last executing test programs: 16.093664764s ago: executing program 1 (id=1510): syz_open_dev$tty20(0xc, 0x4, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000700)) r0 = syz_clone(0x2a8000, 0x0, 0x0, 0x0, 0x0, 0x0) kcmp(r0, r0, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x200, 0x80, 0x20000, 0x0, 0x0, 0x8}, 0x45) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r1, 0x0) syz_clone3(&(0x7f00000004c0)={0x1000, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58) prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x80) 15.558235161s ago: executing program 2 (id=1515): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback, 0x2}, 0x1c) bind$netlink(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000500)={0x0, 0x82, 0x30}, 0xc) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x8020) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x3}, 0x8) writev(r0, &(0x7f00000001c0)=[{&(0x7f00000016c0)='H', 0x1}], 0x1) 14.375792789s ago: executing program 1 (id=1521): r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x80) ioctl$I2C_PEC(r0, 0x708, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='sched\x00') write$binfmt_register(r2, &(0x7f0000000540)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x0, 0x3a, '[\xe5\xfb', 0x3a, 'sched\x00', 0x3a, './file0'}, 0x30) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000500)={0xffffffffffffffff}, 0x2, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000200)={0x13, 0x10, 0x8, {0x0, r4, 0x1}}, 0x18) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r5, 0x406, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60ff, 0x0, 0x0, 0xffffffffffffffe8, 0x0, 0x0, 0x6}, 0xf) ioctl$VIDIOC_G_AUDIO(r2, 0x80345621, &(0x7f0000000000)) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_ADDRESS={0xa}]}, 0x48}, 0x1, 0x0, 0x0, 0x45844}, 0x0) 11.550167459s ago: executing program 2 (id=1528): getsockopt$IP_SET_OP_VERSION(0xffffffffffffffff, 0x1, 0x53, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0xd, 0x8d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={0xffffffffffffffff, 0x6}, 0xc) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000500)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x2915024094f4014f, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0xc8}}, 0x0) 11.52102298s ago: executing program 1 (id=1529): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$kcm(0x29, 0x2, 0x0) r4 = memfd_create(&(0x7f00000003c0)='e\xf4b\x88-\x05', 0x0) pwritev(r4, &(0x7f0000000180)=[{&(0x7f0000000700)="1a", 0x1}], 0x1, 0x1000000, 0x0) sendfile(r3, r4, 0x0, 0x8000fb00) 9.042789653s ago: executing program 1 (id=1532): syz_usb_connect$cdc_ecm(0x0, 0x56, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f0000000240), 0x8, 0x1) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000001480)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d55906000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb937b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9ccd5788029901e5a79d8b9990ace8f74087f25ad50c4608800"/686], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000080)="05804ab382844306d758e620b9dc", 0x0, 0x12c4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 8.978705196s ago: executing program 4 (id=1534): memfd_secret(0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) socket(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}}, 0x4000000) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x24040084) 6.857042591s ago: executing program 2 (id=1535): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/fscaps', 0x101001, 0x391) r2 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 6.498391889s ago: executing program 4 (id=1539): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountstats\x00') prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) lgetxattr(0x0, &(0x7f0000000240)=@known='system.posix_acl_access\x00', &(0x7f0000000340)=""/119, 0x77) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) connect$unix(0xffffffffffffffff, 0x0, 0x0) r2 = socket(0x40000000015, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0), 0x4) bind$inet6(r2, &(0x7f0000000f80)={0xa, 0x0, 0x0, @loopback, 0xa7a}, 0x1c) read$FUSE(r0, &(0x7f0000003240)={0x2020}, 0x2020) 6.320527998s ago: executing program 1 (id=1541): openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0) syz_open_dev$dri(&(0x7f0000000180), 0x78, 0x802) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) eventfd(0xfffffc00) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) 5.369889485s ago: executing program 3 (id=1542): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r1, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_io_uring_setup(0x10d, &(0x7f00000005c0)={0x0, 0xb4b7, 0x800}, &(0x7f0000000200)=0x0, &(0x7f0000000380)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r7, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index, 0x0, 0x0}) io_uring_enter(r2, 0x3f70, 0x0, 0x0, 0x0, 0x0) 4.842343881s ago: executing program 1 (id=1543): r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000006000000140008"], 0x28}}, 0x0) 4.668553239s ago: executing program 3 (id=1545): socket$nl_route(0x10, 0x3, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) io_submit(0x0, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2c, 0x25dfdbfd, {0x60, 0x0, 0x0, r3, {0x0, 0x2}, {0xffe0, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0x3}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200c440}, 0x4c884) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) 4.65724594s ago: executing program 0 (id=1546): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@quota}, {@quota}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@orlov}, {@test_dummy_encryption_v1}, {@jqfmt_vfsv1}]}, 0x3, 0x448, &(0x7f0000000440)="$eJzs3M1vG0UbAPBnN3H6tmnfhFI++gEECiLiI2nSAr2CQOIAEhIcyjEkaVXqNqgJEq0qKAiVI6rEHXFE4i/gBBcEnJC4wh1VqlAvLZwWrb3bOK6d1q5dF/z7SZvM7I4183h37JmdbAIYWlP5jyRie0T8FhET9ezGAlP1X9eunFv868q5xSSy7M0/k1q5q1fOLZZFy9eNF5npNCL9NIm9LepdPXP2xEK1uny6yM+unXxvdvXM2WePn1w4tnxs+dT84cOHDs698Pz8cz2JM2/T1T0fruzb/erbF19fPHLxnZ++Scr4m+LokanNDj6RZT2ubrB2NKST0QE2hI6MRER+uiq1/j8RI7F+8ibilU8G2jigr7Isy8bbHz6fAf9hSQy6BcBglF/0+fy33O7Q0OOucPnF+gQoj/tasdWPjEZalKk0zW97aSoijpz/+8t8i/7chwAA2OC7fPzzTKvxXxr3N5T7f7E2NBkR90TEzoi4NyJ2RcR9EbWyD0TEgx3W37xIcuP4J73UVWC3KB//jaf1ta2N479y9BeTI0VuRy3+SnL0eHX5QPGeTEdlS56f26SO71/+9fN2xxrHf/mW11+OBYt2XBrdsvE1SwtrC7cTc6PLH0fsGW0Vf3J9JSCJiN0RsafLOo4/9fW+dsduHv8merDOlH0V8WR9bfN8NMVfSjZfn5z9X1SXD8yWV8WNfv7lwhvt6r+t+HsgP//bovX5L0wmjeu1q53XceH3z9rOabq9/seSt2rpsWLfBwtra6fnIsaS1+qNbtw/v/7aMl+Wz+Of3t+6/++M9Xdib0TkF/FDEfFwRDxStP3RiHgsIvZvEv+PLz3+bvfx91ce/1JH5389MRbNe1onRk788O2GSic7iT8//4dqqeliz618/t1Ku7q7mgEAAODfJ42I7ZGkM9fTaTozU/97+V2xLa2urK49fXTl/VNL9WcEJqOSlne6Jhruh84V0/oyP9+UP1jcN/5iZGstP7O4Ul0adPAw5Mbb9P/cHyODbh3Qd57XguGl/8Pw0v9heOn/MLxa9P+tg2gHcOe1+v7/aADtAO68pv5v2Q+GiPk/DC/9H4aX/g9DaXVr3Pwh+YEnyg+ou6U9XSSyLKLfdVU6+McHt52I9C54VyX6lhjwBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECP/BMAAP//qlXhwA==") syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x10, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==") read$FUSE(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000300)) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0) rename(&(0x7f0000000100)='./bus/file0\x00', &(0x7f0000000080)='./mnt\x00') socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r0, 0x1, &(0x7f0000000600)=[0x0]) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x700, 0x0, 0x0}, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000580)=ANY=[], 0x0) 4.610423792s ago: executing program 4 (id=1547): setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = socket$nl_route(0x10, 0x3, 0x0) signalfd(r0, &(0x7f0000000040)={[0xff]}, 0x8) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000700)=@ethtool_flash={0x33, 0xea6, '.\x00'}}) socket$rxrpc(0x21, 0x2, 0x2) r3 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="1400000035000b0bc8d643234724d3f90324fc60", 0x14}], 0x1}, 0x0) 4.417689502s ago: executing program 3 (id=1549): bind$inet(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_open_dev$dvb_dvr(&(0x7f0000000240), 0x0, 0x1a5140) 3.574416084s ago: executing program 0 (id=1550): syz_open_dev$evdev(&(0x7f000001fa80), 0x3, 0x3f) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124) r1 = fanotify_init(0x4, 0x1000) r2 = fanotify_init(0x20, 0x1) r3 = fanotify_init(0x2, 0x1) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124) fanotify_mark(r3, 0x451, 0x8000000, r4, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x124) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) fanotify_mark(r2, 0x1, 0x4800001a, r5, 0x0) fanotify_mark(r1, 0x141, 0x40001029, r0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0) 3.230358541s ago: executing program 0 (id=1551): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000580000/0x4000)=nil) mremap(&(0x7f0000580000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00007ff000/0x2000)=nil) 2.885285668s ago: executing program 3 (id=1552): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x18) r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x100000, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4c, 0xf3, 0x8, [0x0, 0x0, 0x0, 0xc, 0x5, 0x0, 0x0, 0x40000002]}}) 2.861906899s ago: executing program 4 (id=1553): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3f0, 0x0, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x7fffffe, 0x0, {[{{@arp={@multicast2, @loopback, 0xffffffff, 0xffffffff, 0x7, 0x9, {@mac=@random="3b4c52fb5365", {[0xff, 0x0, 0xff, 0x0, 0xff]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}, {[0x0, 0x0, 0x0, 0x0, 0xff]}}, 0x50, 0x1, 0xe, 0x9cd4, 0x0, 0xffff, 'veth0_to_team\x00', 'ip_vti0\x00', {}, {0xff}, 0x0, 0x202}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x308}}, {{@uncond, 0xc0, 0x110, 0x0, {0x0, 0x1e03}}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3b}, @empty, @local, @multicast2, 0x2}}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 0x0, 0x20, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}}, {}, 0x0, 0x0, 0x0, 0x0, 0xfff9, 0x0, 'veth0_to_batadv\x00', 'netpci0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x3f}, 0x8, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 1.437051739s ago: executing program 4 (id=1554): eventfd(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4) r3 = socket(0x1e, 0x1, 0x0) getsockopt$inet_tcp_buf(r3, 0x10f, 0x1c, 0x0, &(0x7f0000000140)) 1.43624125s ago: executing program 0 (id=1564): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x20000000) r0 = socket$kcm(0x10, 0x2, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) close(0x3) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3) getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newlink={0x54, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x71583}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_TTL={0x5, 0x8, 0x12}, @IFLA_GRE_REMOTE={0x14, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) sendmmsg$inet(r2, &(0x7f0000000880)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880) sendmsg$kcm(r0, 0x0, 0x0) 1.435913129s ago: executing program 3 (id=1555): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_timeval(r3, 0x1, 0x15, &(0x7f0000000080)={0x77359400}, 0x10) connect$unix(r2, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r3, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x802) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/4\x00') read$FUSE(r4, &(0x7f0000000a00)={0x2020}, 0x2020) 1.21299255s ago: executing program 0 (id=1556): r0 = socket$netlink(0x10, 0x3, 0x4) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40840) sendmsg$NFT_MSG_GETSETELEM(r0, 0x0, 0x20044084) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x3000000, 0x22, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) write(0xffffffffffffffff, &(0x7f00000002c0)="09f8000001", 0x5) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r3, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0) r4 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x48}}, 0x0) sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0) 724.824275ms ago: executing program 2 (id=1557): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r1, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_io_uring_setup(0x10d, &(0x7f00000005c0)={0x0, 0xb4b7, 0x800}, &(0x7f0000000200)=0x0, &(0x7f0000000380)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r7, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index, 0x0, 0x0}) io_uring_enter(r2, 0x3f70, 0x0, 0x0, 0x0, 0x0) 647.582149ms ago: executing program 3 (id=1558): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000) r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x80801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000000)="0900bf65653f47f4020000008bd458d1e7cbdaf300000f34e7e4165f081ae36850f6d15c3e681411f7a496c0da04003c242f5bedaf6bec340dee49474362b24cb800edc500", 0x0, 0x48) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ffb000/0x1000)=nil, 0x1000}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 330.393864ms ago: executing program 4 (id=1559): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup/../file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041) r4 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 275.229847ms ago: executing program 2 (id=1560): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r2, 0x400455c8, 0x4) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) writev(r3, &(0x7f0000000100)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193", 0xa}, {0x0}], 0x2) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000019080)=0x30) 90.065896ms ago: executing program 0 (id=1561): syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000c0c0)="970b180393e57da0084004606e0f7eb55b4379b678ec58dd5832867fc4741e325499108ee901f5ade42a10a2a5ca59b706328aca067422dcda816a63687f6b445fdf7c8c4c158921aab593be18f8f3e3a72a3c634c089c468f2afa55a47fcb36c8ec931a3b8e995ca8f9da378136eee8d00878a33e262e3718e8829586fb5a3bdd2143ea5a880a6322892369f494dd40593794a88b4f0e69dfc3d573117dc27d511cb0b7e7d1c13dac381d4472cb9eba0637c9611565d496c7a6936582144f524085bf34af3a90ac0a0db2f79a423fa8b797909b65b72ee23068ebf92a9ae53fdeca4a47ec6838e363039c63988cf6f4f393f907cff08e13520751cfa3bfeb452f120d8a5f462b040f8537f7add203eb2b2f5784376b4e0d85c027c4e0d5817ce1db986581a147a5c7e820212907992afff07f13a43b2a2c23e6f61d7bdafdea1d396e0fa1e79afd07195dfdab53cbe75d4b96971caef941b69525b87d59fcb99bfb348a12236968f9dacbfbdc4d9b0b01df755ba3b6c320a29e5bc23bd6b20f3b27dc3d63d2d2ef11865347c5ca1504ded5d549e17e1194d717c79bc330ebfc3929d079152f51f3ab9701a3241c7df4130027ca1a6d0e6b5f2f2c3b659cbea4cef19728b45f1325e04151af66111cabddafa17b90f193c52d1c4fb646f99fd42d77a3f16c05a491a775962a2a4ee9f9f6c1a5eaa68305a88add9d6f35815f37cadae92293a0db1613662f145991ba5fd632c4a170588f8265e11b3e1a4ff2b17f3664b98d9c6f54a356f19a9b72175e7eb46ff4330812993886cd7b42ffdc3767a4ac16dd21d76417b70cfe97ad6ad0ddea7284d0e3ecf0c6c6b57833f65963f3764e297c994e0181bbf693c8fc0e57fc15b2ad776a00c19a805a906ffa80efa4116d5f5c9863a74bb340008d958db841c5f1e3b286afac717ceabcc7310e75e45b61215f6ba0bb496bd5e094b6139326758c1d81b176e11da5eda522f05346e1a71a6358b4c9b7653a66ae7153858fac4695d64fe2962b0d62d6d8aac14cf9cd2199fb039b54b64f5085434b2339f90bc11f2e407a6e84557de9a7a7edcc3b15a7798cbc68c1b1e1a822103bd43b656e933bfe886736a2bda6ccb228a8e4fae5956673db0105999017d8b68159f7a9480fd2ca70bb7e9fbc8f4f1c3581b1f528c8fb5b5d6beb769dd5e9650739f3cfcb61ab7b066c342a6c6886b0bd83f399e3eb74d2cafce7fc76febe624a37e185924afa8695caa7d3c1a97fd6684979ef33957a334fbf10c7a9bba18397082580df2425129a87c4868d41d1bcda8a7faaf1afd492cb4c83b7c5ce7a950f92186cc07bf27dcf58ac56506f2453399070ae8e5b009e40eb1970bbe8a1c9f3befb54255602bd191bd46c56c0fda2842462c0b68884f9a922d2a8b161aa9ca2c0c52bcfa26b7b7a152f2ccd16ec4974361f7322dc3b345e926e1a1b56200dc425e2e03c3d7194f9cbd321e10de387adf9790a5706bcf05d9b8c16e40e5633c44553c2aa8611f7656fc732b5dfce1eaf212d2521eb013fcf154d251553ba7a6a1f7ba8b7ceb3a1df621376543a451fe76671beaab4833f1be28247919c7cdf4177e2c9cca78ce52b5a7e4dde913dd8b13ce861bbf7048822041f4b29b3441b4880a8f7a4a289ad3c6258494e7736e48373408d248c3b033372ebdb3d9a406869445b5d956434a576b83d4a7e7b47ae8c69f50be20ea56f171e592e114602ed4f47e86dc34008770940adb4f0167811c474ada06693b55f567cc3201f97c08a3711dca486a86c367f59ce44259c1d71cdb135aa8630c4cae61ad07998a2f781ff87c946e8aef9bde6d4738bc009fc43fd176bc38756a0ca48c382395b48bc55da32892551ecdd0bd3f4c69a79bbe600f4103f21e443821492b92516833b231942e91a39e7401a42ba3e99a3a2fefa6167365b9050305b6f09a013f41e764a80f422cce051e5b30ba6528540ee5d4ea5872572c85f321b68e730f40f64b648be31a9e530718ec17443a1a4dcdb79cf799cfa75d0bfa0fde71828d8f51e38dc3d1d77430ceed007426f689d5843c34afdec5dde3e480a36ffa25db4b3483cde91e56eee8756dd953a3abff11bd7901d6b37c8371b023d7457361908576f92990f19e9f48dc58ca550e61a035161f1539b14b7bcce535b3a3783021094129f312c03e51df62579ae9423927021e8bcf530116f3658a1e94d39a800452f7461d2f001f86b911a8a14b9e61c2fd8f959ea40793df240aed5e5862ea59d78fb235788c1ba3c0ec44fbefc29c2e6f22d70849750625c3c15227579d42858b5fac30bbe86491697cec1c4543addc1f50202fdf77a6d2d23e70ed611a63368694e459012ebdbe71c4f702980d7ae63aaee33d5f8df5fce071c73cd918991c6ba2f95f33a9917a22c9e7342dd492c9e2c2f6457c3a48f35edc1720f2224f2af2ef4c0a38b75ce27aae5d5ef615920ab9245851590cdcdcfaa7e5a66b73f5a0a1bcf1bab66ecdfc0dcbd8cebb1b98f6256cea6761c835a761819018fd9c3d2f541eba25abde06f1551328800b1efc04d8e10594dbe95f9f10005cae8c5b27cc18268ebaa4578f9dcfa99aa61567a55b43545ec729764af99d224cfea6a36a93d4f70bae3225256e179e81a0c64dffce9c2141994253af664c33f881aa417fa3b7e9424f1841f1aa845ea0fe05c4e47b318bef60709d6f20c9eee6e8c0c18bd161d3dbe57d82903937e10c41aa9066dcee124354584232afdcb60d185bc39fcc5e7e5124d17e2f998b64836b587cf233469b92af65a70f4a8f35df9e24c7d5d21bda27ae44ce6706f86d3747db675aa329e8b43652bb1e89687dd003dd7924d300f498d444639b3fd413840cfa958e436e5959e95486161af807cbb7304d99284818eabe39493c66664e92143ff41602a3805369f461abeae5e5b6987a20fa47495cbeeeb322c848147dd9a052384a49898138557e10eb015df370d01977083ad24c7defc8c80583d5f5eca20d0853afb9f41c356f8da0e2435d423528f67f091fc614645980a57ed893ded1c3d37881b243b8a5503f45672492f3849895c9377277a91e7090241832629032872294896107628ffd1151c444153f54b484fa3e5ca057cbe073e6039c11b1eceaf7e20eef2576aa99e7a3f36aed9beb089af28d82e2dc5e97da4878b76b5224e1d293f5223c09f715fba13945695a98624eade1381e31c5651069805e6f707811586f5f81e431e8624a608ba1ab405d2593b1f9f667b89d82e60048e4ef3be98bd3078beb4e5e66e8823c8b427d6f84468f1f18f1ff8a8c11515426993334bcbe0c3ba37b91be07eb800fb2e00a24351457d8fc067b4bfec43c0ce8cd26b23bfbb27d3da7bca3efb7fe6f7715760eda4e3a27a7be7419b803667ef6057bdd5d44250b47fa156af04db91fc57f25425b3cfbaf90a840fe5cfcefcd1500cf4908ec4df10c8bc14ec284bb99b13a8f6136e5e1c669806cb5a4a5227f7952c5b605a2b443866fae399a1f8fea323784935c3e5a9ba9e831749efc9b8228421bdb91afed16341962535cebf6fb02679e5412f67db405c90e218789b634d92a41aaf528c92b8bf38b629a1797c036465b77dc3bb124bdddd309136681d3fbe0251698da27c6f89589171e4492209f7eb48d50a161a5135602fca3355f8934f879c54afb91224901b635ed372fdacc9469471225d2ef3c980466027b86cfe3d664071edaa29b47455064a074da56f4e098ddf27984dac546826aed38e464d5c5a79a3ece544cdb3801de0e29bf5164dbcc14578e3e6c44a4a9041e2315f1243358c5949377352911e0a67c6de7e11b0881af528fe478c34909a1178a8a4f7fb727317e4f3981706d9c9215224604c2d6a4faeefc21bd635c8412931ac4feb2c60666672fb6dc5deda0d6c4ce31f2b6cb45907427691488abb280c3fd001f3d7507c0db358af7151d3b8e2e98eb8a78ee69966f7a1307882c5b57530e0dab5c57f84852c42db013e3448da2fb0a754ed97c001f33cca549eb71d7aef88d1ae7fac0d96f334556d75f600a029ed698ce9e4302279999726a57337b9afda0b0292c14d1687a85326120d9fcd84cdc02718f26c12ca28cac81af0dede79685233be41c7269c57100c603a4f9536f757fa753353bd0cded7d4edab29dff6f7dd5faa81078c263c9d1d7e662a0ffae22d8d12e679de9ec6c634ba46ddf6aa86ac0be41cabd9b14fd12107ffce96915fa0154f5b6017fa866d14ff47754a58ba14c1a3eb3f23f040779a788b774604c3a8a7dd818619352cf47849eebfdd3b49b56f376044e7cb218759059fa85057f96c159ccd63ea6cd0bf47781c2d023411854dd3ea46f4913cda9672655e566d2e83fe2e0eb5476bd6fd7a84557e37a4e8d32c75ab51dbffc59f0cebc3edeb395f38f82765ed3cfdce75b2fd570e783c8c3afb31049383af0b51575e5c9dd9332bde6f684a3e11d199f43004439ed535a20c7f2a695cf9b547985421ac62c2289c71491f0617d23cb7a9466c8f0482eb2e8aa782118702761e0267ef500afc52f4a3a7a53ef22aea542f679dc5c751c766e06af453576689c87b3b89c091e5444ff6fb1472fbd271fffb268a2eada125d7acfc70c8ff4cfd3f5421941c2857e54ed0617d6430b806d605c2e508cd5a7764d6ecdc69dbd050a97f8696535585bbb95b66f751566ce612aebce9a0b021f9fbf067870fe447dd05e8c521413e7f27955db3b8239836b6ad120f5fb48e9003bd19b05f94752743d89bdc5492c2ca1bc3133fe0ceb29451900e2ac713cf2cbc3a531048a473a195ad40c685b539f806f434c9e2cb6a8a25df84d41c13d1ceb90de1a3efecd06a53ac9a32654d1ece86dcf6fa17ea6a4f367f9b360b3e26514bf94af1f52d9c0b0691241e3c6c302e7054bb738cb234019c0e45a7db270ab9d75df73568f25579d33e7b42743c924b1f888df85c6166228f5391962b689f0a4d9683b43ddc98982a820b5c60d9c4e3997cd2212fc3850b2bd41342ccbefc1e4ec2ad7ae285f156f4a4f383281018c73ca4f2e9d255487a9717dd39cd744a000c68c53f82a22a08bcb734b5bbb8364180991140c2e727dfce4b19e70c968c97393b56019ef84688772d488b9bd6fa9354ab64f731e6adab543851e5ca1470fd13d0334ba025b57db5d9ea13c970642726284fefddab8fdf7155f5b8e3b3b86d098c4207b428bffcc7ff76f6397b6a3efc3c0b0fb2a4343b4051271f87e384c2b659086ba668c66a15d68b87faf82a60b184f27256e36a9ada7c4422754be56dbbab50ed781f36e40ded65a30378003de5b5cd5f80a6042613c76e80851312c7ed2c07b762b85a1b6928a7b2428d2bc7a6bfdfa2ba55aed54fd3c878ec655caf1223245433b7c6fc2a2d3b0393d7ba4e12f26a53b9d5afdbab230b9148f061df2e1c0fe73c2abcd142125367fa5e598e500263d9b27e759c08b7debee4695a5b192d968108c134241f236cae0434ed71e5099cd466cfb04d5f7cef2e94683172f82a9841610cb6fe55d4bfe73920992bb76f362b9cf7919c906495d4b37a915d23168fd7ffc2f36de55a1b17fa2232df03663ffa2a4c5e76aad90fd5abc80b6dfc16ec6aa328cc7714dc2d7bb14aae9f86c999e93a59fd18fb2300539bca25e69b04943a16c985ff481a42c9d8af43eb61ef7432b8e3aa5bc391c181b7d546b94ac659bc4b501157d3adf9d4cda4e298a4e4271fa2cd08919b055eb3f168df76c1f0b0d5cf5760b56774f105e51c93cc03ce97b00768b9620a6fd5162b9d9191ac0928d2460e4e821a276680cedb3b8167bc156b48a34d4c24d4a87fd09968a725d4b6a1b54b169f1e14143e97a84cf3d8eb4ec5458dcd5ff93365396c00533c3493847f595725a4f15300183eac306d16ea136b97a9864d16330d8c5b8321a6947caeb9cdc7ff4e53c419518ce9bc11f7355651be27a2c2b9ff4127ad86b96c1b5967def371d5d6a3f365abaca55c5f19600d1d5051d320b065c2f78f2147c170b9153a0eefd7b3f1e637cac3fff14b0eeaf472e6a6a9f7553ed3267c911d4d77a4f7285b77df725b3a88fbfd221343f656d60b61808b52a8facc81b8516698f2ac50cd8769371e67278c59ab1cc890fab36206b939f23b31ab976651ca8a4e7754bb10d03d4cc6506f13d98f2bda76477a69a8794a34614a88a7ec94e1a229ad6f747724a3bfb674cc87ea0dfb610f66057671f664206672e78c00a3f4585f17fc40827d0c8af88d3437f811274f662e9ee73d550833d0c8fde449089f8b5e8a25d25096537ac960699a07ebb51271a8f8556037436307063282febae745d53f8db65f13f24cc2e525ae465c9bf79f76b82dceada3bf34529321f913dd18548ab2a26f2a065028f46f4dfb18294dff30a7e5b131a08c671787baea45545d15629ec2f435d9138e517055cd48af7120b3b79f2275baed8a4b6a0f33c30890105ae2c07a332df79f2fd6767ecc66f1ed628c968a2685813342677a2823d10263958eee79d03e393a557475701694b5ec3dec8773f37b980f5812f1cbaed6e5253da037b5f88ba2070f445d74907679460dd48e16442d345abbd37f7853ec7123ff16db46c8571987db63ed711d36c05c2dafac47ea366f9467624b6296a2b9fb7056702d4ba38b4df72e7db3244421f31aa0911af3e3a09f9e08e96aa1545c37465f990bab4ee2821b1a701aa707db1dc18d52fcede15245f54a5f1a47b0d82c33fa378625d247b08753ac5fa5444b2e3f9d1d3918b154665b02fba87e39d0e27bdf60b27930eee02c31d847d40166544ab9ef801bd79bcc8d93980354021b8c7a1b9592934a90917db115bcd92068a970680011cb074da705f1cd06a0142862a777c6a47afd38721979323e27151c114e8901d41f79358e78289af10134e22d903415e2ebd2edf34ae10eefeec219db7b13ac983583dd4b02dcc615c6f70e6cf35ea216807c4b9c81482c2b941c7d6cd6621d9480ba924a3372ca3e3ca78438b0e9bf7c8436fcc0047b3bdb8d70190076d9feea778005d5d69f1b1194c76dce628e17b6beb299146b25f3f6660263c23dbcd08f70ccb45569a81a140eff66f2190110cf0977d9df7a2c437042961606ca1a378c8f59a310ad6c9cb4ff30a2d55411eeb38d927bb4d0f60ae75d90ab78dad14097f6dd38f512af2f932e1ad6a5e201180373689981f23bd9f59e4ca29244a8ea4236527fe2249eaa299af174f25b13d72b181c2f421652ece630ee1358098c29f84506654ffad3647792852a7faf107e36ae330886ffcef6e3a1725495e430568a9cd85d385e5a15d2f77ed274be3c8edfc52c230d21785b927bb8e470f989e8c89b01af8d04fc7050fc978013fbc5dcedd2baf5e8bfa8e2e1d3f193c224375db2f71d4655d2f647e9b1739657a0ad8ef6751a88151a3413ab870e0d7ba3f0a55ce3f30d55e8eb9e47e3d82563d9180399e7895490b8561a374acf5c94a1c648fa06780c4141c58ed913fb92865d3b4883301ba69b3f2b20c1f82024bd75e62ce2972d3219bdb961ab3bbac8f1d873ddece6d85f540f82c9d79b0937973335fe05e5c6ad8fcc525620a57678d58c7c2f0f157e030736d0fe4f6de520b390794cefdc6c828b4512fb6b2000d08e38693fa22834e69180d31b3978f9da75389f919a0d49ff961997d14ae6bdffcfb179c2ead52c69dae97416eef2602843dcbe4e5ae613d429feef7ffba6a31a8be8bf2e62c6d374c807363a986519a8cf9dfc99fc6607486e10599ae415b51e23f639194885e5119036e0e535accb4f126b4c45c47a53658af1e049daa2967b01d9450625d92f8f8e9d151633646044fcc5f6ad835479d48702839456decf070c7e6143cd31033810bd7da01c4a2cfb08605b25c00336f17d3b5a3db48866ef864b8d9cea9530429d3fb1afc7ae9e7d06aea9034db89b2ec8fc2a96d8d701fc51994305077dbea527bc0fc398b6bb7d42f0c408be69b98eb173d285fd8010ba75c57f2dd982582153814ff959fccc78aa5f7901357f6129f840af6649534f9ebc7750a20502a7cbf2d2f28c6f97884f43779bbbf93c550f8e79949db0e066538456b4e966761656eb7bebd5afe9b9fc241711b874682b226e9c6baecc1e909858e01b32472f6f8d483c073d3b576a4b03534dc4b620e21e6feb4bb2ddb37e3f0d4ff92c0af19e6087034c72c5928707748bc10ea22788bd938a0e6512cae4733fc1a2e47f3d4961932fe564684872922b44db143bea77580b0704675290e0839cb5ee529ada8b4c0bb14f05c5c396e29376f1ea80dea2852a88ddf8929fd402571fb242ead60d2be61f1662e1a833969e18e23e0b808900e7ed4be9d6944942da7d384739da1055cddc94937e1ea4cd305bf161c407b471df0ce3fb3413c5bd511d3c65e70edeb5397b0a8701538be7d2f1765688cbb0379744281231e60f5edcbfa6abd177405c455f77e30b95011ae4fda2a3c6d3f9a29bfe7656f6afba48358d57b4e1a84ebca241b7a427c6f806d1f771b540912f05a6df0d5223f85639fd7c163799e28abd08e4013aa43ddbc11ccc9d53131ec5c75f7682481968ad13ef34ba23d4759b51c4cac5a7ca2c73b3103c5b9e4b8686b872edcaca791d669589655e239920fc088eeced3a131ddff2eee9fab3cced40163eebfb29a85b3e97bbd97d17c3b06d3123409f115cf3e3d1c74dcc359664ab942e6ab36c41b1af4015ff5baf700eb99abd658e6833039051a235a2f84b70cb8d90271a481ce40e2a18bef8dcf7f54952b090bbaaaad391cb6cfa218a1e823ca7b16311e35e0350dd8016f67ed34771d7f3a607c1c9ed63524ea0c865148b05f1d017e475641b5076df632b7c261ef54c23eaf7cf52c22864a8ae8f8c3442d147fd52a801f87665b47e229a77b8e85c21d7996c7de9ac4899b098380f74eff119369c81b21b0b916017d0b604ca2a74b1424a4c3132d265d12a01ec2e8cff9809ed2f7891c55bc5cb932c6ea3cdba14cef47a2a0521e36869e9d62914447c3e6cf3da9ecaed915dec41e81605a46a4ec71a8b5ec0bc2f62b3237de7203e4b6d01bc32a5b2dc416623936a324b73e0c63ec414ce1bb4b344db85f014979ae866c4a2c2cce0f814862c0691883dd2d7bcd63fdf2ddf0cb2c6a1a10aa878ba997b74db8e894e4a7ed5e8ea1e3c0b602bae23c6c8c5f38b919aeef5625501fe5d4759c43e90de56122f3ecf87e8023f25e0d3ce64ab629409e881d2d1c5f083da90d45907e62ce3177f7982e514779a13f70bc207d9aa55835e37a5f4782242681ff46600ac9e63f90a245957440987b54b3678ae808c481d25755dba747cd7c3cc0fafb9a142e1ec1a9a5f81b5cdd6dbbc3a4ba5d49f58be6196c305e2af35fdbfbbae02cc4efe771d65e6000ec3f6cf394650f5144308c95279b9df3b29236a32ad3e9cd377296a4252e7dda1bb95d99c32cb81d970de4ff47760ee087dd2fa98392c8ede48391b49cd40e314adb896f0f5b08ffcdffdd70775160144552b13edfac23a09d53a4a4a827a1f216b2827cb9fb47a9fe6412d509d35b754d3700cc0dc8d7a3406a53bd1b0ee5112c50fb8f805be52a6c4e1e664d174727f33720bb371fbe9adc747a234013fcaadbce5cd2d416414b1900074e3ec73a36f32f9d7baa96ed4ea37aea560df4d9c724c69b440139a6dc1758bc74b59c521bc59958da71c4e5c23e4a8999305d989369a9bcd10f0faa789f4040950c349ef0ee910a822ba8df4a6cc16bd72dfb85d7c9a97911e96541a7fb6fb4711cdfe1e1083b2e8e870e2d2a7304f99296a496fe30553971b75f78ace054a8e3c6d54d40b2dbb2ee38a6244139fcba31b88a3ce91d637e7c88db35794002ca28533a46af85929f603e4cf4f5aea715ac4495d2c07e8bf79da078521fac5059dfe6dff61405fb6962987d15a2c7b27a851e3076803c7b4374a85f05b96e9bae91656a003e9acad767c9ac88b339fd868136b63fcb0520a2ee2f25128c8b97a0d43d60be7436756614108cfee63fb0fd65cce0bb0afcf5ea7fa817134c876c949945642a29d71aab10d05522b4b1788bb051ae1ad23fc7e75607580f9bfb7ed901a66d69e79ba742ba169f7e0d36d0c8482d3a85d66a9fc08b3e4c1669ffb4f74f418d4317fbf03b785859601b9e3af056b6a2543289738fe1e601e635ff04d750f8724bdebbbc920a7ca2f99cdaff265299bef09a2e20878682f2f37e46b5d2d3ade8d857ec6d3f7a2779080a5927749086b33b22def28633d53dae49362b4c4d47d2899562a52f22618a45998233048f0e54ba01dd53953c9f508abcb0acb1c1fb1d110e5d6c14d707713cea4cf0403b7573ab5b0a1439e6b2d29c46a3077e0dd296ca751db66f829a42c5afe0304c48fbef52c526c8f2100f6826fd4a5295f7492855f841fdb1f8487fba63b6db19af983a75468ad29a2b6cc58f9ef2dfeec8d798d60e1950731e65c5e2ec1065a22915a30845a5f87a26c067ea870d4e1ef71f67617906080b7b122b8ac9e4da1b05442b5477ee97343cb20f2587744abfa5f318ce29cbd24df1a6dbd42470789e17ae8115a588788d910a171b88dd1b94228728bfef3b28b2b32f523d603fa28d00cf23b0a201658f28ef7920f36a0da8917068a4435e0d710d320258114e2fcde2e1dec0c9faac26d671ea3735ee2b26cb644ba56ced9031cdd2b391c4b96aee7a4c38063e61dbd8ada24cea7ced0728a365bc2320eda9746823b7d83afdc8b3b293b56739011554000aec6272004a002328f20368c0902b8a8d251afebfb4d7b427cfa8927385626a474e3918ff557c8f19a8691011523a63c7e578b98c8951157f0763db3ebc4ea24388527e83b149ef89d4173ebb1c0c9aa3cf4e1a47faa3ebe7ca625e7ef077b38235781236797360696e552b9289a80491d4c3e70ff00b01540deb0de1b3385549b667cfa3598a34751868a14ccb22a420781452699563b16d0d0f1a7f0ba3f0ff45cc2d2536f1de9e024bbc923cede7725f84bf3e6a645f43c4ab3db6ddff671f283857262570b6652dbd8c869ca6a3896b870235047db08a54e5c39d7516c4b0d621d87a9c3e8c53249ff2ab9145f026ba4743a46197af56a0df022363ed59a5c2011e664a05fb952d5ad9ee2037c59a4075e4b504d91e87d303e0bc55cccaeb17e1cbab6176d2d148ce05fe986c79eb843886194f80e202c4f373244b38fd46643c1bc0fa8723ac498c71919e4ed8e5092832aec00a35ceeca94df7bd2c0c02dabc886cedf1fd044db2b45c30f8c0334c992eed40290baaeeb4d00e2cb504ca1173b6b6eec8d2aa3a1bf46e64c1ae1b3ca2882545729fe78d5e1e99c6f1f31c0b0f2190889c7318ce7605128a86c62c8a1fa107304c4609e28a2a43c6799ff6a7d70909ee10676801ee670004cf9632e34cb8cfb43d2f477ad335f5142da0baa4f4542dc93704e93a3420ec50284626fe36618b079d0db013d691583aba257947bdb1514d0318180ae43d0f94712f5c0de35f3e342ce7da65f755761506b9bfd186641fdbd03d5a2d4fe170fe23af8", 0x2000, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000a0c0)="7298bebe1c9e993533af31fb3430165cee95d93e75a06ac94ae234f567c2fdff2701e8a359df6cfb6e22a503e282fb92fc19c50ab6754316e514dca6830eb7b63dcd8c0da0632c17fda2d956174245e4ca9d938f9ccb2a981f5e99d219ba39823e7144413ae61cc8da401337983e6e88196b8861af2f63a115fbf10030fcc1d2d5babd974e8ced75a284ec44da01941ebb5a41a29ecec6cba4be6772a3f8238bddc8e5beaf5566e22010d6202630aa9c7c6111bbe43f1c0b84b265250ee5fba6a6e2ab3efd7c063636269082762f29168cfa8dca52efcec090ddfbab9aecb53e239d0d6c2da29cc9102387b7ff91440674f1fde5b3241e20a408fbca5f0d0ec60d44c57ddb10eba305c0066d9dac4f84b5536127c6cf1a12b67e0fb01788a8d78305dcc3031b0eec2e4683dd3d60375cb9f93d91dff1039c2c680253df34bae70b4e5bb8359488259eaafbd054877f1f98d4fd28eeab428d424b30c2dcdf0b0e0d72ecd43638feb2ba82d5ee325f7211392bfe8966cc1b3d023c0982093608dda19f6de682268bd957c7d119411ad2964aaf0d02f158b34061f1b0a5815b9480efdb22e2a88c673d247e1278b350d9847f354960cd72ead4c2c3691cb405d964d4db6c3c46641272f451c024199a1a6e803adda509e3e27d6582d77bd9d2ac84ed947751fe6985f9506061b9e3bff504b6377170d6c22c24f1ad11ec796e931afba7d586bedf018023105468d3fe11c4df7a1cff36fefdd103ba5fdac3798bac022da5a0718ca4953df593d0f64573f91fd1e3256bd0890b2d64405924ad88203cbc40df3118469b07f702cf4adffe4ed78d6c8a6cc3170b47031864cf0752f1b756921ac687e1763c734665f3f33bfaa4e6b16175a1024895ee783db1305e9a1322ce5868d2c78960a73fec0404c904f667aa245bc53c70ee336d5527f9d01064d7bcae651d6fb0e33a47c7e8c73f5e1e826abeadd224869bbd512b33edd217f5c3768446e93ac415d5fb015b238ef3d05d3c1c6caa06286ee652f120da6cef293dd22b32f659840152c7b17c6ef067de2f361620c5342ab8b8d205b1064ad3cc9cf520c63da44c34c7cd371c230a107c0d62bac5daea86328936634ecea4b8a68bb8197b3c3434f7933cd60aec8f17a790f7f88f404d347238a02dbdab8497972d3d11c8079a9a2fb41b3fea68b4fc1239a1f4035039eaa303c162dc58a60b929d0b489a58671dcb4e71b6101e8b0745187e59e9e09a98f54c245eee9bcabeff80a9b57d838e308e18ccb69de88c179451b3ae496c6ef4f263fb1e20bfebd453521fdfb9e3eada1be904c2dca71868e461ffaa59a8abb1fb13fd23a7f4d54cd10a57a1f6ac85de0971ac838ba6fe0c43f44cdc5062273d011e58043863002f923e43bf42f7845def3fff940bf271b79e3640c484e537ba76b2f8480c11eee0430012dfa2880258a9ca3186558a8ac90816fcc392b11267109de4823cf688dfebe84aa91fd84cded7f3ad4ffd683c25f28430c1fd5dba9ab7ce0f15a8b6707dac1ee2f66115399e94d4f283edb2b03ace089d13d3f52b8c4740a194ad7e83b0a4e8bf60d305d05dfbf86b9460ee1c8585af9c424698296ad72b28342f9cca8e35eab9efe58d75d88d891d1ba36195ea90e3a61485068fbb94ce71f0642609c8d3d530e5c78f0776ebf53345fe1e0ec362c0dc8ca3d0ef32de334ed3c92f99d0bf767bc5323b1ee7254279f016e2ee7933836ccc43f9f41acd82ae5db4e941112e124cb5af18ec88e5400b5d090168f7963d639f847e6872915d95278ddc02d58e5be4a5e2f3961af4bd79e0104b700c63aebebfb1c70e9e16faf6657327a2808d7f9a43accd76273d0c9f3fa5cae9593c2804b6542500bbc42ae4ce2a69576663c5af63b756e2bced7e808b83981e4fade33502bb9640f15667d9a38938867dd7c4286451784260531478beb8b88effbe07a2853abe8b03e6315bb96305a6c3103dc8187f7bcc21fe13013221bfb4711f2de3482f33c1e8112db7dac628f92c17cdf56e1c1fa0be70b00e5c5919231b0275c93335007aaa79ad580f9ea529a1606d0877e40aeeba804fea5ef15537dee93dcf64a5cdd313334aa0678ce1a1eefadd38ea4fd129833399384c464001d562e2c095211d0cdfebe15f2b1cf4d6bb49b61d1c836f59835c951f72cea645e7368d063e4e8da5912df1e120d5e5984117ba4fb56c36a5180fc27e810b7234e574da5beaa6d40b77469510d8a3a6fa7c9780e746add983f0fbc4bff0c19b21f69ca4893349ee11586ee5c78c9d7279614fbfc2d78bbdeee9bc88ed2e2e14028f93d487bb1563e052fd3896b5b4419779e708b1c15d879d63f694815821a02b994741ffc675391684f00d29aae9923c60900123445e69d155bd03b1a48d7763c835b5e1c96348abe8ff1245bcdbddc9c703c1d59c38065d76a2e542b9feba2aaf50fdb04e100e75c5e6a98319fabce46dc8a22cb5f21ba5609c506544c921cc32d2a0f2bef1df8dbe52a58a9d725009d4aa93c787252994f7d41e265e4a2bb8397b2643c0ed72a137b7aa69e9a16877045db252397a6c74cad4a7e2f803c45fccc5848792ae6051739abe20326b4d8462f8c1900a03925cf1b751f219d90b9d91b9fa206cc5164b144d90eb4dcdc471af52814a6b27df080516e8c6d7d80d7fdc0f0e7f749f9a5c04e3b2ed6156d0948f0e2d1734898b8b1e5f9d783c809e9ad4a1ecbe05e75e43628ddb62acc279068e5ef7a5b61c58f603027099ad4307e1e943c504deda9e5a27bd97a63adc13f43a8c5d193342a6a8fffd78d0fd7569dc87cea647105ac30944a8fe9ea5bfa57e3bec19152fcadc2f74d8e8dca5d8af2d039aaceb5ce8b304b68d542a2c6cc24ee3ffc80f0edd929efe6f6101e3b6956c0b4a73c6fd88a0d30ea42d2ec50374cc18a7849d28cbdb2d2287a1095b3fd94660412d17f8064d80a814750e6edaa5b259a9fd6ed664d8e4840cd30a66736c22e744b956b1280f7247d2177d0f0eb0c7e748d617a3db1f9aa8aa6d02b9f312aba83d58c098f8cc7136f7f7099cbd714f96965fc4ebaa44b26cc76234f9d48bb609696a18be089403d1b470751be37a1a325589326cde6a4e3e264ccc2447e470a233e72aefa52db064e9cafc361fbc6931a8069d8f9cc98717b0abc6d54fdea2880e14192f9622f8a638942d853f0de3c48f7f68a498f72700d92957c045ea3ec57debdf8b68e0611f810192c537150fbe05bdf049c5b909c1b93ff8b7a3d08a8399e1917357897a9d10b41dddc17f5d70cd200fff03e51676f3e6e62d802e231d1657d3ad3641a014cc0bbb041723460f026ee30914acad1df97ab9d790a6d785fa9bbb60b6f197362996707db77c41cc7a0c417cdbbd074766f875c73ac6e9430d8b9705167d5751521356a4216a17095a90923a046d9745dddaf00c601c3d141b1df2734cfcb84c2ae8949f4658edaecaf9751b506485ba22a7894f26810cd42d75f5f8822a7e9bce119999e8b893c2247d5352cead33c64db0a2d5439e987840287a3c29f8ce6bc99d0c1da5e46db1b62649a2bb21415844b0d0ad23d9e185b04e855003db59b4db3cd619394b799dbc23a2fce35ee463901baed5cd19ff5383099ccbe720e1c659607ad5cb980a17e1b314d319ff897716e1b192469d072b1614316ac30d29bf75918ba5d2fe6a10362c869d8a66b579fca8b094b34527e1bbeecacbbd18623b7124a6269ade8ad74d09aa99f254ef06972b7a261223878b404109c91caecbab7495be783c07df91c7abb363e044a0def35c6e967d68cb5936728898888516acbaec48cab21376e71289f4564b3080c420354f080b6840326721ab9e2bc3ac57d1a0b69800ee6854ab4419d0171cd22909d0cb8dac9361d11be5154b1e40e42bbe564c5f4692352fd804132581db6595cdfd96e1a85beed71bcee45137bef3f5c8b9cbb4283e0c360ee2ba64ba52198001a8601efda9eeac84e712472994c3cd2e8c51ce92364aa85a209938946f3791721f35c9b36e20192cfae2abf612a5c10b4366f09f2a6197ab7fb9c962ea0d02e8cc51d19010c4e8fc16b7ef7eeb85377b8f6de8a9c3032d9eac378f85c6da1c7a6adc4af6256223b8de7c01236df1ffbab5083ba66f9355ac50400dae3325be925bc23ea66024f5e89a58eaa481596ce9ae6085bac477cec71a7b9c4435a20f2674c4d87089987082cee9aa47e266aa5b90b306844c35ba3ea89e865b320a13504767f15fe93176e04349304e6e6e253c5f74ecf8c49cbb61ad201ab9b586c205ae63ac7c83a7504dca775f213928907d629cdd3a9509b9d190ea35b6bd79169c5109f235341239ac03db3c8e39eee7919b4148d7916c1329d839e1f55d5a107ed061956d2baf8bd0d45cc23163db002f7f3cdbae211fd73f759c9ecd386ae971dcf18aca81af11e531cfbca5bc9fe93ebfe68b1c09ad800b9f129b4d624f16522a653a01a81686363b771faf678d337df43fa7e2013d43d6ccb29501ace407e06b474fd9ad9ba969ddba041ad8f29a4f1e01943c10705b216e38e35059fb5514994313cae1a633bc91e539b5a7711434cd9b5eb7fb60e57a2d67dcfe37e8fed6d6b7c6290cd875fb4771bb3526de7ea80fbfa4f93f7af92193a62a74ee4d6181aaf6f255c31dd32dea46a89fcf6141ae4e7815bff36ab9da4220c390a2fd49c5cc6ba8467ac771da7c2e16f863154bb653ea09e09d88bd7ec5d4f3596162f7b85c29eedb386287f83e235821da881867ca30a828a25a8790e3fadd9e96f8a9fec660e4379cf83aa623c7d45dc02d32a33d9019c9d7b8bdf49f95890ebf3ca0919fdde4340ab632681ee63b3011307da2a3f8f7714c5170a7d0730c8fe6f9ff52b3bef215031a693db977a9a7a76ef04b475ce7793a45472922a71dee28dbdb66a1ef91a500f86d71d95eb6cfd69076e58281edd6ce0f44dff3216bff8fc3ec7e10179284191e19c4f62e8b49f036a2b3df115d35bc6184c63c5420ee5be470d96b4d65041e3463937a7d4baccd5a3610e130b0b7cd92e5eda9878add42df88b67226e99f5864ed87c4ec68a5f74d59d978d3eff57c34061979038948027666921d454af312146801c8f52261c7869e572c4921b278f3c4341858dd0ea89c8ec7ca77ad2bcff3a85208431c17c726760c9ba39a7a4055c9cb90597d91d7d6ca84ad2fc64edb1064c1d0dc24c3fca6ce3cd3e7b475a01edf0aa2ffdc998a22af4e0438662320d721450392a56f6ae7287e8e8e6c1434db59dfda5844e11190e0cd3cd22769284c2a78f8df4cda8e111a9a4c2c0c9b5281040c8375ab191eece2a14bbd8396ed54467f5713d0d38dc240e0bdb8fa93c15cf5e5778c30372ef8170efb2feb0bd166ca6180416ff9e1f5348fda008976757956d2cc5ecea4a7236fd054f5fb925d004e76d3e23c324f56135551d1dee4003dde1aefa1eb9f8ef5232f903efcfccdf1304d8b3438b027811f7552c23e896e0b36fca7f26a11af2907494d1f9ee5cf4b21ae7ac0f8ad70e94adc40e037a19689ceea73cbd3bf1410ec437743ea1441b23046f9a751e0a6228c1d6eb61063d6998f2a96c3358525f35f2a65c1c3ecd828161e2efa21b621a389797fac60097da8670440e1313c6813e5eede73c5090c6f817da6aeb5050f44341d5e569bfe21e641ca0e82ed0b162ea3b9773061175185ea22f3bfa5bd4a9c8e869a432ecfe75efb16f364a2b7cc8c15f39fb0cefead2b9aaf5d2134d7a61e435f6be3a82650198fed089e2f97d4bc5cd67f6ca58a6fe2ea3030832da4351d09f25141ccc9a1a2e042983fe2cbf53bd5246de355f8031902d5497aeadcd631a80341ee74b85e51b86da2ab239495975b8ac2b8c65cbed19fb07af29e376ce539e979fdd66c77b439cb35059e3a8df89fbc02297f8f05831193d6db71ca0c6eea65166738664947cba94983f054570cb5aa62b9aa22783f9a5720b925fc0bc34b8c7487743bdf9c5c2f770c08c952af6b54f12cd830fc25fa70485cf8f963df1f809279ed065ed63a12d6243f8cdbd9c8e24d24a4770f86a712a63245eab2e56b76a02ba60135318f8c22d05830dff9ea93bf00664fa708a4ffa999d40d9ff50ba3820cc402d9070a7407a202456886ec8031924cd1727b9187cc5578bda8ef57a9028b07f80c73ef6ea6dc9d4c9018bf54afd4d7ba1ee722375568126f8e361c93dc67761754f8ff7a6179b218d4ee40a3322cf9461e29b338ae11a50489c927358b4c2e3bd515a46b0f4897455bdbb58ddf748f346cc62b0dae7137ed91a14ef08ee10e80cde49e0034c27b00bf309d7ba4126305587a9557de823417d57681086ca142182eae3c42498acad426130d98ab136d4387014bd7ef6fb978b39d8cab3528cd6eb9cb0f6d3b1b1c0d0a4f2297c47c8e2eb88f1d34b92805e5af68f636985d887b109eb13dd5dcb76ade1110d03863177f2a4b4fbe8643867ad4697369402009e4f70f0de4e1dbd53c2085e4e9164715d1725a84b122bda711899ca34ad6cd906eb7b4469f0aba608fec4ca8cfda63a2597df695e32d4c99e7e81f9f5997dea4be181afe169bf820dffca32abb43aa652442efa85c9b95505837184eab86da524a5fae16bcd7dea979c1e69fa6a230d69e1ec045d4ef3ceccd6364cd07cfab3e31d64c08c34c913d2d2966c5bbd4e3d91199cfb9e87a1f9f51316833df6919cbc25710e838020116c9ae300143c033fd00eacd5fb635e8c236ba5ffc8695827fe4f8c1cd81dd8eaa467152598ed4b5b7d3f2ca5ee648ade6287bf4b538fefce3d776843966b8a97c5cf2651259ef438000baabf5d1f6fad9c32e299d8458ac9ff71c867bc7ca8f0dd92a3fbe649619500609f17f5541d9d4391b40067763044e74a8ac6c5bd6624a83eb527ef06e7b44a0f55fc7edd24fa4137458c349fa8065d88a0d82b8b3867c79e1d3b35e59fd2d4bc7bc1aa7af7005bfd40747acc708ad3f2b4d63affe9edbb9df24997f3dd3acc5c5f136e2114f9c5269188fa231aa29e2110e2fecb18c887de522b87ddca6665d18f8845e2c5f01cb6345faa2224bfa2e0a98491b612d377440710c660b6260eaeb0b49964aa705a092d6668c8fef6fd3158f396effcc2e1e116feddbfb25b6ecab24ce7bf3147c3be7bf43e870e33584b790cb93a9c4ada659196f594b61023b520cdb17e9ecc052d3736d7ffa325caeaef6ee3f5cc1cfffd63bc14998c5f026f9675e6a368308c076b6eaf38c64880ad1195fba715de7de893ed7caf4f1320603c5e12684db48f9ebe189174ef6f6553ea69d9cc989ba83248428fbad12008f24dacb09fb3a0051e3543cf37e62e1255bd4a1fb8285ac2644b8f15df4ddd92099b0ff866da6b06555836e704dce41647a0b91409d72df899e12e76a06d403a6d9a7f15c384b74709c857c505b80657f77160e20574d3efd6e8e013d4c886f3d1db3f5e5b1b2866f8c8e1c93405dacbf9802c72075f321c686327c08bd668d8e945b6328aaec9a9182df77bc873a568c38b3e81a0d3041a5a2ad7a18cb49f4cf54707846b24816de0f8cf8d97316245a4b3a44de1800b56f82d4b72eb2f832467b0ead23271ff7895fd2c257cb17aae9e8c7e83bf9e0ca7913d045bfa844377ad53000a868588662d33e76d5c7d7c9a98b3c2c99cf00383a5ffe3b795bcef7b10133789497a34de9acc20981a84d0a1c169fa1969909132a90a1b9d30dcf68eb17da2ae2d457bec8664a2f5461425182cc060bd5e9b7299bb7d474ddeb926f36c341f86390418553e1625ce2eb6cac8eb45b5fa5e3b4c456434fe3d54e89cc2c3b91bebe905c0c1305b53ac945fac79b8a8162f4838c6b6593260e5a66ed2372b1cee4d97011458bdf16d4aeb3e6499f9cc44714b533697fb43b5c5363ed976f85bc12157a0efba5eb9c4f9d63c677ff689e8cda73eabc56501bf2033cd3010f6595d18f861da04845e961461d21cc48d5b47cacef553d09f94caebe7d8203550db642dc50751cb13857b8b5a2dec8ee0ba0c4a96c15ffdf7c4398c237c9121bb6665316858f520badcd7d35abb77da6a8ef72d55566a223246e0ba14698730484750ad81aa1ca8ae07b95463795d93a0576959c40bb3547063e15234694495447ad2c8fb131b1157d40ecc2d3e1e7addd60ddc2ed4ac4a9d80a5d09f5ebfcd16980655bdfe305a8ab8043623830af2801dc8c41433d8251cbf6132fa61f1a614b8a08d09a34f2c1e802965b29a8519d7e420f824b4f9be49dc780db83b78d22468e217f602aa30505308cb8d4c86c0e8693dd6962b80b6a33ecd99c25d30395b25d833d8df95949e46daf3361e99399112cb54782a8e4277bc2f21eadabb061a339dd279989e7c0e8700935f8d40e3c08f6d1500c911bbe5eb36f84ff97ad1c5f84e676f282f30e6c741c0bd95b235e56fb456b163affd5e064fc302edefef8b4551299f44cf001f6e7c6d7b9f0825bcb6db003b9e41add5b263b3e8a6e0faf6b061efdf5c61e08867d13dcfb0f3ed5917447fb90e96b1013b8ba4791ca92e8e155f475653a33716ce18b0656000712700b16fe64f30e964964535031a11cc6022cbf61980205e99cfb4b7572f7a1e768575ff187c4cfaa965cdf81ed98de14df77a59fc3d0a37c46f9aa6b473045417ea63304342480e755e806da42a1f5a8a045526dc56fcb10206eb51f96ed6e8e17155107caf95eed6ff2c81621855b4468f6052659c833c43d5070a505f64a4c25eb4e925a02099bfc45c36c238f4393f91b0b4b5e0837065aae50d24a769715baeb5f5a60afd8432a5f7858dfda6b89f3288acb89b68344be41ab1952fb26d3ad300202ef3256e94ea4a54359bc458f120e490079d596533414dbde1c535c1a4f2fb08b12f4a59a4b1e404ba60e2bf43ce58acc8be3f418de91ee65fe0e713ad7532a49dc085d58e07882d19fca048c887ae3309f2e7def12dfab8be50bdc213c98c8ff1dcd4a0c27b11f910abb4ce99594e7112238d94ceb831eb263d546bc75bd3992ea887a7b87a4039f574301afc1e30113e739cc2b68984a3f0af1c9f7852d8695aa48c09707339d5c3fb14eba191fe5ec3bbcbb47ef064ef2be7223d98777785176f4acd08bbe2bf35c921890db466aaebdfe080fcc88fe9735909eca27d6846d046a726bf3344a75a54e0c4a733e28ed53baf8bdb1d993da4172737cb6a96f0c736dddfe06b06058c4025cca0d8b589b8cd6f33e5957da9d1768f94e86e35e55929593f506a398da76ca70bc9f36a5a20d0602120f682a19a7ca6c81ef8150a0078ab9d47ddac11d43fd062590eaed1f96cc0a5340a6503cc22126cff9387d9c14ba0cd9154d1d35f9f5ba47275b95bec53cd6d08a3b8d1aa14990de5ddc9078fa8e49ed05a5cbb07df6bd27116a329fcc1dfae75d12aa599f5f5671bad7e26606f6d01690bce97be026b7cb23448f1e98af325d9352a90f54e199b61179116db00b6752a3ce883c8b9d8702512c173c211971f3c9352a7223a2d397360f4a9ed33de65df7d36340382a383e0f79434adccf7b93d9a954e16314dd2360c445f2e6b2a868b079efb45f9db7dc73bbd0c8d5a7311b4e7756654f0f4f81b55c1eb29e9672f0841cc4fd2d5bfcf269912fbc5dca9beda35676e3510ddf2ba7fe900651e64a2c7187c109f3125360aa7a4dda568acf771629f414186ad1b45692ecdc52ecb558f8e5eaa9f807b139de4239f771aa0d40edf02c3989560f0977d7e6a8b26bd722eeca873328cc3dcdc3e7a81c5befa7277ef30bcabeee30957b3cb40ea72a76da5fe0e44924a4ebdeeb9e07829484e5e2f53b47ce86bc48f464ec44acece2bc5a0eb3e4b3cba1ca2e4bf98a34a58a5852d5c281eb11d159fcbf8bbf01c59c95f897ccd581b52551947b382232d8a0694ef642126e320121be6b950fee939d6782c676059392b1cef64345b180afa2f9976ffe6bad2682773e54eb0c46bd8177bdd9796ab2f7689f2ac8200bdbb0a6a53e7883b4f98dcb2523c8eeff3327d0358f22edcc1c325d585269cfebe3c14aa3fb050462037c678f090a1987c1483489d5287682b8167435de3fae2e78b3452b0fb0d2830212f156371c3c98cb8c05a013e485cba204f912af401d7af4afb47ee68b19e42efe954e2d4e1487b0a715c4240140114ec7c514c07f685c4adbb17eb680af1ca66a4b74e416693b1c3ca05dfa30137140c341047050f9aa0ae9c3b346969ccd85fd5c7f270adc7184c2ee775df8a172fee1cff86b66f12a8c1fbf83f20b412675e00b960c6c5d9e2828a9b7f90adfbef295e9cd4503fab3a79dc5fafbd570865a752b68e07054b3618b16f59c66f73bf64aad85c86b6b282e5f2e7441f304ec8e55cbffd63912bfde1896049c12dcc3ed24c60a349d0c38db03a2630e3877ce2f301081b817afc2d29569b25474f5b8c1a0334402c5dae25c68794fd84d7edbd1c865f6eb3b5d61cc0e2535b02c75d0b05d0ee3bfc84bf9f59528f3436a5a691db0e325b9add023ccdaf9e1ef6e4c22d74151f6f8a79beede3b768dda4ef55429b9987a6b536b45ae37910a769c6a5914ae1b8452265061adc74ae14aeb5c4dfa97d34a7b4836a25c76c0e5a1111dd0f6523a29430fb3f8cd746a15f551036b31ed126474a71a00d2b69599e2d3ef8b4b19cbea82aa74df33ad0e8cad3551ae45afdede313247a7a08a5a1f09aeb92451fb3f5ab4d9fa8958ece469cb5fe7e34cc7a4a944532a6cedcaf5270c0ec885a2b3a65f7a0f5b45977f81e5fade244bf5ef468576caadfacb796a242a853e0a61e1ff07c4fec83071748f012252e0a2de44187298eed2209fdedf372951b831d339678fbe0b46381273b364ae33e06f5d7c8332acadc77e20c6cbb7153136769b7b08368e8998b4e5167ef5e6f4d04f9e3fd05a00122f5c3612c44cb550d0ae6a9def77b91a82e4f8f462a0bb491f6d6b060452a18fbe1cedb2675ec5d0b7ff51f4a9828b98c22b5211f4a771baf54cce8ca068775797649fe2388f1735625232f602d3e4dc0465db84354c1992ef96f6968daf01ebe6901cd40a08bcc0a6927186b34e2e2bdd5191633da1b6a57b3f21ae7a6765904a7f4b466341626cd2e6c51bc00f10367eb68bac4de8324e353d66ad4ab3ccd7ad846d40367befda9c17e0dfbd8c88717e5498907465f99b0c98808d49df7719b12abc88692c67198dd6ed8cc9e0dd03170080ce53212a2d3e46869e383ec8d0cb2551a97750768bf6ce932486b8cfb9e6a381c32ad9f08c0066a7abfcc04e3e4b6a4a4ec9d26adcac92f0d283d31fdbf58bc5b0629c99342ca176cf94dab2177b4ff21e2a12cc3019d0cb79eac31bec89b4b215a5abc82039d4af351963305bbc8e064bf2e316bdddcd8d1f8299101346759f166f13dd0d898b0ccb706d275022b29c6c8face884eb0444121be0d6514c935866b655f4190ea12945d12e9665ce39c75149dfb2d37572915cd7be76198917f3b65c599366d703d4d88034b72b36506d214530bb22d980563298cc5d40b7e1317bcce4b04188e1c6bebdeebecf181e", 0x2000, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000440)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x4c}}, 0x800) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x111}, 0x1008) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xff, 0x7fff7ffc}]}) socket$nl_route(0x10, 0x3, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 0s ago: executing program 2 (id=1562): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ftruncate(r0, 0x8008976) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = syz_clone(0x0, 0x0, 0xfffffffffffffead, 0x0, 0x0, 0x0) ptrace(0x10, r2) ptrace(0x8, r2) r3 = syz_pidfd_open(r2, 0x0) process_mrelease(r3, 0x700000000000000) process_vm_writev(r2, &(0x7f0000000700)=[{&(0x7f00000004c0)=""/199, 0xc7}], 0x1, &(0x7f0000000c40)=[{&(0x7f0000000d80)=""/95, 0x5f}], 0x1, 0x0) kernel console output (not intermixed with test programs): T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.070886][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.080441][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.087614][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.100454][ T4194] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.117693][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.127166][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.136987][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.172310][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 71.183127][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.192113][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.199362][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.209185][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.220812][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.230375][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.239698][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.249822][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.259423][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.268258][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.278114][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.287582][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.295817][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.306852][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 71.317138][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.344079][ T4192] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.355356][ T4192] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.380495][ T4194] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.390884][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.400961][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.413783][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.422747][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.432750][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.443035][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.452532][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.461455][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.470522][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.479817][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.489572][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.507275][ T4196] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.517264][ T4184] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 71.530219][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.539953][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.552609][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.552814][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.568770][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.576031][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.585105][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 71.601214][ T4187] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.640734][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 71.656674][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 71.676590][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.683905][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.705875][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.726732][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 71.743425][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.751929][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 71.761356][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 71.770324][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.783830][ T4196] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.798648][ T4187] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.833698][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 71.843913][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.854214][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 71.866155][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.875190][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 71.885504][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 71.894155][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 71.903634][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 71.917165][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 71.931262][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 71.939638][ T4228] Bluetooth: hci1: command 0x041b tx timeout [ 71.952401][ T4228] Bluetooth: hci0: command 0x041b tx timeout [ 71.959569][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.966731][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.982589][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 71.991655][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.016128][ T4227] Bluetooth: hci2: command 0x041b tx timeout [ 72.024702][ T4194] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 72.032332][ T4227] Bluetooth: hci3: command 0x041b tx timeout [ 72.042175][ T4227] Bluetooth: hci4: command 0x041b tx timeout [ 72.058418][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.068286][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.078378][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.085768][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.094241][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 72.104107][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 72.114534][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.124949][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.134241][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.141802][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.151139][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 72.159344][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 72.171635][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 72.180755][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 72.190407][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.200578][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 72.249985][ T4184] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.270723][ T4192] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.281389][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 72.290786][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.300595][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 72.316748][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 72.330140][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.340405][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.350332][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.357479][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.365674][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 72.373474][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 72.393525][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 72.403205][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 72.413675][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 72.439992][ T4196] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 72.460861][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 72.533785][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 72.556926][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 72.566358][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 72.581828][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 72.591685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 72.601729][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.611516][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 72.621034][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.629944][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 72.639803][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 72.648829][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 72.658203][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 72.669030][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 72.693425][ T4192] device veth0_vlan entered promiscuous mode [ 72.706978][ T4187] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 72.731244][ T4184] device veth0_vlan entered promiscuous mode [ 72.743855][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 72.756752][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 72.767268][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 72.778913][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 72.788617][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 72.797023][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 72.804991][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 72.813511][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 72.834887][ T4192] device veth1_vlan entered promiscuous mode [ 72.850841][ T4184] device veth1_vlan entered promiscuous mode [ 72.861805][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 72.870616][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 72.879884][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 72.889385][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 72.900794][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 72.908865][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 72.934417][ T4194] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.987392][ T4196] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.001211][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 73.016681][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 73.032217][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.041697][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.067815][ T4192] device veth0_macvtap entered promiscuous mode [ 73.077604][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 73.092508][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.102105][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.122036][ T4192] device veth1_macvtap entered promiscuous mode [ 73.137904][ T4184] device veth0_macvtap entered promiscuous mode [ 73.146957][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 73.158262][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 73.167319][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 73.177602][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 73.206134][ T4184] device veth1_macvtap entered promiscuous mode [ 73.229011][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 73.256600][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 73.281932][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 73.297287][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 73.308593][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 73.332972][ T4194] device veth0_vlan entered promiscuous mode [ 73.352103][ T4192] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.364992][ T4184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.384981][ T4184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.398525][ T4184] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.406514][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 73.414112][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 73.424154][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 73.433212][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 73.444140][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 73.453347][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 73.470151][ T4194] device veth1_vlan entered promiscuous mode [ 73.485089][ T4187] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.505801][ T4184] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.525339][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.549999][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.564733][ T4192] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.580932][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 73.590240][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 73.599744][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 73.611981][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 73.629855][ T4184] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.639203][ T4184] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.648223][ T4184] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.656989][ T4184] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.674367][ T4192] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.683668][ T4192] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.692786][ T4192] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.718279][ T4192] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.762031][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 73.772470][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 73.817017][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 73.828169][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 73.850729][ T4187] device veth0_vlan entered promiscuous mode [ 73.874467][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 73.891476][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 73.903099][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.916735][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.926494][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 73.934554][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 73.960193][ T4194] device veth0_macvtap entered promiscuous mode [ 73.984721][ T4196] device veth0_vlan entered promiscuous mode [ 73.999648][ T4194] device veth1_macvtap entered promiscuous mode [ 74.013793][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 74.022708][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 74.028402][ T4224] Bluetooth: hci0: command 0x040f tx timeout [ 74.033193][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 74.045506][ T4224] Bluetooth: hci1: command 0x040f tx timeout [ 74.049912][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 74.062447][ T4187] device veth1_vlan entered promiscuous mode [ 74.092609][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 74.102875][ T4224] Bluetooth: hci4: command 0x040f tx timeout [ 74.114785][ T4224] Bluetooth: hci3: command 0x040f tx timeout [ 74.121328][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 74.122006][ T4224] Bluetooth: hci2: command 0x040f tx timeout [ 74.131808][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 74.157351][ T4196] device veth1_vlan entered promiscuous mode [ 74.175519][ T4187] device veth0_macvtap entered promiscuous mode [ 74.199594][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.210447][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.222181][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.233304][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.244946][ T4194] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.254817][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 74.265132][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 74.274287][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 74.285143][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.294768][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 74.304305][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 74.317141][ T4187] device veth1_macvtap entered promiscuous mode [ 74.332733][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.333654][ T4236] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.351972][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.366641][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.373863][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.385866][ T4236] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.395507][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.407077][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.422032][ T4194] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.430016][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 74.439475][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 74.449741][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 74.461611][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 74.472668][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 74.488161][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 74.499811][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 74.527932][ T4194] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.541093][ T4194] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.551656][ T4194] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.560937][ T4194] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.615815][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.625988][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.648536][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.660014][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.670247][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.681063][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.691890][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.702823][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.714547][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.724172][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 74.733515][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 74.743846][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 74.764740][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 74.773978][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.791784][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.804877][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.816544][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.835664][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.846544][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.857446][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.867437][ T4187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.879712][ T4187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.906741][ T4187] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.917553][ T4196] device veth0_macvtap entered promiscuous mode [ 74.938487][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 74.960224][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 74.972215][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 74.985089][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 74.998586][ T4187] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.007862][ T4187] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.017348][ T4187] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.026313][ T4187] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.041307][ T4196] device veth1_macvtap entered promiscuous mode [ 75.126130][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.133999][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.215467][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 75.224081][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 75.273397][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.294723][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.313688][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.324838][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.341326][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.356340][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.367151][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.378188][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.431440][ T4196] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.488396][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 75.531408][ T4236] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.574135][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.585953][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.604273][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.615100][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.632613][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.643584][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.661307][ T4196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.673582][ T4196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.691483][ T4196] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.703568][ T4236] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.715499][ T4277] tipc: Started in network mode [ 75.723143][ T4277] tipc: Node identity ac1414aa, cluster identity 4711 [ 75.732898][ T4236] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.741554][ T4277] tipc: Enabled bearer , priority 10 [ 75.748285][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.756770][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 75.770762][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 75.790992][ T4196] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.805984][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.814052][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.828335][ T4196] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.841257][ T4196] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.850754][ T4196] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.867031][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 75.991879][ T4236] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.007233][ T4236] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.014836][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 76.059034][ T4287] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 76.087944][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.109332][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.121434][ T23] Bluetooth: hci1: command 0x0419 tx timeout [ 76.127950][ T23] Bluetooth: hci0: command 0x0419 tx timeout [ 76.150316][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 76.193309][ T4293] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.203888][ T23] Bluetooth: hci2: command 0x0419 tx timeout [ 76.219972][ T4293] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.225638][ T23] Bluetooth: hci3: command 0x0419 tx timeout [ 76.253116][ T23] Bluetooth: hci4: command 0x0419 tx timeout [ 76.286829][ T3051] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 76.579611][ T4300] block device autoloading is deprecated and will be removed. [ 76.579614][ T4307] tipc: Failed to remove unknown binding: 66,0,0/0:2982098307/2982098309 [ 76.600780][ T4307] tipc: Failed to remove unknown binding: 66,0,0/0:2982098307/2982098308 [ 76.617517][ T4307] tipc: Failed to remove unknown binding: 66,0,0/0:2982098307/2982098309 [ 76.626875][ T4307] tipc: Failed to remove unknown binding: 66,0,0/0:2982098307/2982098308 [ 76.666860][ T4304] 9pnet: p9_client_clunk (4304): Trying to clunk with invalid fid [ 76.675099][ T4304] CPU: 0 PID: 4304 Comm: syz.1.12 Not tainted syzkaller #0 [ 76.682751][ T4304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 76.693641][ T4304] Call Trace: [ 76.697045][ T4304] [ 76.700192][ T4304] dump_stack_lvl+0x188/0x250 [ 76.705092][ T4304] ? show_regs_print_info+0x20/0x20 [ 76.710738][ T4304] ? load_image+0x400/0x400 [ 76.715306][ T4304] ? v9fs_fid_find+0x2d1/0x320 [ 76.720307][ T4304] p9_client_clunk+0x2b3/0x380 [ 76.725135][ T4304] v9fs_statfs+0x1b7/0x380 [ 76.729608][ T4304] ? v9fs_drop_inode+0x130/0x130 [ 76.734785][ T4304] ? ovl_mount_dir+0x1f6/0x2b0 [ 76.739614][ T4304] ? kfree+0xef/0x2a0 [ 76.743655][ T4304] vfs_statfs+0x13d/0x2c0 [ 76.748039][ T4304] ovl_get_upper+0x1c0/0x600 [ 76.752710][ T4304] ? ovl_fill_super+0x2a30/0x2a30 [ 76.757804][ T4304] ovl_fill_super+0x160c/0x2a30 [ 76.762755][ T4304] ? ovl_mount+0x30/0x30 [ 76.767061][ T4304] ? sget+0x427/0x440 [ 76.771179][ T4304] ? free_anon_bdev+0x20/0x20 [ 76.776001][ T4304] ? ovl_mount+0x30/0x30 [ 76.780323][ T4304] mount_nodev+0x52/0xe0 [ 76.782533][ T23] tipc: Node number set to 2886997162 [ 76.784695][ T4304] legacy_get_tree+0xe6/0x180 [ 76.784741][ T4304] ? virtio_fs_zero_page_range+0x120/0x120 [ 76.784772][ T4304] vfs_get_tree+0x88/0x270 [ 76.805634][ T4304] do_new_mount+0x24a/0xa40 [ 76.810200][ T4304] __se_sys_mount+0x2e3/0x3d0 [ 76.815206][ T4304] ? __x64_sys_mount+0xc0/0xc0 [ 76.820020][ T4304] ? lockdep_hardirqs_on+0x94/0x140 [ 76.825263][ T4304] ? __x64_sys_mount+0x1c/0xc0 [ 76.830076][ T4304] do_syscall_64+0x4c/0xa0 [ 76.834534][ T4304] ? clear_bhb_loop+0x30/0x80 [ 76.839250][ T4304] ? clear_bhb_loop+0x30/0x80 [ 76.844493][ T4304] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.850469][ T4304] RIP: 0033:0x7fa205079799 [ 76.854936][ T4304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 76.874927][ T4304] RSP: 002b:00007fa2032d3028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 76.883692][ T4304] RAX: ffffffffffffffda RBX: 00007fa2052f2fa0 RCX: 00007fa205079799 [ 76.891713][ T4304] RDX: 0000200000000b80 RSI: 0000200000000100 RDI: 0000000000000000 [ 76.899745][ T4304] RBP: 00007fa20510fc99 R08: 0000200000000180 R09: 0000000000000000 [ 76.907765][ T4304] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 76.915786][ T4304] R13: 00007fa2052f3038 R14: 00007fa2052f2fa0 R15: 00007ffdfe0228a8 [ 76.923920][ T4304] [ 76.960472][ T4304] overlayfs: statfs failed on './file0' [ 77.087900][ T4314] input: syz1 as /devices/virtual/input/input5 [ 77.272776][ T4321] netlink: 'syz.4.18': attribute type 15 has an invalid length. [ 77.463536][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 77.544593][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 77.567090][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 79.931029][ T4371] netlink: 12 bytes leftover after parsing attributes in process `syz.0.31'. [ 80.002759][ T4371] Zero length message leads to an empty skb [ 80.015645][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 80.026461][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 80.035731][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!! [ 80.044777][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!! [ 80.054061][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!! [ 80.082214][ T4371] IPv6: addrconf: prefix option has invalid lifetime [ 80.176832][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 80.186733][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!! [ 80.196649][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!! [ 80.207742][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #28a!!! [ 80.218451][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #28a!!! [ 80.360452][ T4379] netlink: 24 bytes leftover after parsing attributes in process `syz.0.32'. [ 81.904276][ T4406] ======================================================= [ 81.904276][ T4406] WARNING: The mand mount option has been deprecated and [ 81.904276][ T4406] and is ignored by this kernel. Remove the mand [ 81.904276][ T4406] option from the mount to silence this warning. [ 81.904276][ T4406] ======================================================= [ 83.652488][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 83.669566][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 83.678188][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 84.301140][ T4423] sctp: failed to load transform for md5: -4 [ 84.414569][ T4426] sctp: failed to load transform for md5: -4 [ 85.588421][ T4459] process 'syz.4.56' launched '/dev/fd/4' with NULL argv: empty string added [ 86.542813][ T4485] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 86.902447][ T1324] cfg80211: failed to load regulatory.db [ 86.969835][ T4494] loop1: detected capacity change from 0 to 4096 [ 88.217588][ T4505] loop2: detected capacity change from 0 to 32768 [ 88.517449][ T4505] XFS (loop2): Mounting V5 Filesystem [ 88.631403][ T4505] XFS (loop2): Starting recovery (logdev: internal) [ 88.684433][ T4533] netlink: 32 bytes leftover after parsing attributes in process `syz.0.75'. [ 88.696225][ T4533] netlink: 32 bytes leftover after parsing attributes in process `syz.0.75'. [ 88.738577][ T4505] XFS (loop2): Metadata corruption detected at xfs_buf_ioend+0x25c/0x6e0, xfs_inode block 0x3000 xfs_inode_buf_verify [ 88.795936][ T4505] XFS (loop2): Unmount and run xfs_repair [ 88.802010][ T4505] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 88.825791][ T4505] 00000000: 49 4e 00 00 01 00 00 00 00 00 00 00 00 00 00 00 IN.............. [ 88.845492][ T4505] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 88.890452][ T4505] 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 88.918148][ T4505] 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 88.938869][ T4505] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 88.985413][ T4505] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 89.014847][ T4505] 00000060: ff ff ff ff f6 f6 bd 08 00 00 00 00 00 00 00 00 ................ [ 89.041301][ T4505] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 89.050810][ T4505] XFS (loop2): metadata I/O error in "xlog_recover_items_pass2+0xe3/0x130" at daddr 0x3000 len 64 error 117 [ 89.057824][ T4540] netlink: 12 bytes leftover after parsing attributes in process `syz.4.78'. [ 89.099454][ T4505] XFS (loop2): log mount/recovery failed: error -117 [ 89.135005][ T4505] XFS (loop2): log mount failed [ 89.327005][ T4545] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 89.355790][ T4545] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 89.376822][ T4545] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 89.434370][ T4545] device bridge_slave_0 left promiscuous mode [ 89.462652][ T4545] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.554750][ T4545] device bridge_slave_1 left promiscuous mode [ 89.579673][ T4545] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.662245][ T4545] bond0: (slave bond_slave_0): Releasing backup interface [ 89.742535][ T4545] bond0: (slave bond_slave_1): Releasing backup interface [ 91.730240][ T4545] team0: Port device team_slave_0 removed [ 91.803422][ T4545] team0: Port device team_slave_1 removed [ 91.820332][ T4545] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.828740][ T4545] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.848307][ T4545] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.876517][ T4545] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.910683][ T4546] team0: Mode changed to "broadcast" [ 91.920243][ T4547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.80'. [ 92.068876][ T4549] netlink: 28 bytes leftover after parsing attributes in process `syz.4.81'. [ 92.080516][ T4549] netlink: 28 bytes leftover after parsing attributes in process `syz.4.81'. [ 92.094085][ T4549] device ip6gretap0 entered promiscuous mode [ 92.102656][ T4549] device syz_tun entered promiscuous mode [ 92.122722][ T4566] netlink: 8 bytes leftover after parsing attributes in process `syz.0.85'. [ 92.148426][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready [ 92.223748][ T4569] syz.4.88 uses obsolete (PF_INET,SOCK_PACKET) [ 92.329240][ T4569] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 94.243287][ T4611] loop2: detected capacity change from 0 to 128 [ 94.391390][ T26] audit: type=1800 audit(1774373542.985:2): pid=4611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.105" name="bus" dev="loop2" ino=1048590 res=0 errno=0 [ 94.598766][ T4618] device syzkaller0 entered promiscuous mode [ 94.643515][ T4618] tipc: Started in network mode [ 94.651089][ T4618] tipc: Node identity 0e6d7fd23c16, cluster identity 4711 [ 94.662369][ T4618] tipc: Enabled bearer , priority 0 [ 94.689495][ T4617] tipc: Resetting bearer [ 94.740959][ T4617] tipc: Disabling bearer [ 95.036724][ T26] audit: type=1326 audit(1774373543.635:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4627 comm="syz.4.113" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f68fdcbb799 code=0x0 [ 96.857446][ T4655] loop0: detected capacity change from 0 to 2048 [ 96.899127][ T4664] loop1: detected capacity change from 0 to 128 [ 96.955997][ T4655] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 97.104524][ T4664] netlink: 'syz.1.121': attribute type 1 has an invalid length. [ 97.289140][ T4664] 8021q: adding VLAN 0 to HW filter on device bond1 [ 97.411632][ T4665] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 97.511844][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 97.875720][ T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 98.186158][ T23] usb 5-1: Using ep0 maxpacket: 8 [ 98.320544][ T23] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 98.332772][ T23] usb 5-1: config 0 has no interface number 0 [ 98.345909][ T23] usb 5-1: config 0 interface 1 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 98.392418][ T23] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 98.427609][ T23] usb 5-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.cb [ 98.460002][ T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.496833][ T23] usb 5-1: config 0 descriptor?? [ 98.589868][ T23] hso 5-1:0.1: Failed to find BULK IN ep [ 98.649618][ T4693] xt_CT: No such helper "snmp_trap" [ 98.821555][ T4700] loop1: detected capacity change from 0 to 16 [ 98.852680][ T1324] usb 5-1: USB disconnect, device number 2 [ 98.884364][ T4703] sch_fq: defrate 53322 ignored. [ 99.878171][ T4700] erofs: (device loop1): mounted with root inode @ nid 36. [ 99.995854][ T4700] erofs: (device loop1): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86 [ 100.134433][ T4715] ODEBUG: Out of memory. ODEBUG disabled [ 101.515571][ T4700] erofs: (device loop1): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86 [ 103.036380][ T4229] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 103.186020][ T4730] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3996681224 (15986724896 ns) > initial count (3709615788 ns). Using initial count to start timer. [ 103.275438][ T4229] usb 5-1: Using ep0 maxpacket: 32 [ 103.572268][ T4229] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 103.605109][ T4229] usb 5-1: config 0 has no interfaces? [ 104.656888][ T4229] usb 5-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=b8.a2 [ 104.666895][ T4229] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.675036][ T4229] usb 5-1: Product: syz [ 104.680702][ T4229] usb 5-1: Manufacturer: syz [ 104.686332][ T4229] usb 5-1: SerialNumber: syz [ 104.763986][ T4229] usb 5-1: config 0 descriptor?? [ 105.146913][ T4229] usb 5-1: can't set config #0, error -71 [ 105.194296][ T4229] usb 5-1: USB disconnect, device number 3 [ 107.594525][ T4797] loop4: detected capacity change from 0 to 256 [ 113.406916][ T4862] netlink: 'syz.4.181': attribute type 1 has an invalid length. [ 113.701964][ T4866] bond1: (slave bridge1): making interface the new active one [ 113.760222][ T4866] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 113.820605][ T4872] netlink: 12 bytes leftover after parsing attributes in process `syz.0.185'. [ 113.940976][ T4876] bridge1: port 1(veth0_to_bond) entered blocking state [ 113.981680][ T4876] bridge1: port 1(veth0_to_bond) entered disabled state [ 114.049999][ T4876] device veth0_to_bond entered promiscuous mode [ 114.325293][ T21] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 114.945392][ T21] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.022201][ T21] usb 5-1: config 0 has no interfaces? [ 115.053650][ T21] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 115.092189][ T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.140116][ T21] usb 5-1: config 0 descriptor?? [ 115.291165][ T4901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.193'. [ 115.506080][ T4228] usb 5-1: USB disconnect, device number 4 [ 115.856585][ T4818] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 115.928049][ T4919] netlink: 4 bytes leftover after parsing attributes in process `syz.2.201'. [ 116.076576][ T4926] loop4: detected capacity change from 0 to 128 [ 116.146251][ T4818] usb 2-1: Using ep0 maxpacket: 16 [ 116.177976][ T4926] FAT-fs (loop4): Directory bread(block 524322) failed [ 116.197515][ T4929] loop3: detected capacity change from 0 to 2048 [ 116.216290][ T4926] FAT-fs (loop4): Directory bread(block 524323) failed [ 116.223357][ T4926] FAT-fs (loop4): Directory bread(block 524324) failed [ 116.273961][ T4929] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 116.284601][ T4818] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 116.314459][ T4926] FAT-fs (loop4): Directory bread(block 524325) failed [ 116.319706][ T4818] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 116.356621][ T4926] FAT-fs (loop4): Directory bread(block 524326) failed [ 116.404850][ T4926] FAT-fs (loop4): Directory bread(block 524327) failed [ 116.427008][ T4926] FAT-fs (loop4): Directory bread(block 524328) failed [ 116.575463][ T4926] FAT-fs (loop4): Directory bread(block 524329) failed [ 116.718411][ T4934] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0. [ 117.387575][ T4818] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 117.398394][ T4818] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.407115][ T4818] usb 2-1: Product: syz [ 117.411777][ T4818] usb 2-1: Manufacturer: syz [ 117.417356][ T4818] usb 2-1: SerialNumber: syz [ 117.756839][ T4818] usb 2-1: 0:2 : does not exist [ 117.934075][ T4818] usb 2-1: USB disconnect, device number 2 [ 117.992968][ T4952] bridge0: port 3(syz_tun) entered blocking state [ 118.012591][ T4952] bridge0: port 3(syz_tun) entered disabled state [ 118.062397][ T4952] device syz_tun entered promiscuous mode [ 118.091486][ T4952] bridge0: port 3(syz_tun) entered blocking state [ 118.098530][ T4952] bridge0: port 3(syz_tun) entered forwarding state [ 118.153817][ T4954] bridge0: port 3(syz_tun) entered learning state [ 118.359315][ T4289] udevd[4289]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 119.267158][ T4972] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 120.187657][ T26] audit: type=1326 audit(1774373568.795:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4983 comm="syz.0.224" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f640f932799 code=0x0 [ 120.187803][ T4229] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 120.896096][ T4229] usb 2-1: Using ep0 maxpacket: 32 [ 120.955130][ T4993] netlink: 52 bytes leftover after parsing attributes in process `syz.2.220'. [ 121.321356][ T4993] bridge0: port 2(bridge_slave_1) entered disabled state [ 121.328903][ T4993] bridge0: port 1(bridge_slave_0) entered disabled state [ 121.455975][ T4229] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 121.489299][ T4229] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 121.530733][ T4229] usb 2-1: New USB device found, idVendor=0458, idProduct=706e, bcdDevice=35.64 [ 121.582837][ T4229] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.643391][ T4229] usb 2-1: config 0 descriptor?? [ 121.830020][ T5009] team0: Port device team_slave_0 removed [ 121.886464][ T5013] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check. [ 122.053452][ T5015] loop0: detected capacity change from 0 to 1024 [ 122.187404][ T5015] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,grpid,nombcache,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,noblock_validity,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 122.227752][ T4224] usb 2-1: USB disconnect, device number 3 [ 122.262546][ T5022] device syzkaller0 entered promiscuous mode [ 122.474940][ T5030] loop4: detected capacity change from 0 to 8192 [ 122.672657][ T5030] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 122.739079][ T5030] REISERFS (device loop4): using ordered data mode [ 123.054628][ T5030] reiserfs: using flush barriers [ 123.635854][ T5030] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 123.703933][ T5030] REISERFS (device loop4): checking transaction log (loop4) [ 123.730331][ T5030] REISERFS (device loop4): Using r5 hash to sort names [ 123.752716][ T5030] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 123.775881][ T5047] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 123.817239][ T5047] netlink: 12 bytes leftover after parsing attributes in process `syz.2.244'. [ 123.957938][ T5052] syz.0.246 (5052): attempted to duplicate a private mapping with mremap. This is not supported. [ 123.993147][ T5052] loop0: detected capacity change from 0 to 256 [ 124.075846][ T4818] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 124.104852][ T5054] netlink: 24 bytes leftover after parsing attributes in process `syz.1.247'. [ 124.116234][ T5052] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 124.183742][ T5055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.247'. [ 124.376750][ T4818] usb 4-1: Using ep0 maxpacket: 8 [ 124.463449][ T5058] netlink: 24 bytes leftover after parsing attributes in process `syz.0.248'. [ 124.519234][ T4818] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.540858][ T4818] usb 4-1: config 0 has no interfaces? [ 124.553868][ T4818] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 124.691747][ T4818] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.729648][ T4818] usb 4-1: config 0 descriptor?? [ 125.774467][ T5072] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 126.539723][ T5087] autofs4:pid:5087:autofs_fill_super: called with bogus options [ 127.758487][ T4229] usb 4-1: USB disconnect, device number 2 [ 127.875216][ C1] sched: RT throttling activated [ 129.545403][ T26] audit: type=1326 audit(1774373578.145:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f640f932799 code=0x0 [ 129.670198][ T26] audit: type=1326 audit(1774373578.255:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 129.805339][ T26] audit: type=1326 audit(1774373578.255:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 129.869098][ T5115] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 129.879229][ T5115] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 129.924316][ T26] audit: type=1326 audit(1774373578.255:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 129.949655][ T5115] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 129.986389][ T26] audit: type=1326 audit(1774373578.255:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 130.018119][ T5115] device bridge_slave_0 left promiscuous mode [ 130.024524][ T5115] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.033385][ T26] audit: type=1326 audit(1774373578.255:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 130.085494][ T26] audit: type=1326 audit(1774373578.255:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 130.129809][ T5115] device bridge_slave_1 left promiscuous mode [ 130.146271][ T26] audit: type=1326 audit(1774373578.255:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 130.154841][ T5115] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.187655][ T5115] bond0: (slave bond_slave_0): Releasing backup interface [ 130.190342][ T26] audit: type=1326 audit(1774373578.255:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 130.241576][ T5115] bond0: (slave bond_slave_1): Releasing backup interface [ 130.257964][ T26] audit: type=1326 audit(1774373578.255:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5105 comm="syz.0.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640f932799 code=0x7ffc0000 [ 130.334598][ T5115] team0: Failed to send options change via netlink (err -105) [ 130.354844][ T5115] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 130.376045][ T5115] team0: Port device team_slave_1 removed [ 130.383697][ T5115] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 130.395433][ T5115] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 130.416751][ T5115] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 130.440778][ T5115] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 130.487392][ T5116] team0: Failed to send options change via netlink (err -105) [ 130.510205][ T5116] team0: Mode changed to "loadbalance" [ 131.212782][ T5143] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 131.222229][ T5143] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 131.249918][ T5143] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 131.388080][ T5143] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.255130][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.262701][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.507155][ T5172] Illegal XDP return value 18853888, expect packet loss! [ 133.617040][ C1] bridge0: port 3(syz_tun) entered forwarding state [ 134.351755][ T5192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.289'. [ 135.246455][ T4818] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 135.716513][ T4818] usb 3-1: Using ep0 maxpacket: 32 [ 135.857851][ T4818] usb 3-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31 [ 136.331934][ T4818] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.471153][ T4818] usb 3-1: selecting invalid altsetting 3 [ 136.493958][ T4818] comedi comedi5: could not set alternate setting 3 in high speed [ 136.515451][ T4818] usbduxsigma 3-1:128.0: driver 'usbduxsigma' failed to auto-configure device. [ 136.544379][ T4818] usbduxsigma: probe of 3-1:128.0 failed with error -22 [ 136.599219][ T5234] loop1: detected capacity change from 0 to 4096 [ 136.664986][ T5234] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 137.630608][ T5253] xt_CT: You must specify a L4 protocol and not use inversions on it [ 137.702678][ T1108] usb 3-1: USB disconnect, device number 2 [ 139.345146][ T5307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.312'. [ 139.506717][ T5307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.312'. [ 139.630740][ T5315] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 140.615953][ T5319] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem [ 140.660193][ T5319] loop2: detected capacity change from 0 to 8 [ 140.732570][ T5319] SQUASHFS error: zlib decompression failed, data probably corrupt [ 140.750666][ T5319] SQUASHFS error: Failed to read block 0x9b: -5 [ 140.758590][ T5319] SQUASHFS error: Unable to read metadata cache entry [99] [ 140.771976][ T5319] SQUASHFS error: Unable to read inode 0x127 [ 141.897594][ T5325] netlink: 24 bytes leftover after parsing attributes in process `syz.1.317'. [ 142.322226][ T5339] loop4: detected capacity change from 0 to 256 [ 146.306133][ T4229] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 147.790008][ T5383] autofs4:pid:5383:autofs_fill_super: called with bogus options [ 148.721034][ T5394] loop0: detected capacity change from 0 to 2048 [ 148.877564][ T5394] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 151.074530][ T5425] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 151.131948][ T5425] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 151.144537][ T5425] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 154.151990][ T5430] loop2: detected capacity change from 0 to 7 [ 154.199349][ T5430] loop2: [ 154.203067][ T5430] loop2: partition table partially beyond EOD, truncated [ 154.652923][ T5443] loop2: detected capacity change from 0 to 128 [ 154.963001][ T5443] netlink: 'syz.2.354': attribute type 1 has an invalid length. [ 155.591160][ T5443] 8021q: adding VLAN 0 to HW filter on device bond1 [ 156.136595][ T5460] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 156.329926][ T5461] netlink: 'syz.1.360': attribute type 15 has an invalid length. [ 156.417344][ T5461] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 156.771368][ T5461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 156.808481][ T5461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 158.903774][ T5490] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 159.042817][ T5496] loop1: detected capacity change from 0 to 1024 [ 159.131998][ T5498] loop2: detected capacity change from 0 to 8192 [ 159.166716][ T5496] hfsplus: invalid btree flag [ 159.182680][ T5496] hfsplus: failed to load extents file [ 159.190210][ T5502] device syzkaller1 entered promiscuous mode [ 159.237177][ T5496] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 159.250806][ T5498] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 159.266825][ T5498] REISERFS (device loop2): using ordered data mode [ 159.292579][ T5498] reiserfs: using flush barriers [ 159.436960][ T5498] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 159.517102][ T5507] netlink: 16 bytes leftover after parsing attributes in process `syz.3.374'. [ 159.526823][ T5498] REISERFS (device loop2): checking transaction log (loop2) [ 159.573627][ T5498] REISERFS (device loop2): Using r5 hash to sort names [ 159.756576][ T5498] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 160.203281][ T5515] loop1: detected capacity change from 0 to 512 [ 160.676366][ T5525] netlink: 'syz.1.380': attribute type 1 has an invalid length. [ 160.809528][ T5534] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 160.824893][ T5534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 160.834128][ T5534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 162.024602][ T5536] 8021q: adding VLAN 0 to HW filter on device bond1 [ 162.874397][ T5556] netlink: 'syz.0.389': attribute type 1 has an invalid length. [ 162.943740][ T5546] loop2: detected capacity change from 0 to 4096 [ 163.268268][ T5560] netlink: 24 bytes leftover after parsing attributes in process `syz.3.390'. [ 163.486662][ T5546] overlayfs: upper fs does not support tmpfile. [ 163.524291][ T5546] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 163.610896][ T5546] overlayfs: conflicting lowerdir path [ 163.867071][ T5579] netlink: 8 bytes leftover after parsing attributes in process `syz.1.408'. [ 163.895980][ T5579] netlink: 8 bytes leftover after parsing attributes in process `syz.1.408'. [ 163.919324][ T5579] netlink: 4 bytes leftover after parsing attributes in process `syz.1.408'. [ 163.965796][ T5577] loop3: detected capacity change from 0 to 8192 [ 164.028092][ T5577] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 164.081671][ T5577] REISERFS (device loop3): using ordered data mode [ 164.101645][ T5577] reiserfs: using flush barriers [ 164.133404][ T5577] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 164.496274][ T5577] REISERFS (device loop3): checking transaction log (loop3) [ 164.557697][ T5577] REISERFS (device loop3): Using r5 hash to sort names [ 164.564988][ T5577] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 164.629215][ T4229] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 164.956451][ T4229] usb 2-1: Using ep0 maxpacket: 8 [ 165.306757][ T4229] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 165.338320][ T4229] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 165.410553][ T4229] usb 2-1: Product: syz [ 165.448815][ T4229] usb 2-1: Manufacturer: syz [ 165.494036][ T4229] usb 2-1: SerialNumber: syz [ 165.618500][ T4229] usb 2-1: config 0 descriptor?? [ 165.936459][ T4229] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 166.144148][ T5605] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.231887][ T5594] loop2: detected capacity change from 0 to 40427 [ 166.266467][ T5605] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.284684][ T5594] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 166.303634][ T5594] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 166.345132][ T5594] F2FS-fs (loop2): invalid crc value [ 166.388520][ T5594] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669) [ 166.423657][ T5605] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.468452][ T5594] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 166.538771][ T5594] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 166.549310][ T5594] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 166.583743][ T5605] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.786951][ T5605] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.811202][ T5605] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.862716][ T5605] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.915601][ T5605] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.086664][ T5621] netlink: 104 bytes leftover after parsing attributes in process `syz.3.409'. [ 168.177034][ T4229] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -71 [ 168.257763][ T4229] usb 2-1: USB disconnect, device number 4 [ 170.053315][ T5643] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 170.431145][ T5661] loop4: detected capacity change from 0 to 4096 [ 170.454488][ T5661] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 170.480808][ T5668] device syzkaller1 entered promiscuous mode [ 170.521868][ T5672] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 170.531635][ T5672] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 170.539229][ T5672] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 171.496844][ T5661] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 174.787088][ T1108] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 175.748868][ T5741] netlink: 'syz.3.447': attribute type 10 has an invalid length. [ 175.893195][ T5741] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 176.046989][ T5746] overlayfs: failed to clone upperpath [ 176.087232][ T1108] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 176.202971][ T1108] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 176.372382][ T5746] overlayfs: failed to clone upperpath [ 176.385084][ T1108] usb 1-1: Product: syz [ 176.451622][ T1108] usb 1-1: Manufacturer: syz [ 176.553276][ T1108] usb 1-1: SerialNumber: syz [ 177.015616][ T1108] usb 1-1: config 0 descriptor?? [ 177.066866][ T1108] ch341 1-1:0.0: ch341-uart converter detected [ 177.266432][ T21] libceph: connect (1)[c::]:6789 error -101 [ 177.273360][ T21] libceph: mon0 (1)[c::]:6789 connect error [ 177.295520][ T1108] usb 1-1: failed to receive control message: -71 [ 177.302749][ T1108] ch341-uart: probe of ttyUSB0 failed with error -71 [ 177.342251][ T5751] ceph: No mds server is up or the cluster is laggy [ 177.395921][ T1108] usb 1-1: USB disconnect, device number 3 [ 177.450522][ T1108] ch341 1-1:0.0: device disconnected [ 177.588986][ T21] libceph: connect (1)[c::]:6789 error -101 [ 177.595120][ T21] libceph: mon0 (1)[c::]:6789 connect error [ 177.698011][ T5762] cgroup: fork rejected by pids controller in /syz2 [ 177.796058][ T5871] loop3: detected capacity change from 0 to 256 [ 177.889390][ T1108] libceph: connect (1)[c::]:6789 error -101 [ 177.923415][ T1108] libceph: mon0 (1)[c::]:6789 connect error [ 178.504097][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 178.530711][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 178.552012][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 179.104923][ T5887] infiniband syz2: set active [ 179.110299][ T5887] infiniband syz2: added vxcan1 [ 179.126522][ T5887] infiniband syz2: Couldn't open port 1 [ 179.166984][ T4226] vxcan1 speed is unknown, defaulting to 1000 [ 179.190782][ T5887] RDS/IB: syz2: added [ 179.198239][ T5887] smc: adding ib device syz2 with port count 1 [ 179.206458][ T5887] smc: ib device syz2 port 1 has pnetid [ 179.218072][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 179.334425][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 179.453037][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 179.568948][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 179.682802][ T5887] vxcan1 speed is unknown, defaulting to 1000 [ 179.906662][ T5894] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 180.580636][ T4818] vxcan1 speed is unknown, defaulting to 1000 [ 180.580699][ T5899] netlink: 4 bytes leftover after parsing attributes in process `syz.4.465'. [ 180.858602][ T5908] netlink: 'syz.2.467': attribute type 10 has an invalid length. [ 180.883956][ T5911] binder: transaction release 15 bad handle 1, ret = -22 [ 180.962436][ T5908] team0: Failed to send options change via netlink (err -105) [ 181.022602][ T5908] team0: Port device dummy0 added [ 181.054467][ T5913] netlink: 'syz.2.467': attribute type 10 has an invalid length. [ 181.100355][ T5913] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 181.206279][ T5913] team0: Failed to send options change via netlink (err -105) [ 181.260395][ T5913] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 181.333458][ T5913] team0: Port device dummy0 removed [ 181.373158][ T5913] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 181.534716][ T5919] netlink: 4 bytes leftover after parsing attributes in process `syz.4.470'. [ 181.628641][ T5919] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 181.685526][ T5919] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (68719607821) [ 182.050662][ T5928] netlink: 'syz.0.473': attribute type 4 has an invalid length. [ 182.907938][ T5936] netlink: 63 bytes leftover after parsing attributes in process `syz.3.476'. [ 183.181877][ T5938] loop0: detected capacity change from 0 to 4096 [ 186.055843][ T5973] netlink: 52 bytes leftover after parsing attributes in process `syz.1.487'. [ 186.076574][ T5973] device bridge_slave_1 left promiscuous mode [ 186.089368][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.254915][ T5973] device bridge_slave_0 left promiscuous mode [ 186.275709][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.230922][ T5972] netlink: 'syz.3.488': attribute type 4 has an invalid length. [ 191.377050][ T4229] Bluetooth: hci0: command 0x0406 tx timeout [ 191.383765][ T4229] Bluetooth: hci2: command 0x0406 tx timeout [ 191.384690][ T1108] Bluetooth: hci4: command 0x0406 tx timeout [ 191.420736][ T4229] Bluetooth: hci3: command 0x0406 tx timeout [ 191.461091][ T4229] Bluetooth: hci1: command 0x0406 tx timeout [ 191.905898][ T6007] rdma_rxe: rxe_register_device failed with error -23 [ 191.915843][ T6007] rdma_rxe: failed to add vxcan1 [ 192.937110][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.500'. [ 193.275762][ T6023] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 194.421827][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.433379][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.542339][ T26] kauditd_printk_skb: 93 callbacks suppressed [ 194.542354][ T26] audit: type=1326 audit(3921857291.143:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 194.707153][ T26] audit: type=1326 audit(3921857291.203:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 194.754838][ T26] audit: type=1326 audit(3921857291.203:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 195.030966][ T26] audit: type=1326 audit(3921857291.203:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 195.652530][ T26] audit: type=1326 audit(3921857291.203:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 195.731875][ T26] audit: type=1326 audit(3921857291.203:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 195.992634][ T26] audit: type=1326 audit(3921857291.203:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 196.043034][ T26] audit: type=1326 audit(3921857291.203:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 196.518637][ T26] audit: type=1326 audit(3921857291.203:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 198.646294][ T26] audit: type=1326 audit(3921857291.203:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6039 comm="syz.2.512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f3d12b12799 code=0x7ffc0000 [ 201.300648][ T6103] fuse: Bad value for 'fd' [ 204.649320][ T6113] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 204.703782][ T6117] bond2 (unregistering): (slave ip6gretap1): Releasing backup interface [ 204.830185][ T6117] bond2 (unregistering): Released all slaves [ 206.786300][ T6144] overlayfs: failed to clone upperpath [ 206.859494][ T6148] loop0: detected capacity change from 0 to 22 [ 206.898833][ T6148] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 206.973960][ T6148] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 208.600798][ T6159] netlink: 12 bytes leftover after parsing attributes in process `syz.2.546'. [ 210.206323][ T6192] xt_TPROXY: Can be used only with -p tcp or -p udp [ 211.289627][ T6197] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaa [ 212.415819][ T6205] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.682809][ T6205] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.491276][ T6205] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.823656][ T6205] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 214.078273][ T6205] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.191936][ T6230] bond1: (slave ip6gretap1): making interface the new active one [ 214.203184][ T6230] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 214.281320][ T6231] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface [ 214.320030][ T6231] bond1 (unregistering): Released all slaves [ 214.364786][ T6233] xt_hashlimit: size too large, truncated to 1048576 [ 214.377559][ T6233] xt_hashlimit: invalid rate [ 214.419046][ T6205] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.510087][ T6205] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 214.568386][ T6205] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.961468][ T6245] netlink: 24 bytes leftover after parsing attributes in process `syz.1.571'. [ 218.561114][ T6278] xt_hashlimit: size too large, truncated to 1048576 [ 218.890428][ T6278] xt_hashlimit: invalid rate [ 224.293049][ T6328] netlink: 'syz.1.595': attribute type 1 has an invalid length. [ 224.329442][ T6328] netlink: 146340 bytes leftover after parsing attributes in process `syz.1.595'. [ 225.456624][ T6334] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 225.728643][ T6339] fuse: Unknown parameter '4' [ 225.774176][ T6339] sctp: [Deprecated]: syz.2.597 (pid 6339) Use of int in max_burst socket option deprecated. [ 225.774176][ T6339] Use struct sctp_assoc_value instead [ 225.828184][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 225.828199][ T26] audit: type=1800 audit(6069340970.435:145): pid=6324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.594" name="bus" dev="ramfs" ino=40016 res=0 errno=0 [ 225.991467][ T6347] device bond_slave_0 entered promiscuous mode [ 225.998358][ T6347] device bond_slave_1 entered promiscuous mode [ 226.013009][ T6347] device vlan2 entered promiscuous mode [ 226.013029][ T6347] device bond0 entered promiscuous mode [ 227.140584][ T6377] netlink: 'syz.4.609': attribute type 7 has an invalid length. [ 229.339419][ T6388] netlink: 12 bytes leftover after parsing attributes in process `syz.1.614'. [ 229.431189][ T6388] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.440410][ T6388] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.448922][ T6388] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.457349][ T6388] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.631630][ T6390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.614'. [ 229.764672][ T6390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.614'. [ 229.871515][ T6388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.614'. [ 233.048483][ T6435] netlink: 8 bytes leftover after parsing attributes in process `syz.2.625'. [ 234.822118][ T6469] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link [ 234.873791][ T6480] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 234.970637][ T6469] bond2 (unregistering): (slave ip6gretap1): Releasing backup interface [ 235.027717][ T6469] bond2 (unregistering): Released all slaves [ 240.859701][ T6533] netlink: 4 bytes leftover after parsing attributes in process `syz.2.654'. [ 242.441967][ T6552] bond2 (unregistering): Released all slaves [ 242.645036][ T6560] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.763368][ T6560] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.054721][ T6560] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.227521][ T6576] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 244.244746][ T6560] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.467140][ T6560] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.527602][ T6560] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.609151][ T6560] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.650757][ T6560] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.912180][ T6571] syz.1.663 (6571) used greatest stack depth: 20240 bytes left [ 244.925630][ T6594] netlink: 12 bytes leftover after parsing attributes in process `syz.2.673'. [ 245.015304][ T5979] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 245.170949][ T6594] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 245.181384][ T6594] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 245.190204][ T6594] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 245.199265][ T6594] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 245.727063][ T6594] netlink: 4 bytes leftover after parsing attributes in process `syz.2.673'. [ 245.772982][ T6595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.673'. [ 245.784331][ T6595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.673'. [ 245.899713][ T6606] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.908530][ T6606] device batadv_slave_0 entered promiscuous mode [ 247.217080][ T5979] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 247.228322][ T5979] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 247.238494][ T5979] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 247.248048][ T5979] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.258851][ T5979] usb 1-1: config 0 descriptor?? [ 247.647697][ T6619] netlink: 'syz.4.681': attribute type 10 has an invalid length. [ 247.683064][ T6625] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 247.700627][ T6619] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.708710][ T6619] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.756821][ T6619] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.765896][ T6619] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.775347][ T6619] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.783602][ T6619] bridge0: port 1(bridge_slave_0) entered forwarding state [ 247.808775][ T6619] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 247.820359][ T6626] netlink: 4 bytes leftover after parsing attributes in process `syz.4.681'. [ 247.832371][ T6626] device bridge_slave_1 left promiscuous mode [ 247.841946][ T5979] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0 [ 247.852860][ T6626] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.866633][ T26] audit: type=1326 audit(6069340992.475:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 247.893120][ T5979] cp2112 0003:10C4:EA90.0001: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0 [ 247.917585][ T6626] device bridge_slave_0 left promiscuous mode [ 247.923410][ T26] audit: type=1326 audit(6069340992.495:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 247.955797][ T6626] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.993216][ T26] audit: type=1326 audit(6069340992.495:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 248.018553][ T26] audit: type=1326 audit(6069340992.495:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 248.044729][ T6626] bond0: (slave bridge0): Releasing backup interface [ 248.052690][ T26] audit: type=1326 audit(6069340992.495:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 248.093159][ T26] audit: type=1326 audit(6069340992.495:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.3.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 248.185695][ T5979] cp2112 0003:10C4:EA90.0001: error requesting version [ 248.213539][ T5979] cp2112: probe of 0003:10C4:EA90.0001 failed with error -32 [ 248.381922][ T6640] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.616539][ T1108] usb 1-1: USB disconnect, device number 4 [ 248.875303][ T4227] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 249.116352][ T6651] netlink: 16 bytes leftover after parsing attributes in process `syz.3.690'. [ 249.214231][ T6642] fido_id[6642]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 249.342396][ T6640] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.476161][ T4227] usb 5-1: config 0 has no interfaces? [ 249.705473][ T4227] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 249.752845][ T4227] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 249.858918][ T4227] usb 5-1: Product: syz [ 249.919604][ T4227] usb 5-1: Manufacturer: syz [ 249.977387][ T4227] usb 5-1: SerialNumber: syz [ 250.355488][ T4227] usb 5-1: config 0 descriptor?? [ 250.649066][ T6640] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.901887][ T6640] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.101898][ T6685] VFS: Mount too revealing [ 253.112340][ T6640] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.168121][ T6640] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.209703][ T6640] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.234700][ T6640] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 253.381909][ T4226] usb 5-1: USB disconnect, device number 5 [ 255.812004][ T6716] loop0: detected capacity change from 0 to 64 [ 255.877236][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.888173][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.616735][ T6736] VFS: Mount too revealing [ 261.439522][ T6747] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 262.594330][ T6747] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.278293][ T6747] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 263.396273][ T6747] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.543358][ T6747] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 264.570115][ T6778] kvm: emulating exchange as write [ 264.599689][ T6747] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.791188][ T6747] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 264.816845][ T6747] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 264.856262][ T6793] netlink: 24 bytes leftover after parsing attributes in process `syz.1.732'. [ 265.477215][ T6803] No such timeout policy "syz0" [ 266.582594][ T6811] overlayfs: failed to clone upperpath [ 267.415838][ T6747] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 267.906414][ T6747] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.016148][ T6747] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 268.025017][ T6747] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.045804][ T6747] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 268.054315][ T6747] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.106459][ T6747] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 268.114901][ T6747] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.463893][ T6842] netlink: 24 bytes leftover after parsing attributes in process `syz.3.751'. [ 269.743386][ T6857] device bridge2 entered promiscuous mode [ 269.769348][ T6857] bond1: (slave bridge2): making interface the new active one [ 269.806264][ T6857] bond1: (slave bridge2): Enslaving as an active interface with an up link [ 270.961059][ T6883] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 271.035403][ T6887] netlink: 24 bytes leftover after parsing attributes in process `syz.4.764'. [ 271.976809][ T6891] device bridge0 entered promiscuous mode [ 272.277864][ T4227] Process accounting resumed [ 272.586503][ T6931] netlink: 48 bytes leftover after parsing attributes in process `syz.0.772'. [ 273.541981][ T6940] VFS: Mount too revealing [ 273.895985][ T4225] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 274.150599][ T4225] usb 1-1: Using ep0 maxpacket: 32 [ 274.197321][ T6962] netlink: 16 bytes leftover after parsing attributes in process `syz.4.786'. [ 274.275988][ T4225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 274.493298][ T4225] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 274.563870][ T4225] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 274.595073][ T4225] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.664690][ T4225] usb 1-1: config 0 descriptor?? [ 274.729362][ T4225] hub 1-1:0.0: USB hub found [ 275.056927][ T4225] hub 1-1:0.0: config failed, can't read hub descriptor (err -90) [ 275.946543][ T6969] udc-core: couldn't find an available UDC or it's busy [ 275.953934][ T6969] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 276.154786][ T4225] hid-generic 0003:046D:C31C.0002: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.0-1/input0 [ 276.480582][ T4225] usb 1-1: USB disconnect, device number 5 [ 277.403264][ T7001] netlink: 12 bytes leftover after parsing attributes in process `syz.0.801'. [ 277.419318][ T7001] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 277.428026][ T7001] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 277.436490][ T7001] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 277.444880][ T7001] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 277.457305][ T7001] netlink: 12 bytes leftover after parsing attributes in process `syz.0.801'. [ 277.566215][ T7003] sctp: [Deprecated]: syz.0.802 (pid 7003) Use of int in max_burst socket option. [ 277.566215][ T7003] Use struct sctp_assoc_value instead [ 277.798703][ T7010] loop0: detected capacity change from 0 to 256 [ 277.943174][ T6981] loop4: detected capacity change from 0 to 40427 [ 277.983469][ T7010] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 278.080720][ T7010] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 278.265470][ T7010] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 278.684344][ T6981] F2FS-fs (loop4): Small segment_count (9 < 1 * 24) [ 278.696810][ T7010] exfat filesystem being mounted at /164/file0 supports timestamps until 2107-12-31 (0x10391447f) [ 279.091205][ T6981] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 280.263307][ T6981] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12) [ 281.280641][ T7037] netlink: 16 bytes leftover after parsing attributes in process `syz.3.812'. [ 281.518779][ T7051] netlink: 28 bytes leftover after parsing attributes in process `syz.2.819'. [ 283.175774][ T7070] netlink: 216 bytes leftover after parsing attributes in process `syz.2.822'. [ 285.272813][ T7094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.831'. [ 285.437176][ T7100] sctp: [Deprecated]: syz.1.834 (pid 7100) Use of int in max_burst socket option. [ 285.437176][ T7100] Use struct sctp_assoc_value instead [ 289.668095][ T7130] xt_policy: output policy not valid in PREROUTING and INPUT [ 291.014808][ T7150] overlayfs: failed to clone upperpath [ 292.747472][ T7155] overlayfs: failed to clone upperpath [ 293.282689][ T7174] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 297.028696][ T7222] netlink: 1363 bytes leftover after parsing attributes in process `syz.2.869'. [ 297.623984][ T7238] No such timeout policy "syz0" [ 297.797146][ T7239] fuse: Bad value for 'fd' [ 300.475453][ T1108] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 300.934788][ T7272] syz.0.882 (7272) used greatest stack depth: 19120 bytes left [ 301.952343][ T7281] netlink: 20 bytes leftover after parsing attributes in process `syz.3.888'. [ 302.132745][ T26] audit: type=1804 audit(6069341046.735:152): pid=7279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.886" name="bus" dev="ramfs" ino=41660 res=1 errno=0 [ 302.135952][ T1108] usb 5-1: unable to get BOS descriptor or descriptor too short [ 302.162326][ T26] audit: type=1804 audit(6069341046.765:153): pid=7286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.886" name="bus" dev="ramfs" ino=41660 res=1 errno=0 [ 302.908330][ T7281] device ip6gre1 entered promiscuous mode [ 303.184188][ T7296] No such timeout policy "syz0" [ 303.296320][ T1108] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 303.994851][ T1108] usb 5-1: can't read configurations, error -71 [ 304.045880][ T4225] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 305.045908][ T4225] usb 1-1: Using ep0 maxpacket: 16 [ 305.181038][ T4225] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 305.208064][ T4225] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.239136][ T4225] usb 1-1: config 0 descriptor?? [ 305.304700][ T4225] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 305.353088][ T7320] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 305.499538][ T7320] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 305.511765][ T7323] netlink: 14 bytes leftover after parsing attributes in process `syz.1.909'. [ 306.253032][ T7323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 306.283084][ T7323] device bond_slave_0 left promiscuous mode [ 306.322921][ T7323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 306.346030][ T1108] infiniband syz1: ib_query_port failed (-19) [ 306.355509][ T7323] device bond_slave_1 left promiscuous mode [ 306.383321][ T7323] bond0 (unregistering): Released all slaves [ 306.407257][ T4259] bond0 speed is unknown, defaulting to 1000 [ 306.407429][ T7328] netlink: 40 bytes leftover after parsing attributes in process `syz.2.900'. [ 306.429971][ T7328] netlink: 40 bytes leftover after parsing attributes in process `syz.2.900'. [ 306.441247][ T7328] netlink: 40 bytes leftover after parsing attributes in process `syz.2.900'. [ 306.458359][ T7328] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check. [ 306.485283][ T7320] bond0 speed is unknown, defaulting to 1000 [ 306.596211][ T7320] siw: device registration error -19 [ 308.715770][ T4225] gspca_sonixj: reg_r err -71 [ 308.720797][ T4225] sonixj: probe of 1-1:0.0 failed with error -71 [ 308.751127][ T4225] usb 1-1: USB disconnect, device number 6 [ 312.031766][ T7395] sch_tbf: burst 2 is lower than device lo mtu (65550) ! [ 312.083089][ T7395] sch_tbf: burst 2 is lower than device lo mtu (65550) ! [ 312.306076][ T7395] sch_tbf: burst 2 is lower than device lo mtu (65550) ! [ 315.755309][ T7422] netlink: 'syz.1.928': attribute type 2 has an invalid length. [ 315.906233][ T7422] netlink: 'syz.1.928': attribute type 1 has an invalid length. [ 317.225777][ T7462] netlink: 798 bytes leftover after parsing attributes in process `syz.4.939'. [ 317.300985][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.307551][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.591016][ T7478] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 319.426733][ T7516] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 319.487991][ T1108] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 319.738021][ T7524] netlink: 1363 bytes leftover after parsing attributes in process `syz.1.964'. [ 319.894781][ T7527] overlayfs: failed to clone upperpath [ 320.076208][ T1108] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 320.120993][ T1108] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 320.265801][ T1108] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 320.363251][ T1108] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.551932][ T1108] usb 1-1: config 0 descriptor?? [ 320.710781][ T1108] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 320.773076][ T7531] netlink: 8 bytes leftover after parsing attributes in process `syz.1.965'. [ 320.793729][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 320.813576][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 320.834131][ T7531] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 321.389573][ T7545] loop4: detected capacity change from 0 to 2048 [ 321.978786][ T7545] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 322.358346][ T7545] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 322.399050][ T7545] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28 [ 322.412763][ T7545] EXT4-fs (loop4): This should not happen!! Data will be lost [ 322.412763][ T7545] [ 322.429343][ T7545] EXT4-fs (loop4): Total free blocks count 0 [ 322.442940][ T7545] EXT4-fs (loop4): Free/Dirty block details [ 322.453433][ T7545] EXT4-fs (loop4): free_blocks=4096 [ 322.462813][ T7545] EXT4-fs (loop4): dirty_blocks=16 [ 322.481610][ T7545] EXT4-fs (loop4): Block reservation details [ 322.491700][ T7545] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 322.584127][ T7572] bond0 speed is unknown, defaulting to 1000 [ 322.605444][ T7572] bond0 speed is unknown, defaulting to 1000 [ 322.612035][ T7572] bond0 speed is unknown, defaulting to 1000 [ 322.650330][ T7572] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 322.664118][ T7575] netlink: 14 bytes leftover after parsing attributes in process `syz.3.978'. [ 322.776392][ T7575] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 322.812451][ T7575] bond0 (unregistering): Released all slaves [ 322.847987][ T4225] usb 1-1: USB disconnect, device number 7 [ 322.857257][ T5979] bond0 speed is unknown, defaulting to 1000 [ 322.903279][ T7572] siw: device registration error -19 [ 325.002260][ T7600] No such timeout policy "syz0" [ 325.924973][ T7608] netlink: 'syz.0.985': attribute type 10 has an invalid length. [ 325.985054][ T7608] 8021q: adding VLAN 0 to HW filter on device team0 [ 326.007946][ T7608] bond0: (slave team0): Enslaving as an active interface with an up link [ 326.925161][ T7623] netlink: 20 bytes leftover after parsing attributes in process `syz.1.991'. [ 326.974127][ T7623] device ip6gre1 entered promiscuous mode [ 327.045217][ T7618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 327.242171][ T7618] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 327.331853][ T7618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 327.388684][ T7618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 327.914131][ T7625] netlink: 'syz.1.991': attribute type 6 has an invalid length. [ 327.960312][ T7625] netlink: 72 bytes leftover after parsing attributes in process `syz.1.991'. [ 330.341644][ T26] audit: type=1804 audit(6069341074.945:154): pid=7656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1003" name="file0" dev="hugetlbfs" ino=43138 res=1 errno=0 [ 330.376063][ T26] audit: type=1804 audit(6069341074.975:155): pid=7656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1003" name="file0" dev="hugetlbfs" ino=43138 res=1 errno=0 [ 330.479206][ T7660] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 330.514127][ T7662] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1004'. [ 330.592176][ T7662] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 330.628011][ T7662] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 330.642224][ T1108] infiniband syz1: ib_query_port failed (-19) [ 330.664238][ T7662] bond0 (unregistering): Released all slaves [ 330.679100][ T7660] bond0 speed is unknown, defaulting to 1000 [ 330.679131][ T4259] bond0 speed is unknown, defaulting to 1000 [ 330.686473][ T7664] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1006'. [ 330.721644][ T7666] lo: Caught tx_queue_len zero misconfig [ 330.745882][ T7660] siw: device registration error -19 [ 330.761186][ T7665] loop4: detected capacity change from 0 to 8192 [ 330.862996][ T6130] loop4: AHDI p1 p4 [ 330.874237][ T6130] loop4: p4 size 16776960 extends beyond EOD, truncated [ 330.949467][ T7665] loop4: AHDI p1 p4 [ 331.030585][ T7665] loop4: p4 size 16776960 extends beyond EOD, truncated [ 331.177020][ T4225] libceph: connect (1)[c::]:6789 error -101 [ 331.184183][ T4225] libceph: mon0 (1)[c::]:6789 connect error [ 331.192835][ T7681] ceph: No mds server is up or the cluster is laggy [ 331.463786][ T4225] libceph: connect (1)[c::]:6789 error -101 [ 331.928306][ T4225] libceph: mon0 (1)[c::]:6789 connect error [ 332.224115][ T5980] udevd[5980]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 332.246276][ T6130] udevd[6130]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 332.264101][ T7693] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1016'. [ 333.220174][ T5980] udevd[5980]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 333.249267][ T6130] udevd[6130]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 333.399186][ T7702] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1018'. [ 334.976067][ T7738] device syzkaller0 entered promiscuous mode [ 334.978847][ T7737] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 335.006367][ T7739] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1027'. [ 335.143440][ T7739] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 335.263237][ T7739] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 335.308616][ T7739] bond0 (unregistering): (slave team0): Releasing backup interface [ 335.358807][ T7739] bond0 (unregistering): Released all slaves [ 335.390696][ T4225] bond0 speed is unknown, defaulting to 1000 [ 335.402349][ T7737] siw: device registration error -19 [ 335.462059][ T7744] loop0: detected capacity change from 0 to 8192 [ 335.577816][ T7755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1035'. [ 335.641724][ T7757] loop4: detected capacity change from 0 to 512 [ 335.649477][ T7744] loop0: AHDI p1 p4 [ 335.710207][ T7744] loop0: p4 size 16776960 extends beyond EOD, truncated [ 335.740838][ T7757] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 335.819209][ T7757] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 336.507091][ T26] audit: type=1326 audit(6069341337.096:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 337.785838][ T26] audit: type=1326 audit(6069341337.096:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 338.049958][ T26] audit: type=1326 audit(6069341337.096:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 338.072814][ T26] audit: type=1326 audit(6069341337.096:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 338.120163][ T26] audit: type=1326 audit(6069341337.096:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa90475afce code=0x7ffc0000 [ 338.207722][ T26] audit: type=1326 audit(6069341337.096:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 338.247516][ T26] audit: type=1326 audit(6069341337.096:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 339.624320][ T26] audit: type=1326 audit(6069341337.096:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 339.680826][ T26] audit: type=1326 audit(6069341337.096:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 339.730173][ T6130] udevd[6130]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 339.749126][ T7773] udevd[7773]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 339.762911][ T26] audit: type=1326 audit(6069341337.096:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7772 comm="syz.3.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa90479a799 code=0x7ffc0000 [ 339.814246][ T6130] udevd[6130]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 339.824430][ T7773] udevd[7773]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 339.852584][ T7814] netlink: 'syz.1.1053': attribute type 10 has an invalid length. [ 341.663083][ T7850] IPv6: NLM_F_CREATE should be specified when creating new route [ 342.861873][ T7862] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1070'. [ 342.938852][ T7866] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1071'. [ 346.253916][ T7924] loop0: detected capacity change from 0 to 4096 [ 346.346044][ T7924] EXT4-fs (loop0): Test dummy encryption mode enabled [ 346.547748][ T7924] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,grpquota,,errors=continue. Quota mode: writeback. [ 347.633843][ T7941] ceph: No mds server is up or the cluster is laggy [ 348.277929][ T7987] overlayfs: failed to clone upperpath [ 350.120228][ T5979] Process accounting resumed [ 350.562906][ T7985] loop4: detected capacity change from 0 to 32768 [ 350.572092][ T8010] Process accounting resumed [ 350.773676][ T4259] libceph: connect (1)[c::]:6789 error -101 [ 350.782127][ T4259] libceph: mon0 (1)[c::]:6789 connect error [ 351.515510][ T8017] ceph: No mds server is up or the cluster is laggy [ 351.561970][ T7985] jfs filesystem being mounted at /191/file1 supports timestamps until 2106-02-07 (0xffffffff) [ 351.826985][ T4259] libceph: connect (1)[c::]:6789 error -101 [ 351.833482][ T4259] libceph: mon0 (1)[c::]:6789 connect error [ 352.375695][ T4259] libceph: connect (1)[c::]:6789 error -101 [ 352.386467][ T4259] libceph: mon0 (1)[c::]:6789 connect error [ 352.760686][ T8040] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1119'. [ 353.910966][ T8053] capability: warning: `syz.0.1123' uses 32-bit capabilities (legacy support in use) [ 354.398425][ T8061] overlayfs: failed to clone upperpath [ 355.592343][ T8075] device syzkaller0 entered promiscuous mode [ 357.577377][ T8108] x_tables: duplicate underflow at hook 3 [ 358.860551][ T8110] xt_l2tp: missing protocol rule (udp|l2tpip) [ 358.973889][ T8119] 9p filesystem being mounted at /241/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 358.999239][ T8113] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1142'. [ 359.060932][ T8121] loop4: detected capacity change from 0 to 512 [ 359.081115][ T8113] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1142'. [ 359.456234][ T8121] EXT4-fs (loop4): 1 truncate cleaned up [ 359.569507][ T8121] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000001,jqfmt=vfsv1,noload,errors=remount-ro,usrjquota=,. Quota mode: none. [ 363.941543][ T8155] loop0: detected capacity change from 0 to 256 [ 364.237863][ T8155] exfat: Deprecated parameter 'namecase' [ 364.243978][ T8155] exfat: Deprecated parameter 'namecase' [ 364.272319][ T8155] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 364.296345][ T8155] exfat filesystem being mounted at /224/file0 supports timestamps until 2107-12-31 (0x10391447f) [ 364.619360][ T4194] exFAT-fs (loop0): invalid start cluster (4278190088) [ 365.764309][ T8183] device macvtap0 entered promiscuous mode [ 366.136666][ T8183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1160'. [ 367.629825][ T8183] device veth0_macvtap left promiscuous mode [ 367.731126][ T8183] device macvtap0 left promiscuous mode [ 370.556249][ T8230] loop4: detected capacity change from 0 to 40427 [ 370.702094][ T8230] F2FS-fs (loop4): invalid crc value [ 370.729694][ T8230] F2FS-fs (loop4): Found nat_bits in checkpoint [ 370.765849][ T8230] F2FS-fs (loop4): Start checkpoint disabled! [ 370.799472][ T8230] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 372.035976][ T5283] attempt to access beyond end of device [ 372.035976][ T5283] loop4: rw=2049, want=40976, limit=40427 [ 374.022119][ T8250] Process accounting resumed [ 376.965175][ T26] kauditd_printk_skb: 28 callbacks suppressed [ 376.965195][ T26] audit: type=1326 audit(6069341377.556:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8273 comm="syz.2.1187" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3d12b12799 code=0x0 [ 378.362374][ T8294] bond0 speed is unknown, defaulting to 1000 [ 378.369496][ T8294] bond0 speed is unknown, defaulting to 1000 [ 378.376591][ T8294] bond0 speed is unknown, defaulting to 1000 [ 378.633520][ T8294] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 378.836516][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.847389][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.585633][ T8297] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1188'. [ 379.842274][ T8297] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 379.877637][ T4226] infiniband syz1: ib_query_port failed (-19) [ 379.898551][ T8297] bond0 (unregistering): Released all slaves [ 379.923635][ T13] bond0 speed is unknown, defaulting to 1000 [ 379.931444][ T8294] bond0 speed is unknown, defaulting to 1000 [ 379.982498][ T8294] siw: device registration error -19 [ 380.005201][ T4259] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 381.662017][ T4259] usb 5-1: device descriptor read/64, error -71 [ 382.191586][ T8335] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 382.191586][ T8335] The task syz.0.1202 (8335) triggered the difference, watch for misbehavior. [ 383.405251][ T4259] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 384.372413][ T8353] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1207'. [ 386.356799][ T8376] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1215'. [ 388.402638][ T8395] netlink: 'syz.4.1220': attribute type 1 has an invalid length. [ 389.073738][ T8395] 8021q: adding VLAN 0 to HW filter on device bond0 [ 389.087899][ T8399] device bridge0 entered promiscuous mode [ 389.097920][ T8399] bond0: (slave bridge0): making interface the new active one [ 389.107237][ T8399] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 389.157875][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 392.413879][ T8417] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1226'. [ 392.453656][ T8417] ipt_CLUSTERIP: Please specify destination IP [ 395.952134][ T8447] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4 [ 395.961905][ T8447] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4 [ 395.971719][ T8447] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 396.003600][ T8447] syz.1.1228 (8447) used greatest stack depth: 17816 bytes left [ 396.014156][ T26] audit: type=1800 audit(6069341396.556:195): pid=8447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1228" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0 [ 396.166235][ T8456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 396.291339][ T8456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 396.377195][ T8456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 396.507249][ T13] wlan1: authenticate with 08:02:11:00:00:00 [ 396.521301][ T13] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 396.536958][ T8458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 396.548195][ T5290] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 396.560481][ T5290] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 396.571110][ T5290] wlan1: authentication with 08:02:11:00:00:00 timed out [ 397.425669][ T8470] netlink: 'syz.2.1237': attribute type 1 has an invalid length. [ 397.582705][ T8470] 8021q: adding VLAN 0 to HW filter on device bond0 [ 397.623028][ T8476] device bridge2 entered promiscuous mode [ 397.741268][ T8476] bond0: (slave bridge2): making interface the new active one [ 397.776611][ T8476] bond0: (slave bridge2): Enslaving as an active interface with an up link [ 397.832567][ T8479] bond0: (slave ip6gretap2): Enslaving as an active interface with an up link [ 397.871025][ T5301] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 397.892278][ T8472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1238'. [ 398.029742][ T8472] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 398.038355][ T8472] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 398.046918][ T8472] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 398.055233][ T8472] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 398.949448][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1246'. [ 400.161799][ T8514] loop4: detected capacity change from 0 to 128 [ 401.439060][ T8536] netlink: 'syz.3.1254': attribute type 1 has an invalid length. [ 401.516897][ T8536] 8021q: adding VLAN 0 to HW filter on device bond0 [ 402.146501][ T8539] device bridge3 entered promiscuous mode [ 402.239987][ T8539] bond0: (slave bridge3): making interface the new active one [ 402.268552][ T8539] bond0: (slave bridge3): Enslaving as an active interface with an up link [ 402.279483][ T5290] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 402.361169][ T8536] bond0: (slave ip6gretap2): Enslaving as an active interface with an up link [ 403.524773][ T8556] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1258'. [ 403.539392][ T8556] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1258'. [ 403.551053][ T8556] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1258'. [ 403.582136][ T8556] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1258'. [ 403.592188][ T8556] netlink: 'syz.1.1258': attribute type 6 has an invalid length. [ 407.370267][ T8590] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 409.966176][ T8618] netlink: 'syz.4.1278': attribute type 1 has an invalid length. [ 410.120253][ T8621] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 410.162045][ T8621] bond2: (slave vxcan3): Error -22 calling dev_set_mtu [ 410.307349][ T8618] bond2: (slave gretap1): making interface the new active one [ 410.333692][ T8618] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 410.451164][ T8629] syz.1.1281 sent an empty control message without MSG_MORE. [ 415.038234][ T8666] netlink: 'syz.2.1292': attribute type 10 has an invalid length. [ 416.024806][ T8681] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1298'. [ 416.080379][ T8685] overlayfs: failed to clone upperpath [ 416.090273][ T8686] IPVS: Unknown mcast interface: syz_tun [ 418.923174][ T8721] tipc: Failed to remove unknown binding: 66,0,0/0:3687499256/3687499258 [ 419.021277][ T8717] tipc: Failed to remove unknown binding: 66,0,0/0:2042936179/2042936180 [ 419.030092][ T8717] tipc: Failed to remove unknown binding: 66,0,0/0:2042936179/2042936180 [ 419.065372][ T8714] device ip6gre1 entered promiscuous mode [ 419.081490][ T8726] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 419.093596][ T5979] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 419.107799][ T5979] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 419.976331][ T4259] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 419.989739][ T4227] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 419.998571][ T8732] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1313'. [ 420.081382][ T8737] overlayfs: failed to clone upperpath [ 420.151819][ T8739] overlayfs: upper fs does not support file handles, falling back to index=off. [ 420.169654][ T8732] device hsr_slave_0 left promiscuous mode [ 420.235407][ T4227] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 422.288416][ T26] audit: type=1800 audit(6069341422.896:196): pid=8759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1323" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 423.782196][ T8778] netlink: 'syz.3.1328': attribute type 1 has an invalid length. [ 423.979943][ T8778] 8021q: adding VLAN 0 to HW filter on device bond2 [ 423.998676][ T8787] xt_policy: neither incoming nor outgoing policy selected [ 424.101310][ T8784] bond2: (slave ip6gretap3): making interface the new active one [ 424.135675][ T8784] bond2: (slave ip6gretap3): Enslaving as an active interface with an up link [ 424.175462][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 427.001731][ T8809] netlink: 'syz.0.1336': attribute type 3 has an invalid length. [ 427.250582][ T8818] loop4: detected capacity change from 0 to 32768 [ 427.425439][ T8809] netlink: 'syz.0.1336': attribute type 3 has an invalid length. [ 427.486390][ T8818] XFS (loop4): Mounting V5 Filesystem [ 427.666696][ T8818] XFS (loop4): Ending clean mount [ 427.691051][ T8818] XFS (loop4): Quotacheck needed: Please wait. [ 428.924266][ T8818] XFS (loop4): Quotacheck: Done. [ 430.717456][ T4196] XFS (loop4): Unmounting Filesystem [ 432.345395][ T8895] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1355'. [ 432.495328][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 434.139485][ T8913] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1361'. [ 434.224701][ T8916] sctp: [Deprecated]: syz.2.1362 (pid 8916) Use of struct sctp_assoc_value in delayed_ack socket option. [ 434.224701][ T8916] Use struct sctp_sack_info instead [ 434.370964][ T8915] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1361'. [ 434.401419][ T8915] device veth5 entered promiscuous mode [ 437.516804][ T8954] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1370'. [ 439.482570][ T8975] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1378'. [ 440.230553][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.237235][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.987953][ T8982] loop4: detected capacity change from 0 to 2048 [ 441.058547][ T8982] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 441.120287][ T8992] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1384'. [ 441.397314][ T9009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1386'. [ 441.430603][ T9011] fuse: Bad value for 'fd' [ 441.484567][ T9009] device team1 entered promiscuous mode [ 441.500581][ T9009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1386'. [ 441.514765][ T9009] team2 (uninitialized): Failed to send options change via netlink (err -105) [ 441.564497][ T9009] device team2 entered promiscuous mode [ 441.843575][ T9017] netlink: 'syz.3.1389': attribute type 3 has an invalid length. [ 441.859901][ T9017] netlink: 'syz.3.1389': attribute type 3 has an invalid length. [ 442.591763][ T9020] loop4: detected capacity change from 0 to 2048 [ 442.774994][ T9030] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1394'. [ 444.173240][ T9039] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 446.647975][ T9074] loop4: detected capacity change from 0 to 256 [ 446.707583][ T9074] FAT-fs (loop4): Unrecognized mount option "smackfsroot=shortname=mixed" or missing value [ 449.135266][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 449.748110][ T26] audit: type=1326 audit(6069341450.356:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9109 comm="syz.0.1419" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f640f932799 code=0x0 [ 453.079321][ T9138] SET target dimension over the limit! [ 453.920727][ T9143] tipc: Cannot configure node identity twice [ 454.840128][ T9171] trusted_key: encrypted_key: master key parameter 'šÙ|™{E' is invalid [ 459.681167][ T9233] netlink: 'syz.0.1455': attribute type 10 has an invalid length. [ 460.684009][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 461.160154][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 462.109092][ T5979] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 462.174051][ T9269] netlink: 1136 bytes leftover after parsing attributes in process `syz.3.1462'. [ 462.997630][ T26] audit: type=1326 audit(6069341463.606:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9266 comm="syz.2.1463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d12b12799 code=0x7fc00000 [ 464.125473][ T4259] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 464.178621][ T9294] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1470'. [ 464.188623][ T4226] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 465.391636][ T4259] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 466.717346][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 466.727631][ T5285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 466.743068][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 466.751869][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 466.780901][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 466.821210][ T9319] tipc: Enabling of bearer rejected, failed to enable media [ 467.233356][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 468.263183][ T4259] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 469.305358][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 469.402860][ T9339] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1486'. [ 470.307979][ T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 471.104044][ T9365] netlink: 'syz.2.1492': attribute type 1 has an invalid length. [ 471.115638][ T5979] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 471.253460][ T9367] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 473.173230][ T154] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 473.193419][ T4259] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 473.306132][ T9367] bond2: (slave vxcan3): Error -22 calling dev_set_mtu [ 473.620416][ T4228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 473.635430][ T9385] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1497'. [ 473.653167][ T4226] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 473.664313][ T4173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 473.679868][ T9381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1497'. [ 474.688057][ T5979] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 474.779254][ T9390] device syzkaller0 entered promiscuous mode [ 476.204365][ T5979] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 476.656119][ T4173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 477.216168][ T5979] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 477.315033][ T9442] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 477.564877][ T9446] autofs4:pid:9446:autofs_fill_super: called with bogus options [ 477.883966][ T9452] fuse: Bad value for 'fd' [ 478.276053][ T4226] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 478.704451][ T4226] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 478.754204][ T4226] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 478.790362][ T4226] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 478.821281][ T4226] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 478.860354][ T4226] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.908806][ T4226] usb 5-1: config 0 descriptor?? [ 479.388253][ T4226] plantronics 0003:047F:FFFF.0003: unbalanced collection at end of report description [ 479.414179][ T4226] plantronics 0003:047F:FFFF.0003: parse failed [ 479.428889][ T4226] plantronics: probe of 0003:047F:FFFF.0003 failed with error -22 [ 480.105505][ T4173] usb 5-1: USB disconnect, device number 10 [ 480.377275][ T9442] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.386057][ T9442] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.394894][ T9442] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.404278][ T9442] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 480.603909][ T9442] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 480.612672][ T9442] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 480.621541][ T9442] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 480.630490][ T9442] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 480.733603][ T9442] device bridge2 left promiscuous mode [ 480.760203][ T9442] device ip6gre1 left promiscuous mode [ 480.809270][ T9471] netlink: 'syz.0.1525': attribute type 33 has an invalid length. [ 480.819565][ T9471] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1525'. [ 485.617457][ T9509] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1534'. [ 485.682350][ T9509] device vlan2 entered promiscuous mode [ 485.727255][ T9519] device batadv_slave_0 entered promiscuous mode [ 491.041216][ T9580] device ip6gre1 entered promiscuous mode [ 492.470742][ T9606] [ 492.473224][ T9606] ====================================================== [ 492.480277][ T9606] WARNING: possible circular locking dependency detected [ 492.487332][ T9606] syzkaller #0 Not tainted [ 492.491967][ T9606] ------------------------------------------------------ [ 492.499553][ T9606] syz.4.1559/9606 is trying to acquire lock: [ 492.505645][ T9606] ffff888078490120 (msk_lock-AF_INET){+.+.}-{0:0}, at: inet_sk_diag_fill+0xf5e/0x1ca0 [ 492.515388][ T9606] [ 492.515388][ T9606] but task is already holding lock: [ 492.522787][ T9606] ffffc900018b5758 (&h->lhash2[i].lock){+.+.}-{2:2}, at: mptcp_diag_dump+0x917/0x12b0 [ 492.532602][ T9606] [ 492.532602][ T9606] which lock already depends on the new lock. [ 492.532602][ T9606] [ 492.543386][ T9606] [ 492.543386][ T9606] the existing dependency chain (in reverse order) is: [ 492.552575][ T9606] [ 492.552575][ T9606] -> #2 (&h->lhash2[i].lock){+.+.}-{2:2}: [ 492.560544][ T9606] _raw_spin_lock+0x2a/0x40 [ 492.565862][ T9606] inet_unhash+0xd0/0x540 [ 492.570868][ T9606] tcp_set_state+0x35b/0x520 [ 492.576190][ T9606] __tcp_close+0x8b/0xfa0 [ 492.581286][ T9606] __mptcp_close_ssk+0x1ea/0x460 [ 492.587077][ T9606] __mptcp_destroy_sock+0x3b5/0x6f0 [ 492.593169][ T9606] mptcp_close+0x5a7/0x9f0 [ 492.598231][ T9606] inet_release+0x139/0x180 [ 492.603314][ T9606] sock_close+0xd5/0x240 [ 492.608476][ T9606] __fput+0x234/0x930 [ 492.613314][ T9606] task_work_run+0x125/0x1a0 [ 492.618733][ T9606] exit_to_user_mode_loop+0x10f/0x130 [ 492.624648][ T9606] exit_to_user_mode_prepare+0xee/0x180 [ 492.630830][ T9606] syscall_exit_to_user_mode+0x16/0x40 [ 492.636931][ T9606] do_syscall_64+0x58/0xa0 [ 492.641898][ T9606] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 492.648354][ T9606] [ 492.648354][ T9606] -> #1 (k-sk_lock-AF_INET/1){+.+.}-{0:0}: [ 492.656679][ T9606] mptcp_close+0x297/0x9f0 [ 492.661686][ T9606] inet_release+0x139/0x180 [ 492.666835][ T9606] sock_release+0x7b/0x140 [ 492.671977][ T9606] mptcp_nl_cmd_flush_addrs+0x990/0xa90 [ 492.678528][ T9606] genl_rcv_msg+0xcea/0xf90 [ 492.683588][ T9606] netlink_rcv_skb+0x1f5/0x440 [ 492.688965][ T9606] genl_rcv+0x24/0x40 [ 492.694511][ T9606] netlink_unicast+0x774/0x920 [ 492.700123][ T9606] netlink_sendmsg+0x8ba/0xbe0 [ 492.705882][ T9606] ____sys_sendmsg+0x5b7/0x8f0 [ 492.711465][ T9606] ___sys_sendmsg+0x236/0x2e0 [ 492.717215][ T9606] __se_sys_sendmsg+0x1af/0x290 [ 492.722637][ T9606] do_syscall_64+0x4c/0xa0 [ 492.727980][ T9606] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 492.734752][ T9606] [ 492.734752][ T9606] -> #0 (msk_lock-AF_INET){+.+.}-{0:0}: [ 492.742748][ T9606] __lock_acquire+0x2c42/0x7d10 [ 492.748268][ T9606] lock_acquire+0x19e/0x400 [ 492.753723][ T9606] mptcp_diag_get_info+0x1f2/0x9e0 [ 492.759580][ T9606] inet_sk_diag_fill+0xf5e/0x1ca0 [ 492.765258][ T9606] mptcp_diag_dump+0xce6/0x12b0 [ 492.770957][ T9606] __inet_diag_dump+0x1f6/0x380 [ 492.776374][ T9606] inet_diag_dump_compat+0x17e/0x220 [ 492.782442][ T9606] netlink_dump+0x694/0xcf0 [ 492.787603][ T9606] __netlink_dump_start+0x523/0x700 [ 492.793378][ T9606] inet_diag_rcv_msg_compat+0x207/0x420 [ 492.799784][ T9606] sock_diag_rcv_msg+0x164/0x3e0 [ 492.805719][ T9606] netlink_rcv_skb+0x1f5/0x440 [ 492.811070][ T9606] sock_diag_rcv+0x26/0x40 [ 492.816062][ T9606] netlink_unicast+0x774/0x920 [ 492.821710][ T9606] netlink_sendmsg+0x8ba/0xbe0 [ 492.827356][ T9606] ____sys_sendmsg+0x5b7/0x8f0 [ 492.832781][ T9606] ___sys_sendmsg+0x236/0x2e0 [ 492.838105][ T9606] __se_sys_sendmsg+0x1af/0x290 [ 492.843744][ T9606] do_syscall_64+0x4c/0xa0 [ 492.848859][ T9606] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 492.855581][ T9606] [ 492.855581][ T9606] other info that might help us debug this: [ 492.855581][ T9606] [ 492.866092][ T9606] Chain exists of: [ 492.866092][ T9606] msk_lock-AF_INET --> k-sk_lock-AF_INET/1 --> &h->lhash2[i].lock [ 492.866092][ T9606] [ 492.879977][ T9606] Possible unsafe locking scenario: [ 492.879977][ T9606] [ 492.887645][ T9606] CPU0 CPU1 [ 492.893072][ T9606] ---- ---- [ 492.898541][ T9606] lock(&h->lhash2[i].lock); [ 492.903588][ T9606] lock(k-sk_lock-AF_INET/1); [ 492.911156][ T9606] lock(&h->lhash2[i].lock); [ 492.918504][ T9606] lock(msk_lock-AF_INET); [ 492.923179][ T9606] [ 492.923179][ T9606] *** DEADLOCK *** [ 492.923179][ T9606] [ 492.931355][ T9606] 6 locks held by syz.4.1559/9606: [ 492.936582][ T9606] #0: ffffffff8d4466e8 (sock_diag_mutex){+.+.}-{3:3}, at: sock_diag_rcv+0x17/0x40 [ 492.946141][ T9606] #1: ffffffff8d4465a8 (sock_diag_table_mutex){+.+.}-{3:3}, at: sock_diag_rcv_msg+0x14a/0x3e0 [ 492.956907][ T9606] #2: ffff88807648a698 (nlk_cb_mutex-SOCK_DIAG){+.+.}-{3:3}, at: __netlink_dump_start+0x11f/0x700 [ 492.968034][ T9606] #3: ffffffff8d520588 (inet_diag_table_mutex){+.+.}-{3:3}, at: __inet_diag_dump+0x181/0x380 [ 492.979013][ T9606] #4: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 492.988376][ T9606] #5: ffffc900018b5758 (&h->lhash2[i].lock){+.+.}-{2:2}, at: mptcp_diag_dump+0x917/0x12b0 [ 492.998637][ T9606] [ 492.998637][ T9606] stack backtrace: [ 493.004549][ T9606] CPU: 1 PID: 9606 Comm: syz.4.1559 Not tainted syzkaller #0 [ 493.012513][ T9606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 493.023128][ T9606] Call Trace: [ 493.026672][ T9606] [ 493.030165][ T9606] dump_stack_lvl+0x188/0x250 [ 493.035615][ T9606] ? load_image+0x400/0x400 [ 493.040497][ T9606] ? show_regs_print_info+0x20/0x20 [ 493.046103][ T9606] ? print_circular_bug+0x12b/0x1a0 [ 493.051925][ T9606] check_noncircular+0x296/0x330 [ 493.056950][ T9606] ? add_chain_block+0x940/0x940 [ 493.062109][ T9606] ? lockdep_lock+0xf1/0x1f0 [ 493.066846][ T9606] ? __lock_acquire+0x13bc/0x7d10 [ 493.072644][ T9606] ? mark_lock+0x94/0x320 [ 493.077389][ T9606] __lock_acquire+0x2c42/0x7d10 [ 493.082324][ T9606] ? mark_lock+0x94/0x320 [ 493.086976][ T9606] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 493.093090][ T9606] ? verify_lock_unused+0x140/0x140 [ 493.098768][ T9606] ? lockdep_hardirqs_on_prepare+0x770/0x770 [ 493.104789][ T9606] ? __local_bh_enable_ip+0xd7/0x1c0 [ 493.110307][ T9606] ? __local_bh_enable_ip+0x136/0x1c0 [ 493.115716][ T9606] ? lockdep_hardirqs_on+0x94/0x140 [ 493.120954][ T9606] ? __local_bh_enable_ip+0x136/0x1c0 [ 493.126590][ T9606] ? _local_bh_enable+0xa0/0xa0 [ 493.131901][ T9606] ? nla_put+0x130/0x1e0 [ 493.136433][ T9606] lock_acquire+0x19e/0x400 [ 493.141218][ T9606] ? inet_sk_diag_fill+0xf5e/0x1ca0 [ 493.146557][ T9606] ? memcpy+0x3c/0x60 [ 493.150769][ T9606] ? nla_put+0x130/0x1e0 [ 493.155118][ T9606] ? read_lock_is_recursive+0x10/0x10 [ 493.160516][ T9606] ? sock_diag_put_meminfo+0xc6/0x120 [ 493.166404][ T9606] ? sock_diag_save_cookie+0xc0/0xc0 [ 493.172095][ T9606] ? rcu_preempt_deferred_qs_irqrestore+0x868/0xc30 [ 493.178825][ T9606] ? inet_sk_diag_fill+0xf5e/0x1ca0 [ 493.184390][ T9606] mptcp_diag_get_info+0x1f2/0x9e0 [ 493.189611][ T9606] ? inet_sk_diag_fill+0xf5e/0x1ca0 [ 493.194956][ T9606] inet_sk_diag_fill+0xf5e/0x1ca0 [ 493.200032][ T9606] ? inet_diag_msg_attrs_fill+0x930/0x930 [ 493.205963][ T9606] ? lockdep_hardirqs_on+0x94/0x140 [ 493.211288][ T9606] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 493.216958][ T9606] ? inet_diag_bc_sk+0x18b/0x1120 [ 493.222106][ T9606] mptcp_diag_dump+0xce6/0x12b0 [ 493.227165][ T9606] ? mptcp_token_join_cookie_init_state+0x460/0x460 [ 493.234041][ T9606] __inet_diag_dump+0x1f6/0x380 [ 493.239028][ T9606] inet_diag_dump_compat+0x17e/0x220 [ 493.244330][ T9606] ? inet_diag_dump_start_compat+0x20/0x20 [ 493.250247][ T9606] ? __alloc_skb+0x473/0x750 [ 493.255211][ T9606] netlink_dump+0x694/0xcf0 [ 493.259923][ T9606] ? netlink_lookup+0x1d0/0x1d0 [ 493.264788][ T9606] ? __inet_diag_dump_start+0x805/0x970 [ 493.270349][ T9606] __netlink_dump_start+0x523/0x700 [ 493.275579][ T9606] inet_diag_rcv_msg_compat+0x207/0x420 [ 493.281186][ T9606] ? inet_diag_unregister+0xb0/0xb0 [ 493.286623][ T9606] ? __mutex_trylock_common+0x155/0x260 [ 493.292383][ T9606] ? mutex_lock_io_nested+0x60/0x60 [ 493.297778][ T9606] ? __inet_diag_dump+0x380/0x380 [ 493.302915][ T9606] ? inet_diag_dump_start_compat+0x20/0x20 [ 493.308860][ T9606] ? inet_diag_dump+0x50/0x50 [ 493.313690][ T9606] ? inet_diag_unregister+0xb0/0xb0 [ 493.318984][ T9606] sock_diag_rcv_msg+0x164/0x3e0 [ 493.323936][ T9606] netlink_rcv_skb+0x1f5/0x440 [ 493.328720][ T9606] ? sock_diag_bind+0xa0/0xa0 [ 493.333474][ T9606] ? netlink_ack+0xb50/0xb50 [ 493.338335][ T9606] ? __lock_acquire+0x7d10/0x7d10 [ 493.343464][ T9606] sock_diag_rcv+0x26/0x40 [ 493.347921][ T9606] netlink_unicast+0x774/0x920 [ 493.352822][ T9606] netlink_sendmsg+0x8ba/0xbe0 [ 493.357700][ T9606] ? netlink_getsockopt+0x570/0x570 [ 493.362927][ T9606] ? aa_sock_msg_perm+0x94/0x150 [ 493.367987][ T9606] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 493.373441][ T9606] ? security_socket_sendmsg+0x7c/0xa0 [ 493.379101][ T9606] ? netlink_getsockopt+0x570/0x570 [ 493.384397][ T9606] ____sys_sendmsg+0x5b7/0x8f0 [ 493.389182][ T9606] ? __sys_sendmsg_sock+0x30/0x30 [ 493.394756][ T9606] ? import_iovec+0x6f/0xa0 [ 493.399551][ T9606] ___sys_sendmsg+0x236/0x2e0 [ 493.405944][ T9606] ? __sys_sendmsg+0x2a0/0x2a0 [ 493.411038][ T9606] __se_sys_sendmsg+0x1af/0x290 [ 493.416455][ T9606] ? __x64_sys_sendmsg+0x80/0x80 [ 493.421822][ T9606] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 493.428269][ T9606] ? lockdep_hardirqs_on+0x94/0x140 [ 493.434065][ T9606] do_syscall_64+0x4c/0xa0 [ 493.438682][ T9606] ? clear_bhb_loop+0x30/0x80 [ 493.443674][ T9606] ? clear_bhb_loop+0x30/0x80 [ 493.448530][ T9606] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 493.454987][ T9606] RIP: 0033:0x7f68fdcbb799 [ 493.459635][ T9606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 493.480031][ T9606] RSP: 002b:00007f68fbed3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 493.489105][ T9606] RAX: ffffffffffffffda RBX: 00007f68fdf35180 RCX: 00007f68fdcbb799 [ 493.497617][ T9606] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006 [ 493.505899][ T9606] RBP: 00007f68fdd51c99 R08: 0000000000000000 R09: 0000000000000000 [ 493.514819][ T9606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 493.523434][ T9606] R13: 00007f68fdf35218 R14: 00007f68fdf35180 R15: 00007fff8cbbf418 [ 493.531540][ T9606] [ 493.538036][ T9606] BUG: sleeping function called from invalid context at net/core/sock.c:3291 [ 493.547078][ T9606] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 9606, name: syz.4.1559 [ 493.556245][ T9606] INFO: lockdep is turned off. [ 493.561209][ T9606] Preemption disabled at: [ 493.561227][ T9606] [<0000000000000000>] 0x0 [ 493.570444][ T9606] CPU: 1 PID: 9606 Comm: syz.4.1559 Not tainted syzkaller #0 [ 493.578474][ T9606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 493.588725][ T9606] Call Trace: [ 493.592202][ T9606] [ 493.595165][ T9606] dump_stack_lvl+0x188/0x250 [ 493.599968][ T9606] ? show_regs_print_info+0x20/0x20 [ 493.605393][ T9606] ? load_image+0x400/0x400 [ 493.610102][ T9606] ___might_sleep+0x493/0x610 [ 493.614897][ T9606] ? __might_sleep+0xf0/0xf0 [ 493.619503][ T9606] ? nla_put+0x130/0x1e0 [ 493.623857][ T9606] ? read_lock_is_recursive+0x10/0x10 [ 493.629242][ T9606] ? sock_diag_put_meminfo+0xc6/0x120 [ 493.634731][ T9606] ? sock_diag_save_cookie+0xc0/0xc0 [ 493.640248][ T9606] ? rcu_preempt_deferred_qs_irqrestore+0x868/0xc30 [ 493.646896][ T9606] __lock_sock_fast+0x2f/0xe0 [ 493.651792][ T9606] ? inet_sk_diag_fill+0xf5e/0x1ca0 [ 493.657410][ T9606] mptcp_diag_get_info+0x1fe/0x9e0 [ 493.662582][ T9606] inet_sk_diag_fill+0xf5e/0x1ca0 [ 493.667874][ T9606] ? inet_diag_msg_attrs_fill+0x930/0x930 [ 493.674150][ T9606] ? lockdep_hardirqs_on+0x94/0x140 [ 493.680021][ T9606] ? asm_sysvec_reschedule_ipi+0x16/0x20 [ 493.685903][ T9606] ? inet_diag_bc_sk+0x18b/0x1120 [ 493.691441][ T9606] mptcp_diag_dump+0xce6/0x12b0 [ 493.696642][ T9606] ? mptcp_token_join_cookie_init_state+0x460/0x460 [ 493.703356][ T9606] __inet_diag_dump+0x1f6/0x380 [ 493.708893][ T9606] inet_diag_dump_compat+0x17e/0x220 [ 493.714327][ T9606] ? inet_diag_dump_start_compat+0x20/0x20 [ 493.720245][ T9606] ? __alloc_skb+0x473/0x750 [ 493.724968][ T9606] netlink_dump+0x694/0xcf0 [ 493.729810][ T9606] ? netlink_lookup+0x1d0/0x1d0 [ 493.734775][ T9606] ? __inet_diag_dump_start+0x805/0x970 [ 493.740379][ T9606] __netlink_dump_start+0x523/0x700 [ 493.745806][ T9606] inet_diag_rcv_msg_compat+0x207/0x420 [ 493.751411][ T9606] ? inet_diag_unregister+0xb0/0xb0 [ 493.756865][ T9606] ? __mutex_trylock_common+0x155/0x260 [ 493.762457][ T9606] ? mutex_lock_io_nested+0x60/0x60 [ 493.767679][ T9606] ? __inet_diag_dump+0x380/0x380 [ 493.772711][ T9606] ? inet_diag_dump_start_compat+0x20/0x20 [ 493.778711][ T9606] ? inet_diag_dump+0x50/0x50 [ 493.783761][ T9606] ? inet_diag_unregister+0xb0/0xb0 [ 493.789451][ T9606] sock_diag_rcv_msg+0x164/0x3e0 [ 493.795592][ T9606] netlink_rcv_skb+0x1f5/0x440 [ 493.800648][ T9606] ? sock_diag_bind+0xa0/0xa0 [ 493.806337][ T9606] ? netlink_ack+0xb50/0xb50 [ 493.811667][ T9606] ? __lock_acquire+0x7d10/0x7d10 [ 493.817480][ T9606] sock_diag_rcv+0x26/0x40 [ 493.822493][ T9606] netlink_unicast+0x774/0x920 [ 493.828192][ T9606] netlink_sendmsg+0x8ba/0xbe0 [ 493.835133][ T9606] ? netlink_getsockopt+0x570/0x570 [ 493.841103][ T9606] ? aa_sock_msg_perm+0x94/0x150 [ 493.847812][ T9606] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 493.853529][ T9606] ? security_socket_sendmsg+0x7c/0xa0 [ 493.859182][ T9606] ? netlink_getsockopt+0x570/0x570 [ 493.864514][ T9606] ____sys_sendmsg+0x5b7/0x8f0 [ 493.869465][ T9606] ? __sys_sendmsg_sock+0x30/0x30 [ 493.874774][ T9606] ? import_iovec+0x6f/0xa0 [ 493.879386][ T9606] ___sys_sendmsg+0x236/0x2e0 [ 493.884083][ T9606] ? __sys_sendmsg+0x2a0/0x2a0 [ 493.888872][ T9606] __se_sys_sendmsg+0x1af/0x290 [ 493.894232][ T9606] ? __x64_sys_sendmsg+0x80/0x80 [ 493.899302][ T9606] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 493.905659][ T9606] ? lockdep_hardirqs_on+0x94/0x140 [ 493.911420][ T9606] do_syscall_64+0x4c/0xa0 [ 493.915892][ T9606] ? clear_bhb_loop+0x30/0x80 [ 493.920798][ T9606] ? clear_bhb_loop+0x30/0x80 [ 493.925592][ T9606] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 493.931906][ T9606] RIP: 0033:0x7f68fdcbb799 [ 493.936630][ T9606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 493.957265][ T9606] RSP: 002b:00007f68fbed3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 493.965798][ T9606] RAX: ffffffffffffffda RBX: 00007f68fdf35180 RCX: 00007f68fdcbb799 [ 493.974433][ T9606] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006 [ 493.982418][ T9606] RBP: 00007f68fdd51c99 R08: 0000000000000000 R09: 0000000000000000 [ 493.990573][ T9606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 493.998783][ T9606] R13: 00007f68fdf35218 R14: 00007f68fdf35180 R15: 00007fff8cbbf418 [ 494.007037][ T9606] [ 501.616739][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.623360][ T1421] ieee802154 phy1 wpan1: encryption failed: -22