHmSlCDKGMkW83I6xBt48LoLj0AAAAAJZH+X0D6X+/rUTo+tWP8b+9vPKbj1ebx2e0NpOO1Dtuf7jA+02EcAAAACOE3r5+55a1ke7677P/09zofXjpv1L7wydXQwzxGd8fb57LzEfaaf7fznu02f/sJR8ZlNjYAAAD2quTRz6/e98h7Lyx+ffHgyaaz36vxfDedB7Qarw18Gu8JSO8LSOfJbb5PYHMrJ1vzVHLWy14fuC5ve48PYGcBAABgQqXn7/WQVJabzrvroVJZXt4+H18KteTM2dXTR2I/fX+W3y/UZjaWP1hw3QAAAED3ts/325//p+/juxSmk+Xnzq6eObfVn28sr1WarwssbC9Pmq8L1DPLj+YsPxb78f07w/cX9m0uXz71g9WnBr3zAAAAMCHOvXj+mSdXV0//cHI+qIYQdrWdUIa98EGJPtj4TipBGQP9YNQ/mQAAgEH78su3az86Nv/brf//357/7mr84FDs1+Pcfn+Ky9P7BNL/A9jx//pPtOZZyFvv+db16pn1pmLMZOqebdpO2JxvsPV5i3n56q3bmc7JN5fJN5/Jl52noJpZP2kzl2BoMxNgut5CZnl2HsZqJkeSyX9nm1wAAACQWnnh2edXzr14/oGzzz759OmnTz937OiJ75w4ceTBbz+4snlf/0rz3f0AAADAOGq9hxkAAAAAAAAAAAAAAAAAAAAYhaLeHQ0AAAAYnX9dCCGsiYmMSpfrhBLUOu6RlKCG4cX6zOhrGGnUuv0e6fd7Kez6+7A66s+RECK+WfGoaxBCTG6M9rxv1jlFOWJ9PftO8wAAAADDdeXyS6ea2x3WkoHma2ytvtVcjXnTdv6BvyxuRLrapYdar5fsH2g1TLqiX//ylzX/TNvxD14dbP7NC/H17X7nn3+V1g2c3Hysxt6+bvPes/KLpUb+EMKt1S7zZ/f/8W4ztjqcyX9P6C7/+nuZ/E+09Crd5r83k39/l/l37P/zeRlmr5n/vph/KfYP39Vt/tZdnMlk6/YF8K3M/j8Vus2f2f96lwkz7o/5AWASNX6br18YbSEDlh4lpMfTc7Gf7m96wJq9+6HX4/9KZjvVXVfe2O7mLcXpcdDNcXnjqG6tNW+q1/rTz8t8bK/rvc62xuWukrz6B/V1HLa8+msF19GvvPqnC66jX3n1tz97L5+8+q999lgeefV3fSFixPLqH5frynn1zxVcR7/y6p8vuI5+5dXf6+/xUcmr/0DBdfQrr/6FguvoV179fV5WK1xe/YsF19GvvPqvL7iOfuXVf0PBdfQrr/4bC65jVG6Lbd75cHr+uRDH0n49059p87ns+o8hAAAAwFD9c+jzQMS/JPX0nKYrByWYI0EIUdLwM0II0RRTJahBiHGO/6xv6fV5s34fi13EpM8jXXSsr4/iqgNlkYzRveIADM5wZ7Og7Hz9J5uv/2Tz9eda0r/EJ5l+aqrDeLXDeK3D+HRmPMk8cSZvPLohs9319LpmdGOH8f+Le5A3fiDz/B9nxm/usP2lDuO3dBi/tcP4bR3GAQAAmAw3xdb5IQAAAOxdL//y0zd+fc8Tlxe/vnjwZJhuXAdI5/U7Evsz8W/rr8d+dt77VC3+zf8nsf9+bH8X279n1nf/CQAAAAxf+j4x/v4PAAAAe1f6PqXO/wEAAGDvWoyt838AAADYu66PrfN/AAAA2MOS2faLY5teF7gztt3O6wcAlN//x/b22B6M7R2x/UZs0+OAu2L7zYLqAwAG5+ff++mJt5Lt+f6PZcavxOVpu8Pa1pWCpNI6k/++2O6P7d1d1pN9P4Bu86cOdJlnWPkXdpkfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANg7KpuPx48vJSG889nbj/xs+o0/byy7o7HGoc3HJPbqIYRa43np6Hb/V3HFK5dfOtXcXo1tEo6GJCSN5eGxS41McyGEtXAofB7q4aOV1a8+fPfhwx+/NnvTm+efeWWIn4KW/evBzDDqAAAAgGH4XwAAAP//hWEPpQ==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000200)={0x1d, r5}, 0x10) sendmsg$can_bcm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r5, @ANYRES64=r4, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0) sendmsg$sock(r6, &(0x7f0000001940)={&(0x7f00000002c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000000), 0x5, &(0x7f00000008c0)=[@timestamping={{0x14}}], 0x18}, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, &(0x7f00000005c0)) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, 0x0) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4048080) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[], [], 0x2c}) 1.336140543s ago: executing program 1 (id=4095): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{}, 0x0, 0x0}, 0x20) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.21864937s ago: executing program 1 (id=4096): munmap(&(0x7f0000001000/0x2000)=nil, 0x2000) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}, @union={0x0, 0x0, 0x0, 0x5, 0x0, 0x7ff}]}}, 0x0, 0x32, 0x0, 0x1, 0x7ff}, 0x28) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, 0x0, 0x0) ptrace$ARCH_MAP_VDSO_32(0x1e, r2, 0xffffffffffffff80, 0x2002) sendmmsg$unix(r4, &(0x7f0000000000), 0x40001e0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r1) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket(0xa, 0x3, 0x2) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e23, 0x9, @loopback, 0xd9b}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000009cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)}}], 0x1, 0x800) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = syz_open_dev$loop(&(0x7f0000000500), 0x47ffffa, 0x60500) ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x2000, {0x0, 0x0, 0x0, 0x3, 0x140000, 0x0, 0x0, 0x1e, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x0, 0x400]}}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x3, 0x2, 0x201, 0x0, 0x0, {0x7, 0x0, 0x4}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4080015}, 0x4040040) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40186f40, &(0x7f0000000100)=0x40000000) r8 = syz_open_dev$video4linux(&(0x7f0000000540), 0x10000fc3, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r8, 0xc040564a, &(0x7f0000000040)={0x0, 0x0, 0x1012, 0x221e, 0xffffeff6, 0xc251, 0x0, 0x1}) ioctl$KVM_CAP_PMU_CAPABILITY(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0xd4, 0x0, 0x8}) 1.210885821s ago: executing program 4 (id=4097): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xf, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x2, 0x8001, 0x2, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1, 0x0, 0x2], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0xf209, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x6, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x40, 0x4771], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x9, 0x10000, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x800], [0x2, 0x0, 0x6, 0xfffffffe, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xe, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x800, 0x200000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe, 0x7ff]}, 0x45c) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000400)={[{@nolazytime}]}, 0x2, 0x522, &(0x7f00000006c0)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtlHVC+VUIVQJ0SOHbUicKIodR7FTmrCH7JE7EpU4wYkzByQOSD1xR+IANy7lgFRgBWqQkHDlsZ11/ji2sondjX8/aeQ38zz+3tvRvGd93swLYGLdioj9iLgWEe9GxFzneNLZ4s321nrfJ48eLB88erCcRLP5zj+TrL51LHrOaXmm85n5iPjBWxE/So4F/VNEfXdvY6lSKW93DhUb1a1ifXfv7np1aa28Vt4slRYXFudfv/da6cL6+lL1Nx9fj4jf/+7LH/1x/1s/aTVrtlPX24+L1O76zGGclumI+N5lBBuDqU5/rp3n5HOdxEVKI+JzEfFydv/PxVR2NY86epm+PcLWAQCXodmci+Zc7z4AcNWlWQ4sSQudXMBspGmh0M7hvRA30kqt3rizWtvZXGnnym7GTLq6XinPd3KFN2MmWV2fLi9k5e5+pVxKju7fi4jnI+JnuevZfmG5VlkZ5xcfAJhgzxyb//+Ta8//AMAVl39czI2zHQDA6OTH3QAAYOTM/wAwecz/ADB5zP8AMHnM/wAwecz/ADBRvv/2262tedB5/vXKe7s7G7X37q6U6xuF6s5yYbm2vVVYq9XWsmf2VAd9XqVW21p4NXbeLzbK9Uaxvrt3v1rb2Wzcz57rfb88M5JeAQBnef6lD/+SRMT+G9ezLXqe9z9wrn7xslsHXKZ03A0AxmZq3A0Axubkal/ApJCPh8n1/2azGT1r90bEw8NSz8NA+/4XoQ+GCpNaNxQ+e25/8Qny/8BTTf4fJtf58v++y8NVIP8Pk6vZTKz5DwATRo4fSAbU9/7+P9/s2Rnu938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4kmazLUkLnbXAZyNNC4WIZyPiZswkq+uV8nxEPBcRf87N5Fr7CxFh3SAAeJqlf08663/dnntl9njttdx/c9lrRPz4F+/8/P2lRmN7IeJa8q/D440POsdL42g/ADBId57uzuNdnzx6sNzdRtmej7/TXly0Ffegs7VrpmM6e81nuYYb/046+22t7ytTFxB//2FEfOG0/idZbuRmZ+XT4/FbsZ8dafz0SPw0q2u/tv4tPn8BbYFJ82Fr/HnztPsvjVvZ6+n3fz4boZ5cd/w7ODH+pYfj31Sf8e/WsDFe/cN3TxxszrXrHkZ8aTrioPvhPeNPN37SJ/4rQ8b/64tfeblfXfOXEbfjtP4nR2IVG9WtYn137+56dWmtvFbeLJUWFxbnX7/3WqmY5aiL3Uz1Sf94485z/eK3+n+jT/z8gP5/fcj+/+p/7/7wq2fE/+bXTr/+L5wRvzUnfmPI+Es3fpvvV9eKv9Kn/4Ou/50h43/0t72VEwcHLTgOAFya+u7exlKlUt5+8kL+zPekFxFiiEISsX/JIR4Xcr/+6VuD35wbWXvOWYh+VVOflRZemULuHGflL/Y+HbIw7pEJuGyPb/pxtwQAAAAAAAAAAAAAAOhnFH9ONO4+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHV9GgAA///+udUz") link(0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}, 0x1, 0x0, 0x0, 0x4040800}, 0x0) 711.809834ms ago: executing program 0 (id=4098): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x6}, 0x50) socket$nl_netfilter(0x10, 0x3, 0xc) openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x441, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r0], 0x3c}, 0x1, 0x0, 0x0, 0x801}, 0x0) 711.354074ms ago: executing program 2 (id=4099): sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x44010) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000000)='bridge0\x00') 384.263265ms ago: executing program 4 (id=4100): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0xc, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc, r1}) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"]) 278.770472ms ago: executing program 2 (id=4101): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x0) 176.332709ms ago: executing program 1 (id=4102): syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000e00)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0093d84f10fc3e1ec648b776cb7f8081d09ad0cc63a23840b824f920b21981285520a35f491e6934193661e8f46d"], 0x1, 0xd99, &(0x7f0000000e80)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) rt_sigpending(&(0x7f0000000180), 0x8) 135.490041ms ago: executing program 0 (id=4103): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$key(r3, 0x0, 0xc000) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) prctl$PR_GET_TID_ADDRESS(0x28, 0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x1}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000005400)=[{{&(0x7f0000000040)={0xa, 0x4e27, 0xfff, @remote, 0x2}, 0x1c, 0x0}}], 0x40000000000016d, 0x1000) 246.25µs ago: executing program 2 (id=4104): syz_open_dev$vim2m(0x0, 0x0, 0x2) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @private1, 0x3}, 0x1c) getsockopt$inet_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f0000000080)) socketpair(0x25, 0x1, 0x0, &(0x7f0000000000)) 0s ago: executing program 4 (id=4105): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) msgget$private(0x0, 0x3ac) kernel console output (not intermixed with test programs): ecutor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 795.296708][ T28] audit: type=1326 audit(1759857377.435:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13511 comm="syz.0.2397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 795.384859][T13519] lo speed is unknown, defaulting to 1000 [ 796.794428][ T6886] tipc: Disabling bearer [ 796.840636][ T6886] tipc: Left network mode [ 796.909331][T13519] chnl_net:caif_netlink_parms(): no params data found [ 797.259767][T12215] Bluetooth: hci0: command tx timeout [ 797.522637][ T6886] ip6gretap0 (unregistering): left promiscuous mode [ 798.601103][T13519] bridge0: port 1(bridge_slave_0) entered blocking state [ 798.633591][T13519] bridge0: port 1(bridge_slave_0) entered disabled state [ 798.669875][T13519] bridge_slave_0: entered allmulticast mode [ 798.710110][T13519] bridge_slave_0: entered promiscuous mode [ 798.736014][T13519] bridge0: port 2(bridge_slave_1) entered blocking state [ 798.755812][T13519] bridge0: port 2(bridge_slave_1) entered disabled state [ 798.775631][T13519] bridge_slave_1: entered allmulticast mode [ 798.790234][T13519] bridge_slave_1: entered promiscuous mode [ 799.369691][T12215] Bluetooth: hci0: command tx timeout [ 799.624853][T13519] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 799.700514][T13519] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 800.083216][T13519] team0: Port device team_slave_0 added [ 800.261446][T13519] team0: Port device team_slave_1 added [ 800.313189][T13573] overlayfs: failed to clone upperpath [ 800.670833][T13519] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 800.691832][T13519] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 800.786658][T13519] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 801.054631][T13519] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 801.080683][T13519] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 801.107223][T13519] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 801.357711][T13519] hsr_slave_0: entered promiscuous mode [ 801.385576][T13519] hsr_slave_1: entered promiscuous mode [ 801.400403][T13519] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 801.418352][T13519] Cannot create hsr debugfs directory [ 801.420867][T12215] Bluetooth: hci0: command tx timeout [ 801.779391][ T6886] bridge0: left promiscuous mode [ 801.817803][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 801.817817][ T28] audit: type=1326 audit(1759857384.325:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 801.906019][ T28] audit: type=1326 audit(1759857384.325:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 801.961934][ T28] audit: type=1326 audit(1759857384.365:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 802.008145][ T6886] hsr_slave_0: left promiscuous mode [ 802.027924][ T6886] hsr_slave_1: left promiscuous mode [ 802.031369][ T28] audit: type=1326 audit(1759857384.365:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 802.081079][ T28] audit: type=1326 audit(1759857384.365:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 802.247120][ T28] audit: type=1326 audit(1759857384.375:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 802.271456][ T28] audit: type=1326 audit(1759857384.375:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 802.344084][ T28] audit: type=1326 audit(1759857384.375:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 802.376424][ T28] audit: type=1326 audit(1759857384.375:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd16b8d710 code=0x7ffc0000 [ 802.405895][ T28] audit: type=1326 audit(1759857384.375:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13597 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 803.501596][T12215] Bluetooth: hci0: command tx timeout [ 804.309120][T13626] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2418'. [ 805.485685][ T6886] bond0 (unregistering): Released all slaves [ 805.633012][T13626] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2418'. [ 806.408795][ T6886] IPVS: stop unused estimator thread 0... [ 806.544793][T13645] overlayfs: failed to clone upperpath [ 807.042745][T13519] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 807.069078][T13519] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 807.084691][T13519] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 807.104569][T13519] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 808.194215][T13519] 8021q: adding VLAN 0 to HW filter on device bond0 [ 808.313610][T13519] 8021q: adding VLAN 0 to HW filter on device team0 [ 808.368584][ T6886] bridge0: port 1(bridge_slave_0) entered blocking state [ 808.375840][ T6886] bridge0: port 1(bridge_slave_0) entered forwarding state [ 808.447391][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 808.447407][ T28] audit: type=1326 audit(1759857390.945:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 808.489135][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 808.496380][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 808.726819][ T28] audit: type=1326 audit(1759857390.945:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 808.750488][ T28] audit: type=1326 audit(1759857390.945:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 808.817723][ T28] audit: type=1326 audit(1759857390.945:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 808.863910][T13519] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 808.880974][ T28] audit: type=1326 audit(1759857390.945:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 809.170856][T13519] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 809.864996][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.871451][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.917075][ T28] audit: type=1326 audit(1759857390.945:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 810.055057][ T28] audit: type=1326 audit(1759857390.945:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 810.118272][ T28] audit: type=1326 audit(1759857390.945:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 810.143820][ T28] audit: type=1326 audit(1759857390.945:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 810.167359][ T28] audit: type=1326 audit(1759857390.945:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13667 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 810.950506][T13519] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 811.067994][T13519] veth0_vlan: entered promiscuous mode [ 811.125279][T13519] veth1_vlan: entered promiscuous mode [ 811.301552][T13519] veth0_macvtap: entered promiscuous mode [ 811.351277][T13519] veth1_macvtap: entered promiscuous mode [ 811.434710][T13519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 811.459586][T13519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 811.488631][T13519] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 811.549939][T13519] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 811.584154][T13519] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 811.617952][T13519] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 811.668289][T13519] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 811.683062][T13519] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 811.693392][T13519] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 811.716843][T13519] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 812.400370][T13333] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 812.408276][T13333] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 812.430437][T13333] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 812.449790][T13333] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 815.162790][ T5791] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 815.174245][ T5791] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 815.184160][ T5791] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 815.214461][ T5791] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 815.223994][ T5791] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 815.233379][ T5791] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 815.811241][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 815.811259][ T28] audit: type=1326 audit(1759857398.325:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.072212][ T28] audit: type=1326 audit(1759857398.355:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.207013][ T28] audit: type=1326 audit(1759857398.365:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.341210][T13750] chnl_net:caif_netlink_parms(): no params data found [ 816.400713][ T28] audit: type=1326 audit(1759857398.365:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.502870][ T28] audit: type=1326 audit(1759857398.365:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.569585][ T28] audit: type=1326 audit(1759857398.365:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.644048][ T28] audit: type=1326 audit(1759857398.365:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.708165][ T28] audit: type=1326 audit(1759857398.365:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.759815][ T28] audit: type=1326 audit(1759857398.365:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 816.813064][ T28] audit: type=1326 audit(1759857398.365:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13761 comm="syz.0.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 817.348090][ T5791] Bluetooth: hci2: command tx timeout [ 817.892927][T13750] bridge0: port 1(bridge_slave_0) entered blocking state [ 817.918473][T13750] bridge0: port 1(bridge_slave_0) entered disabled state [ 817.951290][T13750] bridge_slave_0: entered allmulticast mode [ 817.968288][T13750] bridge_slave_0: entered promiscuous mode [ 817.987595][T13808] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2449'. [ 818.009640][T13750] bridge0: port 2(bridge_slave_1) entered blocking state [ 818.018296][T13750] bridge0: port 2(bridge_slave_1) entered disabled state [ 818.033930][T13750] bridge_slave_1: entered allmulticast mode [ 818.051324][T13750] bridge_slave_1: entered promiscuous mode [ 818.135781][T13812] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2451'. [ 818.296008][T13750] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 818.334846][T13750] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 818.418453][T13750] team0: Port device team_slave_0 added [ 818.478905][T13750] team0: Port device team_slave_1 added [ 818.579978][ T6656] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 818.644571][T13822] sit0: entered allmulticast mode [ 818.670036][ T42] tipc: Disabling bearer [ 818.725103][ T42] tipc: Left network mode [ 818.731450][T13750] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 818.738566][T13750] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 818.765740][T13750] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 818.780433][T13750] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 818.787524][T13750] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 818.832642][T13750] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 818.871129][T13823] sit0: entered promiscuous mode [ 819.049834][ T6656] usb 3-1: Using ep0 maxpacket: 8 [ 819.230784][ T42] ip6gretap0 (unregistering): left promiscuous mode [ 819.289406][ T6656] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 819.301463][ T42] bond1: (slave ip6gretap1): Releasing active interface [ 819.318982][ T6656] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 819.429613][ T5791] Bluetooth: hci2: command tx timeout [ 819.480862][ T6656] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 819.491103][ T6656] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 819.504390][ T6656] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 819.514275][ T6656] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 819.727327][T13750] hsr_slave_0: entered promiscuous mode [ 819.757112][T13750] hsr_slave_1: entered promiscuous mode [ 819.782513][T13750] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 819.799864][T13750] Cannot create hsr debugfs directory [ 819.896165][ T6656] usb 3-1: GET_CAPABILITIES returned 0 [ 819.912686][ T6656] usbtmc 3-1:16.0: can't read capabilities [ 820.816598][ T42] gretap0 (unregistering): left allmulticast mode [ 820.830029][ T42] gretap0 (unregistering): left promiscuous mode [ 820.849857][ T42] bridge0: port 3(gretap0) entered disabled state [ 821.517412][ T5791] Bluetooth: hci2: command tx timeout [ 821.747171][T12888] usb 3-1: USB disconnect, device number 17 [ 822.034791][ T42] bridge0: left promiscuous mode [ 822.231508][ T42] veth13: left allmulticast mode [ 822.253997][ T42] veth13: left promiscuous mode [ 822.259119][ T42] bridge5: port 1(veth13) entered disabled state [ 822.383785][ T42] veth11: left allmulticast mode [ 822.388849][ T42] veth11: left promiscuous mode [ 822.424614][ T42] bridge4: port 1(veth11) entered disabled state [ 822.455881][ T42] veth9: left allmulticast mode [ 822.474368][ T42] veth9: left promiscuous mode [ 822.491039][ T42] bridge3: port 1(veth9) entered disabled state [ 822.506533][ T42] veth7: left allmulticast mode [ 822.525735][ T42] veth7: left promiscuous mode [ 822.536812][ T42] bridge2: port 1(veth7) entered disabled state [ 822.559107][ T42] veth5: left allmulticast mode [ 822.574579][ T42] veth5: left promiscuous mode [ 822.872771][ T42] bridge1: port 1(veth5) entered disabled state [ 822.956779][ T42] hsr_slave_0: left promiscuous mode [ 822.967864][ T42] hsr_slave_1: left promiscuous mode [ 822.977522][ T42] batman_adv: batadv0: Removing interface: dummy0 [ 823.047052][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 823.085537][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 823.110302][ T42] bridge_slave_1: left allmulticast mode [ 823.116136][ T42] bridge_slave_1: left promiscuous mode [ 823.122272][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 823.134616][ T42] bridge_slave_0: left allmulticast mode [ 823.141997][ T42] bridge_slave_0: left promiscuous mode [ 823.148098][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 823.579718][ T5791] Bluetooth: hci2: command tx timeout [ 823.849596][ T6963] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 824.112581][ T6963] usb 1-1: Using ep0 maxpacket: 8 [ 824.385582][ T6963] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 824.398379][ T6963] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 824.420348][ T6963] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 824.439357][ T6963] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 824.453321][ T6963] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 824.473558][ T6963] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 824.746916][ T6963] usb 1-1: GET_CAPABILITIES returned 0 [ 824.758782][ T6963] usbtmc 1-1:16.0: can't read capabilities [ 825.141032][ T42] bond1 (unregistering): Released all slaves [ 825.654266][ T42] team0 (unregistering): Port device team_slave_1 removed [ 825.715950][ T42] team0 (unregistering): Port device team_slave_0 removed [ 825.769064][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 825.827332][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 826.406830][ T42] bond0 (unregistering): Released all slaves [ 826.483486][ T6963] usb 1-1: USB disconnect, device number 5 [ 826.634500][T13908] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2476'. [ 826.655961][T13908] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2476'. [ 826.739229][T13917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2479'. [ 826.767588][T13750] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 826.789278][T13917] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2479'. [ 826.811950][T13750] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 826.840304][T13750] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 826.877979][T13750] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 827.172391][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 827.172407][ T28] audit: type=1326 audit(1759857409.685:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 827.358867][ T28] audit: type=1326 audit(1759857409.685:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 827.839018][T13750] 8021q: adding VLAN 0 to HW filter on device bond0 [ 827.927990][ T28] audit: type=1326 audit(1759857409.735:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 827.998399][T13750] 8021q: adding VLAN 0 to HW filter on device team0 [ 828.040838][ T28] audit: type=1326 audit(1759857409.735:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 828.078938][T13333] bridge0: port 1(bridge_slave_0) entered blocking state [ 828.086232][T13333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 828.148817][T13333] bridge0: port 2(bridge_slave_1) entered blocking state [ 828.156146][T13333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 828.203274][ T28] audit: type=1326 audit(1759857409.735:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 828.233711][T13940] netlink: 1010 bytes leftover after parsing attributes in process `syz.2.2482'. [ 828.270279][T13940] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 828.320208][ T28] audit: type=1326 audit(1759857409.735:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 828.433452][ T28] audit: type=1326 audit(1759857409.735:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 828.545394][ T28] audit: type=1326 audit(1759857409.735:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 828.566683][T13750] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 828.970416][ T28] audit: type=1326 audit(1759857409.745:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 829.000947][ T28] audit: type=1326 audit(1759857409.745:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13918 comm="syz.0.2480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd16b8eec9 code=0x7ffc0000 [ 829.643320][T13750] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 829.761980][T13750] veth0_vlan: entered promiscuous mode [ 829.805597][T13750] veth1_vlan: entered promiscuous mode [ 829.922401][T13750] veth0_macvtap: entered promiscuous mode [ 829.955565][T13750] veth1_macvtap: entered promiscuous mode [ 830.027398][T13750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 830.069004][T13750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 830.089337][T13750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 830.123791][T13750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 830.151545][T13750] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 830.186910][T13750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 830.228292][T13750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 830.257574][T13750] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 830.284067][T13750] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 830.323088][T13750] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 830.413306][T13750] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 830.459840][T13750] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 830.468627][T13750] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 830.492024][T13750] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 830.822241][ T6886] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 830.852264][ T6886] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 830.945247][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 830.979660][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 831.071633][T13999] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2494'. [ 831.278995][T13999] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2494'. [ 831.739843][T12215] Bluetooth: hci4: command 0x0406 tx timeout [ 833.897567][T14023] loop2: detected capacity change from 0 to 32768 [ 834.035538][T14023] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 834.262509][T14023] XFS (loop2): Ending clean mount [ 834.712754][T13519] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 834.761604][T14066] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2505'. [ 837.083352][T14106] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2515'. [ 838.350622][T14121] wg1: entered promiscuous mode [ 838.355520][T14121] wg1: entered allmulticast mode [ 838.403348][T14112] kAFS: unable to lookup cell 'syz0.riX<̧+R!K+K4[Ed<6c7( n@8A5W/7|{?hT8#&3r?3U 3200 [ 838.701445][T14129] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2524'. [ 840.152340][T14142] loop2: detected capacity change from 0 to 512 [ 840.196224][T14142] EXT4-fs: Ignoring removed orlov option [ 840.235017][T14142] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 840.263892][T14142] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 840.282150][T14142] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2244: inode #15: comm syz.2.2527: corrupted in-inode xattr: e_value size too large [ 840.310022][T14142] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.2527: couldn't read orphan inode 15 (err -117) [ 840.332231][T14142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 840.619577][ T5791] Bluetooth: hci2: command tx timeout [ 841.409922][T14152] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2532'. [ 841.419145][T14152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2532'. [ 841.449311][T13519] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 841.510186][T12215] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 841.520292][T12215] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 841.529352][T12215] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 841.544070][T12215] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 841.554217][T12215] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 841.563004][T12215] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 841.636681][ T5784] syz_tun (unregistering): left allmulticast mode [ 841.647621][T14156] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2533'. [ 842.202228][T14153] chnl_net:caif_netlink_parms(): no params data found [ 843.601525][T14153] bridge0: port 1(bridge_slave_0) entered blocking state [ 843.612722][T14153] bridge0: port 1(bridge_slave_0) entered disabled state [ 843.628930][T14153] bridge_slave_0: entered allmulticast mode [ 843.646180][T14153] bridge_slave_0: entered promiscuous mode [ 843.657391][T14153] bridge0: port 2(bridge_slave_1) entered blocking state [ 843.671203][T14153] bridge0: port 2(bridge_slave_1) entered disabled state [ 843.678623][T14153] bridge_slave_1: entered allmulticast mode [ 843.679316][T12215] Bluetooth: hci3: command tx timeout [ 843.694264][T14153] bridge_slave_1: entered promiscuous mode [ 843.785973][T14153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 843.809226][T14153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 843.869763][T12888] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 843.885418][ C1] raw-gadget.0 gadget.1: ignoring, device is not running [ 843.912775][T14153] team0: Port device team_slave_0 added [ 843.935293][T14153] team0: Port device team_slave_1 added [ 844.050068][T12888] usb 2-1: device descriptor read/64, error -32 [ 844.059709][T14153] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 844.070249][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 844.109651][T14153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 844.139978][T14153] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 844.147032][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 844.207896][T14153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 844.289151][T14180] overlayfs: failed to resolve './file0': -2 [ 844.300661][T14153] hsr_slave_0: entered promiscuous mode [ 844.308281][T14153] hsr_slave_1: entered promiscuous mode [ 844.316350][T14153] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 844.330678][T14153] Cannot create hsr debugfs directory [ 844.369914][T12888] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 844.388474][ C1] raw-gadget.0 gadget.1: ignoring, device is not running [ 844.396911][ T5853] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 844.639731][T12888] usb 2-1: device descriptor read/64, error -32 [ 844.669731][ T5853] usb 3-1: Using ep0 maxpacket: 8 [ 844.732350][ T5853] usb 3-1: no configurations [ 844.737343][ T5853] usb 3-1: can't read configurations, error -22 [ 844.761062][T12888] usb usb2-port1: attempt power cycle [ 844.892023][ T5853] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 845.079717][ T5853] usb 3-1: Using ep0 maxpacket: 8 [ 845.092420][ T5853] usb 3-1: no configurations [ 845.116040][ T5853] usb 3-1: can't read configurations, error -22 [ 845.147669][ T5853] usb usb3-port1: attempt power cycle [ 845.189640][T12888] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 845.232549][T14153] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 845.270068][T12888] usb 2-1: Using ep0 maxpacket: 8 [ 845.283266][T14153] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 845.360032][T14153] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 845.391312][T14153] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 845.427933][T12888] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 845.440694][T12888] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 845.451137][T12888] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 845.461655][T12888] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 845.479593][T12888] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 845.488867][T12888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 845.579913][ T5853] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 845.610799][ T5853] usb 3-1: Using ep0 maxpacket: 8 [ 845.617374][ T5853] usb 3-1: no configurations [ 845.638823][ T5853] usb 3-1: can't read configurations, error -22 [ 845.739749][T12215] Bluetooth: hci3: command tx timeout [ 845.801748][T12888] usb 2-1: GET_CAPABILITIES returned 0 [ 845.807266][T12888] usbtmc 2-1:16.0: can't read capabilities [ 845.837364][ T5853] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 845.890299][ T5853] usb 3-1: Using ep0 maxpacket: 8 [ 845.900124][T14153] 8021q: adding VLAN 0 to HW filter on device bond0 [ 845.907311][ T5853] usb 3-1: no configurations [ 845.916489][ T5853] usb 3-1: can't read configurations, error -22 [ 845.937272][ T5853] usb usb3-port1: unable to enumerate USB device [ 845.960680][T14153] 8021q: adding VLAN 0 to HW filter on device team0 [ 845.983331][T13333] bridge0: port 1(bridge_slave_0) entered blocking state [ 845.990557][T13333] bridge0: port 1(bridge_slave_0) entered forwarding state [ 846.012476][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 846.019675][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 847.208269][T13912] usb 2-1: USB disconnect, device number 16 [ 847.272068][T14153] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 848.532332][T14212] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2544'. [ 848.630232][T12215] Bluetooth: hci3: command tx timeout [ 849.106239][T14153] veth0_vlan: entered promiscuous mode [ 849.442928][T14153] veth1_vlan: entered promiscuous mode [ 849.579146][T14153] veth0_macvtap: entered promiscuous mode [ 849.618928][T14153] veth1_macvtap: entered promiscuous mode [ 849.699682][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 849.730969][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 849.744665][T12888] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 849.798674][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 849.824881][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 849.836844][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 849.848014][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 849.869436][T14153] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 849.907472][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 849.936346][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 849.950846][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 849.962051][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 849.984876][T12888] usb 3-1: config index 0 descriptor too short (expected 65535, got 27) [ 849.994557][T14153] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 850.009623][T12888] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 850.020154][T14153] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 850.030339][T12888] usb 3-1: config 0 has no interfaces? [ 850.039677][T12888] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 850.054006][T14153] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 850.074533][T12888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 850.092425][T14153] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 850.104088][T12888] usb 3-1: config 0 descriptor?? [ 850.111195][T14153] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 850.122268][T14153] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 850.131225][T14153] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 850.331632][T14220] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2548'. [ 850.357206][T14220] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2548'. [ 850.388645][ T6957] usb 3-1: USB disconnect, device number 22 [ 850.437481][T12601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 850.464573][T12601] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 850.788304][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 850.842216][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 850.859737][T12215] Bluetooth: hci3: command tx timeout [ 852.330841][T14248] kAFS: unable to lookup cell 'syz0.riX<̧+R!K+K4[Ed<6c7( n@8A5W/7|{?hT8#&3r?3U [ 865.882669][ T12] tipc: Left network mode [ 866.397222][ T12] ip6gretap0 (unregistering): left promiscuous mode [ 866.704353][ T12] ip6gretap1 (unregistering): left allmulticast mode [ 866.828358][ T12] ip6gretap1 (unregistering): left promiscuous mode [ 866.942850][ T12] bridge2: port 1(ip6gretap1) entered disabled state [ 867.479123][T14383] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2601'. [ 867.564296][ T5833] IPVS: starting estimator thread 0... [ 867.669704][T14384] IPVS: using max 16 ests per chain, 38400 per kthread [ 867.788563][T14387] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2603'. [ 867.799526][T14387] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2603'. [ 867.814833][ T28] kauditd_printk_skb: 6 callbacks suppressed [ 867.814848][ T28] audit: type=1326 audit(1759857450.315:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 867.881000][ T28] audit: type=1326 audit(1759857450.325:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 867.973976][ T28] audit: type=1326 audit(1759857450.355:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 868.075743][ T28] audit: type=1326 audit(1759857450.355:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 868.147938][ T28] audit: type=1326 audit(1759857450.355:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 868.202718][ T28] audit: type=1326 audit(1759857450.355:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 868.225653][ T28] audit: type=1326 audit(1759857450.355:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 868.248505][ T28] audit: type=1326 audit(1759857450.355:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 868.302532][ T28] audit: type=1326 audit(1759857450.355:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 868.383019][ T28] audit: type=1326 audit(1759857450.365:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14381 comm="syz.2.2600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 870.190160][ T12] bridge0: left promiscuous mode [ 870.561363][ T12] veth3: left allmulticast mode [ 870.674062][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.680629][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.711344][ T12] veth3: left promiscuous mode [ 870.738682][ T12] bridge1: port 1(veth3) entered disabled state [ 870.804102][ T12] hsr_slave_0: left promiscuous mode [ 870.832366][ T12] hsr_slave_1: left promiscuous mode [ 870.855537][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 870.904596][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 870.925780][ T12] bridge_slave_1: left allmulticast mode [ 870.937383][ T12] bridge_slave_1: left promiscuous mode [ 870.943339][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 870.958335][ T12] bridge_slave_0: left allmulticast mode [ 870.964222][ T12] bridge_slave_0: left promiscuous mode [ 870.971674][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 871.253863][ T5791] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 871.274783][ T5791] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 871.291031][ T5791] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 871.301232][ T5791] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 871.321259][ T5791] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 871.341416][ T5791] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 873.063021][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 873.063036][ T28] audit: type=1326 audit(1759857455.575:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.169600][ T28] audit: type=1326 audit(1759857455.615:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.200022][ T28] audit: type=1326 audit(1759857455.615:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.223477][ T28] audit: type=1326 audit(1759857455.615:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.249073][ T28] audit: type=1326 audit(1759857455.625:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.273193][ T28] audit: type=1326 audit(1759857455.625:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.296013][ T28] audit: type=1326 audit(1759857455.625:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.318986][ T28] audit: type=1326 audit(1759857455.625:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.354211][ T28] audit: type=1326 audit(1759857455.625:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.444083][ T28] audit: type=1326 audit(1759857455.625:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14435 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 873.746272][ T5791] Bluetooth: hci1: command tx timeout [ 873.915651][ T12] team0 (unregistering): Port device team_slave_1 removed [ 874.016453][ T12] team0 (unregistering): Port device team_slave_0 removed [ 874.114794][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 874.213244][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 874.981465][ T12] bond0 (unregistering): Released all slaves [ 875.078579][T14411] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2609'. [ 875.089885][T14431] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2615'. [ 875.105681][T14431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2615'. [ 875.296341][T14446] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2620'. [ 875.503042][T14417] chnl_net:caif_netlink_parms(): no params data found [ 875.625370][T14417] bridge0: port 1(bridge_slave_0) entered blocking state [ 875.637261][T14417] bridge0: port 1(bridge_slave_0) entered disabled state [ 875.645219][T14417] bridge_slave_0: entered allmulticast mode [ 875.659161][T14417] bridge_slave_0: entered promiscuous mode [ 875.680806][T14417] bridge0: port 2(bridge_slave_1) entered blocking state [ 875.706667][T14417] bridge0: port 2(bridge_slave_1) entered disabled state [ 875.747337][T14417] bridge_slave_1: entered allmulticast mode [ 875.772682][T14417] bridge_slave_1: entered promiscuous mode [ 875.819621][ T5791] Bluetooth: hci1: command tx timeout [ 875.988320][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 876.041857][T14417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 876.064648][T14417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 876.140575][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 876.269929][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 876.334334][T14417] team0: Port device team_slave_0 added [ 876.349096][T14417] team0: Port device team_slave_1 added [ 876.421267][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 876.553572][T14417] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 876.575004][T14417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 876.610311][T14417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 876.655613][T14417] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 876.706408][T14417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 876.833501][T14417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 877.979595][ T5791] Bluetooth: hci1: command tx timeout [ 878.071921][ T28] kauditd_printk_skb: 45 callbacks suppressed [ 878.071939][ T28] audit: type=1326 audit(1759857460.545:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.131595][ T28] audit: type=1326 audit(1759857460.585:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.388639][ T28] audit: type=1326 audit(1759857460.585:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.406913][T14417] hsr_slave_0: entered promiscuous mode [ 878.411883][ T28] audit: type=1326 audit(1759857460.585:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.440898][ T28] audit: type=1326 audit(1759857460.585:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.463692][ T28] audit: type=1326 audit(1759857460.585:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.486326][ T28] audit: type=1326 audit(1759857460.585:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.509258][ T28] audit: type=1326 audit(1759857460.585:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.536198][ T28] audit: type=1326 audit(1759857460.585:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.566389][ T28] audit: type=1326 audit(1759857460.585:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14468 comm="syz.1.2627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72ef18eec9 code=0x7ffc0000 [ 878.604705][T14417] hsr_slave_1: entered promiscuous mode [ 878.628770][T14417] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 878.735519][T14417] Cannot create hsr debugfs directory [ 878.893860][T14489] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2631'. [ 878.903902][T14489] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2631'. [ 880.129705][ T5791] Bluetooth: hci1: command tx timeout [ 881.628432][T14491] Set syz1 is full, maxelem 65536 reached [ 882.096230][T14500] netlink: 1010 bytes leftover after parsing attributes in process `syz.2.2637'. [ 882.125231][T14500] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 883.357432][T14522] fuse: Bad value for 'fd' [ 883.387660][T14498] overlayfs: failed to clone upperpath [ 884.444950][T14417] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 884.722859][T14417] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 884.775959][T14417] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 884.859063][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 884.859079][ T28] audit: type=1326 audit(1759857467.355:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 884.894993][ T12] hsr_slave_0: left promiscuous mode [ 884.901593][ T12] hsr_slave_1: left promiscuous mode [ 884.970762][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 885.002495][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 885.042711][ T28] audit: type=1326 audit(1759857467.355:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.067185][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 885.075569][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 885.097802][ T12] bridge_slave_1: left allmulticast mode [ 885.109776][ T12] bridge_slave_1: left promiscuous mode [ 885.115689][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 885.130967][ T12] bridge_slave_0: left allmulticast mode [ 885.136776][ T12] bridge_slave_0: left promiscuous mode [ 885.142847][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 885.174470][ T12] veth1_macvtap: left promiscuous mode [ 885.186674][ T12] veth0_macvtap: left promiscuous mode [ 885.193812][ T12] veth1_vlan: left promiscuous mode [ 885.199784][ T12] veth0_vlan: left promiscuous mode [ 885.393173][ T28] audit: type=1326 audit(1759857467.355:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.416076][ T28] audit: type=1326 audit(1759857467.355:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.444248][ T28] audit: type=1326 audit(1759857467.355:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.487778][ T28] audit: type=1326 audit(1759857467.365:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.544620][ T28] audit: type=1326 audit(1759857467.365:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.582363][ T28] audit: type=1326 audit(1759857467.365:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.621839][ T28] audit: type=1326 audit(1759857467.405:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 885.694964][ T28] audit: type=1326 audit(1759857467.405:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14541 comm="syz.2.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 887.075402][T14563] overlayfs: failed to clone upperpath [ 887.388143][ T12] team0 (unregistering): Port device team_slave_1 removed [ 887.555886][ T12] team0 (unregistering): Port device team_slave_0 removed [ 887.679773][T14567] overlayfs: failed to clone upperpath [ 887.709009][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 887.791567][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 889.234772][ T12] bond0 (unregistering): Released all slaves [ 889.379854][T14417] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 890.453036][T14417] 8021q: adding VLAN 0 to HW filter on device bond0 [ 890.545964][T14417] 8021q: adding VLAN 0 to HW filter on device team0 [ 890.582448][ T6888] bridge0: port 1(bridge_slave_0) entered blocking state [ 890.589730][ T6888] bridge0: port 1(bridge_slave_0) entered forwarding state [ 890.797434][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state [ 890.804764][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state [ 891.580719][T14417] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 891.797874][T14417] veth0_vlan: entered promiscuous mode [ 891.828082][T14630] wg1: entered promiscuous mode [ 891.833319][T14630] wg1: entered allmulticast mode [ 891.844276][T14417] veth1_vlan: entered promiscuous mode [ 891.972890][T14417] veth0_macvtap: entered promiscuous mode [ 892.008933][T14417] veth1_macvtap: entered promiscuous mode [ 892.052994][T14417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 892.067714][T14417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 892.083420][T14417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 892.098176][T14417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 892.116090][T14417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 892.138696][T14417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 892.154822][T14417] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 892.185204][T14417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 892.198505][T14417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 892.218015][T14417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 892.236549][T14417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 892.254733][T14632] overlayfs: failed to clone upperpath [ 892.264575][T14417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 892.277095][T14417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 892.296584][T14417] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 892.329238][T14417] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.344598][T14417] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.366142][T14417] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.376936][T14417] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 892.485144][T13333] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 892.494725][T13333] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 892.565757][T13333] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 892.576166][T13333] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 894.679116][T14656] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2676'. [ 894.688794][T14656] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2676'. [ 894.715778][T14656] ip6gretap0: entered promiscuous mode [ 894.726378][T14656] bond0: entered promiscuous mode [ 894.733187][T14656] bond_slave_0: entered promiscuous mode [ 894.743382][T14656] bond_slave_1: entered promiscuous mode [ 894.762230][T14656] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 894.778846][T14656] Cannot create hsr debugfs directory [ 895.037278][T14668] fuse: Bad value for 'fd' [ 896.737580][ T5791] Bluetooth: hci4: unexpected event for opcode 0x200d [ 896.919600][ T6952] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 897.149868][ T6952] usb 4-1: Using ep0 maxpacket: 8 [ 897.181262][ T6952] usb 4-1: config 0 has no interfaces? [ 897.292947][T14696] wg1: entered promiscuous mode [ 897.297958][T14696] wg1: entered allmulticast mode [ 897.525285][T14699] fuse: Bad value for 'fd' [ 900.390195][ T6952] usb 4-1: string descriptor 0 read error: -71 [ 900.396581][ T6952] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 900.426761][ T6952] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 900.469304][ T6952] usb 4-1: config 0 descriptor?? [ 900.498654][ T6952] usb 4-1: can't set config #0, error -71 [ 900.518881][ T6952] usb 4-1: USB disconnect, device number 33 [ 900.779684][ T5791] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 900.790271][ T5791] Bluetooth: hci4: Injecting HCI hardware error event [ 900.859798][T12215] Bluetooth: hci4: hardware error 0x00 [ 902.719691][T14738] tipc: Started in network mode [ 902.739913][T14738] tipc: Node identity 7e1dc2e56a67, cluster identity 4711 [ 902.804094][T14738] tipc: Enabled bearer , priority 0 [ 902.818443][T14741] syzkaller0: entered promiscuous mode [ 902.885820][T14741] syzkaller0: entered allmulticast mode [ 903.002691][T14738] tipc: Resetting bearer [ 903.051007][T14737] tipc: Resetting bearer [ 903.099591][T12215] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 903.113198][T14737] tipc: Disabling bearer [ 905.153436][T14752] loop3: detected capacity change from 0 to 32768 [ 906.159336][T14752] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 906.493516][T14752] XFS (loop3): Ending clean mount [ 906.605741][T14417] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 909.286981][T14798] fuse: Invalid rootmode [ 911.306091][T12215] Bluetooth: hci1: command tx timeout [ 916.060691][ T6656] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 916.269700][ T6656] usb 4-1: Using ep0 maxpacket: 8 [ 916.293055][ T6656] usb 4-1: config 0 has no interfaces? [ 916.700366][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 916.925366][ T6656] usb 4-1: string descriptor 0 read error: -71 [ 916.954096][ T6656] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 917.046893][ T6656] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 917.172088][ T6656] usb 4-1: config 0 descriptor?? [ 917.210613][ T6656] usb 4-1: can't set config #0, error -71 [ 917.252585][ T6656] usb 4-1: USB disconnect, device number 34 [ 918.221825][ T132] ip6gretap0 (unregistering): left promiscuous mode [ 919.077074][ T5791] Bluetooth: hci0: command 0x0406 tx timeout [ 920.288436][T14883] loop3: detected capacity change from 0 to 32768 [ 920.321973][T14883] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 scanned by syz.3.2749 (14883) [ 920.569204][T14883] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 920.602598][T14883] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 920.639915][T14883] BTRFS info (device loop3): using free space tree [ 920.889675][T14883] BTRFS info (device loop3): enabling ssd optimizations [ 920.928566][T14883] BTRFS info (device loop3): auto enabling async discard [ 921.116626][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 921.116642][ T28] audit: type=1800 audit(1759857503.625:913): pid=14883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2749" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 921.827099][T14417] BTRFS info (device loop3): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6 [ 921.838576][ T132] bridge0: left promiscuous mode [ 922.144670][ T6957] IPVS: starting estimator thread 0... [ 922.213686][ T132] dummy0: left promiscuous mode [ 922.259669][T14930] IPVS: using max 16 ests per chain, 38400 per kthread [ 924.519601][ T132] hsr_slave_0: left promiscuous mode [ 924.593038][ T132] hsr_slave_1: left promiscuous mode [ 926.908096][T14958] kAFS: unable to lookup cell 'syz0.riX<̧+R!K+K4[Ed<6c7( n@8A5W/7|{?hT8#&3r?3U not found [ 1039.793786][T16482] overlayfs: failed to clone upperpath [ 1041.125770][T16501] netlink: 'syz.0.3268': attribute type 39 has an invalid length. [ 1041.499918][ T5791] Bluetooth: hci1: command 0x0406 tx timeout [ 1042.444650][T16519] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3278'. [ 1042.475453][T16519] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1043.947347][T16551] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3290'. [ 1048.972061][T16626] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3317'. [ 1055.240094][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.294683][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 1055.630727][T16680] IPVS: rr: SCTP 172.20.20.187:0 - no destination available [ 1056.080642][T16710] loop3: detected capacity change from 0 to 1024 [ 1057.566897][ T48] hfsplus: b-tree write err: -5, ino 4 [ 1058.563822][T16749] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3360'. [ 1060.036703][T16771] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3366'. [ 1061.905854][T16789] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3372'. [ 1062.534166][T16802] loop3: detected capacity change from 0 to 512 [ 1063.109644][T16802] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1063.122052][T16802] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it [ 1063.132207][T16802] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.3375: Corrupt directory, running e2fsck is recommended [ 1063.147298][T16802] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 1063.156003][T16802] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.3375: corrupted in-inode xattr: invalid ea_ino [ 1063.172543][T16802] EXT4-fs (loop3): Remounting filesystem read-only [ 1063.180403][T16802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1063.500775][T14417] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1063.508346][T16812] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3379'. [ 1063.618934][T16816] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3382'. [ 1064.679096][T16826] loop3: detected capacity change from 0 to 512 [ 1064.719726][T16826] EXT4-fs: Ignoring removed oldalloc option [ 1064.731722][T16826] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 1064.766014][T16832] wg1: entered promiscuous mode [ 1064.771077][T16832] wg1: entered allmulticast mode [ 1066.979606][T16850] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3393'. [ 1067.010251][T16852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3392'. [ 1067.343355][T16856] afs: Bad value for 'source' [ 1068.538274][T16874] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3402'. [ 1069.547986][T16903] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3415'. [ 1074.936521][T16987] loop3: detected capacity change from 0 to 512 [ 1074.948200][T16987] EXT4-fs: Ignoring removed oldalloc option [ 1075.407503][T16987] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 1076.009419][T17001] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3455'. [ 1080.335474][T17050] loop3: detected capacity change from 0 to 512 [ 1080.394075][T17050] EXT4-fs: Ignoring removed oldalloc option [ 1080.507123][T17050] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 1084.918156][T17121] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3493'. [ 1085.510383][T12753] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 1086.062685][T12753] usb 4-1: Using ep0 maxpacket: 8 [ 1086.076075][T12753] usb 4-1: config index 0 descriptor too short (expected 5924, got 36) [ 1086.108682][T12753] usb 4-1: config 250 has an invalid interface number: 228 but max is -1 [ 1086.128876][T12753] usb 4-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 1086.148744][T12753] usb 4-1: config 250 has no interface number 0 [ 1086.157786][T12753] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 1086.175257][T12753] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 1086.308365][T12753] usb 4-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1086.318846][T12753] usb 4-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 1086.329703][T12753] usb 4-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 1086.343366][T12753] usb 4-1: config 250 interface 228 has no altsetting 0 [ 1086.356178][T12753] usb 4-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 1086.366123][T12753] usb 4-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 1086.374537][T12753] usb 4-1: Product: syz [ 1086.380728][T12753] usb 4-1: SerialNumber: syz [ 1086.398503][T12753] hub 4-1:250.228: bad descriptor, ignoring hub [ 1086.416147][T12753] hub: probe of 4-1:250.228 failed with error -5 [ 1086.484305][T17149] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1086.629949][T12753] usblp 4-1:250.228: usblp0: USB Bidirectional printer dev 37 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 1086.956266][T12753] usb 4-1: reset high-speed USB device number 37 using dummy_hcd [ 1088.111166][T12753] usb 4-1: failed to restore interface 228 altsetting 255 (error=-71) [ 1089.187420][T12753] usb 4-1: USB disconnect, device number 37 [ 1089.231335][T12753] usblp0: removed [ 1089.937547][T17202] loop3: detected capacity change from 0 to 4096 [ 1090.082889][T17202] NILFS (loop3): unrecognized mount option "00000000000000000003" [ 1090.369120][T17211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3525'. [ 1092.194936][T17238] loop3: detected capacity change from 0 to 256 [ 1092.258097][T17238] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1093.600905][T17256] loop3: detected capacity change from 0 to 256 [ 1093.612169][T17256] exfat: Deprecated parameter 'namecase' [ 1093.618478][T17256] exfat: Deprecated parameter 'namecase' [ 1093.647234][T17256] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 1093.805005][ T5791] Bluetooth: hci2: unexpected cc 0x204b length: 9 > 3 [ 1093.812630][ T5791] Bluetooth: hci2: unexpected event for opcode 0x204b [ 1094.137708][T17272] loop3: detected capacity change from 0 to 512 [ 1094.150640][T17272] EXT4-fs: Ignoring removed oldalloc option [ 1094.180194][T17272] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 1096.076397][T17295] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3553'. [ 1097.275053][T17312] netlink: 'syz.2.3561': attribute type 39 has an invalid length. [ 1097.549604][T13912] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 1097.844437][T17321] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3563'. [ 1097.919657][T13912] usb 4-1: Using ep0 maxpacket: 8 [ 1098.715585][T13912] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 1098.752853][T13912] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1098.830371][T13912] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1098.856241][T13912] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1099.041175][T13912] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1099.439448][T13912] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1099.913937][T13912] usb 4-1: usb_control_msg returned -32 [ 1100.191126][T13912] usbtmc 4-1:16.0: can't read capabilities [ 1101.200757][T17349] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3572'. [ 1102.260076][T17356] tc_dump_action: action bad kind [ 1102.413297][T12753] usb 4-1: USB disconnect, device number 38 [ 1104.102279][T17394] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3584'. [ 1104.187392][T17390] overlayfs: failed to resolve './cgroup': -2 [ 1104.796025][T17411] netlink: 'syz.3.3593': attribute type 39 has an invalid length. [ 1105.206800][T17425] loop3: detected capacity change from 0 to 256 [ 1105.215454][T17425] exfat: Deprecated parameter 'utf8' [ 1105.221076][T17425] exfat: Deprecated parameter 'utf8' [ 1105.230182][T17425] exfat: Deprecated parameter 'utf8' [ 1105.288764][T17425] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 1105.511400][T17428] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3598'. [ 1106.655902][T17448] netlink: 'syz.0.3604': attribute type 39 has an invalid length. [ 1107.276894][T17461] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3612'. [ 1108.399551][T17473] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3618'. [ 1109.105956][T17494] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3623'. [ 1110.440353][T17513] loop3: detected capacity change from 0 to 1024 [ 1110.728628][T17513] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1111.159409][T17521] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3633'. [ 1111.392953][ T28] audit: type=1800 audit(1759857693.800:915): pid=17513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3632" name="file1" dev="loop3" ino=13 res=0 errno=0 [ 1111.508200][T14417] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1111.699043][T17536] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3634'. [ 1111.855867][T17541] loop3: detected capacity change from 0 to 512 [ 1111.858627][T17536] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1111.950651][T17541] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1111.974997][T17541] ext4 filesystem being mounted at /196/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1112.042415][T14417] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1112.848908][T17558] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3643'. [ 1113.626347][T17566] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3646'. [ 1114.308291][T17590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3654'. [ 1116.378365][T17620] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3667'. [ 1116.465770][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.475079][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 1117.055444][T17622] loop3: detected capacity change from 0 to 512 [ 1117.076260][T17622] EXT4-fs: Ignoring removed oldalloc option [ 1117.100717][T17622] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 1118.307517][T17644] netlink: 'syz.2.3676': attribute type 12 has an invalid length. [ 1118.330704][T17644] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3676'. [ 1118.781651][T17656] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3679'. [ 1120.130594][T17677] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3689'. [ 1120.203139][T17682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3689'. [ 1120.259694][T13912] usb 4-1: new full-speed USB device number 39 using dummy_hcd [ 1120.470994][T13912] usb 4-1: config 0 has an invalid interface number: 20 but max is 0 [ 1120.479238][T13912] usb 4-1: config 0 has no interface number 0 [ 1120.492563][T13912] usb 4-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 1120.503438][T13912] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1120.513356][T13912] usb 4-1: Product: syz [ 1120.517611][T13912] usb 4-1: Manufacturer: syz [ 1120.522878][T13912] usb 4-1: SerialNumber: syz [ 1120.531000][T13912] usb 4-1: config 0 descriptor?? [ 1120.538638][T13912] usb-storage 4-1:0.20: USB Mass Storage device detected [ 1120.558546][T13912] usb-storage 4-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 1120.718936][T17700] netlink: 'syz.1.3698': attribute type 12 has an invalid length. [ 1120.727497][T17700] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3698'. [ 1120.746633][T13912] usb 4-1: USB disconnect, device number 39 [ 1123.691004][T17771] netlink: 'syz.3.3725': attribute type 39 has an invalid length. [ 1124.932354][T17795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3734'. [ 1124.957180][T17795] bridge0: port 2(bridge_slave_1) entered disabled state [ 1124.966284][T17795] bridge0: port 1(bridge_slave_0) entered disabled state [ 1125.200684][T17806] netlink: zone id is out of range [ 1125.205927][T17806] netlink: zone id is out of range [ 1125.229787][T17806] netlink: zone id is out of range [ 1125.245212][T17806] netlink: zone id is out of range [ 1125.269564][T17806] netlink: zone id is out of range [ 1125.281503][T17806] netlink: zone id is out of range [ 1125.292488][T17806] netlink: zone id is out of range [ 1125.308003][T17806] netlink: zone id is out of range [ 1125.319748][T17806] netlink: zone id is out of range [ 1125.333947][T17806] netlink: zone id is out of range [ 1125.386748][T17808] loop3: detected capacity change from 0 to 1024 [ 1125.934666][T17821] netlink: 'syz.1.3744': attribute type 12 has an invalid length. [ 1125.957682][T17821] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3744'. [ 1126.910520][ T6656] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 1127.362750][ T6656] usb 4-1: Using ep0 maxpacket: 8 [ 1127.407061][ T6656] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 1127.449506][ T6656] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 1127.474936][ T6656] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1127.485961][ T6656] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1127.499715][ T6656] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1127.514647][ T6656] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1127.624992][T17864] netlink: 'syz.0.3758': attribute type 9 has an invalid length. [ 1127.752088][ T6656] usb 4-1: GET_CAPABILITIES returned 0 [ 1127.764184][ T6656] usbtmc 4-1:16.0: can't read capabilities [ 1130.886637][T12888] usb 4-1: USB disconnect, device number 40 [ 1133.419120][T17960] bridge0: port 3(macsec0) entered blocking state [ 1133.428570][T17960] bridge0: port 3(macsec0) entered disabled state [ 1133.632839][T17961] loop3: detected capacity change from 0 to 4096 [ 1134.272346][T17961] NILFS (loop3): unrecognized mount option "00000000000000000003" [ 1134.290301][T17960] macsec0: entered allmulticast mode [ 1134.532207][T17960] veth1_macvtap: entered allmulticast mode [ 1134.544369][T17960] macsec0: entered promiscuous mode [ 1136.565815][T17987] loop3: detected capacity change from 0 to 512 [ 1136.605722][T17987] EXT4-fs: Ignoring removed oldalloc option [ 1136.645332][T17987] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 1137.584958][T18003] netlink: 'syz.1.3811': attribute type 39 has an invalid length. [ 1137.958190][T18011] loop3: detected capacity change from 0 to 256 [ 1138.005765][T18011] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1138.269960][T18011] loop3: detected capacity change from 256 to 64 [ 1138.341832][T18015] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3813'. [ 1139.031526][T18014] syz.3.3814: attempt to access beyond end of device [ 1139.031526][T18014] loop3: rw=524288, sector=161, nr_sectors = 1 limit=64 [ 1139.061331][T18011] loop3: [ 1139.076618][T18014] syz.3.3814: attempt to access beyond end of device [ 1139.076618][T18014] loop3: rw=524288, sector=162, nr_sectors = 1 limit=64 [ 1139.260176][T18014] syz.3.3814: attempt to access beyond end of device [ 1139.260176][T18014] loop3: rw=524288, sector=163, nr_sectors = 1 limit=64 [ 1139.275199][T18014] syz.3.3814: attempt to access beyond end of device [ 1139.275199][T18014] loop3: rw=524288, sector=164, nr_sectors = 1 limit=64 [ 1139.295068][T18014] syz.3.3814: attempt to access beyond end of device [ 1139.295068][T18014] loop3: rw=524288, sector=165, nr_sectors = 1 limit=64 [ 1139.316788][T18014] syz.3.3814: attempt to access beyond end of device [ 1139.316788][T18014] loop3: rw=524288, sector=166, nr_sectors = 1 limit=64 [ 1139.781873][T18014] syz.3.3814: attempt to access beyond end of device [ 1139.781873][T18014] loop3: rw=524288, sector=167, nr_sectors = 1 limit=64 [ 1141.517945][T18042] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3824'. [ 1141.957196][ T48] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.142602][ T48] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.264261][ T48] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.439863][ T48] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1144.355392][T18073] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3834'. [ 1144.756824][ T48] tipc: Left network mode [ 1144.975841][T12215] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1144.991299][T18076] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1145.016855][T18076] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1145.026996][T18076] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1145.038050][T18076] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1145.047406][T18076] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1145.396095][ T48] ip6gretap0 (unregistering): left promiscuous mode [ 1147.130154][T18076] Bluetooth: hci1: command tx timeout [ 1147.683083][T18109] netlink: 'syz.1.3842': attribute type 39 has an invalid length. [ 1148.615084][T18074] chnl_net:caif_netlink_parms(): no params data found [ 1149.305401][T18076] Bluetooth: hci1: command tx timeout [ 1149.619419][T18146] 9pnet_fd: Insufficient options for proto=fd [ 1150.220601][T18074] bridge0: port 1(bridge_slave_0) entered blocking state [ 1150.227816][T18074] bridge0: port 1(bridge_slave_0) entered disabled state [ 1150.270044][T18074] bridge_slave_0: entered allmulticast mode [ 1150.278578][T18074] bridge_slave_0: entered promiscuous mode [ 1150.322758][T18074] bridge0: port 2(bridge_slave_1) entered blocking state [ 1150.330446][T18074] bridge0: port 2(bridge_slave_1) entered disabled state [ 1150.337961][T18074] bridge_slave_1: entered allmulticast mode [ 1150.366146][T18074] bridge_slave_1: entered promiscuous mode [ 1151.339736][T18076] Bluetooth: hci1: command tx timeout [ 1151.713132][ T48] bond0: left promiscuous mode [ 1151.729084][ T48] bond_slave_0: left promiscuous mode [ 1151.750629][ T48] bond_slave_1: left promiscuous mode [ 1151.834412][ T48] hsr_slave_0: left promiscuous mode [ 1151.861875][ T48] hsr_slave_1: left promiscuous mode [ 1151.879980][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1151.897561][ T48] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1151.916331][ T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1151.937511][ T48] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1151.959426][ T48] bridge_slave_1: left allmulticast mode [ 1151.965404][ T48] bridge_slave_1: left promiscuous mode [ 1152.014245][ T48] bridge0: port 2(bridge_slave_1) entered disabled state [ 1152.056743][ T48] bridge_slave_0: left allmulticast mode [ 1152.083859][ T48] bridge_slave_0: left promiscuous mode [ 1152.094223][ T48] bridge0: port 1(bridge_slave_0) entered disabled state [ 1152.322480][ T48] veth1_macvtap: left promiscuous mode [ 1152.328225][ T48] veth0_macvtap: left promiscuous mode [ 1152.334597][ T48] veth1_vlan: left promiscuous mode [ 1152.341259][ T48] veth0_vlan: left promiscuous mode [ 1153.419847][T18076] Bluetooth: hci1: command tx timeout [ 1154.804516][ T48] team0 (unregistering): Port device team_slave_1 removed [ 1154.889730][ T48] team0 (unregistering): Port device team_slave_0 removed [ 1154.971961][ T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1155.054611][ T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1155.945890][ T48] bond0 (unregistering): Released all slaves [ 1156.076665][T18074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1156.087942][T18189] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge_slave_0 [ 1156.203333][T18074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1156.377056][T18217] overlayfs: missing 'lowerdir' [ 1156.427367][T18074] team0: Port device team_slave_0 added [ 1156.478815][T18074] team0: Port device team_slave_1 added [ 1156.582730][T18074] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1156.598827][T18074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1156.735376][T18074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1156.800510][T18074] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1156.826840][T18074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1156.865524][T18074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1157.100939][ T48] IPVS: stop unused estimator thread 0... [ 1157.114461][T18074] hsr_slave_0: entered promiscuous mode [ 1157.150045][T18074] hsr_slave_1: entered promiscuous mode [ 1157.549527][T18241] netlink: 'syz.0.3874': attribute type 39 has an invalid length. [ 1157.834799][T18074] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1157.871034][T18074] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1157.919003][T18074] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1157.940328][T18074] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1158.278104][T18074] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1158.796081][T18074] 8021q: adding VLAN 0 to HW filter on device team0 [ 1158.950586][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 1158.958746][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1159.043605][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 1159.051345][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1159.834085][T18074] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1161.129230][T18298] netlink: 'syz.0.3882': attribute type 39 has an invalid length. [ 1161.740772][T18074] veth0_vlan: entered promiscuous mode [ 1161.778894][T18074] veth1_vlan: entered promiscuous mode [ 1161.888849][T18074] veth0_macvtap: entered promiscuous mode [ 1161.940796][T18074] veth1_macvtap: entered promiscuous mode [ 1162.001623][T18074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1162.039858][T18074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1162.058316][T18074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1162.090869][T18074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1162.106058][T18074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1162.127322][T18074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1162.159723][T18074] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1162.229927][T18329] netlink: 'syz.1.3894': attribute type 39 has an invalid length. [ 1162.260875][T18074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1162.281634][T18074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1162.321239][T18074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1162.344638][T18074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1162.364970][T18074] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1162.382331][T18074] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1162.411949][T18074] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1162.571387][T18074] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1162.607258][T18074] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1162.646227][T18074] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1162.683364][T18074] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1163.493554][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1163.534437][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1163.657295][T14481] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1163.694155][T14481] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1164.103990][T18355] loop4: detected capacity change from 0 to 512 [ 1164.216720][T18355] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1164.324446][T18355] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1164.476795][T18074] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1165.203112][T18383] netlink: 'syz.4.3907': attribute type 39 has an invalid length. [ 1167.013047][T18397] bridge0: port 3(macsec0) entered blocking state [ 1167.042790][T18397] bridge0: port 3(macsec0) entered disabled state [ 1167.070181][T18397] macsec0: entered allmulticast mode [ 1167.075993][T18397] veth1_macvtap: entered allmulticast mode [ 1167.095252][T18397] macsec0: entered promiscuous mode [ 1167.110841][T18397] bridge0: port 3(macsec0) entered blocking state [ 1167.118215][T18397] bridge0: port 3(macsec0) entered forwarding state [ 1168.996582][T18433] loop4: detected capacity change from 0 to 256 [ 1171.555848][T18470] netlink: 'syz.2.3931': attribute type 39 has an invalid length. [ 1171.607090][T18474] loop4: detected capacity change from 0 to 512 [ 1171.632451][T18474] EXT4-fs: Ignoring removed oldalloc option [ 1171.648671][T18475] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3932'. [ 1171.671016][T18474] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 1174.386795][T18519] netlink: 'syz.0.3942': attribute type 39 has an invalid length. [ 1176.030343][T18550] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1176.265886][T18557] netlink: 'syz.4.3956': attribute type 39 has an invalid length. [ 1176.387223][T18560] loop4: detected capacity change from 0 to 8 [ 1176.447452][T18560] SQUASHFS error: Unable to read directory block [1d0:0] [ 1177.893739][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.900631][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 1178.190258][T18590] bridge0: port 3(macsec0) entered blocking state [ 1178.237324][T18590] bridge0: port 3(macsec0) entered disabled state [ 1178.246721][T18585] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3965'. [ 1178.257201][T18585] net_ratelimit: 27 callbacks suppressed [ 1178.257216][T18585] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1178.277664][T18590] macsec0: entered allmulticast mode [ 1178.299782][T18590] veth1_macvtap: entered allmulticast mode [ 1178.307665][T18590] macsec0: entered promiscuous mode [ 1178.350191][T18590] bridge0: port 3(macsec0) entered blocking state [ 1178.357213][T18590] bridge0: port 3(macsec0) entered forwarding state [ 1178.664913][T18602] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3970'. [ 1178.810638][T18605] loop4: detected capacity change from 0 to 64 [ 1180.365486][T18626] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3976'. [ 1181.149120][T18644] loop4: detected capacity change from 0 to 8 [ 1181.180129][T18644] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 1181.241056][T18218] udevd[18218]: incorrect cramfs checksum on /dev/loop4 [ 1181.436648][T18646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3983'. [ 1181.489016][T18646] macsec0: left allmulticast mode [ 1181.541759][T18646] veth1_macvtap: left allmulticast mode [ 1181.547375][T18646] macsec0: left promiscuous mode [ 1181.579984][T18646] bridge0: port 3(macsec0) entered disabled state [ 1181.602519][T18646] bridge_slave_1: left allmulticast mode [ 1181.610336][T18646] bridge_slave_1: left promiscuous mode [ 1181.629798][T18646] bridge0: port 2(bridge_slave_1) entered disabled state [ 1181.705425][T18646] bridge_slave_0: left allmulticast mode [ 1181.715724][T18646] bridge_slave_0: left promiscuous mode [ 1181.727099][T18646] bridge0: port 1(bridge_slave_0) entered disabled state [ 1181.895260][T18658] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3987'. [ 1185.408397][T18708] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4002'. [ 1187.044495][T18733] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4009'. [ 1188.124047][T18753] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4015'. [ 1188.137127][T18753] netlink: 'syz.2.4015': attribute type 39 has an invalid length. [ 1188.260339][T13912] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 1188.636799][T13912] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1188.650623][T13912] usb 5-1: not running at top speed; connect to a high speed hub [ 1188.671099][T13912] usb 5-1: config 203 has an invalid interface number: 8 but max is 3 [ 1188.681028][T13912] usb 5-1: config 203 has an invalid interface number: 43 but max is 3 [ 1188.696121][T13912] usb 5-1: config 203 has an invalid interface number: 8 but max is 3 [ 1188.751104][T13912] usb 5-1: config 203 has an invalid interface number: 27 but max is 3 [ 1188.795735][T13912] usb 5-1: config 203 has 3 interfaces, different from the descriptor's value: 4 [ 1188.846471][T13912] usb 5-1: config 203 has no interface number 0 [ 1188.883794][T13912] usb 5-1: config 203 has no interface number 1 [ 1188.925956][T13912] usb 5-1: config 203 has no interface number 2 [ 1188.963163][T13912] usb 5-1: config 203 interface 8 altsetting 0 endpoint 0xB has invalid maxpacket 516, setting to 64 [ 1189.017059][T13912] usb 5-1: config 203 interface 8 has no altsetting 1 [ 1189.055387][T13912] usb 5-1: config 203 interface 43 has no altsetting 0 [ 1189.094612][T13912] usb 5-1: config 203 interface 27 has no altsetting 0 [ 1189.157259][T13912] usb 5-1: New USB device found, idVendor=413c, idProduct=81a8, bcdDevice= 0.b1 [ 1189.189926][T13912] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1189.209911][T13912] usb 5-1: Product: syz [ 1189.214259][T13912] usb 5-1: Manufacturer: syz [ 1189.229987][T13912] usb 5-1: SerialNumber: syz [ 1189.875013][T13912] usb 5-1: USB disconnect, device number 2 [ 1190.222434][T18785] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4026'. [ 1190.241603][T18785] netlink: 'syz.0.4026': attribute type 39 has an invalid length. [ 1191.892143][T18810] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1192.994191][T18826] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4036'. [ 1193.054894][T18826] netlink: 'syz.2.4036': attribute type 39 has an invalid length. [ 1193.412468][T18844] netlink: 112 bytes leftover after parsing attributes in process `syz.1.4042'. [ 1193.469544][T12753] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 1193.911081][T12753] usb 5-1: Using ep0 maxpacket: 32 [ 1193.919767][T12753] usb 5-1: config 0 has an invalid interface number: 12 but max is 0 [ 1193.930669][T12753] usb 5-1: config 0 has no interface number 0 [ 1193.937054][T12753] usb 5-1: config 0 interface 12 has no altsetting 0 [ 1193.962526][T12753] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 1193.979864][T12753] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1193.988503][T12753] usb 5-1: Product: syz [ 1193.992904][T12753] usb 5-1: Manufacturer: syz [ 1193.997730][T12753] usb 5-1: SerialNumber: syz [ 1194.030194][T12753] usb 5-1: config 0 descriptor?? [ 1195.165703][T12753] f81534 5-1:0.12: f81534_set_register: reg: 1003 data: e0 failed: -71 [ 1195.189567][T12753] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71 [ 1195.229382][T12753] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 1195.237115][T12753] f81534: probe of 5-1:0.12 failed with error -71 [ 1195.289459][T12753] usb 5-1: USB disconnect, device number 3 [ 1195.606465][ T28] audit: type=1326 audit(1759857778.110:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1195.648904][ T28] audit: type=1326 audit(1759857778.140:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1195.711508][ T28] audit: type=1326 audit(1759857778.140:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1195.764872][ T28] audit: type=1326 audit(1759857778.140:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1195.833626][ T28] audit: type=1326 audit(1759857778.140:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1195.906291][ T28] audit: type=1326 audit(1759857778.140:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1195.960931][T18894] team_slave_0: entered promiscuous mode [ 1195.967314][T18894] team_slave_1: entered promiscuous mode [ 1195.997584][T18894] vlan2: entered promiscuous mode [ 1196.005985][ T28] audit: type=1326 audit(1759857778.140:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1196.044191][T18894] team0: entered promiscuous mode [ 1196.117321][ T28] audit: type=1326 audit(1759857778.140:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1196.202918][ T28] audit: type=1326 audit(1759857778.140:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1196.321068][ T28] audit: type=1326 audit(1759857778.140:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18886 comm="syz.2.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa03d18eec9 code=0x7ffc0000 [ 1197.551001][T18910] loop4: detected capacity change from 0 to 4096 [ 1197.587251][T18910] NILFS (loop4): unrecognized mount option "rdI0Wˏe\" [ 1198.263476][T18935] loop4: detected capacity change from 0 to 512 [ 1198.284855][T18938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4066'. [ 1198.307243][T18935] EXT4-fs: Ignoring removed oldalloc option [ 1198.347656][T18935] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 1198.370502][T18938] netlink: 'syz.1.4066': attribute type 39 has an invalid length. [ 1200.542699][T18980] netlink: 'syz.2.4076': attribute type 39 has an invalid length. [ 1201.613020][T19011] netlink: 'syz.2.4087': attribute type 39 has an invalid length. [ 1201.632036][T19013] loop4: detected capacity change from 0 to 164 [ 1201.887523][T18076] Bluetooth: min 6 > max 0 [ 1202.345003][T19041] loop4: detected capacity change from 0 to 512 [ 1202.571366][T19041] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1202.747859][T19041] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1203.014860][T18074] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1310.949390][ C0] ------------[ cut here ]------------ [ 1310.956645][ C0] WARNING: CPU: 0 PID: 19074 at kernel/rcu/tree_stall.h:1001 rcu_check_gp_start_stall+0x2dc/0x460 [ 1310.967277][ C0] Modules linked in: [ 1310.971207][ C0] CPU: 0 PID: 19074 Comm: syz.2.4104 Not tainted syzkaller #0 [ 1310.978669][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1310.988729][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 1310.995074][ C0] Code: ff ff ff 48 c7 c7 a0 04 ef 96 be 04 00 00 00 e8 4a b9 6c 00 48 89 df b8 01 00 00 00 87 05 7c d9 7e 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 51 d3 8c 74 47 48 c7 c0 1c b8 4a 8e 48 c1 e8 03 [ 1311.014951][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 1311.021031][ C0] RAX: 0000000000000000 RBX: ffffffff8cd35180 RCX: ffffffff81702b16 [ 1311.029021][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cd35180 [ 1311.037553][ C0] RBP: ffffc90000007e30 R08: 0000000000000003 R09: 0000000000000004 [ 1311.045636][ C0] R10: dffffc0000000000 R11: fffffbfff2dde094 R12: 0000000000002904 [ 1311.053651][ C0] R13: 1ffff110171c7a22 R14: 0000000000000a02 R15: dffffc0000000000 [ 1311.061663][ C0] FS: 00007fa03e0c66c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 1311.070861][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1311.077481][ C0] CR2: 00007fa03d3e6098 CR3: 0000000024e1d000 CR4: 00000000003506f0 [ 1311.085491][ C0] Call Trace: [ 1311.088778][ C0] [ 1311.091629][ C0] rcu_core+0x612/0x1720 [ 1311.095892][ C0] ? ktime_get+0x7f/0x280 [ 1311.100230][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1311.105436][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 1311.110673][ C0] ? sched_clock+0x3f/0x60 [ 1311.115111][ C0] ? sched_clock_cpu+0x75/0x430 [ 1311.119973][ C0] ? ktime_get+0x7f/0x280 [ 1311.124343][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 1311.130374][ C0] ? lock_chain_count+0x20/0x20 [ 1311.135263][ C0] handle_softirqs+0x280/0x820 [ 1311.140042][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 1311.144819][ C0] ? do_softirq+0x180/0x180 [ 1311.149336][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 1311.154552][ C0] __irq_exit_rcu+0xc7/0x190 [ 1311.159260][ C0] ? irq_exit_rcu+0x20/0x20 [ 1311.163776][ C0] irq_exit_rcu+0x9/0x20 [ 1311.168040][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1311.173804][ C0] [ 1311.177190][ C0] [ 1311.180133][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1311.186125][ C0] RIP: 0010:native_apic_msr_write+0x39/0x50 [ 1311.192028][ C0] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 f3 0f 1e fa 89 f6 31 d2 e9 47 e9 18 03 0f 1f 80 00 00 00 [ 1311.211665][ C0] RSP: 0018:ffffc9000f67fcd8 EFLAGS: 00000246 [ 1311.217754][ C0] RAX: 00000000000000f6 RBX: 0000000000000200 RCX: 000000000000083f [ 1311.225737][ C0] RDX: 0000000000000000 RSI: 00000000000000f6 RDI: 000000000000083f [ 1311.233725][ C0] RBP: 0000000000000000 R08: ffffc9000f67fc47 R09: 1ffff92001ecff88 [ 1311.241731][ C0] R10: dffffc0000000000 R11: fffff52001ecff89 R12: ffff8880b8e35001 [ 1311.249806][ C0] R13: dffffc0000000000 R14: ffff8880b8e35050 R15: 0000000000000020 [ 1311.257825][ C0] arch_irq_work_raise+0x68/0x70 [ 1311.263163][ C0] irq_work_queue+0x99/0x140 [ 1311.267779][ C0] bpf_send_signal_common+0x2b6/0x420 [ 1311.273252][ C0] ? __set_printk_clr_event+0x80/0x80 [ 1311.278664][ C0] ? __cant_sleep+0x210/0x210 [ 1311.283358][ C0] ? arch_do_signal_or_restart+0x2d1/0x780 [ 1311.289192][ C0] bpf_send_signal+0x19/0x20 [ 1311.293808][ C0] bpf_prog_7ba5217f62dcd359+0x40/0x44 [ 1311.299628][ C0] bpf_trace_run2+0x1d1/0x3c0 [ 1311.304328][ C0] ? bpf_trace_run2+0xde/0x3c0 [ 1311.309104][ C0] ? bpf_trace_run1+0x3b0/0x3b0 [ 1311.314051][ C0] ? lock_chain_count+0x20/0x20 [ 1311.318919][ C0] trace_sys_enter+0x69/0x80 [ 1311.323525][ C0] syscall_trace_enter+0xf0/0x150 [ 1311.328692][ C0] do_syscall_64+0x28/0xb0 [ 1311.333134][ C0] ? clear_bhb_loop+0x40/0x90 [ 1311.337831][ C0] ? clear_bhb_loop+0x40/0x90 [ 1311.342526][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1311.348431][ C0] RIP: 0033:0x7fa03d18eec9 [ 1311.352859][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1311.372498][ C0] RSP: 002b:00007fa03e0c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1311.380921][ C0] RAX: ffffffffffffffda RBX: 00007fa03d3e6098 RCX: 00007fa03d18eec9 [ 1311.388915][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa03d3e6098 [ 1311.396979][ C0] RBP: 00007fa03d3e6090 R08: 0000000000000000 R09: 0000000000000000 [ 1311.404965][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1311.412962][ C0] R13: 00007fa03d3e6128 R14: 00007ffcd315d840 R15: 00007ffcd315d928 [ 1311.420985][ C0] [ 1311.424020][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1311.431310][ C0] CPU: 0 PID: 19074 Comm: syz.2.4104 Not tainted syzkaller #0 [ 1311.438874][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1311.448961][ C0] Call Trace: [ 1311.452248][ C0] [ 1311.455096][ C0] dump_stack_lvl+0x16c/0x230 [ 1311.459786][ C0] ? show_regs_print_info+0x20/0x20 [ 1311.465251][ C0] ? load_image+0x3b0/0x3b0 [ 1311.469775][ C0] panic+0x2c0/0x710 [ 1311.473679][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 1311.478197][ C0] __warn+0x2e0/0x470 [ 1311.482263][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1311.488023][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1311.493764][ C0] report_bug+0x2be/0x4f0 [ 1311.498109][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1311.503841][ C0] ? rcu_check_gp_start_stall+0x2dc/0x460 [ 1311.509585][ C0] ? rcu_check_gp_start_stall+0x2de/0x460 [ 1311.515368][ C0] handle_bug+0xcf/0x120 [ 1311.519679][ C0] exc_invalid_op+0x1a/0x50 [ 1311.524212][ C0] asm_exc_invalid_op+0x1a/0x20 [ 1311.529258][ C0] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460 [ 1311.535624][ C0] Code: ff ff ff 48 c7 c7 a0 04 ef 96 be 04 00 00 00 e8 4a b9 6c 00 48 89 df b8 01 00 00 00 87 05 7c d9 7e 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 80 51 d3 8c 74 47 48 c7 c0 1c b8 4a 8e 48 c1 e8 03 [ 1311.555271][ C0] RSP: 0018:ffffc90000007bb8 EFLAGS: 00010046 [ 1311.561352][ C0] RAX: 0000000000000000 RBX: ffffffff8cd35180 RCX: ffffffff81702b16 [ 1311.569354][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cd35180 [ 1311.577434][ C0] RBP: ffffc90000007e30 R08: 0000000000000003 R09: 0000000000000004 [ 1311.585416][ C0] R10: dffffc0000000000 R11: fffffbfff2dde094 R12: 0000000000002904 [ 1311.593501][ C0] R13: 1ffff110171c7a22 R14: 0000000000000a02 R15: dffffc0000000000 [ 1311.601493][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 1311.607347][ C0] ? rcu_check_gp_start_stall+0x2c6/0x460 [ 1311.613092][ C0] rcu_core+0x612/0x1720 [ 1311.617369][ C0] ? ktime_get+0x7f/0x280 [ 1311.621756][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1311.626973][ C0] ? kvm_sched_clock_read+0x11/0x20 [ 1311.632191][ C0] ? sched_clock+0x3f/0x60 [ 1311.636624][ C0] ? sched_clock_cpu+0x75/0x430 [ 1311.641475][ C0] ? ktime_get+0x7f/0x280 [ 1311.645831][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 1311.651840][ C0] ? lock_chain_count+0x20/0x20 [ 1311.656707][ C0] handle_softirqs+0x280/0x820 [ 1311.661502][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 1311.666290][ C0] ? do_softirq+0x180/0x180 [ 1311.670841][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 1311.676065][ C0] __irq_exit_rcu+0xc7/0x190 [ 1311.680674][ C0] ? irq_exit_rcu+0x20/0x20 [ 1311.685312][ C0] irq_exit_rcu+0x9/0x20 [ 1311.689597][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 1311.695274][ C0] [ 1311.698213][ C0] [ 1311.701147][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1311.707166][ C0] RIP: 0010:native_apic_msr_write+0x39/0x50 [ 1311.713088][ C0] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 f3 0f 1e fa 89 f6 31 d2 e9 47 e9 18 03 0f 1f 80 00 00 00 [ 1311.732813][ C0] RSP: 0018:ffffc9000f67fcd8 EFLAGS: 00000246 [ 1311.738908][ C0] RAX: 00000000000000f6 RBX: 0000000000000200 RCX: 000000000000083f [ 1311.747216][ C0] RDX: 0000000000000000 RSI: 00000000000000f6 RDI: 000000000000083f [ 1311.755219][ C0] RBP: 0000000000000000 R08: ffffc9000f67fc47 R09: 1ffff92001ecff88 [ 1311.763204][ C0] R10: dffffc0000000000 R11: fffff52001ecff89 R12: ffff8880b8e35001 [ 1311.771376][ C0] R13: dffffc0000000000 R14: ffff8880b8e35050 R15: 0000000000000020 [ 1311.779496][ C0] arch_irq_work_raise+0x68/0x70 [ 1311.784476][ C0] irq_work_queue+0x99/0x140 [ 1311.789108][ C0] bpf_send_signal_common+0x2b6/0x420 [ 1311.794512][ C0] ? __set_printk_clr_event+0x80/0x80 [ 1311.799901][ C0] ? __cant_sleep+0x210/0x210 [ 1311.804633][ C0] ? arch_do_signal_or_restart+0x2d1/0x780 [ 1311.810457][ C0] bpf_send_signal+0x19/0x20 [ 1311.815062][ C0] bpf_prog_7ba5217f62dcd359+0x40/0x44 [ 1311.820554][ C0] bpf_trace_run2+0x1d1/0x3c0 [ 1311.825858][ C0] ? bpf_trace_run2+0xde/0x3c0 [ 1311.830671][ C0] ? bpf_trace_run1+0x3b0/0x3b0 [ 1311.835683][ C0] ? lock_chain_count+0x20/0x20 [ 1311.840600][ C0] trace_sys_enter+0x69/0x80 [ 1311.845208][ C0] syscall_trace_enter+0xf0/0x150 [ 1311.850248][ C0] do_syscall_64+0x28/0xb0 [ 1311.854683][ C0] ? clear_bhb_loop+0x40/0x90 [ 1311.859387][ C0] ? clear_bhb_loop+0x40/0x90 [ 1311.864079][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1311.870002][ C0] RIP: 0033:0x7fa03d18eec9 [ 1311.874438][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1311.894146][ C0] RSP: 002b:00007fa03e0c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1311.902579][ C0] RAX: ffffffffffffffda RBX: 00007fa03d3e6098 RCX: 00007fa03d18eec9 [ 1311.910561][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa03d3e6098 [ 1311.918799][ C0] RBP: 00007fa03d3e6090 R08: 0000000000000000 R09: 0000000000000000 [ 1311.926797][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1311.934780][ C0] R13: 00007fa03d3e6128 R14: 00007ffcd315d840 R15: 00007ffcd315d928 [ 1311.942803][ C0] [ 1313.097729][ C0] Shutting down cpus with NMI [ 1313.102802][ C0] Kernel Offset: disabled [ 1313.107744][ C0] Rebooting in 86400 seconds..