last executing test programs: 7m7.00700942s ago: executing program 32 (id=39): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a78000000060a010400000000000000000a0000010900010073797a31000000004c00048028000180070001"], 0xa0}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000024000280040001001c0003800c00"], 0x50}}, 0x0) 4m4.859282035s ago: executing program 5 (id=661): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xfff3, 0xc}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x84}, 0x40010) 4m3.841505227s ago: executing program 5 (id=664): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0009030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000500)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r2, 0x0, 0x0) read$char_usb(r2, &(0x7f0000000100)=""/178, 0xb2) syz_usb_disconnect(0xffffffffffffffff) syz_usb_disconnect(0xffffffffffffffff) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001300)=ANY=[@ANYBLOB], 0x0) syz_open_dev$hiddev(&(0x7f00000000c0), 0x7f, 0x2000) syz_usb_control_io(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, &(0x7f0000000340)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$evdev(0x0, 0x75c, 0x10d840) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x1cb, 0x0, 0x0) 4m0.030595595s ago: executing program 5 (id=675): r0 = socket(0x2, 0x80805, 0x0) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, 0x0, 0x0) r1 = syz_ublk_setup_io_uring(0x20, &(0x7f0000000340)={0x0, 0x0, 0x4000, 0x3, 0x3c0}, &(0x7f0000000000)=0x0, 0x0, 0x0) syz_ublk_add_dev(0xffffffffffffffff, r2, 0x0, 0x0, &(0x7f00000003c0)={0x2e, 0x5, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, '\x00', {0xffffffff, 0xffff, 0x0, 0x0}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f80)=@newtaction={0x44, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x30, 0x1, [@m_nat={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) syz_mount_image$squashfs(&(0x7f0000000740), &(0x7f0000000280)='./file1\x00', 0x400, &(0x7f0000000500)=ANY=[], 0x29, 0x20b, &(0x7f0000001740)="$eJzsVUtrU0EU/s7N3NxGgwTcuTXYbrTNLYhLcWP3+gMM6bUWEx+diCYUjG66URD/RME/oQtB9y5EBDe6UNBFxVVFImfm3OnkUZtY0tV8cDnfec/MnccNfVcnAP7sbDZQgQGhjI9EUADmydp2i1b+FNkXfFVWr4n9hcgvInWn++6Jpd2b9WYz29Cdf5MEBBwQM0hGTZdePj05ef4Qeft40EKYJIvU//Q6HGkX7MqOup4NWJJxMZKL4cq1KzMefDxd1sWRETpS2tf1qwz4lm/OdeLQs4h5NWOMjSGaaq+PIVzAEMC5fpdHf9Mw+fDcdh4bU5D0EgaX5UDCp/jo9vP+hO8iQ6Kp0jXkf+jLjyL8ICDG+53NBluvyS3G7lX75UfCZLHy2os5pYAeQAX0TVGuoyR2HsBiu3VnUXe6Z9db9bVsLbuVpsvnl94clyPafwisN7MlMsOw6RETBQc+pyXPzzvt056/Bw/kDQ08L7GRVzK/nBdOuxBugMjL9WpI3VeufyK2e7qFqziDOQD3e+xOZYGq4GoK13lqKyAURKkpb5zALiLMGce5xu3m6hYIlKdtQ7katc+InZKKwo2y5Qtu+lsiqyJXRG7v9TPI3678TVKmwnfRFnpAEQ/q7faGebwsY1vRVTC2tOI6R9JVXsNK3qyaYEIcmzQwICAgICAgIGBG+BsAAP//ilI7xA==") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x146) r7 = socket$inet6(0xa, 0x80803, 0x87) connect$inet6(r7, 0x0, 0x0) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, 0x0, 0x40000) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xa, {"a2e3ad08ed6b52f99cfbf4c087f71e9b3d0963ff7fc6e5539b9b3b0a8b9b441b4552101b080d294b8f0e1ac6e7049b3468959b189a242a9b4bf3988f7ef319520700ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000"], 0x14}}, 0x0) syz_ublk_add_dev(r1, r2, 0x0, 0x0, &(0x7f0000000180)={0x2e, 0x2c, 0x0, 0xffffffffffffffff, 0xc0207504, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, r3, '\x00', {0xffffffff, 0xffff, 0x40, &(0x7f00000000c0)=@any_dev={0x3, 0xae1, 0x0, 0x0, 0x1000, 0x2, 0x0, 0x0, 0x80}}}, 0x0) socket$packet(0x11, 0x3, 0x300) 3m58.914668176s ago: executing program 5 (id=680): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000035ffaa20cd0caf104a380102030109021b0001000010000904590201801e2a00090582"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000440)={0x34, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f00000003c0)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}) 3m54.136839549s ago: executing program 5 (id=691): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280), 0x13f, 0x2}}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0xbc}]}, &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000740), 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x1f, 0xc, &(0x7f0000000600)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)) sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008004}, 0x20004810) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="2c385a7af3", 0x5) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x8044) 3m52.962910596s ago: executing program 5 (id=696): openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, 0x0) syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x0, &(0x7f0000000cc0)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@numtail}, {@shortname_win95}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp861'}}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@rodir}, {@shortname_win95}]}, 0x1, 0x365, &(0x7f0000000d80)="$eJzs3U2IW9UXAPCTvvks9D+z+ENREJ7uBB36gQtdTSlTKGajEqouxGCnKpOxMMHgdNF03IhLwaWu3IgLXbjoWgRF3LlwawWpigvtrmDxSpKXycskk7ZCWgd/v0U4Pfeed+9NXidv3kzuvLwaG+dn48KNG9djYaESM6unV+NmJZYji74rMWpuTA4AOBhuphR/pJ47LKlMeUoAwJR13/9fPVLKvP3VpP7Juz8AHHjF9/+Lk/os7NdwcSpTAgCmbOT+/yNDzXPDP+qfKf1WAABwUD33wotPn6pGPJvnCxGb77RqrVo8NWg/dSFej0asx7FYilsRvQuFzkOl+3jmbHXtWJ7n7fh5OWqdilYtYrPdqvWuFE5l3fr5OB5LsVzUF1cbKaXszOfVteN5V0RcaXfHj81KqzYbh4vxfzgc63Ei8vj/SH3E2eraibw4QG2zX9+O2Bnct+jMfyWW4rtX4mI04vziuUipf1lTXbt8PM9Pp+pQfas2H+d3n4V974AAAAAAAAAAAAAAAAAAAAAAAMA/spLvWt7d/yYN9u9ZWRnT3t0fp1df7A+009sfKM2nSOn3tx6vvZvF0P5Ae/fnadVm4tD9XToAAAAAAAAAAAAAAAAAAAD8azS356LeaKxvNbcvbZSD9lZz+1BEdDJvfPPpl4sx2uc2wUwxRqkpL1KXNuop63dO2VCfIsg6g/czn1zdnXG5z/zuKsZOY37/pkbjyMM/fTDIPJT1j/zXoE8W4xeY7ZlGOdj8X29Kd/NEXTpZBCdu0/laSmm/41x+abQqKhEzd//CTQ5SJ/j6+msPnGwefaKb+SL1PPrY0rlr73/060a90Rm5o/Hx3FbzVtqoF/8ef7LtH2Sl86cSvaBSPhNmJpXvDGfq2fe/Pf/ge99OGHRn8MKlctObYzpnveV8ttXcrhT/U7pNc72gk9tTtdg4m0XsOc7smJN/CsHRD1frVy//+MudVpW+SNioAwAAAAAAAAAAAAAAAAAA7onSZ8ULxYd9ZydVPfnM9GcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPfO4O//l4KdkcydBH+2Y7Rpfn2rGTF3v5cJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/3N8BAAD//xeXa0M=") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) 3m37.762119715s ago: executing program 33 (id=696): openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, 0x0) syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x0, &(0x7f0000000cc0)={[{@shortname_lower}, {@shortname_winnt}, {@shortname_win95}, {@numtail}, {@shortname_win95}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp861'}}, {@uni_xlate}, {@utf8}, {@shortname_mixed}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@rodir}, {@shortname_win95}]}, 0x1, 0x365, &(0x7f0000000d80)="$eJzs3U2IW9UXAPCTvvks9D+z+ENREJ7uBB36gQtdTSlTKGajEqouxGCnKpOxMMHgdNF03IhLwaWu3IgLXbjoWgRF3LlwawWpigvtrmDxSpKXycskk7ZCWgd/v0U4Pfeed+9NXidv3kzuvLwaG+dn48KNG9djYaESM6unV+NmJZYji74rMWpuTA4AOBhuphR/pJ47LKlMeUoAwJR13/9fPVLKvP3VpP7Juz8AHHjF9/+Lk/os7NdwcSpTAgCmbOT+/yNDzXPDP+qfKf1WAABwUD33wotPn6pGPJvnCxGb77RqrVo8NWg/dSFej0asx7FYilsRvQuFzkOl+3jmbHXtWJ7n7fh5OWqdilYtYrPdqvWuFE5l3fr5OB5LsVzUF1cbKaXszOfVteN5V0RcaXfHj81KqzYbh4vxfzgc63Ei8vj/SH3E2eraibw4QG2zX9+O2Bnct+jMfyWW4rtX4mI04vziuUipf1lTXbt8PM9Pp+pQfas2H+d3n4V974AAAAAAAAAAAAAAAAAAAAAAAMA/spLvWt7d/yYN9u9ZWRnT3t0fp1df7A+009sfKM2nSOn3tx6vvZvF0P5Ae/fnadVm4tD9XToAAAAAAAAAAAAAAAAAAAD8azS356LeaKxvNbcvbZSD9lZz+1BEdDJvfPPpl4sx2uc2wUwxRqkpL1KXNuop63dO2VCfIsg6g/czn1zdnXG5z/zuKsZOY37/pkbjyMM/fTDIPJT1j/zXoE8W4xeY7ZlGOdj8X29Kd/NEXTpZBCdu0/laSmm/41x+abQqKhEzd//CTQ5SJ/j6+msPnGwefaKb+SL1PPrY0rlr73/060a90Rm5o/Hx3FbzVtqoF/8ef7LtH2Sl86cSvaBSPhNmJpXvDGfq2fe/Pf/ge99OGHRn8MKlctObYzpnveV8ttXcrhT/U7pNc72gk9tTtdg4m0XsOc7smJN/CsHRD1frVy//+MudVpW+SNioAwAAAAAAAAAAAAAAAAAA7onSZ8ULxYd9ZydVPfnM9GcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPfO4O//l4KdkcydBH+2Y7Rpfn2rGTF3v5cJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/3N8BAAD//xeXa0M=") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) 2m0.487592949s ago: executing program 3 (id=1109): r0 = syz_io_uring_setup(0xf00, &(0x7f0000000400)={0x0, 0x5961, 0x10000, 0x0, 0x4e}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f0000000280)=@IORING_OP_FUTEX_WAITV={0x35, 0x9, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[{0xb050, 0x0, 0x2}], 0x1}) io_uring_enter(r0, 0x2004, 0xfffffffd, 0x9, 0x0, 0x0) 2m0.344425806s ago: executing program 3 (id=1110): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50) 1m59.167679295s ago: executing program 3 (id=1115): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa8f94000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=@setlink={0x2c, 0x13, 0x1, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x800, 0x80}, [@IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x3404c045}, 0x10) 1m58.079273084s ago: executing program 3 (id=1117): mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x1c0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, r0) setpgid(0x0, r0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x121542, 0x60) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', 0x0, 0x8, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) 1m57.479898801s ago: executing program 2 (id=1123): syz_open_dev$usbfs(0x0, 0x76, 0x101301) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "72b3305f179f37ad"}}}, 0x11) 1m57.475861655s ago: executing program 3 (id=1124): getsockname$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000080)) ioctl$NILFS_IOCTL_CLEAN_SEGMENTS(0xffffffffffffffff, 0x40786e88, 0x0) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) 1m57.331355801s ago: executing program 2 (id=1126): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = socket$inet(0x2, 0x3, 0xd) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e0000002e000000201001c000500000000000000ac1414bbe0000001ac1414327f000001"], 0x24) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket(0x2d, 0x2, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r2, 0x11d, 0x1, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000040100000800000002"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r4, 0xffffffffffffffff}, &(0x7f0000001d80), &(0x7f0000001d40)=r3}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000740)={r5, 0x0, 0x0, 0x8000000}, 0x20) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000006c0)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) r7 = openat$comedi(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/comedi0\x00', 0x10540, 0x0) ioctl$COMEDI_INSNLIST(r7, 0x8010640b, &(0x7f00001772c0)={0x1, &(0x7f0000177100)=[{0x8000001, 0x92, 0x0, 0x1, 0x1}]}) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000) 1m57.000108268s ago: executing program 3 (id=1129): prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0) setreuid(0xee01, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x208401, &(0x7f0000000440), 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x21) ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020660b, &(0x7f0000000040)={0x500, 0x10000002000003, 0x0, 0x0, 0x300}) 1m56.973651303s ago: executing program 2 (id=1130): ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000100)={{&(0x7f00007ff000/0x800000)=nil, 0x800000}, 0x1}) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x8890) sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000980)={0x14c, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x4, 0x56}}}}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x558}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1d}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x3}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xb2, 0xbe, "55bfab68756c65415e1b4e9dfe799911fc0fbd9c5052b51b7ae8ded1fdc04c8d233e5ba121e1b96bbfd375e322792e730379c0cd4de66725c7a46f70dab6f29485fc7386e39ffafde69b263e4f8b3aefe2a7023d79643e8be287baf8ef59511eff563837e4a9d40423dca1fb39a498279f4bf1efb73254bc4e56a10e5b1df2cf385aa8115f767cf4170d620a76955404b06e7047c6fde756d6eb9fe740d0bb63c120cea76262add0c5bb330852c8"}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x193}, @NL80211_ATTR_STA_FLAGS2={0xc, 0x43, {0x7, 0x7}}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x4c, 0xac, "5bf202b759157460504a8b3db19e2abccbda8f9e8700acfe59094e4c383080b2c5fa9eacc90baefd14bf5ce59852bc4ec52147c8291b713146adf78836b4a5e558cc74a80a78f498"}]}, 0x14c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20004080) r0 = socket$alg(0x26, 0x5, 0x0) getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000640)=ANY=[@ANYBLOB="736563757216ae2c69747900000000000000000000000000000000000000000000000004"], 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="2c235aa9", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r2 = syz_usb_connect(0x5, 0x4a, &(0x7f0000000500)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb10000000010200090502"], 0x0) syz_usb_control_io$cdc_ecm(r2, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_ep_write$ath9k_ep1(r2, 0x82, 0xc38, &(0x7f0000000dc0)=ANY=[]) 1m56.253764559s ago: executing program 34 (id=1129): prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0) setreuid(0xee01, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x208401, &(0x7f0000000440), 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x21) ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020660b, &(0x7f0000000040)={0x500, 0x10000002000003, 0x0, 0x0, 0x300}) 1m53.800496593s ago: executing program 2 (id=1137): mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x1c0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, r0) setpgid(0x0, r0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x121542, 0x60) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', 0x0, 0x8, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) 1m53.097076975s ago: executing program 2 (id=1140): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x80, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, r1, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getdents64(r2, &(0x7f0000000100)=""/134, 0x86) 1m52.283425932s ago: executing program 2 (id=1145): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x18, 0x2, 0x2, 0x400, 0x80000000, 0x0, 0xfffffc01, 0x0, 0x6, 0x1, 0xfffffffb, 0x39, 0x747d5e13, 0x800, 0xfffffb9a, 0xfffffffe, 0x1, 0xfffffffb, 0x2004, 0x3, 0x0, 0xf250, 0x482, 0x4800, 0x300000, 0x3, 0xe, 0x4623f, 0x0, 0x10001, 0x1ff, 0x8000, 0x0, 0x3, 0x0, 0x3, 0xa, 0x8da8, 0x2, 0x200, 0xffffffff, 0x5, 0xe, 0x4, 0x2, 0x6f, 0x243, 0x7, 0x1, 0x199d, 0x6, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x3d, 0x8, 0xa, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x3, 0x25, 0x5, 0xfffffffc, 0x8, 0x7fff, 0x72c, 0x1c32, 0x2, 0x8, 0x10000, 0x3fe, 0x7ffd, 0x3, 0x3, 0x297, 0x5, 0x0, 0xa, 0x4, 0x0, 0x3ff, 0x0, 0xfffffffb, 0x8, 0x1000003, 0x10, 0xfffffff9, 0xfffffffd, 0x7, 0x1, 0xffffffff, 0x6, 0x2000008, 0x800, 0xfdff, 0x2, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0xb, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x7, 0x1fe, 0x3], [0x401, 0x8000e584, 0xffff, 0xcd3, 0xb, 0x1f, 0x404, 0x4, 0x4008, 0xc, 0x7, 0x9, 0x1e86, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x0, 0x1000, 0x80040101, 0x5, 0x4, 0x5, 0x200003, 0x100, 0x5, 0x80, 0x9, 0x8001, 0x10000, 0x0, 0x3, 0x400004, 0x3, 0x6d7e, 0x9, 0x8, 0x3, 0xbf23, 0x9, 0x9, 0x956, 0x0, 0x5, 0xe, 0x6, 0x100fffd, 0x93, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0x80, 0x0, 0x7d, 0x401, 0x5], [0x108f, 0xffff, 0x3, 0x0, 0x88, 0x2, 0xe, 0x4, 0x50, 0x2, 0x763, 0xb, 0x406, 0x1, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x8000, 0x4, 0xe47, 0x4, 0x3, 0x4, 0x0, 0x2851, 0x3b, 0x20000001, 0x5, 0x5, 0xa80a, 0x65f413f9, 0x4, 0x20008, 0x8a5, 0x8a, 0x46, 0x409, 0x6, 0x4, 0x168, 0x800, 0x4, 0xffffffff, 0x7fff, 0xffff8a33, 0xfffffff8, 0xf, 0x3, 0x200, 0x7, 0xd4, 0xfffffffd, 0xa, 0xe, 0x101, 0xfff, 0xf, 0x136, 0x6]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) readv(r0, &(0x7f00000001c0), 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) 1m52.110995941s ago: executing program 35 (id=1145): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x5, 0x5}, 0x3f, [0x9, 0x2, 0x18, 0x2, 0x2, 0x400, 0x80000000, 0x0, 0xfffffc01, 0x0, 0x6, 0x1, 0xfffffffb, 0x39, 0x747d5e13, 0x800, 0xfffffb9a, 0xfffffffe, 0x1, 0xfffffffb, 0x2004, 0x3, 0x0, 0xf250, 0x482, 0x4800, 0x300000, 0x3, 0xe, 0x4623f, 0x0, 0x10001, 0x1ff, 0x8000, 0x0, 0x3, 0x0, 0x3, 0xa, 0x8da8, 0x2, 0x200, 0xffffffff, 0x5, 0xe, 0x4, 0x2, 0x6f, 0x243, 0x7, 0x1, 0x199d, 0x6, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x3d, 0x8, 0xa, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x3, 0x25, 0x5, 0xfffffffc, 0x8, 0x7fff, 0x72c, 0x1c32, 0x2, 0x8, 0x10000, 0x3fe, 0x7ffd, 0x3, 0x3, 0x297, 0x5, 0x0, 0xa, 0x4, 0x0, 0x3ff, 0x0, 0xfffffffb, 0x8, 0x1000003, 0x10, 0xfffffff9, 0xfffffffd, 0x7, 0x1, 0xffffffff, 0x6, 0x2000008, 0x800, 0xfdff, 0x2, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0xb, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x7, 0x1fe, 0x3], [0x401, 0x8000e584, 0xffff, 0xcd3, 0xb, 0x1f, 0x404, 0x4, 0x4008, 0xc, 0x7, 0x9, 0x1e86, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x0, 0x1000, 0x80040101, 0x5, 0x4, 0x5, 0x200003, 0x100, 0x5, 0x80, 0x9, 0x8001, 0x10000, 0x0, 0x3, 0x400004, 0x3, 0x6d7e, 0x9, 0x8, 0x3, 0xbf23, 0x9, 0x9, 0x956, 0x0, 0x5, 0xe, 0x6, 0x100fffd, 0x93, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0x80, 0x0, 0x7d, 0x401, 0x5], [0x108f, 0xffff, 0x3, 0x0, 0x88, 0x2, 0xe, 0x4, 0x50, 0x2, 0x763, 0xb, 0x406, 0x1, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x8000, 0x4, 0xe47, 0x4, 0x3, 0x4, 0x0, 0x2851, 0x3b, 0x20000001, 0x5, 0x5, 0xa80a, 0x65f413f9, 0x4, 0x20008, 0x8a5, 0x8a, 0x46, 0x409, 0x6, 0x4, 0x168, 0x800, 0x4, 0xffffffff, 0x7fff, 0xffff8a33, 0xfffffff8, 0xf, 0x3, 0x200, 0x7, 0xd4, 0xfffffffd, 0xa, 0xe, 0x101, 0xfff, 0xf, 0x136, 0x6]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) readv(r0, &(0x7f00000001c0), 0x0) write$input_event(r0, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f) 1m33.365313172s ago: executing program 6 (id=1210): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000000c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f00000002c0)='E', 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) close(r0) 1m33.255034144s ago: executing program 6 (id=1212): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x4e21, @local}, 0x10) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3e, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) 1m32.868890113s ago: executing program 6 (id=1214): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2, 0x4) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x2000010, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x9, 0x1100, 0x40, 0x0, 0x6, 0x0, 0x0, 0x0, 0x40}}, 0x50) 1m32.53529241s ago: executing program 6 (id=1216): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0) write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x3, 0x0, 0x4, 0xfffd, 0x14, 0x6}, @ipv4=@generic={{0x6, 0x4, 0x1, 0x6, 0x20, 0x69, 0x0, 0x60, 0x2, 0x0, @empty, @empty, {[@timestamp={0x44, 0x4, 0x5b, 0x0, 0x1}]}}, "14f3305280f125e6"}}, 0x2e) 1m30.868905081s ago: executing program 6 (id=1221): r0 = syz_io_uring_setup(0x141c, &(0x7f0000000080)={0x0, 0x91c1, 0x491, 0x1, 0x6}, &(0x7f0000000440)=0x0, &(0x7f0000000140)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit$UBLK(r1, r2, r3, &(0x7f0000001480)=@ublk_io_need_get_data_sqe={0x2e, 0x20, 0x0, 0xffffffffffffffff, 0xc0107522, 0x0, 0x0, 0x0, 0x1, {}, 0x0, 0x0, '\x00', {0x3, 0xc3a, 0xc86, 0x0}}) syz_io_uring_submit$UBLK(r1, r2, r3, &(0x7f00000003c0)=@ublk_get_features_sqe={0x2e, 0xb, 0x0, 0xffffffffffffffff, 0x80207513, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffbb1, 0x0, 0x0, '\x00', {0x0, 0xffff, 0x0, 0x0}}) io_uring_enter(r0, 0x20, 0x20, 0x1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040000}, 0x40080) socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x300, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe07, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3}) r7 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x0) ioctl$I2C_SMBUS(r7, 0x720, &(0x7f0000000580)={0x1, 0x7, 0x7, &(0x7f0000001080)={0x1c, "584fc4dfae9a34fb1ffbb539b436ccff3759a57bf224d2f6faffffff00"}}) 1m29.474642043s ago: executing program 6 (id=1227): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10) socket$kcm(0xa, 0x3, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000002080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x4000087, 0x2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000002040)='net/snmp6\x00') read$FUSE(r3, &(0x7f0000000000)={0x2020}, 0xfffffc7a) 1m14.202138179s ago: executing program 36 (id=1227): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10) socket$kcm(0xa, 0x3, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000002080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x4000087, 0x2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000002040)='net/snmp6\x00') read$FUSE(r3, &(0x7f0000000000)={0x2020}, 0xfffffc7a) 21.090673388s ago: executing program 9 (id=1462): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_procfs(0x0, 0x0) pread64(r3, &(0x7f00000001c0)=""/170, 0xaa, 0x10000001) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 11.675910797s ago: executing program 9 (id=1497): prlimit64(0x0, 0xe, &(0x7f0000000200)={0x7, 0x7ff}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x501040, 0x0) r3 = fsopen(&(0x7f0000000380)='iso9660\x00', 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000140)={0x100, 0x6}, 0x4) setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x50, 0x1}, {0x6, 0x80, 0xfd}]}, 0x10) r6 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='7', 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000a00)={r2, 0x0, 0x0}, 0x10) syz_open_dev$MSR(&(0x7f0000000340), 0x4, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ac0)=@bpf_lsm={0x1d, 0x3c, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000f00000000000000000800001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000050000008500000006000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800001a0000007b4550e5a6285eca9aa20000000000000702", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000008500000036000000b7080000000000007b8af8ff00000000b7080000ffffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a50000004d082000fcffffff18440000ffffffff00000000000000001d535000f0ffffff9500000000000000"], &(0x7f0000000800)='syzkaller\x00', 0x100, 0x23, &(0x7f0000000840)=""/35, 0x41000, 0x40, '\x00', 0x0, 0x1b, r2, 0x8, &(0x7f0000000880)={0x0, 0x5}, 0x8, 0x10, &(0x7f00000008c0)={0x2, 0x7, 0x3}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000a40)=[r2, r2, r2, r2, r2, r2, r2], &(0x7f0000000480)=[{0x4, 0x4, 0x7, 0x3}, {0x3, 0x1, 0xb}], 0x10, 0xd4f}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r1}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x21980, 0x9, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00'}) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x101200, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', r7, &(0x7f0000000240)='./file0\x00', 0xb857c961b704e03e) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x80, 0x0) 11.673740721s ago: executing program 8 (id=1498): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8000000000100}, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000840)=[{&(0x7f0000000340)=""/141, 0x8d}], 0x113e) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000140)=0x5) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r3 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r3, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0xa, 0x5) ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000040)={'ipvlan0\x00', {0x2, 0x4e20, @broadcast}}) 9.597353121s ago: executing program 8 (id=1502): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) 9.438216792s ago: executing program 1 (id=1504): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5']) chdir(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000001440)=[{&(0x7f0000000440)="2e7905736ec3061f", 0x8}], 0x1, 0x540f, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f0000000000)={0x17c04, 0xffffffffffffffff, 0x47d, 0xdf1c, 0x9, 0xfffffffffffff7f7}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x40) pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc) 9.144410116s ago: executing program 8 (id=1507): add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) pipe2(0x0, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x20) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0) ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0xfffff) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x0, @loopback=0x7f000000}}) 8.873596981s ago: executing program 1 (id=1509): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/igmp6\x00') pread64(r3, 0x0, 0x0, 0x10000001) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 7.687219521s ago: executing program 8 (id=1511): r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_macvtap\x00', 0x0}) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000) r3 = socket(0x400000000010, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xfffbffff, {0x0, 0x0, 0x0, r1, {0x0, 0x8}, {0xffff, 0xffff}, {0xf, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x3c, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x30, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xfffffff7}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x6730}]}, {0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xb34}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40001}, 0x10) 7.633568891s ago: executing program 9 (id=1512): r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000000)={[{@nodioread_nolock}, {@dioread_lock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@nojournal_checksum}, {@resgid}, {@acl}, {@barrier}]}, 0x0, 0x47f, &(0x7f0000000680)="$eJzs281vFOUfAPDvTF+AHy/tD/EFRK0STaOxpQWVgxeNJhwwmugBj7VdSMNCDa1GSCPFGLyYGBI9G48m/gXejIlRTiZe9eLJkBDtBfBUM7MzsF12oZVtt7KfTzK7zzPzzD7Pd+ftmXl2A+haQ9lLErEtIn6NiIFadnmBodrbtcX5yeuL85NJLC29+WeSl7u6OD9ZFi3X21pkhtOI9OOkqGS52TNnT0xUq5XTRX507uS7o7Nnzj77/smJ45XjlVPjhw4dPDD2wvPjz7Ulziyuq3s+nNm7+/DbF1+bPHrxnZ++ydq7rVheH0e7DGWB/7WUa1z2ZLsr67Dtdemkt4MNYVV6IiLbXH358T8QPXFz4w3Eqx91tHHAmsquTZtaL15YAu5hSXS6BUBnlBf67P63nNap67EhXHmpdgOUxX2tmGpLeiMtyvQ13N+201BEHF34+8tsijV6DgEAUO/TyS+O9Dbt/6XxQP7+e/66oxhDGYyI/0fEzoi4LyJ2RcT9EXnZByPioRb1PLXC9tza/0kv/+vgViDr/71YjG0t7/+Vvb8Y7Cly2/P4+5Jj09XK/uI7GY6+TVl+7DZ1fPfKL5+1Wlbf/8umrP6yL1i043Lvpjh8vW6dqYm5ibxT2gZXzkfs6W0Wf3JjJCCJiN0RsWd1H72jTEw//fXeVoXuHP9ttGGcaemrLLyFLP6FaIi/lNSPT07fMj45ujmqlf2j5V5xq0s/X3ijVf13FX8bXKnU3q8tzl8qtn9jkcGkfrx2dvV1XPjtk5b3NCvc/5eZmphL+5O38nHm/mLeBxNzc6fHIvqTI3l+2fzxm+uW+bJ8tv8P72t+/O8s1snifzgisp34kYh4NCIeK9r+eEQ8ERH7bhP/jy+3XlbGH2mHtv/5iKmm578b+3/D9l99oufED9+2qn9l2/9gnhou5uTnvzto1pzsdNHYwLv57gAAAOC/Is1/A5+kIzfSaToyUvsN/674X1qdmZ175tjMe6emar+VH4y+tHzSNVA8D61OVytjyULxibXno+PFs+LyeemB4rnx5z1b8vzI5Ex1qsOxQ7fb2uL4z/zR0+nWAWtsS9O54/3r3hCgAxrH0dPl2XOvh5MB3Kv8Xxu61x2O/3S92gGsP9d/6F7Njv9zDXljAXBvcv2H7uX4hy6Vft/pFgAd5PoPXelu/te/honNG6MZnUls1I2SJyLKRLoh2iOxRolOn5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa458AAAD//3N/7a4=") mount$overlay(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x20000, 0x0) open_tree(r0, &(0x7f0000000640)='\x00', 0x89901) 7.606933006s ago: executing program 0 (id=1513): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000580)={@flat=@binder={0x73622a85, 0x101, 0x2}, @flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@binder={0x73622a85, 0x101}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) 6.307121837s ago: executing program 1 (id=1514): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x2, 0x6, 0x580, 0x0, 0x310, 0x0, 0x0, 0x1d8, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x6, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @remote}, [0x0, 0xff, 0xff000000, 0xff000000], [0x0, 0xffffff00, 0xffffff00, 0xffffffff], 'gretap0\x00', 'batadv_slave_0\x00', {}, {0xff}, 0x2b, 0x5, 0x1, 0x18}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000010000000}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0xfc, 0x6}}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xb4}, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, [0xff], [0xffffff00], '\x00', 'bond_slave_0\x00', {}, {0xff}}, 0x0, 0xf0, 0x138, 0x48000000, {}, [@common=@dst={{0x48}, {0xff, 0x4, 0x0, [0x1, 0x7a, 0xfffd, 0x3f4, 0x0, 0x3, 0x5, 0x0, 0x8, 0x30, 0xe5, 0x4, 0x1, 0x6, 0x0, 0x1], 0x6}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'ip6gre0\x00', {0x4}}}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0xd}, [0x0, 0xffff00, 0xffffffff], [0xffffff00, 0xffffff00, 0xffffff00, 0xff000000], 'nr0\x00', 'vxcan1\x00', {}, {}, 0x62, 0x5, 0x3, 0x20}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xf}}}, {{@ipv6={@mcast1, @private0, [0xff000000, 0xffffff, 0x0, 0xffffff00], [0xffffff00, 0xffffff00, 0xff, 0xff000000], 'pim6reg1\x00', 'hsr0\x00', {}, {}, 0x6c, 0x80, 0x5, 0x61}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0) 6.306526596s ago: executing program 4 (id=1515): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8000000000100}, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000840)=[{&(0x7f0000000340)=""/141, 0x8d}], 0x113e) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000140)=0x5) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r3 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r3, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0xa, 0x5) ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000040)={'ipvlan0\x00', {0x2, 0x4e20, @broadcast}}) 6.082535728s ago: executing program 8 (id=1517): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000240), 0x1, 0x5b7, &(0x7f0000001380)="$eJzs3U1oHNcdAPD/zGot2ZYrF1poiw+mLbhgvPqw3bo9yddSg8GHQi+tWK2F0UprtKvWEoLKdxPiQ0iCL84tOeSYkEMOIZccc80lH+eAiUUClg/Jhv2SZXnlrGTtbqz9/WC0783M7v//duY9zQwzbAAD63TtTxrx24i4mkSMbVs2FM2FpxvrbW6s5R9vrOWTqFavfZNEEhGPNtbyrfWT5uvxiFiPiN9ExMfZiLPp1kceaRXKK6vzM8ViYalZH68s3Bwvr6yeu7EwM1eYKyye/8tfL166cHFyanJ7uo+r22vZvbX1zhd3X7nz6d/v333n3VPr+ddmkpiO0eay7e04SI3vJBvTO+Zf6EawPkr6nQD7kmn281pX+nWMRabZ69upbh8chnuSHtBF1eGI6pZtRWAAJC/Q6VuDCPAyah0H1M5/W1Mvjz8eXG6cgNTibm6s5f8frfhDjWsTMVI/Nzn2bfLUmUntfPNkLxPlUFq/HRETQ0PP7v9Jc//bv4mDSJCu+uhyY0M9u/3TrfEn2ow/o61rpy+oNf5tNse/zTbxM7uMf1c7jPH9v756c9f4t4fjd23jJ1vxkzbx04j4T4fx7/3zg0u7Lau+FXEm2sdvSZ5/fXj8+o1iYaLxt22MD8+c+tvu7Y84tkv8xjXbkXoi29t/pJlT2mH73//kvd+vPyf+n/7w/O3f7vs/GhGvdhj/l4/e/sduyx7cTh7WjgL2uv2TyMb9DuP/efr0582iq4YAAAAAAAAAAHCA0vq9bEma2yqnaS7XeIb3V3EsLZbKlbPXS8uLs4173k5GNm3daTXWqCe1+mTzftxWfWpH/XymGTBztF7P5UvF2T63HQAAAAAAAAAAAAAAAAAAAH4uju94/v+7TP35/+mIqRP9zg3ogd1/8hs47PR/GFxP9/+kb3kAvef/Pwysqv4Pg0v/h8Gl/8Pg0v9hcLXt/0d7nwfQe8/0/5H+5AH0nuN/AAAAAAAAAAAAAAAAAAAAAAAAAADoiqtXrtSm6uONtXytPju0sjxf+u+52UJ5PrewnM/lS0s3c3Ol0lyxkMuXFn7q85JS6eZELC7fGq8UypXx8srqvxdKy4ut3xQtZLveIgAAAAAAAAAAAAAAAAAAAHj5jNanJM1FZBv1NM3lIk5ExMkkkus3ioWJiPhFRHyWyQ7X6pP9ThoAAAAAAAAAAAAAAAAAAAAOmfLK6vxMsVhY6l5hqBmqs3d9WelqPkN7WTki1g82jdon7vld2eYXWJ8z0vXtdbgLmQ73w4Ev9HFQAgAAAAAAAAAAAAAAAACAAfXkod9O3/FDdxMCAAAAAAAAAAAAAAAAAACAgZR+nUREbToz9sfRnUuPJJuZ+mtE/O/etddvzVQqS5O1+Q+35lfeaM6f6kf+QKda/TSNiFo/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4or6zOzxSLhaV9FoY7WKffbQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYjx8DAAD//95Mx5c=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xa0) getdents64(r0, &(0x7f0000001280)=""/4089, 0xff9) 5.897735827s ago: executing program 0 (id=1518): socket$alg(0x26, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x10) 5.698380846s ago: executing program 1 (id=1519): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) setsockopt$inet6_opts(r3, 0x29, 0x37, &(0x7f0000000000)=ANY=[@ANYBLOB="00020401"], 0x18) connect$inet6(r3, &(0x7f0000000240)={0xa, 0x6e23, 0x2, @mcast1, 0x9}, 0x1c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmmsg$inet6(r3, &(0x7f0000001840), 0x3b, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) 5.577991566s ago: executing program 9 (id=1520): socketpair$unix(0x1, 0x3, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) 5.413832046s ago: executing program 7 (id=1521): socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x94400, &(0x7f0000000440)={[{@noload}, {@test_dummy_encryption_v1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@quota}, {@discard}, {@quota}, {@jqfmt_vfsv1}, {@nombcache}]}, 0x3, 0x46a, &(0x7f0000001740)="$eJzs3MtvVNUfAPDvvdP29ysPWxUfPNQqPoiPlhZUFm40mrjQxEQXuKxtIUihhtZECNFqDC4NiXvj0sS/wJVsjLoyceNCF+4MCTFsQBdmzJ17L0yH6dApMwx0Pp/kDufcc4ZzvtzXuffMJYC+NZZ9JBFbIuK3iBjJsysrjOV/XL54eubvi6dnkqhW3/wrqdW7dPH0TFm1/N7mIrMnjUg/TWJnk3YXT546Oj0/P3eiyE8sHXtvYvHkqWeOHJs+PHd47vjUgQP7900+/9zUsx2JM4vr0o4PF3Ztf/Xts6/PHDz7zo/fJGX8V+L4d7AjjeXGWhU+Vq12sKne21qXTgZ62BHaUomIbHMN1o7/kajE1Y03Eq980tPOAV1VLaxSvFwFNrAkVmSHG04Mzf16nXLgNlBe6LP733K5OSOPW8OFF/MboCzuy8WSlwxEWtQZbLi/7aSxiDi4/M+X2RINz1MAALrhu2z883Sz8V8a99bVu6OYQxmNiDsj4q6IuDsitkXEPRG1uvdFxP1ttt84SXLt+Cc9v67A1igb/71QzG3Vjf+G48roL0Yrkee21uIfTA4dmZ/bm5ctZx9ZfrJFG+de/uXz1crqx3/ZkrVfjgVz6fmB/638zuz00vQNhLzChY8jdgxcE39tAq+cCUgiYntE7FhnG0ee/HrXamXXj7+FDswzVb+KeCLf/svREH8paT0/OfH/mJ/bO1G3VzT46eczb6zW/g3F3wHZ9t907f5fH/9oUj9fu9h+G2d+/2zVe5r17v9DyVu19FCx7oPppaUTkxFDyWt5p+vXT139bpkv62fx79ndLP60do4r/yV2RkS2Ez8QEQ9GxENF3x+OiEciYneL+H946dF31x9/d2Xxz7a1/a8mhqJxTfNE5ej3365odLSd+LPtv7+W2lOsqZ3/ktZxraVf69ubAQAA4PaTRsSWSNLxK+k0HR/Pf8O/LTal8wuLS08dWnj/+Gz+jsBoDKblk66Ruuehk8VtfZmfasjvK54bf1EZruXHZxbmZ3sdPPS5zasc/5k/K73uHdB13teCvnV5Y72KCrTD9R/6l+Mf+leT43+4PtOtl9+A3mt2/f8oIs493oPOADdVw/Fv2g/6iPt/6F8DrvjQt9Zw/f/DbwRgw1kcjuu/JF8kkjW9Ud92ohId/gslbkYi0luiGxJdStSdJJLiPzoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Df0XAAD//7QV5v0=") r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) openat(0xffffffffffffff9c, 0x0, 0x1db002, 0x100) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4e49202d1d9ce17e, 0x8031, 0xffffffffffffffff, 0x4000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x40000000000002, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f14752313660608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"}) 5.315349593s ago: executing program 0 (id=1522): r0 = syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, 0x0) 4.266500665s ago: executing program 4 (id=1523): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$bt_hci(r0, 0x11c, 0x2, &(0x7f0000002080)=""/4111, &(0x7f0000000000)=0x34) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}]}], {0x14}}, 0x50}, 0x1, 0x0, 0x0, 0x850}, 0x4040080) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x4b30, &(0x7f0000000040)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setrlimit(0xb, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil) r6 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADDDEST(r6, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x3, 'wrr\x00', 0x17, 0x81, 0x5}, {@multicast1, 0x4e23, 0x3, 0x1cb, 0x12d5c, 0x12d5c}}, 0x44) syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2) r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ioctl$FS_IOC_SETFLAGS(r7, 0x40186f40, &(0x7f0000000440)=0x20000) 4.263151641s ago: executing program 7 (id=1524): readlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0) 4.198373731s ago: executing program 0 (id=1525): prlimit64(0x0, 0xe, &(0x7f0000000200)={0x7, 0x7ff}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x501040, 0x0) r3 = fsopen(&(0x7f0000000380)='iso9660\x00', 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) r5 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000140)={0x100, 0x6}, 0x4) setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x50, 0x1}, {0x6, 0x80, 0xfd}]}, 0x10) r6 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='7', 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000a00)={r2, 0x0, 0x0}, 0x10) syz_open_dev$MSR(&(0x7f0000000340), 0x4, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000ac0)=@bpf_lsm={0x1d, 0x3c, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000f00000000000000000800001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000050000008500000006000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800001a0000007b4550e5a6285eca9aa20000000000000702", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000008500000036000000b7080000000000007b8af8ff00000000b7080000ffffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a50000004d082000fcffffff18440000ffffffff00000000000000001d535000f0ffffff9500000000000000"], &(0x7f0000000800)='syzkaller\x00', 0x100, 0x23, &(0x7f0000000840)=""/35, 0x41000, 0x40, '\x00', 0x0, 0x1b, r2, 0x8, &(0x7f0000000880)={0x0, 0x5}, 0x8, 0x10, &(0x7f00000008c0)={0x2, 0x7, 0x3}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000a40)=[r2, r2, r2, r2, r2, r2, r2], &(0x7f0000000480)=[{0x4, 0x4, 0x7, 0x3}, {0x3, 0x1, 0xb}], 0x10, 0xd4f}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r1}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x21980, 0x9, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00'}) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x101200, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', r7, &(0x7f0000000240)='./file0\x00', 0xb857c961b704e03e) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x80, 0x0) 3.986416757s ago: executing program 8 (id=1526): syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_cmd_rej_unk={{0x1, 0x8, 0x2}, {0x4}}]}}, 0xf) syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) 3.280505819s ago: executing program 9 (id=1527): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/igmp6\x00') pread64(r3, 0x0, 0x0, 0x10000001) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 3.075382475s ago: executing program 7 (id=1528): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7fff, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0xb, 0x1, 0x0, "f3f0b32aa4526bc424cc83055c5a8d21e6cb87d69b11022ef02d2b83dda571f8"}) 2.343174758s ago: executing program 4 (id=1529): openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x20000840}, 0x0) r0 = syz_io_uring_setup(0x34b8, &(0x7f0000000540)={0x0, 0xc3b1, 0x800, 0x1, 0x82, 0x0, 0x0}, &(0x7f0000000180), &(0x7f0000000140), &(0x7f0000000100)) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e21, @private=0xa010100}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000040)={r2, 0x3}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0) 2.130166467s ago: executing program 7 (id=1530): setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r0, &(0x7f0000000100), 0x10) r2 = socket$netlink(0x10, 0x3, 0x400000000000004) writev(r2, &(0x7f0000019440), 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000000)=0x2, 0x4) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000010000000000000000002c00000020000000ff0f00000000000008001c00c9"], 0x3c}], 0x1, 0x0, 0x0, 0xb305e06d8ab48273}, 0x48800) 2.058608794s ago: executing program 0 (id=1531): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000001340)={@val={0x8, 0x800}, @val={0x6, 0x0, 0x6, 0x0, 0xc}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x30, 0x66, 0x0, 0xb, 0x67, 0x0, @rand_addr=0x64010102, @broadcast}, "2197e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a"}}, 0xfdef) 1.750483646s ago: executing program 4 (id=1532): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000580)={@flat=@binder={0x73622a85, 0x101, 0x2}, @flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@binder={0x73622a85, 0x101}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) 1.662076342s ago: executing program 1 (id=1533): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x0, 0xb, 0xffff, 0x5, 0x2, 0x0, 0x0, 0x80, 0x80000001}}, 0x50) syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) syz_fuse_handle_req(r0, &(0x7f0000008340)="ae9104f5e131d0eff851b5fdc5390a7c7f56681a20b26f178d0e1744701f203b65bae3a210c85d398dacba5fe7b46b6deb271af1f3f614ed140ce7d82692c24076cc29858ae0ef9e5ec4fe2af8da035b32d283a1bbe66a21b8d1031d6033a3110ff92565a24e7cd7374a27b307d464322e31faeffc62253cc1898b9b858ff9ebb6d325089a9e4c5054618d61f45d31157cb27557d6ff7210ec02d9907fe6c2e6d5544b3e5f623bf95dc7c1720152ab6c7837428d036904df79522b2b98bf4f2f63912a69dc2956cba1f1ace8d4e3aa9430b0a9ab63e297a299953dc40ea78c5c4739be290b13b0a1057a7414e6545612d4b4bff2ecea1808351dc6e6329963374ba106631be1c17c5ff70ea31b2d74de39c06591461dcebb33230f2ea6564266145dd7bd85c6a6885552bec51edd77e562b7ae5d7fe7bd9e5e5110ccf1843331f0a43db3322f5f512114b0f96efbd22421c3d049349887dca35caf1ed701af81c9a6c248b2cf3407e8bf3809b5f8a5f5ca0340cfbd7598d2ab6f3979d399c2adc15562ffedcb87ca94192d68ffea6544fb0b5e9ae67e6755b1a36e3e9e9c6538514ad06312ec6669d2120150f886959558d9a7081386f10e16a565e16720178040289b7b1d8acc19ceda06ccaaa9ba3e8216fa982322fe1e933e4966c393cc43acd49121ef635f34ffd6a6da8b15bd068677e0653bf957d4784327eeafd1065c4de8cec6f7c60ce667a6308cb743cf48d4cda74c26627a9e5f2e749058d071eff282a6d99cf1839d139a29a901356bbf23e40b3ffac59846f3f78cb2b0899ec4639881777bae26c33a0041a795f2882095c9cb0f8e9b041bd6e2d92ef90ab080b625b9b17a0587802e58597557e17e2ed731c1e2fa22e7c216ff03a828d5340ab0ada651981aae267f65cf202e3e07aed5db4755f502b99cd67bf253fbc12bdb112491e97ad51cc519b0cd6718a2f7970bd4eb8c4a7d0d1e3bd52f62849b97a58e7d3f49568f5e28583e596db5cc5346b13a1898dd42c78ea259768b5ba3957012a71e95376f735380209f3dc4f5a948f6212c682161734c37d96726c14efb925ad2b540c776f3b59b39b629405b3e7f949076d12ffca6863992d1c84b067233dafe3783757d2d1b8f0b1649730264a19f9b2e09bc33931d32505f37518d92b3f9e20e1753aa669ec0670c7207069b7379228a6d6194b65ce001e77340f92ad3c19b2ce6f04f176413e485f55c6de8ea401bb7ffcf49c0bba43d8700cc9a47928caeef46a9a1aa3d15d4c421859fbb96c15f0b263956b90d779032c1a56270f752128e79855453dbb08674614ecde64c9fe26ec58202b2c022c8cfa468c724c13ecd1c9e5c7e84f6dd73dfe55a299161a9cf4dfcbfee61099891b82c067779149c14390564640c5ba8d0c27575c0e8907c714104139ec424f6ee5e3eda2a2dfa92c7853f5487cb465f392a5fac57e3536c01dac9c7b8840a5a011b1d4a58db7ea7300b935bfb1574613f5e7c720545f449d4965aa6749cc05ad972d9dd3f45107631bd1d6c1c6893f3d92beb4d0e93192bd9474911ab7fdfe2e855bb440e63e95b47e882346e7b1d03118d9eb70f41fea069e853496bed77928775dec5cd5cda6de7f553f053e6d456cde7883537596b7798eee90b41e89d34a18775ab24641e2e42d686d45f19f40eb837c7b32d8205c11e211d158a6f2abd89b56e6bff4d9c725894e8ca0a82e0187b3d2686e7f6fbf3ffaf17c043419bf5e01c08ba8f34410e5020e5176e14e06e68b2e76b0d254ff0e36a2f071d00e2d79a23bd37a09cf9b40d5abcda3064ded4c45577e0d2c138ce7e53cfbc62a6071c8e9baefb43fc71d1ab4b305825e1dd49b36ed1ea9d9e8cb9c0c8e9d5238ab8ced7caba200875579c6869cdca19c71ce0f91737ce86873c32a399de7fe0699f6c5bffed3948a0eeebe01a0ec004601a1998119616838df779d218187fdaf5b4b0d5dad8a42a421cfcd8ec5dd077877d83a9d1e8e0296ffc759bf0b18784701924b5053916c8eb534d85af419372e0a90540148e7c4698de41b9b0381b8bbbf9f5f52c77c1dd0144a1ee05126c2dee830f437f11db53e98eb8295763328bc6261ea07c09c0cd7983aae24658b96a81566fba02a2a87625f5a01a76593bd07b8b70a029574adb0578617e5def835bf8b1694cfb728a1eec3bdb22d3ddbe8df086a6a369be3e05940005eb1daf4e4158847bfb73f6d88ca4a6411ea70a1eba2e7a6e02e0754963b23aa1f2c52c4ee27f3288904d407a0998f2c8de6d7d6c8e3ebe0a3f38f161fc811a03b8e2ee664b26c8d896bbac441c9c0cf0c5aae1c7450fba1c34b65beef201352785657414944f56f30f514cddea1f8cf0933292d26c37e156f582af27263ae52e33b95dceef1864f350a05248aae1162c94cfc0ed1251c2915bfc599cdf30f3252a3ce5a796a9be0b8294e38702dca2ad89414e7e5aa4810b842144df382d5675ae7d48b7185f1cf40629b1411a39f11b99cb519aa108b6f8f730adc60c94543877a14bb954c58944a868dd85cde1c696839c727af385b63b1eba6771d8ba5f936f0b9ee7416d0902e4caefa5350087ffb503ddf38fdc4e6597032e850ccdb3f66104be78339b9de220e94c826fb3a21d0b22cc494fc556ccac4d84e016024d00239b47add06d138360b619c42335509956889e500d5242577345b6f0418e6db73bf60206a822596e8b06a0f98c7ebaf5f06e3b979e4d1d2ebec972555341bbf45a61fcab998918db6e2d5135ae626d88c812383e378f84c0f33dd99be898ccf747a28fc54d2d6b5aa2f213dc2ad6aac63e42bbbf9c4a5a93e55b390dca1fd87a99e612c506d8272adc6c026e4e35a3f1666005cd283284d1f93f3f7a2c6e8676cbdb5fc47a4a0ef70d86acf45eebd60ee9afbcd7754eba7e701f2aba861182b49b96089f697695faba3096ba5b667388ebd33d29ad688ca97eed8bbd1fb8ab6a450dbc4874e64c086739aba5ab016ece6cbb3f8ff4bf0c3e0c77332888e814217afba62842002ea3c81fd8a3cd52de70d3005ad59d5713b7ec1ff51e58233a3bb606d6dfa991cd3ecb691d4295e7cf8c5f4615bd3422905b4f004f04abc71fadba1cbd1d17d0d6ae7bfe437bed460a9a62d7cd8bea589358135f8e4eb6c966256ab679846500671b7b9f82f537f58892a1286ad4d5084a9f11fee005de5ffe2f2bb357500ff23e69e53238232d560f6bad2cb97efde72e1dad8b9428a83363d6aac32ef5e58d25d4724c88ea5b439a1a458cc872163cdc69f366228b255211014bce56528134593d1354a62d9729bf0cf6ea156343ea811a1cfe0fcee7b1db2106338b5689c95c93d2302fa6f610d4443697a85e502bde43391500b839ff3ae66fb87494547d03b4a6e9fd000a4e7e98bdec7599aef93b4d5d2f91b05e2ce54e7b72e89b43a659f882dcc52a1fe022f03f93f966bbf7f66442f9ef291049de31901ebf4858d105b1459c83bfb74de42bd087660ce36e9d82fb00df5a7e3b462d36aa849df8fddbf40e2c24b1830662bcae090786d6a757db60328fc484a5adc488a42e12f62e77d5a6b1f76d849954ee9e664bf59d2c20fd3257878c64e94b6accaad8520716c39d4affc1428b16bc2be9e3026684694d18124be77083273be2bdd55215a081977e5c07434d62cf184f43068df39ddbc83f984c62704c6fa459f308af1b3b6a155e861e6c5d038ba241810b00b3880d9b56d312aa5c147c879f20965c22a95e22ebc9e50a5fa4100e23962c8feae30ffc74d4d1a484128d031a2fc68cde1043f3f57df3e9ec16d1b5d122b99b9504cf4fd8e50d99e4e3ca4a68fefbdb6e4c07005e9eed9e9a2b7f174aedd0aeb307650f112978c40ba7cc6e5f2776afa80c111165a2d3a3adac5cab1a2e907f21f40cb4c713034a7dd4be4218c385e8b118a4e622457d7424ac53310d0b9d6163358789c6d6f5b5a234a4460f0a5b8462c674da9cfc75d375d26f83ad419a36c2ab9b6ed7fdd84d780bf13c27e262676766eb84c8b895411f660cb9dc0a28a9271dea21a87d3c0d21ac60fe44029b579de6dc44ad71d16f8fc75bdb5185ac87ac036a88c3ea1a47159167624d05b000e640aee20da35bfd059faf97cd2ce808725f85c81552ec702fb2b51159f1ed7e101e3d4c0fc87afe3badd199f9044429cfc9925d0ff48dc2d19df2f3bb04ad10255f6163220815b48ff5b70f8100a65a2c992b4b39749ea6d89a65658603626402310b19b6fa2679ce5926642b4b9c0f5ea2485f6f95338301d992ab278c162cc2c84e0436a3d82e695df7ae81abbdeba3a80f09281c34a7856e8a85c22bcae5ba353a38ce6259b46def19d01797716867d064f7d69cdbd051b0189cb957c6372fbf86907c03218ad17f6daeea30e9e93e0fbdc6e5fa4759c5c514d04181383aa05694c0c75974aa91ba014f9dab4d90f5ca07d97705f95dd47813c5a8fb5dff8fc2c607d2c2ac5dd32c4e924b300716844f8ec6f4598bcc802ddb9155a27efea9f3f604241d9539d2feca0555607fe01cece67ce55c2aeb4aab512b8c01b45f643adff1e42e61ebc65d403375c705619833fab83635b371c90c7c572f175cc9038bbc16141f7ffe4ae9a888fbb2924c47112d7fed879faa8c5b5d4093f1d87b20a1953edd637f1f9ad38f63cde028ac30911726ea443dbd1234a85fad7d872b38aba96ea716bbced20485d57292d97eed1f444c614727655c395d78f78d471a7579e1c999aa3f887cae5b32cb4ad6e72c3b744ea4804e9e5f8fc186716f199a01e2f5e00c626f6c0619f721dcdfe29c7027e05b96bc0f16df3601105af92fb05769a5a3d5edd86e3043fcc007423220aa2a319d04ab102469c5687575ae986f7d70d4567e8a9aaa328ce6b89b7d4ca51c94159f81612ab6e633fd0f08f0b81cc6f83093eeb6cbbab3a686a3b038886162cfc3a2dcff76777c2dbf8e3925c7eba24615085b9132b81178a449831820ce288853d269018faeb0fffb027ae931a36a845e3d486885da575ef55645d71aa745b3ffa5336a2551bd8cc64b687bf04d0b92f43a2e00f9cdb2c944296053d7b3c564f6e3e246bc9468386a0cd8d4f7dcaff939fb4688c1f6bf829e89c4949da5bcbdd9515fcd2e41620f5983bfe17698b07a40abf27dafb8fc563e43312e5bbc4311ec1efc4009f4da909eb94ca6c59dd1ab60afbef0717d06f80618a8cb619780bb607b3fb1bd2a1f49e0b618cd7a61e030bbada12535e1a3d77453a65f97d67e3b37ba51c6e46070475d2839d4b8ecfcb155dcf9f50cbc71e7829bba5581ade6cdd2a899e714a033c66c2f9f0e37172428d69565885d4aa3cbc00bbe413c4c3b300d0a61e65eb2e5ec0afaec0116c9c21f8c78effe3b62ad7b045063f9c94e8f500143997354d085a9898157fa377fe224a4e4d49455ebaefebf3c126edc8980064a2b6fe171c2da2f217441bc1cdb3f817b0b026244077d11c066be6b203feedc782683e5324d521cc3327a9c0fbd4751fcb6b4dfedc814f2722763e78da72ac8a02bf02f3ac1eda4b6ebc0b95a9468ed7f9434b80fdcf86065104c2624b3bc16f7c1f6e555cdb66471fda5efe5d6116285fa257f393ad87b7bab00eeb5a79c557f5f2ef0c49471655de6c3bff999b9741b431cc133ea79676839081c712914dc0ceb99090cebf273f8dc94ea06d9178b71a795725644e42f867372d12fe24255c6da4175acc70f0c4035ba57b0babd10878b94fc91903fcca5a67839a7335dd8bf0dda1ab52295ab8a0d411b169046c0e4effa652d07760c4d3abae05b994ea5c680e44a0cd2196e8cf962da5a7ed0960fa6bda19a833b7e79a48c618b45639254e40c9211f40778143b4ff00e8ac44c19c18f09c08aac4772090a9544557047f72f20d930aa54da3ddaa2543599391f02cf2be9fced8b31ce163e986d20f85ed162daf14c7814636c3ee44402d4acf5113e4ab8db145055ed35924394a194eab3e5c754c09c4932fe3b8d77876522dd0071dcdda8c0ebafa88f151f7c3daaa692188326b50e7b1821b5e0cdb942d4748bcadc0b8612e4f98ba0a7f58286947707b158529c758dc4e69f41ec320f12fe0367007657509e835fe794512e2ef5f4cad852785c01d89df5de7b3025a3e4b2b4b803e6d6260a18464563c3c8fd5d18687dd60f0660cde23bed48f2f87fc2243b2c084295af9dd97a4b3a9e2696aedda0708c1b548070467966a6a32a4e65f00b43e248f4be6f0bc97734183e9edbc690b334e3d9453435c9c90341142779152ccbc476c5dfa914164f497edeb5a0834a71b19dacd71caca60fd35b73aca27369d4c41ff8c989d5c92ba90484f1b0251c94247c062d30138768d2a200dcf390a068c4b41cd48ebb5962221b1eb22dc208f0a1179f9665a29a69496fb3e42b293ac6d09203ae6ee0286ddb05807658cb3682b032d93d7755f731908dcc93e91a712d30928c74f00970e68df794cf64925d3158c50bc8b5fc6a22a68eebe8a21137e79a8563d66940d7fdfbec593a80f09e4dc10fd1c99a02f4da2f699cdf88cfc0fdf02d53ea905455adbe78d43ad588ff7ca1b509a4bbde0f34a2ea59e3a63569346c1eac934d15ecf19f4ed6882624fee55d986a8a69fa180a924ba8855fbfb58b1861ea4f51816f83aa5fda62cc40961016d048de4e350d7929a3fdae4baf2907134c20e756965133715ea1d73ff6577667d513ff429e10181cb88f493ecae6ab9ee407b275a31c91fd16f77123ebc0c141f45e71afcb96fcb658b457d1309234da9e042ac833b8d902b690ac43fd8c14b71d0a1711da1f0db2ded92c6c690a803a8b472992648a8974252f607e9dff3881f12fd5a7ef45fd5d155cb6ad65033a0f0085f7785e8c7f4122cc968e342abb0e4f93deee8af6b7cab52e2eae0bbb7b584822b5c225a39cd0b1f03157908018508ca2e1ae76f3979af187e738d8f000f3f905a8281bc5a486d0194fd8710ebbadc91f843042f46721c5f2ba3bdadc01cb34bf74a2b03f7bce5b48069ec83d8c9a1ec2b8318d6fb875a2df9c88086c9e53ab7fe5b8c88048185039ac8cec20b62267cc902dcffcf8d69cac06c74a3a3abf5b93830b0c1545305a576a0fce7d1a8f772a3be73e6c1fd3123d70874fb6843806d30885c61bdf7b950e54da1ca243d1867521d76e438b357563331fadd15033afe794ecdb06c81236d08a5189fe2efd40b9773c1acc5c2b750123f01e05c3ec9ec6be91015168187bc88a79b555a551af97ea9912c8d5eff507f8c0c8fbfb4e11fe01bf17f8d2bd4b2c87fae58d6bad3185990ab95734299c45d94bc9beb1abdd0193eb1e5d818e2ec1ec79960a48c5ffc2bba4923e6b3272b8bc601058a840119f89c4073fef547bff72abda289e119dfd5977978a6ee56a3bd1d55ec62db9ee09520d873b2d304adcb42487840e545c503bc3c7fd23337134dfe1f5218cd4cffb19a61ac09b46ad24d22ac53097d229e6fd7d2416a890d9e0b629c45a967c7ac67cbd57c1177fad750ab11d60cd5480e5223d933f448378435a040424b590f16ddc1d80031900d14fa3297723382547af2932fdf32280a17f0e5438359c1304f32e1a58abc97322e7250eb0e047b74b0f758928fd08c0ccd399bb0bea2f4356d95f1e52ecca8c7fa14af54cdcb318592910dcde24aab0967898f00465c8f7f45b17fe9542cc5959fdc3774a0240a2dab2a882301cbb97ebe56e527dd11a494bf63a193012808eff0846f18bcc67f8d3ef8e13babf0aa583a9ae7d665581e63353c07f1b335b20d59c9361567716ba5ccfb7c9011ed61fb831158c1588780759057956886b84f44cc00c51f0b0ce56f4532c5c9a82e260386860ac06c6fccc919e88adbda0e504d8e07e7e6751f4b53e33f8092c0f37b95e4afe121dbcb379d4669debbedb5794bc24cf4624bb471d5c829b9bb420775196dc14ee64b2e294b9caba354842247dd70c8fddd252c4143d3fdb6d87787edcb0936e75c535184d8b53943ca507789dce21aeb65d4fbbb6b978b0cd62de2140efb3c1f7c69c1062ffee16ebe2a736e18120ca21ef326309b16c9731caf16e425b7ceee27c0eeede689844a9d39834375f765e24a72222c9e0358f4de206017595f7c80fec861a79f7d5afa50b8c7c55d10aa3930bd203b36bcd5e79d64f5df866afe75c1f0722f3bbefbbd62683ad04e0a5abac975d4d77ca15aa0c95f49ef6ad08211caa98f0e0f67d18349c8ad65e60ab143bd5a5d79ac9eb151f382b854f40a9b6dd45940be2be91407f455a3f8196136f85972b1010c9102a64e8e20fc9c89c06c567b18f16187628b55c506725760107da1efb840c7ab748de4cf1d3fe5d8e36533769ce3fdbb9fd322e9ff82c52bb448bd5928a9933ae91287be98af1e02825b2db13dfac238430d96e17c8f88d92dc381bffc25712282013de0528d8618f7502578c4667fce087f0dd94659029808b9fc3c3c63aedde226ca7db58010af931690ed76679a23f54e239ac928117e0ec14eb9f9e74a207b18dcab63d13cd69fba8f9d3caf80e83cbf3bca3a8b6f52926325e60a9fda66472ebf2e21b98ea4ef7287db1a6986d042edb1e15839dfff4f9ace81191c4cf8491d2f3a62f59070e297b91568c0bed896a3153934c5aebd30b0c545b4f67b1765a429e1b79f8b3aca0840e0f336a154267b3d06dd65b89d5edf6753607846944d3c2383eb1a08ed6150ea01bc716ab0365057f31f6acdedc0d9da52b1e0d72d3c329416658567750ce6147890b5effd0994f04d37e4716b06e4a6d23303c2ebf20e5f9e6685ed4a28040eafe937c22cc5e6956038200e4f06c48541ba083a7d74d0f695c70152398f550d4db11528e821ac7741f792722b8b08fb9c98d1ff1530cb7c05bed8234d8d7b3b1fc029d62b9f394340097bf34978beada5cdc7b65a5b595e52ae50333e30ca2414d3e1296eb0e458427197a0e48729f4ba07a86cefd5210e11f8a1894c703e632038a88997e2a9c5f70fc0064aba1344d9409f8d84c034180b08bb209d3302b14774f0a576d4d81c64b205a9d5e5837e15c87fd7fbf4efca76e638364aaf2978f6616fe0281786f4c0f9c114ba212eab378b59101c1239d310481365594b95232b00ddd9eb353088481e8ee69e6d6668d5899d56e29358132139c47e31c75d6fbfd3a49b357757c36610cdec7dc7c9f3c6f0b0e336aabab5b2a01e08e1a44a4b1235b7b3da4097cae6d89c2d16823cbe35e7544001faa95b1ff11594f486b8ba29876b1a4222c7bce88537a141111f2b2735314c683cdd29a5dd9f94eaa99e37720c3d85cec96932a4bbb0f83be82cf6607872bf0b858b521dd2823743fb28077b2191dc523e08cbd73a1a1f881dbef85d0772d8f4b0cf4529d84c96a5f539b07188d177ba340c0e4286781dc30068e8bbd74f66fc9593f63e1e40aa89487d5e887f4f502ae9b6d112a0b62775e57dba8212be68293546c157b69a41f741da3413f84a31b6bf276317e5f6d0a61a10eae8117bf53f8f5f224fe799b9a096be476c1c2af18d6dc05ee086f251cd013eb0c0382a38d8619adbae7019ab5ddea1dba0486b61299702add51d6dfbc9cb8e9cfd030cd4f01cd4be206b700129fc96b54efbd7415996faf693046270abe93d8afd3d5a570c407266137e7281d9552fcf046f075e124ec23d51c5dbdeabbf2eeff18a46ab0a9fcffef9a60dea7790e57ab785916ae0b80ccd59a044bdc24ce6b4a05d20b70d2daa0e7aaf5d57ad0348deb886ddae682e041f5ea5cb861f54a2ef7e493f2bd313926eaca2c9b64e9d347dcc9d00ae17e0fdd677c5bf2521b34d376630ec3f355be7c8d9b43a02a7b4489de33a9c464ac2fb4dd127bcd50c1a96b384a375def1eac7226bd3069413a8cb585fd8c6e2ca07abb3e445817f9f3414c40fdbf416f67d28474528cd3d00f68a3512301842506f565bc57f84c3cc7c89d96709688773536a12f5f872c7476eeea9addadce80a30a52cccaf521e7e80657c3eec42c9e4b1aa1c305782a4480948ed6e91c88fce6413d876d16af0499358f6cfb5523e08dd0474ed6fdebd82e5fa4115a94e20eb925aa60795d3246cb44f2b620bd593559a032cce7f4549347b07104c0b6762e9d4ea8293b250ae78bc3e7003e9d335db4547a9ecee4ab62fbd9c14fbbbcf0df53c46371a5dab059e7b8394e64f5c1c3393431ba8fa0d032049cab859080d4e6d3e17cf02e3d3c21066ac9595661391071a1825261dbe52ca45cb083c562b30130df919b8e3e0d9947c91873f9f4fc3886e0de9d224e00ac81c929d435f2c2f00ad4e3af7fb5043127ea11c47c0984177a720be125fc18c1596a09dc1a13b1f36aab681f8ecc918d16849d6cb19d00c776952e504665902b52cd7c18869ddc027b5009aa322b95fb576ba192588daa0f1693fc258808cc8ceeb6f094f2b267bd50b7ad9924b6ba8790182f744127e3e3dc0407b1187970d2103698e17395d3f2a5080a63120eff1226205f44da66273b35c4b0e0106442a03988b32ef0b47e584ad82a97fb8cce6655e9d8d9f4256d99db52b4fed2848129683f63b2a87aa3cc44060acbbfda7cf40170e6b0579bf1a7c173c927e504b80c56935552c73048bcf1b2966dae1a3ddb76d2539417b81fe43a56c95cc829a3f66c8fa5e14304d57a4763475af814a11ce0543f8de3f8e517af86617ff320df7f75b0c9456e416e30472f4f1d5df24dd96ac4a353147703d0a0dcd22550f80ecc1acb099bf920caa14132d372a85d5f836c9f0d79d8c70d44d400c55c3605fba463fbbdc593dcb3b0057b50541dd54493548c4c602a7a2a9cf3f2e70c20502b30767bb20d2110a886ee2fd1d2a7396059d868fa87a69f331e0d46cb0fdb3d537fa7b5f6496062620d7c734b1df6c069dbd6c9f4af8414950b2892260195e765fcc6f9fb326ed63426bf85b32d5c04cb4d6e5af5846f01affd6d76d2f1c0136ec4a57275a667cec98ff5699d044cf0eb44cf3e9393effb8efc116c5064515a7d38b437220f51079773a99ec86f3678838bafa6dd09d705c80eae781ed6fbc847a6b88bd9cf0eb7dfb9f82b7690bd2f42e5e93f0a1fa6a852dfd1c981b1f9431ff1361b4768b5c77933af327860645e915595323e038ff55950811fcff5c1a909e14d9674436c9ab81718b7af45113a37228e74c039ce18f42d23115d755036979dfe5e696773dc6e94485c1275d9b2de41b513e764aa22d71e1c1c7f17373765b3265480802483a2af6f17f0fe3a7038aaea49474fd60a7278a17899d425c24d5892c65de662ebd1e6c3d62b4ab74f6ff514f66d3d5951ba112bc636cba7ccd7dc83073b691942f4540577dae500bf2695e405b74f0d8e09ff53a54aae698f9125cc836c84486d53d8d43b034cf11fc0d2228d111635bea072c65d9d9af4b8a2ebca135885837bd10c15b844ddb178bd48169e3c316bff5fa02dc1525c94753c98783f91d250ef654391683730cb371f95c489b05e20d5acb38a798e408a0754fee43a148208646fa1b4c87ac80a62c5ea358c23573b52b1679e7a37a265f0", 0x2000, &(0x7f0000001080)={&(0x7f0000000240)={0x50, 0xffffffffffffffda, 0xf992, {0x7, 0x2b, 0x4, 0x28000000, 0x23, 0x1, 0x8000, 0x9, 0x0, 0x0, 0x10, 0x8f}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) close_range(r2, 0xffffffffffffffff, 0x2) 1.227011938s ago: executing program 4 (id=1534): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x2, 0x6, 0x580, 0x0, 0x310, 0x0, 0x0, 0x1d8, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x6, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @remote}, [0x0, 0xff, 0xff000000, 0xff000000], [0x0, 0xffffff00, 0xffffff00, 0xffffffff], 'gretap0\x00', 'batadv_slave_0\x00', {}, {0xff}, 0x2b, 0x5, 0x1, 0x18}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000010000000}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0xfc, 0x6}}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xb4}, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, [0xff], [0xffffff00], '\x00', 'bond_slave_0\x00', {}, {0xff}}, 0x0, 0xf0, 0x138, 0x48000000, {}, [@common=@dst={{0x48}, {0xff, 0x4, 0x0, [0x1, 0x7a, 0xfffd, 0x3f4, 0x0, 0x3, 0x5, 0x0, 0x8, 0x30, 0xe5, 0x4, 0x1, 0x6, 0x0, 0x1], 0x6}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'ip6gre0\x00', {0x4}}}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0xd}, [0x0, 0xffff00, 0xffffffff], [0xffffff00, 0xffffff00, 0xffffff00, 0xff000000], 'nr0\x00', 'vxcan1\x00', {}, {}, 0x62, 0x5, 0x3, 0x20}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xf}}}, {{@ipv6={@mcast1, @private0, [0xff000000, 0xffffff, 0x0, 0xffffff00], [0xffffff00, 0xffffff00, 0xff, 0xff000000], 'pim6reg1\x00', 'hsr0\x00', {}, {}, 0x6c, 0x80, 0x5, 0x61}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0) 923.184019ms ago: executing program 1 (id=1535): syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000180)='./file1\x00', 0x804800, &(0x7f00000002c0)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844b100e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000005c0)='\"', 0x1, 0x4fed0) truncate(&(0x7f0000000900)='./file1\x00', 0x24b9) 888.000748ms ago: executing program 0 (id=1536): socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=") sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000840) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa000000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3163, '\x00', 0x0, 0x0}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3, 0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000180)=r4}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x14, &(0x7f0000001740)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1ab92b}, {0x85, 0x0, 0x0, 0x8}, {0x4}}, {{0x5, 0x0, 0x4, 0x9, 0x0, 0x1, 0x2000}}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x9}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x900, 0x0) ioctl$FBIO_WAITFORVSYNC(r7, 0x40044620, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0x37db, 0xf423b, 0xfffffffffffffffc, 0x0, 0x0, 0x9, 0xfffffffffffffffc, 0x1, 0x3, 0x80000, 0x7ff, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0xf11b, 0x1, 0x8, 0x0, 0x0, 0x2, 0xb17, 0xffffffffffffffff, 0x5c43, 0x1, 0x6}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r8, 0x400, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$binfmt_misc(r9, &(0x7f0000000000), 0xd) 879.324309ms ago: executing program 4 (id=1537): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8000000000100}, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000000840)=[{&(0x7f0000000340)=""/141, 0x8d}], 0x113e) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000140)=0x5) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) r3 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r3, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x11, 0xa, 0x5) ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000040)={'ipvlan0\x00', {0x2, 0x4e20, @broadcast}}) 760.007097ms ago: executing program 7 (id=1538): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r1 = getpid() ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4a, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000f8000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe8a, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000340)={0x1, 0x1, 0x0, 0x0, 0x0, 0xf000}) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000000000/0x800000)=nil, 0x800000}) 90.415792ms ago: executing program 9 (id=1539): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) read$FUSE(r4, &(0x7f0000007fc0)={0x2020}, 0x2020) 0s ago: executing program 7 (id=1540): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x3, 0x0, 0x4, 0xfffd, 0x14, 0x6}, @ipv4=@generic={{0x6, 0x4, 0x1, 0x6, 0x1f, 0x69, 0x0, 0x60, 0x2, 0x0, @empty, @empty, {[@timestamp={0x44, 0x4, 0x5b, 0x0, 0x1}]}}, "14f3305280f125"}}, 0x2d) kernel console output (not intermixed with test programs): tap: left promiscuous mode [ 322.170225][ T12] veth1_vlan: left promiscuous mode [ 322.192207][ T12] veth0_vlan: left promiscuous mode [ 322.297284][ T5747] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 322.663766][ T5747] usb 3-1: unable to get BOS descriptor or descriptor too short [ 322.673276][ T5747] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 322.697661][ T5747] usb 3-1: can't read configurations, error -71 [ 322.901630][ T12] team0 (unregistering): Port device team_slave_1 removed [ 322.971426][ T4936] Bluetooth: hci2: unexpected cc 0x203e length: 2 > 1 [ 322.978330][ T4936] Bluetooth: hci2: unexpected event for opcode 0x203e [ 322.995789][ T12] team0 (unregistering): Port device team_slave_0 removed [ 323.105620][ T8578] loop4: detected capacity change from 0 to 1024 [ 323.124801][ T8578] EXT4-fs: inline encryption not supported [ 323.159464][ T8578] EXT4-fs (loop4): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 323.253389][ T8578] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.452602][ T5282] 8021q: adding VLAN 0 to HW filter on device eth5 [ 323.964389][ T8360] 8021q: adding VLAN 0 to HW filter on device bond0 [ 324.098945][ T8360] 8021q: adding VLAN 0 to HW filter on device team0 [ 324.110591][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.145740][ T6185] bridge0: port 1(bridge_slave_0) entered blocking state [ 324.152949][ T6185] bridge0: port 1(bridge_slave_0) entered forwarding state [ 324.170180][ T8595] loop3: detected capacity change from 0 to 512 [ 324.185598][ T8595] EXT4-fs: Ignoring removed oldalloc option [ 324.233290][ T6185] bridge0: port 2(bridge_slave_1) entered blocking state [ 324.240607][ T6185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 324.246189][ T8599] autofs: Unknown parameter '0x0000000000000000' [ 324.284210][ T8595] EXT4-fs error (device loop3): ext4_iget_extra_inode:5179: inode #15: comm syz.3.798: corrupted in-inode xattr: invalid ea_ino [ 324.298248][ T8595] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 324.299171][ T8595] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.798: couldn't read orphan inode 15 (err -117) [ 324.308414][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 324.308445][ C1] EXT4-fs (loop3): initial error at time 1786630316: ext4_iget_extra_inode:5179: inode 15 [ 324.308495][ C1] EXT4-fs (loop3): last error at time 1786630316: ext4_iget_extra_inode:5179: inode 15 [ 324.349151][ T8595] loop3: lost filesystem error report for type 5 error -117 [ 324.356859][ T12] IPVS: stop unused estimator thread 0... [ 324.392050][ T4936] Bluetooth: Unexpected continuation frame (len 12) [ 324.409715][ T8595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.727230][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.922548][ T29] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 326.058300][ T5282] 8021q: adding VLAN 0 to HW filter on device eth7 [ 326.109557][ T29] usb 4-1: unable to get BOS descriptor or descriptor too short [ 326.163633][ T29] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 326.358252][ T29] usb 4-1: can't read configurations, error -71 [ 327.070484][ T4936] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 327.083947][ T4936] Bluetooth: hci2: Injecting HCI hardware error event [ 327.092661][ T5632] Bluetooth: hci2: hardware error 0x00 [ 327.661478][ T8664] netlink: 28 bytes leftover after parsing attributes in process `syz.0.814'. [ 329.135162][ T8679] autofs: Unknown parameter '0x0000000000000000' [ 329.152456][ T8360] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.229190][ T5632] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 329.416053][ T8692] misc userio: No port type given on /dev/userio [ 329.599178][ T8694] syzkaller1: entered promiscuous mode [ 329.605855][ T8694] syzkaller1: entered allmulticast mode [ 330.463219][ T8697] misc userio: The device must be registered before sending interrupts [ 330.877657][ T29] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 332.784934][ T5282] 8021q: adding VLAN 0 to HW filter on device eth6 [ 332.846157][ T29] usb 7-1: unable to get BOS descriptor or descriptor too short [ 332.869252][ T29] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 332.885838][ T29] usb 7-1: can't read configurations, error -71 [ 333.072926][ T8360] veth0_vlan: entered promiscuous mode [ 333.109271][ T8360] veth1_vlan: entered promiscuous mode [ 333.194951][ T8360] veth0_macvtap: entered promiscuous mode [ 333.229418][ T8360] veth1_macvtap: entered promiscuous mode [ 333.264052][ T8360] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 333.437470][ T8360] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 333.460929][ T57] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.585259][ T3296] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.846980][ T3296] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.012499][ T3296] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.663903][ T8747] autofs: Unknown parameter '0x0000000000000000' [ 334.767310][ T6002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.794070][ T6002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.900308][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 335.037875][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 335.756674][ T8762] misc userio: No port type given on /dev/userio [ 335.856000][ T8767] misc userio: The device must be registered before sending interrupts [ 337.328118][ T5282] 8021q: adding VLAN 0 to HW filter on device eth8 [ 337.813124][ T8790] autofs: Unknown parameter '0x0000000000000000' [ 339.741811][ T8803] loop3: detected capacity change from 0 to 1024 [ 339.807596][ T8803] EXT4-fs: inline encryption not supported [ 339.893567][ T8803] EXT4-fs (loop3): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 339.996976][ T8803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 340.031975][ T8813] loop7: detected capacity change from 0 to 512 [ 340.039600][ T8813] EXT4-fs (loop7): unable to read superblock [ 341.675538][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.249491][ T8829] loop7: detected capacity change from 0 to 1024 [ 342.275597][ T8829] EXT4-fs: Ignoring removed oldalloc option [ 342.284946][ T8829] EXT4-fs: Ignoring removed orlov option [ 342.323950][ T8829] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a042c118, mo2=0002] [ 342.366188][ T8829] System zones: 0-1, 3-12 [ 342.444543][ T8829] EXT4-fs (loop7): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.754780][ T8841] loop4: detected capacity change from 0 to 512 [ 343.050863][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 343.085212][ T8841] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 343.093512][ T8841] EXT4-fs (loop4): orphan cleanup on readonly fs [ 343.103793][ T8841] Quota error (device loop4): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 343.115659][ T8841] EXT4-fs warning (device loop4): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 343.131972][ T8841] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 343.140725][ T8841] EXT4-fs error (device loop4): ext4_do_update_inode:5742: inode #16: comm syz.4.842: corrupted inode contents [ 343.153763][ T8841] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 343.154643][ T8841] EXT4-fs (loop4): Remounting filesystem read-only [ 343.163815][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 343.163854][ C0] EXT4-fs (loop4): initial error at time 1786630335: ext4_do_update_inode:5742: inode 16 [ 343.163909][ C0] EXT4-fs (loop4): last error at time 1786630335: ext4_do_update_inode:5742: inode 16 [ 343.196867][ T8841] EXT4-fs (loop4): 1 truncate cleaned up [ 343.209699][ T8841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 343.339677][ T8846] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input32 [ 343.387626][ T5632] Bluetooth: Unexpected continuation frame (len 12) [ 343.481127][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.570719][ T8875] loop2: detected capacity change from 0 to 1024 [ 345.636714][ T5767] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 345.670144][ T8875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 346.401337][ T5767] usb 5-1: unable to get BOS descriptor or descriptor too short [ 346.510943][ T5767] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 346.529604][ T5767] usb 5-1: can't read configurations, error -71 [ 346.547740][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.602535][ T8893] autofs: Unknown parameter 'fd0x0000000000000000' [ 347.271014][ T8909] loop6: detected capacity change from 0 to 512 [ 347.522353][ T5632] Bluetooth: Unexpected continuation frame (len 12) [ 347.629402][ T8909] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 347.638880][ T8909] EXT4-fs (loop6): orphan cleanup on readonly fs [ 347.672852][ T8909] Quota error (device loop6): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 347.684838][ T8909] EXT4-fs warning (device loop6): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 347.700147][ T8909] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 347.709446][ T8909] EXT4-fs error (device loop6): ext4_do_update_inode:5742: inode #16: comm syz.6.877: corrupted inode contents [ 347.723218][ T8909] loop6: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 347.725714][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 347.741441][ C1] EXT4-fs (loop6): initial error at time 1787154627: ext4_do_update_inode:5742: inode 16 [ 347.751344][ C1] EXT4-fs (loop6): last error at time 1787154627: ext4_do_update_inode:5742: inode 16 [ 347.772009][ T8909] EXT4-fs (loop6): Remounting filesystem read-only [ 347.782292][ T8909] EXT4-fs (loop6): 1 truncate cleaned up [ 347.789444][ T8909] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 348.507218][ T8917] loop4: detected capacity change from 0 to 512 [ 348.614317][ T8917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.685879][ T8917] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 348.872736][ T6015] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.895242][ T8917] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 349.363188][ T8935] loop7: detected capacity change from 0 to 256 [ 350.281789][ T8935] vfat: Unknown parameter 'sortname' [ 350.558742][ T8947] loop4: detected capacity change from 0 to 1024 [ 350.755692][ T8948] autofs: Unknown parameter 'fd0x0000000000000000' [ 351.089991][ T8947] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 351.266863][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.521201][ T5632] Bluetooth: Unexpected continuation frame (len 12) [ 351.589369][ T8965] loop4: detected capacity change from 0 to 1024 [ 351.612493][ T8965] EXT4-fs: inline encryption not supported [ 351.655285][ T8965] EXT4-fs (loop4): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 351.740653][ T8965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 351.924047][ T29] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 352.120383][ T8982] loop6: detected capacity change from 0 to 512 [ 352.282484][ T8982] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 352.292288][ T8982] EXT4-fs (loop6): orphan cleanup on readonly fs [ 352.305043][ T8982] Quota error (device loop6): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 352.317342][ T8982] EXT4-fs warning (device loop6): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 352.332730][ T8982] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 352.434878][ T8982] EXT4-fs error (device loop6): ext4_do_update_inode:5742: inode #16: comm syz.6.895: corrupted inode contents [ 352.448031][ T8982] loop6: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 352.453636][ T8982] EXT4-fs (loop6): Remounting filesystem read-only [ 352.462856][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 352.462891][ C1] EXT4-fs (loop6): initial error at time 1787678920: ext4_do_update_inode:5742: inode 16 [ 352.462947][ C1] EXT4-fs (loop6): last error at time 1787678920: ext4_do_update_inode:5742: inode 16 [ 352.496328][ T8982] EXT4-fs (loop6): 1 truncate cleaned up [ 352.503070][ T8982] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 352.547265][ T29] usb 4-1: unable to get BOS descriptor or descriptor too short [ 352.773770][ T29] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 352.782920][ T29] usb 4-1: can't read configurations, error -71 [ 352.801994][ T6015] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.986111][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.467611][ T9014] loop3: detected capacity change from 0 to 1024 [ 353.688487][ T9014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 353.785221][ T9030] autofs: Unknown parameter 'fd0x0000000000000000' [ 353.838943][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.859835][ T9034] loop6: detected capacity change from 0 to 8 [ 353.897112][ T9034] SQUASHFS error: zlib decompression failed, data probably corrupt [ 353.980070][ T5769] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 353.997590][ T9034] SQUASHFS error: Failed to read block 0x4de: -5 [ 354.046874][ T9034] SQUASHFS error: zlib decompression failed, data probably corrupt [ 354.064484][ T5747] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 354.109373][ T9034] SQUASHFS error: Failed to read block 0x4df: -5 [ 354.117617][ T5747] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 354.157761][ T5769] usb 5-1: Using ep0 maxpacket: 16 [ 354.174104][ T9034] SQUASHFS error: zlib decompression failed, data probably corrupt [ 354.194215][ T5769] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 354.244349][ T5769] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 354.271883][ T5769] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 354.303184][ T9034] SQUASHFS error: Failed to read block 0x4e0: -5 [ 354.330649][ T5769] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 354.390303][ T9034] SQUASHFS error: zlib decompression failed, data probably corrupt [ 354.421662][ T5769] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 354.536615][ T5769] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 354.552818][ T9049] loop7: detected capacity change from 0 to 1024 [ 354.559485][ T9034] SQUASHFS error: Failed to read block 0x4de: -5 [ 354.569760][ T5769] usb 5-1: Manufacturer: syz [ 354.579356][ T5769] usb 5-1: config 0 descriptor?? [ 354.600747][ T30] audit: type=1800 audit(1788203210.656:23): pid=9034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.904" name="file1" dev="loop6" ino=5 res=0 errno=0 [ 354.672563][ T9053] loop3: detected capacity change from 0 to 512 [ 354.910459][ T9053] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 354.920258][ T9053] EXT4-fs (loop3): orphan cleanup on readonly fs [ 354.953043][ T9053] Quota error (device loop3): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 354.965559][ T9053] EXT4-fs warning (device loop3): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 354.980978][ T9053] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 355.004645][ T9053] EXT4-fs error (device loop3): ext4_do_update_inode:5742: inode #16: comm syz.3.911: corrupted inode contents [ 355.016724][ T9053] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 355.029294][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 355.044260][ T9049] EXT4-fs: inline encryption not supported [ 355.044883][ C0] EXT4-fs (loop3): initial error at time 1788203211: ext4_do_update_inode:5742: inode 16 [ 355.060582][ C0] EXT4-fs (loop3): last error at time 1788203211: ext4_do_update_inode:5742: inode 16 [ 355.065444][ T9049] EXT4-fs (loop7): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 355.080211][ T9053] EXT4-fs (loop3): Remounting filesystem read-only [ 355.086972][ T9053] EXT4-fs (loop3): 1 truncate cleaned up [ 355.104142][ T9053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 355.175492][ T9049] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.331606][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.566925][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.972476][ T5747] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 356.279119][ T5747] usb 1-1: unable to get BOS descriptor or descriptor too short [ 356.295126][ T5747] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 356.319145][ T5747] usb 1-1: can't read configurations, error -71 [ 356.360571][ T10] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 356.525927][ T10] usb 4-1: Using ep0 maxpacket: 8 [ 356.570110][ T10] usb 4-1: unable to get BOS descriptor or descriptor too short [ 356.589662][ T5859] usb 5-1: USB disconnect, device number 16 [ 356.617999][ T10] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 356.652457][ T10] usb 4-1: can't read configurations, error -71 [ 356.909774][ T9094] loop7: detected capacity change from 0 to 1024 [ 357.108796][ T9094] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 357.389247][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.797102][ T9122] loop4: detected capacity change from 0 to 512 [ 358.631665][ T9122] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 358.639793][ T9122] EXT4-fs (loop4): orphan cleanup on readonly fs [ 358.647156][ T9122] Quota error (device loop4): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 358.659449][ T9122] EXT4-fs warning (device loop4): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 358.674160][ T9122] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 358.688240][ T9122] EXT4-fs error (device loop4): ext4_do_update_inode:5742: inode #16: comm syz.4.926: corrupted inode contents [ 358.699997][ T9122] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 358.708783][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 358.724389][ C0] EXT4-fs (loop4): initial error at time 1788727502: ext4_do_update_inode:5742: inode 16 [ 358.734258][ C0] EXT4-fs (loop4): last error at time 1788727502: ext4_do_update_inode:5742: inode 16 [ 358.743948][ T9122] EXT4-fs (loop4): Remounting filesystem read-only [ 358.752101][ T9122] EXT4-fs (loop4): 1 truncate cleaned up [ 358.758832][ T9122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 358.949948][ T9130] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input33 [ 359.025861][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.378981][ T5859] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 359.545162][ T5859] usb 4-1: Using ep0 maxpacket: 16 [ 359.565450][ T5859] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 359.597712][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 359.640988][ T5859] usb 4-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 359.814338][ T5859] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 359.831534][ T5859] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 359.840968][ T5859] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 359.843172][ T9162] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 359.849310][ T5859] usb 4-1: Manufacturer: syz [ 360.053641][ T9162] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 360.370736][ T9162] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 360.381547][ T5859] usb 4-1: config 0 descriptor?? [ 360.405900][ T9162] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 360.598631][ T330] Bluetooth: hci3: Frame reassembly failed (-84) [ 360.642666][ T10] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 360.828899][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 360.886639][ T10] usb 8-1: unable to get BOS descriptor or descriptor too short [ 360.916844][ T10] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 360.935135][ T10] usb 8-1: can't read configurations, error -71 [ 361.687815][ T9180] loop6: detected capacity change from 0 to 512 [ 362.364380][ T9180] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 362.373122][ T9180] EXT4-fs (loop6): orphan cleanup on readonly fs [ 362.399029][ T5859] usb 4-1: USB disconnect, device number 28 [ 362.426121][ T9180] Quota error (device loop6): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 362.439326][ T9180] EXT4-fs warning (device loop6): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 362.454477][ T9180] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 362.463649][ T9180] EXT4-fs error (device loop6): ext4_do_update_inode:5742: inode #16: comm syz.6.944: corrupted inode contents [ 362.475494][ T9180] loop6: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 362.484863][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 362.500508][ C1] EXT4-fs (loop6): initial error at time 1789251794: ext4_do_update_inode:5742: inode 16 [ 362.510424][ C1] EXT4-fs (loop6): last error at time 1789251794: ext4_do_update_inode:5742: inode 16 [ 362.522066][ T9180] EXT4-fs (loop6): Remounting filesystem read-only [ 362.530038][ T9180] EXT4-fs (loop6): 1 truncate cleaned up [ 362.536763][ T9180] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 362.572487][ T4936] Bluetooth: hci3: command 0x1003 tx timeout [ 362.601443][ T5632] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 362.824459][ T9188] loop7: detected capacity change from 0 to 512 [ 362.937651][ T9188] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.005224][ T9188] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 363.103546][ T9188] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 363.180510][ T9188] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 363.234869][ T9188] EXT4-fs (loop7): This should not happen!! Data will be lost [ 363.234869][ T9188] [ 363.270883][ T9188] EXT4-fs (loop7): Total free blocks count 0 [ 363.289777][ T9188] EXT4-fs (loop7): Free/Dirty block details [ 363.309534][ T9188] EXT4-fs (loop7): free_blocks=65280 [ 363.340784][ T9188] EXT4-fs (loop7): dirty_blocks=33 [ 363.367884][ T9188] EXT4-fs (loop7): Block reservation details [ 363.398627][ T9188] EXT4-fs (loop7): i_reserved_data_blocks=33 [ 363.470785][ T9202] loop3: detected capacity change from 0 to 1024 [ 363.516806][ T6015] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.582626][ T9202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 363.648854][ T5632] Bluetooth: Unexpected continuation frame (len 12) [ 363.689610][ T8360] EXT4-fs warning (device loop7): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 363.712473][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.912662][ T9213] tipc: Started in network mode [ 363.942125][ T9213] tipc: Node identity 8a1d6266d7f7, cluster identity 4711 [ 363.961295][ T9213] tipc: Enabled bearer , priority 0 [ 363.989548][ T9221] syzkaller0: entered promiscuous mode [ 364.010354][ T9221] syzkaller0: entered allmulticast mode [ 364.105244][ T9213] tipc: Resetting bearer [ 364.113959][ T9220] siw: device registration error -23 [ 364.186133][ T9212] tipc: Resetting bearer [ 364.206268][ T9212] tipc: Disabling bearer [ 364.537070][ T9229] loop6: detected capacity change from 0 to 512 [ 364.585974][ T9229] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 364.594320][ T9229] EXT4-fs (loop6): orphan cleanup on readonly fs [ 364.601472][ T9229] Quota error (device loop6): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 364.605450][ T29] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 364.615298][ T9229] EXT4-fs warning (device loop6): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 364.638133][ T9229] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 364.646431][ T9229] EXT4-fs error (device loop6): ext4_do_update_inode:5742: inode #16: comm syz.6.960: corrupted inode contents [ 364.659184][ T9229] loop6: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 364.659599][ T9229] EXT4-fs (loop6): Remounting filesystem read-only [ 364.668785][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 364.668814][ C0] EXT4-fs (loop6): initial error at time 1789776084: ext4_do_update_inode:5742: inode 16 [ 364.668869][ C0] EXT4-fs (loop6): last error at time 1789776084: ext4_do_update_inode:5742: inode 16 [ 364.701889][ T9229] EXT4-fs (loop6): 1 truncate cleaned up [ 364.708723][ T9229] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 364.722805][ T5754] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 364.791420][ T29] usb 1-1: Using ep0 maxpacket: 16 [ 364.807949][ T29] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 364.916543][ T5754] usb 3-1: Using ep0 maxpacket: 8 [ 364.934365][ T6015] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.936233][ T29] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 364.964864][ T29] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 364.975465][ T5754] usb 3-1: unable to get BOS descriptor or descriptor too short [ 364.977410][ T5754] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 364.994220][ T29] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 365.033604][ T29] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 365.041588][ T5754] usb 3-1: can't read configurations, error -71 [ 365.056633][ T29] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 365.067692][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.089672][ T9218] loop7: detected capacity change from 0 to 8 [ 365.104512][ T29] usb 1-1: Manufacturer: syz [ 365.273496][ T29] usb 1-1: config 0 descriptor?? [ 365.303046][ T9218] SQUASHFS error: zlib decompression failed, data probably corrupt [ 365.312687][ T9218] SQUASHFS error: Failed to read block 0x4de: -5 [ 365.320940][ T9218] SQUASHFS error: zlib decompression failed, data probably corrupt [ 365.838823][ T9218] SQUASHFS error: Failed to read block 0x4df: -5 [ 365.846095][ T9218] SQUASHFS error: zlib decompression failed, data probably corrupt [ 365.854269][ T9218] SQUASHFS error: Failed to read block 0x4e0: -5 [ 365.860954][ T9218] SQUASHFS error: zlib decompression failed, data probably corrupt [ 365.872656][ T9218] SQUASHFS error: Failed to read block 0x4de: -5 [ 365.879639][ T30] audit: type=1800 audit(1789776086.254:24): pid=9218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.956" name="file1" dev="loop7" ino=5 res=0 errno=0 [ 366.178889][ T9258] netlink: 44 bytes leftover after parsing attributes in process `syz.6.967'. [ 366.945096][ T9278] loop3: detected capacity change from 0 to 1024 [ 366.978783][ T9] usb 1-1: USB disconnect, device number 18 [ 367.031294][ T9279] loop6: detected capacity change from 0 to 512 [ 367.038652][ T9279] EXT4-fs: Ignoring removed oldalloc option [ 367.271372][ T9279] EXT4-fs error (device loop6): ext4_iget_extra_inode:5179: inode #15: comm syz.6.975: corrupted in-inode xattr: invalid ea_ino [ 367.284984][ T9279] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 367.285723][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 367.301360][ C1] EXT4-fs (loop6): initial error at time 1789776087: ext4_iget_extra_inode:5179: inode 15 [ 367.311341][ C1] EXT4-fs (loop6): last error at time 1789776087: ext4_iget_extra_inode:5179: inode 15 [ 367.335536][ T9279] EXT4-fs error (device loop6): ext4_orphan_get:1402: comm syz.6.975: couldn't read orphan inode 15 (err -117) [ 367.347639][ T9279] loop6: lost filesystem error report for type 5 error -117 [ 367.358442][ T9279] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.418136][ T9279] netlink: 32 bytes leftover after parsing attributes in process `syz.6.975'. [ 367.433530][ T9279] EXT4-fs error (device loop6): ext4_find_dest_de:2049: inode #2: block 13: comm syz.6.975: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 367.699525][ T9278] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 369.072100][ T5632] Bluetooth: hci5: unexpected cc 0x203e length: 2 > 1 [ 369.079245][ T5632] Bluetooth: hci5: unexpected event for opcode 0x203e [ 369.094467][ T6015] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.346679][ T9304] netlink: 44 bytes leftover after parsing attributes in process `syz.6.983'. [ 369.422314][ T9307] loop4: detected capacity change from 0 to 512 [ 369.691339][ T9307] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 369.757418][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.780610][ T9307] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:482: comm syz.4.984: Invalid block bitmap block 0 in block_group 0 [ 369.867192][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 369.867586][ T9307] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 369.874989][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 369.875022][ C1] EXT4-fs (loop4): initial error at time 1790300378: ext4_read_block_bitmap_nowait:482 [ 369.875064][ C1] EXT4-fs (loop4): last error at time 1790300378: ext4_read_block_bitmap_nowait:482 [ 370.055486][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 370.195228][ T9307] EXT4-fs error (device loop4): ext4_clear_blocks:874: inode #11: comm syz.4.984: attempt to clear invalid blocks 983261 len 1 [ 370.220559][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 370.226869][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 371.214304][ T9307] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 371.214629][ T9307] EXT4-fs error (device loop4): __ext4_get_inode_loc:4885: comm syz.4.984: Invalid inode table block 0 in block_group 0 [ 371.939130][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 371.941614][ T9307] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6435: Corrupt filesystem [ 371.964314][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 371.966140][ T9307] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 371.993402][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 371.993769][ T9307] EXT4-fs error (device loop4): __ext4_get_inode_loc:4885: comm syz.4.984: Invalid inode table block 0 in block_group 0 [ 372.267900][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 372.269663][ T9307] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6435: Corrupt filesystem [ 372.528424][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 372.539264][ T9307] EXT4-fs error (device loop4): ext4_truncate:4691: inode #11: comm syz.4.984: mark_inode_dirty error [ 372.879797][ T9307] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 372.880173][ T9307] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 373.066321][ T5859] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 373.075520][ T5632] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 373.088363][ T5632] Bluetooth: hci5: Injecting HCI hardware error event [ 373.095341][ T5632] Bluetooth: hci5: hardware error 0x00 [ 373.103404][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 373.112147][ T9307] EXT4-fs error (device loop4): __ext4_get_inode_loc:4885: comm syz.4.984: Invalid inode table block 0 in block_group 0 [ 373.917099][ T9307] loop4: lost filesystem error report for type 5 error -117 [ 373.989620][ T9307] EXT4-fs (loop4): 1 truncate cleaned up [ 374.107570][ T9307] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 374.301982][ T5859] usb 3-1: Using ep0 maxpacket: 16 [ 374.308963][ T5859] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 374.327629][ T5859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 374.347646][ T5859] usb 3-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 374.370989][ T5859] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 374.443661][ T9343] loop6: detected capacity change from 0 to 128 [ 374.467117][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.527251][ T9343] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 374.563697][ T9343] ext4 filesystem being mounted at /162/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 375.504987][ T5859] usb 3-1: string descriptor 0 read error: -71 [ 375.553916][ T5859] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 375.602434][ T4936] Bluetooth: hci0: unexpected cc 0x203e length: 2 > 1 [ 375.609611][ T4936] Bluetooth: hci0: unexpected event for opcode 0x203e [ 375.651947][ T5859] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 375.724209][ T5859] usb 3-1: config 0 descriptor?? [ 375.748825][ T6015] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 375.785671][ T5859] usb 3-1: can't set config #0, error -71 [ 375.819207][ T5859] usb 3-1: USB disconnect, device number 18 [ 376.043023][ T30] audit: type=1326 audit(1790300384.676:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.2.1004" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 376.155084][ T5632] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 376.165952][ T30] audit: type=1326 audit(1790300384.676:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.2.1004" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 376.667975][ T30] audit: type=1326 audit(1790300384.717:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.2.1004" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 376.779345][ T30] audit: type=1326 audit(1790300384.717:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.2.1004" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 376.911668][ T30] audit: type=1326 audit(1790300384.717:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.2.1004" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 376.947097][ T30] audit: type=1326 audit(1790300384.717:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 377.155486][ T30] audit: type=1326 audit(1790300384.717:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.2.1004" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 377.181774][ T30] audit: type=1326 audit(1790300384.717:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.2.1004" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 377.208989][ T30] audit: type=1326 audit(1790300384.717:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 377.278123][ T30] audit: type=1326 audit(1790300384.717:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdffdf9ce59 code=0x7ffc0000 [ 378.149264][ T5632] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 378.156156][ T5632] Bluetooth: Wrong link type (-22) [ 378.162744][ T5632] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 378.174666][ T5632] Bluetooth: Wrong link type (-22) [ 378.180045][ T5632] Bluetooth: hci6: link tx timeout [ 378.185268][ T5632] Bluetooth: hci6: killing stalled connection 10:aa:aa:aa:aa:aa [ 378.193839][ T5632] Bluetooth: hci6: link tx timeout [ 378.244411][ T5632] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 378.372420][ T9385] loop4: detected capacity change from 0 to 1024 [ 379.579971][ T5632] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 379.588289][ T5632] Bluetooth: hci0: Injecting HCI hardware error event [ 379.595375][ T5632] Bluetooth: hci0: hardware error 0x00 [ 380.044859][ T9385] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 380.288597][ T5627] Bluetooth: hci6: command 0x0406 tx timeout [ 380.512516][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 380.634310][ T9395] loop6: detected capacity change from 0 to 1024 [ 380.654842][ T9395] EXT4-fs: inline encryption not supported [ 381.933656][ T5859] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 381.995670][ T9395] EXT4-fs (loop6): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 382.076536][ T9395] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 382.159568][ T5859] usb 3-1: Using ep0 maxpacket: 16 [ 382.179192][ T5632] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 382.180604][ T5859] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 382.203011][ T9395] overlayfs: failed to resolve './bus': -2 [ 382.263750][ T5859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 382.321933][ T5859] usb 3-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 382.336617][ T5632] Bluetooth: hci6: command 0x0406 tx timeout [ 382.369204][ T5859] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 382.427907][ T5859] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 382.460567][ T5859] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 382.499494][ T6015] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.526957][ T5859] usb 3-1: Manufacturer: syz [ 382.548823][ T5859] usb 3-1: config 0 descriptor?? [ 384.398848][ T4936] Bluetooth: hci6: command 0x0406 tx timeout [ 384.671590][ T9] usb 3-1: USB disconnect, device number 19 [ 384.904217][ T9440] netlink: 1752 bytes leftover after parsing attributes in process `syz.6.1028'. [ 384.947509][ T9439] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1027'. [ 385.336777][ T9447] loop3: detected capacity change from 0 to 1024 [ 385.385264][ T9447] EXT4-fs: inline encryption not supported [ 385.432272][ T9447] EXT4-fs (loop3): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 385.501689][ T9447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 385.570290][ T9447] overlayfs: failed to resolve './bus': -2 [ 385.742506][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.522740][ T5859] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 386.681359][ T5859] usb 7-1: Using ep0 maxpacket: 16 [ 386.743051][ T5859] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 386.784703][ T5859] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 386.819547][ T5859] usb 7-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 386.868026][ T5859] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 386.906194][ T5859] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 386.930187][ T5859] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 386.953756][ T5859] usb 7-1: Manufacturer: syz [ 386.969658][ T5859] usb 7-1: config 0 descriptor?? [ 387.110298][ T9487] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.1044'. [ 387.467336][ T9498] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1046'. [ 387.924389][ T9521] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1057'. [ 388.108764][ T9523] loop2: detected capacity change from 0 to 512 [ 388.116122][ T9523] EXT4-fs: Ignoring removed oldalloc option [ 388.897778][ T9523] EXT4-fs error (device loop2): ext4_iget_extra_inode:5179: inode #15: comm syz.2.1052: corrupted in-inode xattr: invalid ea_ino [ 388.911671][ T9523] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 388.918970][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 388.934640][ C1] EXT4-fs (loop2): initial error at time 1790824685: ext4_iget_extra_inode:5179: inode 15 [ 388.944660][ C1] EXT4-fs (loop2): last error at time 1790824685: ext4_iget_extra_inode:5179: inode 15 [ 388.967775][ T9523] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1052: couldn't read orphan inode 15 (err -117) [ 388.980050][ T9523] loop2: lost filesystem error report for type 5 error -117 [ 388.985950][ T9523] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 389.042994][ T9523] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1052'. [ 389.059987][ T9523] EXT4-fs error (device loop2): ext4_find_dest_de:2049: inode #2: block 13: comm syz.2.1052: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 390.150886][ T9532] loop7: detected capacity change from 0 to 1024 [ 390.512047][ T9534] loop3: detected capacity change from 0 to 1024 [ 390.629266][ T9532] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 390.938450][ T9] usb 7-1: USB disconnect, device number 20 [ 390.973314][ T9534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.715161][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.820972][ T9538] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 391.860143][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.006393][ T9552] loop2: detected capacity change from 0 to 256 [ 392.030194][ T9552] vfat: Unknown parameter 'utRyjd×ùf8' [ 392.041353][ T9551] sctp: [Deprecated]: syz.0.1061 (pid 9551) Use of struct sctp_assoc_value in delayed_ack socket option. [ 392.041353][ T9551] Use struct sctp_sack_info instead [ 392.294072][ T9556] tipc: Enabled bearer , priority 0 [ 392.339192][ T9564] syzkaller0: entered promiscuous mode [ 392.355370][ T9564] syzkaller0: entered allmulticast mode [ 392.370291][ T9565] netlink: 44 bytes leftover after parsing attributes in process `syz.7.1066'. [ 392.420635][ T9556] tipc: Resetting bearer [ 392.468072][ T9555] tipc: Resetting bearer [ 392.487309][ T9555] tipc: Disabling bearer [ 393.168351][ T5628] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.495064][ T9605] loop7: detected capacity change from 0 to 512 [ 394.507644][ T9605] EXT4-fs: Ignoring removed oldalloc option [ 395.377856][ T9605] EXT4-fs error (device loop7): ext4_iget_extra_inode:5179: inode #15: comm syz.7.1078: corrupted in-inode xattr: invalid ea_ino [ 395.391410][ T9605] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 395.393736][ T9605] EXT4-fs error (device loop7): ext4_orphan_get:1402: comm syz.7.1078: couldn't read orphan inode 15 (err -117) [ 395.403011][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 395.403042][ C1] EXT4-fs (loop7): initial error at time 1791348980: ext4_iget_extra_inode:5179: inode 15 [ 395.403096][ C1] EXT4-fs (loop7): last error at time 1791348980: ext4_iget_extra_inode:5179: inode 15 [ 395.441441][ T9605] loop7: lost filesystem error report for type 5 error -117 [ 395.448797][ T9605] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.492537][ T9605] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1078'. [ 395.507172][ T9605] EXT4-fs error (device loop7): ext4_find_dest_de:2049: inode #2: block 13: comm syz.7.1078: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 396.724837][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.793338][ T9610] input: syz1 as /devices/virtual/input/input34 [ 397.320275][ T9620] loop2: detected capacity change from 0 to 1024 [ 397.362891][ T9620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 397.754504][ T13] Bluetooth: hci3: Frame reassembly failed (-84) [ 397.789357][ T9631] Bluetooth: hci3: Frame reassembly failed (-84) [ 397.806536][ T9631] Bluetooth: hci3: Frame reassembly failed (-84) [ 397.822346][ T9631] Bluetooth: hci3: Frame reassembly failed (-84) [ 397.846911][ T9631] Bluetooth: hci3: Frame reassembly failed (-84) [ 398.213892][ T9623] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 399.765197][ T5632] Bluetooth: hci3: command 0x1003 tx timeout [ 399.765212][ T4936] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 399.875906][ T5767] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 400.533443][ T5767] usb 7-1: Using ep0 maxpacket: 16 [ 400.641453][ T5767] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 400.681268][ T5767] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 400.723759][ T5767] usb 7-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 400.759243][ T5630] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.770233][ T5767] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 400.792729][ T5767] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 400.812517][ T5767] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 400.833430][ T5767] usb 7-1: Manufacturer: syz [ 400.843571][ T5767] usb 7-1: config 0 descriptor?? [ 403.066941][ T9699] misc userio: Invalid payload size [ 403.540878][ T5767] usb 7-1: USB disconnect, device number 21 [ 403.842036][ T9708] misc userio: The device must be registered before sending interrupts [ 404.560287][ T9716] loop6: detected capacity change from 0 to 1024 [ 404.599399][ T9716] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 404.875168][ T9731] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1121'. [ 404.902121][ T9734] netlink: 'syz.2.1126': attribute type 10 has an invalid length. [ 404.910067][ T5754] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 404.933100][ T9734] team0: Port device dummy0 added [ 404.952641][ T9734] netlink: 'syz.2.1126': attribute type 10 has an invalid length. [ 404.970552][ T9734] team0: Port device dummy0 removed [ 405.005113][ T9734] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 405.077723][ T5754] usb 8-1: Using ep0 maxpacket: 8 [ 405.129847][ T5754] usb 8-1: unable to get BOS descriptor or descriptor too short [ 405.163922][ T5754] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 405.168893][ T9530] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.187175][ T5754] usb 8-1: can't read configurations, error -71 [ 405.420610][ T9530] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.555698][ T5859] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 405.754397][ T5859] usb 3-1: Using ep0 maxpacket: 16 [ 405.821014][ T5859] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 405.918426][ T5859] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 405.948198][ T5859] usb 3-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 405.973467][ T5859] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 406.000170][ T5859] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 406.021279][ T5859] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 406.045879][ T5859] usb 3-1: Manufacturer: syz [ 406.059899][ T5859] usb 3-1: config 0 descriptor?? [ 406.082578][ T9530] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 406.182773][ T9530] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 406.254197][ T5632] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 406.262780][ T5632] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 406.270417][ T5632] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 406.280973][ T5632] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 406.288940][ T5632] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 406.464245][ T9530] bridge_slave_1: left allmulticast mode [ 406.499513][ T9530] bridge_slave_1: left promiscuous mode [ 406.534086][ T9530] bridge0: port 2(bridge_slave_1) entered disabled state [ 406.589847][ T9530] bridge_slave_0: left allmulticast mode [ 406.619791][ T9530] bridge_slave_0: left promiscuous mode [ 406.796297][ T9530] bridge0: port 1(bridge_slave_0) entered disabled state [ 407.342508][ T9388] smc: removing ib device syz0 [ 407.899904][ T9388] smbdirect: ib_dev[syz0] removed [ 408.278538][ T4936] Bluetooth: hci2: command tx timeout [ 408.362403][ T29] usb 3-1: USB disconnect, device number 20 [ 408.418634][ T9530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 408.472134][ T9530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 408.498084][ T9530] bond0 (unregistering): Released all slaves [ 408.599732][ T9725] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 408.624734][ T802] xfrm0 speed is unknown, defaulting to 1000 [ 408.650297][ T802] syz0: Port: 1 Link DOWN [ 409.436743][ T6015] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 409.672692][ T5282] 8021q: adding VLAN 0 to HW filter on device eth9 [ 410.354437][ T4936] Bluetooth: hci2: command tx timeout [ 412.664695][ T4936] Bluetooth: hci2: command tx timeout [ 412.699842][ T5632] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 412.707229][ T5632] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 412.878819][ T5632] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 412.897978][ T5632] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 412.907844][ T5632] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 412.963696][ T9840] loop7: detected capacity change from 0 to 4096 [ 413.022459][ T9840] EXT4-fs (loop7): Test dummy encryption mode enabled [ 413.091067][ T9840] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 414.702570][ T4936] Bluetooth: hci2: command tx timeout [ 415.116860][ T5282] 8021q: adding VLAN 0 to HW filter on device eth10 [ 415.616333][ T4936] Bluetooth: hci3: command tx timeout [ 415.673096][ T9754] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.704402][ T9754] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.711977][ T9754] bridge_slave_0: entered allmulticast mode [ 415.720344][ T9754] bridge_slave_0: entered promiscuous mode [ 415.799540][ T9754] bridge0: port 2(bridge_slave_1) entered blocking state [ 415.808532][ T9754] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.816343][ T9754] bridge_slave_1: entered allmulticast mode [ 415.827169][ T9754] bridge_slave_1: entered promiscuous mode [ 415.891047][ T9754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 415.929559][ T9754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 416.062218][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.079189][ T9877] loop4: detected capacity change from 0 to 1024 [ 416.122384][ T9754] team0: Port device team_slave_0 added [ 416.140098][ T9754] team0: Port device team_slave_1 added [ 416.159075][ T9877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 416.329509][ T9890] loop6: detected capacity change from 0 to 1024 [ 416.377918][ T9890] EXT4-fs error (device loop6): __ext4_fill_super:5600: comm syz.6.1158: inode #2: comm syz.6.1158: iget: illegal inode # [ 416.397621][ T9890] loop6: lost filesystem error report for type 5 error -117 [ 416.397941][ T9890] EXT4-fs (loop6): Remounting filesystem read-only [ 416.405325][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 416.405356][ C1] EXT4-fs (loop6): initial error at time 1792397577: __ext4_fill_super:5600 [ 416.405398][ C1] EXT4-fs (loop6): last error at time 1792397577: __ext4_fill_super:5600 [ 416.437235][ T9890] EXT4-fs (loop6): get root inode failed [ 416.442984][ T9890] EXT4-fs (loop6): mount failed [ 416.526781][ T9754] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 416.567912][ T9754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 416.666157][ T9754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 416.678899][ T9888] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 417.379757][ T9754] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 417.428261][ T9754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 417.431997][ T9911] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1160'. [ 417.493039][ T9754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 417.622413][ T4936] Bluetooth: hci3: command tx timeout [ 417.821291][ T9922] loop7: detected capacity change from 0 to 512 [ 417.833857][ T9922] EXT4-fs: Ignoring removed oldalloc option [ 417.949198][ T9922] EXT4-fs error (device loop7): ext4_iget_extra_inode:5179: inode #15: comm syz.7.1161: corrupted in-inode xattr: invalid ea_ino [ 417.962807][ T9922] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 417.965119][ T9922] EXT4-fs error (device loop7): ext4_orphan_get:1402: comm syz.7.1161: couldn't read orphan inode 15 (err -117) [ 417.974429][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 417.974464][ C0] EXT4-fs (loop7): initial error at time 1792921867: ext4_iget_extra_inode:5179: inode 15 [ 417.974520][ C0] EXT4-fs (loop7): last error at time 1792921867: ext4_iget_extra_inode:5179: inode 15 [ 418.013665][ T9922] loop7: lost filesystem error report for type 5 error -117 [ 418.046972][ T9922] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 418.114744][ T9922] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1161'. [ 418.130457][ T9922] EXT4-fs error (device loop7): ext4_find_dest_de:2049: inode #2: block 13: comm syz.7.1161: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 418.888414][ T9530] hsr_slave_0: left promiscuous mode [ 419.751218][ T9530] hsr_slave_1: left promiscuous mode [ 419.769040][ T9530] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 419.786599][ T9530] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 419.816135][ T9530] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 419.869642][ T4936] Bluetooth: hci3: command tx timeout [ 420.567988][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.615111][ T9530] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 420.742439][ T9530] veth1_macvtap: left promiscuous mode [ 420.764526][ T9530] veth0_macvtap: left promiscuous mode [ 420.890215][ T9530] veth1_vlan: left promiscuous mode [ 420.928036][ T9530] veth0_vlan: left promiscuous mode [ 421.578440][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.751910][ T9530] team0 (unregistering): Port device team_slave_1 removed [ 421.791012][ T9530] team0 (unregistering): Port device team_slave_0 removed [ 421.892460][ T4936] Bluetooth: hci3: command tx timeout [ 422.068171][ T802] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 422.101015][ T5282] 8021q: adding VLAN 0 to HW filter on device eth11 [ 422.137497][ T9960] tipc: Started in network mode [ 422.143096][ T9960] tipc: Node identity be000120a572, cluster identity 4711 [ 422.152977][ T9960] tipc: Enabled bearer , priority 0 [ 422.170436][ T9963] syzkaller0: entered promiscuous mode [ 422.179756][ T9963] syzkaller0: entered allmulticast mode [ 422.192317][ T9754] hsr_slave_0: entered promiscuous mode [ 422.206803][ T9754] hsr_slave_1: entered promiscuous mode [ 422.213108][ T9754] debugfs: 'hsr0' already exists in 'hsr' [ 422.219338][ T9754] Cannot create hsr debugfs directory [ 422.227155][ T802] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 422.254289][ T802] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 422.271542][ T802] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 422.282022][ T9974] tipc: Resetting bearer [ 422.283542][ T802] usb 5-1: config 0 descriptor?? [ 422.302717][ T9974] tipc: Disabling bearer [ 422.505853][ T802] usbhid 5-1:0.0: can't add hid device: -71 [ 422.523656][ T802] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 422.544726][ T802] usb 5-1: USB disconnect, device number 17 [ 422.682577][ T9530] IPVS: stop unused estimator thread 0... [ 422.976857][ T9] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 423.094232][ T4936] Bluetooth: hci1: unexpected event for opcode 0x2006 [ 423.283870][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 423.345282][ T9] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.40 [ 423.436327][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.771575][ T9] usb 5-1: config 0 descriptor?? [ 424.782143][ T9] aiptek 5-1:0.0: Aiptek using 400 ms programming speed [ 424.794236][ T9962] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 424.934933][ T9] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input37 [ 424.964748][ T9962] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 425.263554][ T9] usb 5-1: USB disconnect, device number 18 [ 425.269586][ C0] aiptek 5-1:0.0: aiptek_irq - usb_submit_urb failed with result -19 [ 425.573383][ T6002] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.665618][ T9833] bridge0: port 1(bridge_slave_0) entered blocking state [ 425.699964][ T9833] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.718098][ T9833] bridge_slave_0: entered allmulticast mode [ 425.746578][ T9833] bridge_slave_0: entered promiscuous mode [ 425.774015][T10036] tipc: Enabled bearer , priority 0 [ 425.795329][T10028] tipc: Resetting bearer [ 425.823282][ T5282] 8021q: adding VLAN 0 to HW filter on device eth12 [ 425.854768][T10037] syzkaller0: entered promiscuous mode [ 425.885609][T10037] syzkaller0: entered allmulticast mode [ 425.908979][ T9833] bridge0: port 2(bridge_slave_1) entered blocking state [ 425.933469][ T9833] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.944002][ T9833] bridge_slave_1: entered allmulticast mode [ 425.952031][ T9833] bridge_slave_1: entered promiscuous mode [ 425.970515][ T5767] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 425.982860][ T6002] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.988431][ T5767] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 426.012132][T10027] tipc: Resetting bearer [ 426.027028][T10027] tipc: Disabling bearer [ 426.069952][ T9754] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 426.093722][ T9754] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 426.125253][T10057] fido_id[10057]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 426.128585][ T9754] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 426.204306][ T9754] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 426.255052][ T9754] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 426.301375][ T9754] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 426.374939][ T6002] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 426.424717][ T9833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 426.461502][ T9833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 426.493982][ T9754] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 426.542343][ T9754] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 426.682524][ T6002] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 426.800465][ T9833] team0: Port device team_slave_0 added [ 426.817832][ T9833] team0: Port device team_slave_1 added [ 427.414574][ T9833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 427.525643][ T9833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 427.552995][ T9833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 427.587158][ T9833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 427.598671][ T9833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 427.635029][T10101] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1200'. [ 427.668930][ T9833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 427.835241][ T9833] hsr_slave_0: entered promiscuous mode [ 427.848075][ T9833] hsr_slave_1: entered promiscuous mode [ 427.885316][ T9833] debugfs: 'hsr0' already exists in 'hsr' [ 427.903260][ T9833] Cannot create hsr debugfs directory [ 428.005357][T10111] tipc: Started in network mode [ 428.038170][T10111] tipc: Node identity e28ecf4cfff4, cluster identity 4711 [ 428.061547][T10111] tipc: Enabled bearer , priority 0 [ 428.121717][T10111] tipc: Resetting bearer [ 428.280998][ T6002] bridge_slave_1: left allmulticast mode [ 428.291176][ T6002] bridge_slave_1: left promiscuous mode [ 428.299805][ T6002] bridge0: port 2(bridge_slave_1) entered disabled state [ 428.312172][ T6002] bridge_slave_0: left allmulticast mode [ 428.320618][ T6002] bridge_slave_0: left promiscuous mode [ 428.329302][ T6002] bridge0: port 1(bridge_slave_0) entered disabled state [ 428.449065][ T6002] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 428.460161][ T6002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 428.473295][ T6002] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 428.487855][ T6002] bond0 (unregistering): Released all slaves [ 428.498507][T10115] syzkaller0: entered promiscuous mode [ 428.504635][T10115] syzkaller0: entered allmulticast mode [ 428.514221][T10110] tipc: Resetting bearer [ 428.521807][T10110] tipc: Disabling bearer [ 428.892075][ T9754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 429.009677][ T6002] hsr_slave_0: left promiscuous mode [ 429.030457][ T6002] hsr_slave_1: left promiscuous mode [ 429.051098][ T6002] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 429.084846][ T6002] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 429.114975][ T6002] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 429.139312][ T6002] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 429.202090][ T6002] veth1_macvtap: left promiscuous mode [ 429.226433][ T6002] veth0_macvtap: left promiscuous mode [ 429.254819][ T6002] veth1_vlan: left promiscuous mode [ 429.283641][ T6002] veth0_vlan: left promiscuous mode [ 430.040726][T10159] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1215'. [ 430.239073][ T6002] team0 (unregistering): Port device team_slave_1 removed [ 430.295454][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 430.301934][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 430.312038][ T6002] team0 (unregistering): Port device team_slave_0 removed [ 430.601472][ T9754] 8021q: adding VLAN 0 to HW filter on device team0 [ 431.145238][ T5282] 8021q: adding VLAN 0 to HW filter on device eth13 [ 431.175512][ T3296] bridge0: port 1(bridge_slave_0) entered blocking state [ 431.182701][ T3296] bridge0: port 1(bridge_slave_0) entered forwarding state [ 431.262085][ T9833] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 431.321581][ T9833] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 431.365035][ T9833] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 431.411002][ T9833] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 431.613806][ T3296] bridge0: port 2(bridge_slave_1) entered blocking state [ 431.620970][ T3296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 431.649668][ T13] Bluetooth: hci4: Frame reassembly failed (-90) [ 431.772422][T10185] Bluetooth: hci4: Frame reassembly failed (-84) [ 431.863361][ T9833] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 431.981095][T10190] Bluetooth: hci4: Frame reassembly failed (-84) [ 432.096613][ T9833] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 432.101277][T10185] Bluetooth: hci4: Frame reassembly failed (-84) [ 432.116502][ T9833] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 432.127895][ T9833] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 432.353765][ T9833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 432.385330][ T6002] IPVS: stop unused estimator thread 0... [ 432.409808][ T9833] 8021q: adding VLAN 0 to HW filter on device team0 [ 432.455078][ T9388] bridge0: port 1(bridge_slave_0) entered blocking state [ 432.462287][ T9388] bridge0: port 1(bridge_slave_0) entered forwarding state [ 432.537935][ T9388] bridge0: port 2(bridge_slave_1) entered blocking state [ 432.545104][ T9388] bridge0: port 2(bridge_slave_1) entered forwarding state [ 432.901238][T10214] loop4: detected capacity change from 0 to 512 [ 432.914310][T10214] EXT4-fs: Ignoring removed oldalloc option [ 433.046959][T10214] EXT4-fs error (device loop4): ext4_iget_extra_inode:5179: inode #15: comm syz.4.1226: corrupted in-inode xattr: invalid ea_ino [ 433.060516][T10214] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 433.075403][T10214] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.1226: couldn't read orphan inode 15 (err -117) [ 433.084635][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 433.084666][ C0] EXT4-fs (loop4): initial error at time 1792921882: ext4_iget_extra_inode:5179: inode 15 [ 433.084719][ C0] EXT4-fs (loop4): last error at time 1792921882: ext4_iget_extra_inode:5179: inode 15 [ 433.123026][T10214] loop4: lost filesystem error report for type 5 error -117 [ 433.146167][T10214] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 433.210921][T10214] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1226'. [ 433.610244][ T4936] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 435.007511][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.323509][T10242] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1231'. [ 435.784253][ T9754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 436.444593][ T5282] 8021q: adding VLAN 0 to HW filter on device eth14 [ 436.756829][ T9833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 437.100640][ T9754] veth0_vlan: entered promiscuous mode [ 437.152104][ T9754] veth1_vlan: entered promiscuous mode [ 437.250951][ T9754] veth0_macvtap: entered promiscuous mode [ 437.294229][ T9754] veth1_macvtap: entered promiscuous mode [ 437.347206][ T9754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 437.403031][ T9754] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 437.491073][T10301] tipc: Started in network mode [ 437.496011][T10301] tipc: Node identity aee977811cf4, cluster identity 4711 [ 437.950567][T10309] loop4: detected capacity change from 0 to 8192 [ 437.982449][T10310] capability: warning: `syz.4.1241' uses deprecated v2 capabilities in a way that may be insecure [ 438.511630][T10301] tipc: Enabled bearer , priority 0 [ 438.535216][ T13] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.614986][T10309] Dev loop4: unable to read RDB block 8 [ 438.620766][T10309] loop4: unable to read partition table [ 438.626555][T10309] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 439.292158][T10307] syzkaller0: entered promiscuous mode [ 439.333252][T10307] syzkaller0: entered allmulticast mode [ 439.412837][T10315] tipc: Resetting bearer [ 439.444769][T10300] tipc: Resetting bearer [ 439.464902][T10300] tipc: Disabling bearer [ 439.511068][ T13] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 439.686566][ T5282] 8021q: adding VLAN 0 to HW filter on device eth15 [ 439.702394][ T13] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 439.711648][ T13] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 440.324498][ T9833] veth0_vlan: entered promiscuous mode [ 440.451350][ T6002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 440.457010][ T9833] veth1_vlan: entered promiscuous mode [ 440.491111][ T9833] veth0_macvtap: entered promiscuous mode [ 440.519651][ T6002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 440.736721][ T9833] veth1_macvtap: entered promiscuous mode [ 440.764313][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 440.789763][ T9833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 440.802942][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 440.854158][ T9833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 440.901842][ T1158] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 440.930917][ T1158] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 440.955513][ T1158] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 441.001614][ T1158] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.607507][T10355] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1249'. [ 442.993041][ T6002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.022897][ T6002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 443.110286][ T6002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.129203][ T6002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 444.137609][T10376] tmpfs: Bad value for 'huge' [ 444.410622][T10383] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1258'. [ 444.422384][T10382] netlink: 44 bytes leftover after parsing attributes in process `syz.8.1256'. [ 444.571117][T10387] loop4: detected capacity change from 0 to 4096 [ 444.623112][T10387] EXT4-fs (loop4): Test dummy encryption mode enabled [ 445.709823][T10387] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 446.615663][T10407] loop9: detected capacity change from 0 to 128 [ 446.677947][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.727148][T10407] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 446.809274][T10407] ext4 filesystem being mounted at /3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 446.949027][ T5282] 8021q: adding VLAN 0 to HW filter on device eth16 [ 447.912655][T10429] syz.8.1269 uses obsolete (PF_INET,SOCK_PACKET) [ 448.096757][ T9833] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 448.203298][T10435] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1273'. [ 448.759245][ T4936] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 448.767979][ T4936] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 448.776488][ T4936] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 448.784264][ T4936] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 448.793931][ T4936] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 450.178537][ T57] Bluetooth: hci1: Frame reassembly failed (-90) [ 451.404052][ T4936] Bluetooth: hci4: command tx timeout [ 451.450471][T10471] loop4: detected capacity change from 0 to 4096 [ 451.694520][T10471] EXT4-fs (loop4): Test dummy encryption mode enabled [ 451.863187][T10471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 452.340616][ T4936] Bluetooth: hci1: command 0x1003 tx timeout [ 452.389980][ T5632] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 452.542603][ T330] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.617162][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.641636][T10500] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 452.648193][T10500] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 452.670343][T10500] vhci_hcd vhci_hcd.0: Device attached [ 452.702992][ T330] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 452.846788][T10502] vhci_hcd: connection closed [ 452.855141][ T13] vhci_hcd vhci_hcd.0: stop threads [ 452.972645][ T13] vhci_hcd vhci_hcd.0: release socket [ 452.978503][ T13] vhci_hcd vhci_hcd.0: disconnect device [ 452.987620][ T5767] usb 33-1: new low-speed USB device number 2 using vhci_hcd [ 453.028080][ T5767] usb 33-1: enqueue for inactive port 0 [ 453.078627][ T330] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 453.272677][ T5767] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 453.347986][T10532] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1287'. [ 453.478540][ T5632] Bluetooth: hci4: command tx timeout [ 453.540703][T10535] loop8: detected capacity change from 0 to 512 [ 453.685464][T10535] EXT4-fs (loop8): revision level too high, forcing read-only mode [ 453.693700][T10535] EXT4-fs (loop8): orphan cleanup on readonly fs [ 453.710489][T10535] __quota_error: 3 callbacks suppressed [ 453.710516][T10535] Quota error (device loop8): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 453.728189][T10535] EXT4-fs warning (device loop8): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 453.743021][T10535] EXT4-fs (loop8): Cannot turn on quotas: error -117 [ 453.770386][T10535] EXT4-fs error (device loop8): ext4_do_update_inode:5742: inode #16: comm syz.8.1290: corrupted inode contents [ 453.782363][T10535] loop8: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 453.784708][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 453.800339][ C1] EXT4-fs (loop8): initial error at time 1792921903: ext4_do_update_inode:5742: inode 16 [ 453.810217][ C1] EXT4-fs (loop8): last error at time 1792921903: ext4_do_update_inode:5742: inode 16 [ 453.852341][T10535] EXT4-fs (loop8): Remounting filesystem read-only [ 453.859208][T10535] EXT4-fs (loop8): 1 truncate cleaned up [ 453.865937][T10535] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 454.051477][ T330] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 454.255932][ T9754] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.347601][ T5632] Bluetooth: hci6: ACL packet for unknown connection handle 200 [ 454.896398][T10549] loop4: detected capacity change from 0 to 512 [ 454.906683][T10549] EXT4-fs: Ignoring removed bh option [ 454.938252][T10549] EXT4-fs: Ignoring removed mblk_io_submit option [ 455.119116][T10549] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 455.211098][T10549] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 455.315844][T10549] EXT4-fs (loop4): orphan cleanup on readonly fs [ 455.357163][T10549] Quota error (device loop4): do_insert_tree: Free block already used in tree: block 4 [ 455.377812][T10567] loop7: detected capacity change from 0 to 4096 [ 455.427569][T10567] EXT4-fs (loop7): Test dummy encryption mode enabled [ 455.437122][T10549] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 455.457746][ T330] vlan2: left allmulticast mode [ 455.520212][ T330] geneve0: left allmulticast mode [ 455.540792][ T330] vlan2: left promiscuous mode [ 455.544402][T10567] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.571320][T10549] EXT4-fs error (device loop4): ext4_acquire_dquot:7039: comm syz.4.1292: Failed to acquire dquot type 1 [ 455.578022][ T5632] Bluetooth: hci4: command tx timeout [ 455.586204][ T330] geneve0: left promiscuous mode [ 455.623445][ T330] bridge0: port 3(vlan2) entered disabled state [ 455.628756][T10549] loop4: lost filesystem error report for type 5 error -5 [ 455.638564][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 455.652215][ C1] EXT4-fs (loop4): last error at time 1792921905: ext4_acquire_dquot:7039 [ 455.713318][ T330] bridge_slave_1: left allmulticast mode [ 455.724586][T10549] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:482: comm syz.4.1292: Invalid block bitmap block 0 in block_group 0 [ 455.767091][ T330] bridge_slave_1: left promiscuous mode [ 455.805357][ T330] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.866482][T10549] loop4: lost filesystem error report for type 5 error -117 [ 455.876977][T10549] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:482: comm syz.4.1292: Invalid block bitmap block 0 in block_group 0 [ 455.879036][ T802] IPVS: starting estimator thread 0... [ 456.623779][T10549] loop4: lost filesystem error report for type 5 error -117 [ 456.862169][T10549] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:482: comm syz.4.1292: Invalid block bitmap block 0 in block_group 0 [ 456.892516][T10549] loop4: lost filesystem error report for type 5 error -117 [ 456.896683][T10549] Quota error (device loop4): write_blk: dquota write failed [ 456.910044][ T330] bridge_slave_0: left allmulticast mode [ 456.917479][ T330] bridge_slave_0: left promiscuous mode [ 456.924353][ T330] bridge0: port 1(bridge_slave_0) entered disabled state [ 456.964910][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.976267][T10583] IPVS: using max 31 ests per chain, 74400 per kthread [ 457.018808][T10549] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 457.105256][T10549] EXT4-fs error (device loop4): ext4_acquire_dquot:7039: comm syz.4.1292: Failed to acquire dquot type 1 [ 457.171740][T10549] loop4: lost filesystem error report for type 5 error -28 [ 457.202844][T10549] Quota error (device loop4): write_blk: dquota write failed [ 457.306645][T10549] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 457.347444][T10549] EXT4-fs error (device loop4): ext4_acquire_dquot:7039: comm syz.4.1292: Failed to acquire dquot type 1 [ 457.393350][T10549] loop4: lost filesystem error report for type 5 error -28 [ 457.395120][T10549] EXT4-fs (loop4): 1 orphan inode deleted [ 457.448677][ T330] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 457.465416][T10549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 457.494769][ T330] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 457.539692][ T330] bond0 (unregistering): Released all slaves [ 457.580732][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.662664][ T5632] Bluetooth: hci4: command tx timeout [ 457.719206][ T330] tipc: Left network mode [ 457.727150][T10603] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1305'. [ 458.242000][T10619] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1308'. [ 458.497130][ T330] hsr_slave_0: left promiscuous mode [ 459.126310][ T330] hsr_slave_1: left promiscuous mode [ 459.181983][ T330] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 459.216293][ T330] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 459.230883][ T330] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 459.250091][ T330] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 459.273942][ T330] veth1_macvtap: left promiscuous mode [ 459.279594][ T330] veth0_macvtap: left promiscuous mode [ 459.286388][ T330] veth1_vlan: left promiscuous mode [ 459.291946][ T330] veth0_vlan: left promiscuous mode [ 459.666697][T10645] loop9: detected capacity change from 0 to 4096 [ 459.698246][T10645] EXT4-fs (loop9): Test dummy encryption mode enabled [ 459.835459][T10645] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 460.934505][ T330] team0 (unregistering): Port device team_slave_1 removed [ 460.991133][ T330] team0 (unregistering): Port device team_slave_0 removed [ 461.002128][ T9833] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 461.309632][T10451] bridge0: port 1(bridge_slave_0) entered blocking state [ 461.345487][T10451] bridge0: port 1(bridge_slave_0) entered disabled state [ 461.458816][T10451] bridge_slave_0: entered allmulticast mode [ 461.771640][T10451] bridge_slave_0: entered promiscuous mode [ 462.380708][T10686] netlink: 48 bytes leftover after parsing attributes in process `syz.8.1323'. [ 462.435026][T10451] bridge0: port 2(bridge_slave_1) entered blocking state [ 462.462785][T10451] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.637882][T10451] bridge_slave_1: entered allmulticast mode [ 462.645483][T10451] bridge_slave_1: entered promiscuous mode [ 463.144273][T10451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 463.198294][T10451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 463.425755][ T330] IPVS: stop unused estimator thread 0... [ 463.435258][T10451] team0: Port device team_slave_0 added [ 463.467457][T10451] team0: Port device team_slave_1 added [ 464.193873][T10451] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 464.218860][T10451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 464.252972][T10451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 464.340619][T10451] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 464.369914][T10451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 464.412371][T10451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 465.574922][T10451] hsr_slave_0: entered promiscuous mode [ 465.701086][T10451] hsr_slave_1: entered promiscuous mode [ 465.711387][T10451] debugfs: 'hsr0' already exists in 'hsr' [ 465.723513][T10451] Cannot create hsr debugfs directory [ 465.735519][T10724] syzkaller1: entered promiscuous mode [ 466.237649][T10724] syzkaller1: entered allmulticast mode [ 466.787998][T10738] tipc: Enabling of bearer rejected, failed to enable media [ 468.239209][ T2927] Bluetooth: hci1: Frame reassembly failed (-84) [ 468.266142][ T5282] 8021q: adding VLAN 0 to HW filter on device eth17 [ 468.318298][T10782] syzkaller0: entered promiscuous mode [ 468.342200][T10782] syzkaller0: entered allmulticast mode [ 468.646202][ T9] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 468.791304][T10451] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 468.854497][T10451] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 468.887690][T10451] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 468.930317][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 468.941044][ T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 468.944097][T10451] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 468.963870][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 469.215161][T10451] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 469.455234][T10451] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 469.471069][ T9] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 469.481742][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 469.496036][ T9] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 469.508646][T10451] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 469.525172][ T9] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 469.537683][T10451] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 469.640794][ T9] usb 5-1: Manufacturer: syz [ 469.655794][ T9] usb 5-1: config 0 descriptor?? [ 469.773096][T10451] 8021q: adding VLAN 0 to HW filter on device bond0 [ 469.809359][T10451] 8021q: adding VLAN 0 to HW filter on device team0 [ 469.844763][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 469.851987][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.037693][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.044873][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 470.252359][ T4936] Bluetooth: hci1: command 0x1003 tx timeout [ 470.262110][ T5632] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 470.990464][T10851] fuse: Bad value for 'fd' [ 470.997501][T10850] loop7: detected capacity change from 0 to 1024 [ 471.018834][ T5282] 8021q: adding VLAN 0 to HW filter on device eth18 [ 471.037612][T10850] ext4: Unknown parameter 'noacl' [ 471.383124][ T5857] usb 5-1: USB disconnect, device number 19 [ 472.306774][T10451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 472.434690][T10451] veth0_vlan: entered promiscuous mode [ 472.651588][T10451] veth1_vlan: entered promiscuous mode [ 473.244452][T10451] veth0_macvtap: entered promiscuous mode [ 473.258310][T10451] veth1_macvtap: entered promiscuous mode [ 473.279007][T10451] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 473.293604][T10451] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 473.307674][ T1158] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 473.394557][ T1158] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 473.429455][ T1158] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 473.467941][ T1158] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 473.505418][T10912] fuse: Bad value for 'fd' [ 473.667305][ T6159] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 473.729704][ T6159] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 473.776341][ T5282] 8021q: adding VLAN 0 to HW filter on device eth19 [ 474.205377][T10918] loop4: detected capacity change from 0 to 8192 [ 475.543611][ T9530] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.721715][ T9530] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 476.075580][T10928] loop9: detected capacity change from 0 to 1024 [ 476.151924][T10928] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 477.148412][ T9833] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 477.743286][T10963] loop1: detected capacity change from 0 to 256 [ 477.957739][T10963] FAT-fs (loop1): Directory bread(block 64) failed [ 477.965332][T10963] FAT-fs (loop1): Directory bread(block 65) failed [ 477.972360][T10963] FAT-fs (loop1): Directory bread(block 66) failed [ 477.979906][T10963] FAT-fs (loop1): Directory bread(block 67) failed [ 477.987033][T10963] FAT-fs (loop1): Directory bread(block 68) failed [ 477.993726][T10963] FAT-fs (loop1): Directory bread(block 69) failed [ 478.000818][T10963] FAT-fs (loop1): Directory bread(block 70) failed [ 478.007644][T10963] FAT-fs (loop1): Directory bread(block 71) failed [ 478.014759][T10963] FAT-fs (loop1): Directory bread(block 72) failed [ 478.021423][T10963] FAT-fs (loop1): Directory bread(block 73) failed [ 479.627039][T10973] fuse: Bad value for 'fd' [ 479.722738][T10980] loop1: detected capacity change from 0 to 128 [ 479.812722][T10980] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 479.920258][T10980] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 480.009098][T10981] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5) [ 480.015667][T10981] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 480.058799][T10987] vhci_hcd vhci_hcd.0: pdev(7) rhport(1) sockfd(8) [ 480.065377][T10987] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 480.083878][T10994] loop9: detected capacity change from 0 to 1024 [ 480.130455][T10451] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 480.132835][T10994] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 480.151797][T10981] vhci_hcd vhci_hcd.0: Device attached [ 480.177129][T10987] vhci_hcd vhci_hcd.0: Device attached [ 480.348651][T10987] vhci_hcd vhci_hcd.0: pdev(7) rhport(2) sockfd(10) [ 480.355491][T10987] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 481.238969][ T29] usb 47-1: new low-speed USB device number 2 using vhci_hcd [ 481.402185][T10987] vhci_hcd vhci_hcd.0: Device attached [ 481.411610][ T9833] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.858025][T11026] warning: `syz.9.1398' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 483.816160][T10991] vhci_hcd: connection closed [ 483.819019][T11001] vhci_hcd: connection closed [ 483.823803][T10985] vhci_hcd: connection reset by peer [ 483.857038][T10964] vhci_hcd vhci_hcd.7: stop threads [ 483.987596][T10964] vhci_hcd vhci_hcd.7: release socket [ 484.038487][T10964] vhci_hcd vhci_hcd.7: disconnect device [ 484.093698][T10964] vhci_hcd vhci_hcd.7: stop threads [ 484.206605][T10964] vhci_hcd vhci_hcd.7: release socket [ 484.355835][T10964] vhci_hcd vhci_hcd.7: disconnect device [ 484.542145][T10964] vhci_hcd vhci_hcd.7: stop threads [ 484.555163][ T5785] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 484.602392][T10964] vhci_hcd vhci_hcd.7: release socket [ 484.654606][T10964] vhci_hcd vhci_hcd.7: disconnect device [ 484.926278][T11059] syzkaller1: entered promiscuous mode [ 484.952473][ T5785] usb 10-1: Using ep0 maxpacket: 16 [ 484.964552][ T5785] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 484.984666][ T5785] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 484.995980][T11059] syzkaller1: entered allmulticast mode [ 485.002030][ T5785] usb 10-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 485.031693][T11067] loop4: detected capacity change from 0 to 1024 [ 485.478923][ T5785] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 485.505036][ T5785] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 485.513471][T11067] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 485.700382][ T5785] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 486.450637][ T5785] usb 10-1: Manufacturer: syz [ 486.460354][ T5785] usb 10-1: config 0 descriptor?? [ 486.480185][ T5620] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 486.768365][ T5754] usb 10-1: USB disconnect, device number 2 [ 486.851728][T11093] loop1: detected capacity change from 0 to 512 [ 486.909929][ T29] vhci_hcd vhci_hcd.7: vhci_device speed not set [ 487.844368][T11107] 9pnet_fd: p9_fd_create_tcp (11107): problem connecting socket to 127.0.0.1 [ 490.820604][T11158] syzkaller1: entered promiscuous mode [ 490.845023][T11158] syzkaller1: entered allmulticast mode [ 490.852757][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 490.863256][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 490.886290][ T5767] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 491.075237][ T5767] usb 2-1: Using ep0 maxpacket: 16 [ 491.121516][ T5767] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 491.330593][ T5767] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 491.579799][ T5767] usb 2-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 491.593761][ T5767] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 491.614068][ T5767] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 491.637392][ T5767] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 491.778725][ T5767] usb 2-1: Manufacturer: syz [ 492.139559][T11178] loop7: detected capacity change from 0 to 512 [ 492.192098][T11178] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 492.200436][T11178] EXT4-fs (loop7): orphan cleanup on readonly fs [ 492.209373][T11178] Quota error (device loop7): v2_read_file_info: Number of blocks too big for quota file size (66560 > 6144). [ 492.221392][T11178] EXT4-fs warning (device loop7): ext4_enable_quotas:7272: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 492.236257][T11178] EXT4-fs (loop7): Cannot turn on quotas: error -117 [ 492.267659][T11178] EXT4-fs error (device loop7): ext4_do_update_inode:5742: inode #16: comm syz.7.1426: corrupted inode contents [ 492.279753][T11178] loop7: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 492.283173][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 492.298937][ C1] EXT4-fs (loop7): initial error at time 1795019095: ext4_do_update_inode:5742: inode 16 [ 492.308962][ C1] EXT4-fs (loop7): last error at time 1795019095: ext4_do_update_inode:5742: inode 16 [ 492.318715][T11178] EXT4-fs (loop7): Remounting filesystem read-only [ 492.325614][T11178] EXT4-fs (loop7): 1 truncate cleaned up [ 492.332839][T11178] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 492.525456][ T5767] usb 2-1: config 0 descriptor?? [ 492.978342][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 493.865493][ T5857] usb 2-1: USB disconnect, device number 2 [ 494.005665][T11217] siw: device registration error -23 [ 494.681140][ T5857] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 495.642951][T11240] bond0: (slave bond_slave_1): Releasing backup interface [ 495.695007][ T5857] usb 1-1: Using ep0 maxpacket: 8 [ 495.793133][ T5767] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 496.359064][ T5857] usb 1-1: unable to get BOS descriptor or descriptor too short [ 496.450605][ T5857] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 496.554831][ T5857] usb 1-1: can't read configurations, error -71 [ 496.624726][ T5767] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 496.734833][ T5767] usb 8-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 496.873727][ T5767] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 496.996103][ T5767] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 497.159305][ T5767] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 497.364262][ T5767] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 497.570512][ T5767] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 497.646211][ T5767] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 497.709414][ T5767] usb 8-1: Product: syz [ 497.737420][ T5767] usb 8-1: Manufacturer: syz [ 497.783856][ T5767] usb 8-1: can't set config #1, error -71 [ 497.815669][ T5767] usb 8-1: USB disconnect, device number 6 [ 498.449505][ T5785] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 498.813681][ T5785] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 499.193058][ T5785] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 499.246853][ T5785] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 499.429097][ T5785] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 499.574479][ T5785] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 499.966667][ T5785] usb 1-1: Product: syz [ 499.969106][ T5769] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 499.974749][ T5785] usb 1-1: Manufacturer: syz [ 499.983881][ T5785] usb 1-1: SerialNumber: syz [ 500.007535][ T5785] usb 1-1: config 0 descriptor?? [ 500.023918][T11254] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 500.117935][ T5785] dm9601 1-1:0.0: probe with driver dm9601 failed with error -22 [ 500.332630][ T5769] usb 9-1: Using ep0 maxpacket: 16 [ 500.349939][ T5769] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 500.360944][ T5769] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 500.372360][ T5769] usb 9-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 500.393094][ T5769] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 500.928866][ T5769] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 500.939599][ T5769] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 500.957806][ T5769] usb 9-1: Manufacturer: syz [ 500.964654][ T5769] usb 9-1: config 0 descriptor?? [ 501.262796][ T5857] usb 1-1: USB disconnect, device number 21 [ 502.407610][ T5769] usb 9-1: USB disconnect, device number 2 [ 502.561454][ T5282] 8021q: adding VLAN 0 to HW filter on device eth20 [ 502.669794][T11331] netlink: 1688 bytes leftover after parsing attributes in process `syz.8.1468'. [ 504.208328][T11360] binder: 11358:11360 ioctl c0306201 0 returned -14 [ 504.294764][T11360] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 504.368950][T11360] Cannot find add_set index 0 as target [ 510.613957][T10006] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 511.677663][T10006] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 512.941569][T11465] fido_id[11465]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 514.619699][T11484] loop7: detected capacity change from 0 to 4096 [ 514.661293][T11484] EXT4-fs (loop7): Test dummy encryption mode enabled [ 514.683986][T11495] loop9: detected capacity change from 0 to 512 [ 514.787516][T11495] EXT4-fs (loop9): orphan cleanup on readonly fs [ 514.795756][T11484] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 514.856305][T11495] EXT4-fs error (device loop9): ext4_xattr_inode_iget:441: inode #11: comm syz.9.1512: ea_inode with extended attributes [ 515.281836][T11495] loop9: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 515.281973][ C0] EXT4-fs (loop9): error count since last fsck: 1 [ 515.297594][ C0] EXT4-fs (loop9): initial error at time 1795019118: ext4_xattr_inode_iget:441: inode 11 [ 515.307519][ C0] EXT4-fs (loop9): last error at time 1795019118: ext4_xattr_inode_iget:441: inode 11 [ 515.340915][T11495] EXT4-fs error (device loop9): ext4_xattr_inode_iget:444: comm syz.9.1512: error while reading EA inode 11 err=-117 [ 515.590561][T11495] loop9: lost filesystem error report for type 5 error -117 [ 515.821458][T11495] EXT4-fs (loop9): 1 orphan inode deleted [ 515.987566][T11495] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 516.150692][ T8360] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.570706][T11528] fuse: Bad value for 'fd' [ 516.610361][T11526] loop8: detected capacity change from 0 to 1024 [ 516.635322][ T9833] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.729570][T11526] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 516.777725][T11526] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 516.926465][T11526] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 516.994933][T11545] loop7: detected capacity change from 0 to 512 [ 518.151043][ T9754] EXT4-fs error (device loop8): ext4_readdir:263: inode #2: block 16: comm syz-executor: path /46/file1: bad entry in directory: directory entry overrun - offset=876, inode=0, rec_len=1024, size=1024 fake=0 [ 518.607892][T11562] ubi0: attaching mtd0 [ 518.649254][T11562] ubi0: scanning is finished [ 518.654822][T11562] ubi0: empty MTD device detected [ 518.845241][T11537] EXT4-fs error (device loop8): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 519.144815][ T9754] EXT4-fs error (device loop8): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /46/file1/lost+found: bad entry in directory: directory entry overrun - offset=0, inode=0, rec_len=197884, size=1024 fake=0 [ 519.353554][ T9754] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 37: comm syz-executor: bad entry in directory: directory entry overrun - offset=5120, inode=0, rec_len=197884, size=1024 fake=0 [ 519.547791][T11562] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 519.899185][ T9754] EXT4-fs error (device loop8): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /46/file1/lost+found: bad entry in directory: directory entry overrun - offset=0, inode=0, rec_len=197884, size=1024 fake=0 [ 520.055280][ T9754] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 37: comm syz-executor: bad entry in directory: directory entry overrun - offset=5120, inode=0, rec_len=197884, size=1024 fake=0 [ 520.081764][ T9754] EXT4-fs error (device loop8): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /46/file1/lost+found: bad entry in directory: directory entry overrun - offset=0, inode=0, rec_len=197884, size=1024 fake=0 [ 520.168639][ T9754] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 37: comm syz-executor: bad entry in directory: directory entry overrun - offset=5120, inode=0, rec_len=197884, size=1024 fake=0 [ 520.294208][ T9754] EXT4-fs error (device loop8): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /46/file1/lost+found: bad entry in directory: directory entry overrun - offset=0, inode=0, rec_len=197884, size=1024 fake=0 [ 520.502207][T11574] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1530'. [ 520.527544][ T9754] EXT4-fs error (device loop8): ext4_empty_dir:3124: inode #11: block 37: comm syz-executor: bad entry in directory: directory entry overrun - offset=5120, inode=0, rec_len=197884, size=1024 fake=0 [ 520.782811][T11574] bond0: (slave bond_slave_0): Releasing backup interface [ 520.939887][T11574] bond_slave_0: entered promiscuous mode [ 520.971896][T11574] bond_slave_0: entered allmulticast mode [ 520.983989][T11589] fuse: Bad value for 'fd' [ 522.326553][T11613] syzkaller1: entered promiscuous mode [ 522.346352][T11613] syzkaller1: entered allmulticast mode [ 626.787424][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 626.794417][ C0] rcu: 1-...!: (1 GPs behind) idle=71b4/1/0x4000000000000000 softirq=54360/54361 fqs=3 [ 626.804156][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P11607/3:b..l [ 626.812172][ C0] rcu: (detected by 0, t=10502 jiffies, g=53893, q=612 ncpus=2) [ 626.819897][ C0] Sending NMI from CPU 0 to CPUs 1: [ 626.819939][ C1] NMI backtrace for cpu 1 [ 626.819961][ C1] CPU: 1 UID: 0 PID: 11611 Comm: syz.0.1536 Not tainted syzkaller #0 PREEMPT(full) [ 626.820001][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 626.820022][ C1] RIP: 0010:lock_acquire+0x6/0x370 [ 626.820059][ C1] Code: 8b 44 24 20 e9 33 fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 57 <41> 56 41 89 f6 41 55 45 89 c5 41 54 41 89 cc 55 48 89 fd 53 89 d3 [ 626.820093][ C1] RSP: 0018:ffffc90000a08d40 EFLAGS: 00000046 [ 626.820119][ C1] RAX: 0000000000010003 RBX: ffffffff9b3dc3a0 RCX: 0000000000000000 [ 626.820141][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff9b3dc3b8 [ 626.820162][ C1] RBP: 0000000000000016 R08: 0000000000000001 R09: 0000000000000000 [ 626.820183][ C1] R10: 0000000000000000 R11: ffffc90000a08ff8 R12: dffffc0000000000 [ 626.820205][ C1] R13: ffff88802a275300 R14: 0000000000000000 R15: 1ffff920001411b2 [ 626.820230][ C1] FS: 00007fbee78a06c0(0000) GS:ffff888124423000(0000) knlGS:0000000000000000 [ 626.820260][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 626.820283][ C1] CR2: 0000558ae15d3060 CR3: 0000000066de7000 CR4: 0000000000350ef0 [ 626.820306][ C1] Call Trace: [ 626.820318][ C1] [ 626.820330][ C1] _raw_spin_lock_irqsave+0x3a/0x60 [ 626.820372][ C1] ? debug_object_activate+0x144/0x490 [ 626.820425][ C1] debug_object_activate+0x144/0x490 [ 626.820474][ C1] ? advance_sched+0x76b/0xd20 [ 626.820537][ C1] ? __pfx_debug_object_activate+0x10/0x10 [ 626.820587][ C1] ? __netif_schedule.part.0+0x40/0x2f0 [ 626.820632][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 626.820674][ C1] ? do_raw_spin_lock+0x128/0x260 [ 626.820714][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 626.820757][ C1] enqueue_hrtimer+0x75/0x2f0 [ 626.820800][ C1] __hrtimer_run_queues+0x6ed/0x9c0 [ 626.820853][ C1] hrtimer_interrupt+0x3e5/0x940 [ 626.820911][ C1] __sysvec_apic_timer_interrupt+0x109/0x470 [ 626.820959][ C1] sysvec_apic_timer_interrupt+0x9e/0xc0 [ 626.821004][ C1] [ 626.821015][ C1] [ 626.821027][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 626.821065][ C1] RIP: 0010:cpus_read_lock+0x6c/0x170 [ 626.821100][ C1] Code: bf 01 00 00 00 e8 b4 50 0e 00 e8 cf cc cd 09 31 ff 89 c3 89 c6 e8 84 f3 42 00 58 85 db 75 5d e8 ca f8 42 00 8b 1d 64 1b a1 0c <31> ff 89 de e8 6b f3 42 00 85 db 0f 85 bd 00 00 00 e8 ae f8 42 00 [ 626.821133][ C1] RSP: 0018:ffffc90009d0fb50 EFLAGS: 00000283 [ 626.821159][ C1] RAX: 00000000000001fd RBX: 0000000000000000 RCX: ffffc9001434d000 [ 626.821181][ C1] RDX: 0000000000080000 RSI: ffffffff81c66576 RDI: ffff888033323e00 [ 626.821203][ C1] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 626.821224][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 626.821244][ C1] R13: 1ffff920013a1f77 R14: ffffc90009d0fc80 R15: ffff8880333247e8 [ 626.821274][ C1] ? cpus_read_lock+0x66/0x170 [ 626.821310][ C1] clock_was_set+0x96/0x850 [ 626.821355][ C1] ? __pfx___do_adjtimex+0x10/0x10 [ 626.821393][ C1] ? __pfx_clock_was_set+0x10/0x10 [ 626.821438][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 626.821479][ C1] ? rcu_is_watching+0x12/0xc0 [ 626.821526][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 626.821570][ C1] do_adjtimex+0x302/0x370 [ 626.821608][ C1] ? __pfx_do_adjtimex+0x10/0x10 [ 626.821659][ C1] ? __pfx_posix_clock_realtime_adj+0x10/0x10 [ 626.821702][ C1] __do_sys_clock_adjtime+0x177/0x290 [ 626.821745][ C1] ? __pfx___do_sys_clock_adjtime+0x10/0x10 [ 626.821789][ C1] ? __pfx_do_futex+0x10/0x10 [ 626.821827][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 626.821887][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 626.821927][ C1] ? rcu_is_watching+0x12/0xc0 [ 626.821972][ C1] do_syscall_64+0x115/0x870 [ 626.822021][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.822056][ C1] RIP: 0033:0x7fbee699ce59 [ 626.822081][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 626.822114][ C1] RSP: 002b:00007fbee78a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000131 [ 626.822145][ C1] RAX: ffffffffffffffda RBX: 00007fbee6c16180 RCX: 00007fbee699ce59 [ 626.822167][ C1] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 626.822188][ C1] RBP: 00007fbee6a32e6f R08: 0000000000000000 R09: 0000000000000000 [ 626.822210][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 626.822230][ C1] R13: 00007fbee6c16218 R14: 00007fbee6c16180 R15: 00007ffec1d94268 [ 626.822265][ C1] [ 626.822931][ C0] task:rm state:R running task stack:25248 pid:11607 tgid:11607 ppid:11553 task_flags:0x400000 flags:0x00080000 [ 627.290008][ C0] Call Trace: [ 627.293282][ C0] [ 627.296212][ C0] __schedule+0x125c/0x6730 [ 627.300827][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.306477][ C0] ? page_table_check_set+0x477/0x920 [ 627.311877][ C0] ? trace_irq_enable.constprop.0+0x122/0x160 [ 627.317959][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.323612][ C0] ? irqentry_exit+0x24d/0xa00 [ 627.328401][ C0] ? __pfx___schedule+0x10/0x10 [ 627.333270][ C0] ? filemap_map_pages+0x14ad/0x20a0 [ 627.338574][ C0] ? preempt_schedule_thunk+0x16/0x40 [ 627.343981][ C0] preempt_schedule_common+0x42/0xc0 [ 627.349291][ C0] preempt_schedule_thunk+0x16/0x40 [ 627.354699][ C0] _raw_spin_unlock+0x3e/0x50 [ 627.359388][ C0] filemap_map_pages+0x14ad/0x20a0 [ 627.364517][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.370342][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.376046][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.381703][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 627.387266][ C0] ? lock_acquire+0x301/0x370 [ 627.391976][ C0] ? lock_acquire+0x301/0x370 [ 627.396665][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.402340][ C0] ? rcu_is_watching+0x12/0xc0 [ 627.407129][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.412785][ C0] ? lock_release+0x24d/0x310 [ 627.417471][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 627.422945][ C0] do_fault+0x985/0x1750 [ 627.427224][ C0] __handle_mm_fault+0x187d/0x2a00 [ 627.432382][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 627.437877][ C0] ? __pfx_vma_start_read+0x10/0x10 [ 627.443111][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.448792][ C0] ? rcu_is_watching+0x12/0xc0 [ 627.453589][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.459247][ C0] handle_mm_fault+0x37b/0xa30 [ 627.464058][ C0] do_user_addr_fault+0x5a3/0x12f0 [ 627.469200][ C0] exc_page_fault+0x6f/0xd0 [ 627.473729][ C0] asm_exc_page_fault+0x26/0x30 [ 627.478588][ C0] RIP: 0033:0x558ae15d3060 [ 627.483013][ C0] RSP: 002b:00007ffcaafec0e0 EFLAGS: 00010202 [ 627.489084][ C0] RAX: 0000000000000038 RBX: 0000000000000000 RCX: 00007ffcaafec108 [ 627.497057][ C0] RDX: 00007f46b0d27a60 RSI: 00007f46b0d598e8 RDI: 00007f46b0d59310 [ 627.505031][ C0] RBP: 0000000000000000 R08: 00000000000001e0 R09: 0000000000000000 [ 627.513004][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000558ae15d3060 [ 627.520980][ C0] R13: 00007ffcaafec0e0 R14: 0000000000000000 R15: 0000000000000000 [ 627.528973][ C0] [ 627.531990][ C0] rcu: rcu_preempt kthread starved for 10496 jiffies! g53893 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 627.543195][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 627.553159][ C0] rcu: RCU grace-period kthread stack dump: [ 627.559044][ C0] task:rcu_preempt state:R running task stack:29128 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 627.572618][ C0] Call Trace: [ 627.575890][ C0] [ 627.578820][ C0] __schedule+0x125c/0x6730 [ 627.583343][ C0] ? rcu_is_watching+0x12/0xc0 [ 627.588129][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.593781][ C0] ? trace_irq_enable.constprop.0+0x122/0x160 [ 627.599878][ C0] ? __pfx___schedule+0x10/0x10 [ 627.604747][ C0] ? rcu_is_watching+0x12/0xc0 [ 627.609536][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.615188][ C0] ? lock_release+0x24d/0x310 [ 627.619878][ C0] schedule+0xdd/0x390 [ 627.623963][ C0] schedule_timeout+0x127/0x280 [ 627.628830][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 627.634217][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 627.639712][ C0] ? __pfx_process_timeout+0x10/0x10 [ 627.645031][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.650704][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 627.656530][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.662186][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 627.667684][ C0] rcu_gp_fqs_loop+0x1a9/0x900 [ 627.672485][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.678140][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 627.683462][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 627.688434][ C0] ? __pfx_rcu_gp_cleanup+0x10/0x10 [ 627.693676][ C0] rcu_gp_kthread+0x179/0x230 [ 627.698393][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 627.703632][ C0] ? trace_irq_enable.constprop.0+0x122/0x160 [ 627.709726][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.715386][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.721038][ C0] ? __kthread_parkme+0x18c/0x230 [ 627.726090][ C0] ? kthread+0x13a/0x450 [ 627.730357][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 627.735586][ C0] kthread+0x370/0x450 [ 627.739680][ C0] ? __pfx_kthread+0x10/0x10 [ 627.744298][ C0] ret_from_fork+0x72b/0xd50 [ 627.748908][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 627.754053][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.759708][ C0] ? __switch_to+0x800/0x10f0 [ 627.764411][ C0] ? __switch_to_asm+0x39/0x70 [ 627.769200][ C0] ? __pfx_kthread+0x10/0x10 [ 627.773817][ C0] ret_from_fork_asm+0x1a/0x30 [ 627.778623][ C0] [ 627.781635][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 627.787953][ C0] CPU: 0 UID: 0 PID: 11610 Comm: syz.9.1539 Not tainted syzkaller #0 PREEMPT(full) [ 627.797771][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 627.807860][ C0] RIP: 0010:smp_call_function_many_cond+0x58e/0x16c0 [ 627.814580][ C0] Code: 00 fc ff df 48 8b 54 24 08 49 89 d5 49 89 d4 49 c1 ed 03 41 83 e4 07 49 01 c5 41 83 c4 03 e8 a9 95 0c 00 f3 90 41 0f b6 45 00 <41> 38 c4 7c 08 84 c0 0f 85 2c 0f 00 00 8b 45 08 31 ff 83 e0 01 41 [ 627.834201][ C0] RSP: 0018:ffffc90008b2f650 EFLAGS: 00000293 [ 627.840275][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81fcc8bd [ 627.848248][ C0] RDX: ffff888050701f00 RSI: ffffffff81fcc897 RDI: ffff888050701f00 [ 627.856222][ C0] RBP: ffff8880b85411c0 R08: 0000000000000005 R09: 0000000000000000 [ 627.864226][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000003 [ 627.872203][ C0] R13: ffffed10170a8239 R14: 0000000000000001 R15: ffff8880b843c840 [ 627.880178][ C0] FS: 0000000000000000(0000) GS:ffff888124323000(0000) knlGS:0000000000000000 [ 627.889116][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 627.895704][ C0] CR2: 0000001b2e922ff8 CR3: 0000000066de7000 CR4: 0000000000350ef0 [ 627.903683][ C0] Call Trace: [ 627.906959][ C0] [ 627.909890][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 627.915116][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.920776][ C0] ? free_pgd_range+0x2a0/0x10d0 [ 627.925741][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 627.932120][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.937778][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 627.942992][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 627.948148][ C0] flush_tlb_mm_range+0x45f/0x16f0 [ 627.953281][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 627.958413][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.964063][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 627.969628][ C0] tlb_finish_mmu+0x3fe/0x810 [ 627.974340][ C0] exit_mmap+0x454/0xa00 [ 627.978610][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 627.983399][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 627.989053][ C0] ? rcu_is_watching+0x12/0xc0 [ 627.993844][ C0] ? uprobe_clear_state+0x49/0x260 [ 627.998974][ C0] ? uprobe_clear_state+0x5f/0x260 [ 628.004120][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.009781][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.015437][ C0] ? __mutex_unlock_slowpath+0x35d/0x930 [ 628.021118][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.026767][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 628.032426][ C0] __mmput+0x12a/0x410 [ 628.036512][ C0] mmput+0x67/0x80 [ 628.040239][ C0] do_exit+0x8b1/0x2ae0 [ 628.044423][ C0] ? __pfx_do_exit+0x10/0x10 [ 628.049030][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.054678][ C0] ? do_raw_spin_lock+0x128/0x260 [ 628.059719][ C0] ? get_signal+0x7e0/0x21e0 [ 628.064318][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.069972][ C0] do_group_exit+0xd5/0x2a0 [ 628.074501][ C0] get_signal+0x1ec7/0x21e0 [ 628.079034][ C0] ? __pfx_get_signal+0x10/0x10 [ 628.083895][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.089545][ C0] ? do_futex+0x190/0x440 [ 628.093896][ C0] arch_do_signal_or_restart+0x91/0x7e0 [ 628.099472][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 628.105662][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.111311][ C0] ? fput+0x79/0x100 [ 628.115237][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.120883][ C0] ? rcu_is_watching+0x12/0xc0 [ 628.125667][ C0] exit_to_user_mode_loop+0x139/0x6f0 [ 628.131053][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 628.136740][ C0] ? rcu_is_watching+0x12/0xc0 [ 628.141525][ C0] do_syscall_64+0x666/0x870 [ 628.146146][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 628.152048][ C0] RIP: 0033:0x7fda35f9ce59 [ 628.156461][ C0] Code: Unable to access opcode bytes at 0x7fda35f9ce2f. [ 628.163469][ C0] RSP: 002b:00007fda36e330e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 628.171890][ C0] RAX: fffffffffffffe00 RBX: 00007fda36215fa8 RCX: 00007fda35f9ce59 [ 628.179865][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fda36215fa8 [ 628.187837][ C0] RBP: 00007fda36215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 628.195806][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 628.203775][ C0] R13: 00007fda36216038 R14: 00007ffd7460c5e0 R15: 00007ffd7460c6c8 [ 628.211764][ C0] [ 766.058741][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 245s! [syz.9.1539:11610] [ 766.058779][ C0] Modules linked in: [ 766.058796][ C0] irq event stamp: 0 [ 766.058807][ C0] hardirqs last enabled at (0): [<0000000000000000>] 0x0 [ 766.058841][ C0] hardirqs last disabled at (0): [] copy_process+0x288a/0x7ff0 [ 766.058891][ C0] softirqs last enabled at (0): [] copy_process+0x28de/0x7ff0 [ 766.058937][ C0] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 766.058972][ C0] CPU: 0 UID: 0 PID: 11610 Comm: syz.9.1539 Not tainted syzkaller #0 PREEMPT(full) [ 766.059014][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 766.059036][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xf/0x70 [ 766.059099][ C0] Code: 00 00 00 5b e9 b2 0d f4 02 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 8b 05 e5 71 06 12 48 8b 34 24 <65> 48 8b 15 c1 71 06 12 a9 00 01 ff 00 74 1b f6 c4 01 74 07 a9 00 [ 766.059135][ C0] RSP: 0018:ffffc90008b2f648 EFLAGS: 00000202 [ 766.059162][ C0] RAX: 0000000000000002 RBX: 0000000000000001 RCX: ffffffff81fcc8bd [ 766.059186][ C0] RDX: 0000000000000001 RSI: ffffffff81fcc897 RDI: ffff888050701f00 [ 766.059209][ C0] RBP: ffff8880b85411c0 R08: 0000000000000005 R09: 0000000000000000 [ 766.059232][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000003 [ 766.059255][ C0] R13: ffffed10170a8239 R14: 0000000000000001 R15: ffff8880b843c840 [ 766.059281][ C0] FS: 0000000000000000(0000) GS:ffff888124323000(0000) knlGS:0000000000000000 [ 766.059312][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 766.059336][ C0] CR2: 0000001b2e922ff8 CR3: 0000000066de7000 CR4: 0000000000350ef0 [ 766.059360][ C0] Call Trace: [ 766.059373][ C0] [ 766.059385][ C0] smp_call_function_many_cond+0x587/0x16c0 [ 766.059451][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 766.059497][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.059541][ C0] ? free_pgd_range+0x2a0/0x10d0 [ 766.059591][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 766.059662][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.059707][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 766.059748][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 766.059810][ C0] flush_tlb_mm_range+0x45f/0x16f0 [ 766.059855][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 766.059900][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.059945][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 766.059992][ C0] tlb_finish_mmu+0x3fe/0x810 [ 766.060051][ C0] exit_mmap+0x454/0xa00 [ 766.060104][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 766.060152][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.060195][ C0] ? rcu_is_watching+0x12/0xc0 [ 766.060245][ C0] ? uprobe_clear_state+0x49/0x260 [ 766.060281][ C0] ? uprobe_clear_state+0x5f/0x260 [ 766.060316][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.060366][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.060409][ C0] ? __mutex_unlock_slowpath+0x35d/0x930 [ 766.060472][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.060515][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 766.060570][ C0] __mmput+0x12a/0x410 [ 766.060605][ C0] mmput+0x67/0x80 [ 766.060638][ C0] do_exit+0x8b1/0x2ae0 [ 766.060688][ C0] ? __pfx_do_exit+0x10/0x10 [ 766.060733][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.060775][ C0] ? do_raw_spin_lock+0x128/0x260 [ 766.060817][ C0] ? get_signal+0x7e0/0x21e0 [ 766.060852][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.060900][ C0] do_group_exit+0xd5/0x2a0 [ 766.060948][ C0] get_signal+0x1ec7/0x21e0 [ 766.060994][ C0] ? __pfx_get_signal+0x10/0x10 [ 766.061033][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.061075][ C0] ? do_futex+0x190/0x440 [ 766.061119][ C0] arch_do_signal_or_restart+0x91/0x7e0 [ 766.061177][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 766.061240][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.061282][ C0] ? fput+0x79/0x100 [ 766.061338][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.061381][ C0] ? rcu_is_watching+0x12/0xc0 [ 766.061428][ C0] exit_to_user_mode_loop+0x139/0x6f0 [ 766.061466][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.061508][ C0] ? rcu_is_watching+0x12/0xc0 [ 766.061555][ C0] do_syscall_64+0x666/0x870 [ 766.061613][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.061650][ C0] RIP: 0033:0x7fda35f9ce59 [ 766.061675][ C0] Code: Unable to access opcode bytes at 0x7fda35f9ce2f. [ 766.061691][ C0] RSP: 002b:00007fda36e330e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 766.061725][ C0] RAX: fffffffffffffe00 RBX: 00007fda36215fa8 RCX: 00007fda35f9ce59 [ 766.061748][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fda36215fa8 [ 766.061771][ C0] RBP: 00007fda36215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 766.061794][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 766.061816][ C0] R13: 00007fda36216038 R14: 00007ffd7460c5e0 R15: 00007ffd7460c6c8 [ 766.061853][ C0] [ 766.061867][ C0] Sending NMI from CPU 0 to CPUs 1: [ 766.544444][ C1] NMI backtrace for cpu 1 [ 766.544469][ C1] CPU: 1 UID: 0 PID: 11611 Comm: syz.0.1536 Not tainted syzkaller #0 PREEMPT(full) [ 766.544509][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 766.544528][ C1] RIP: 0010:kasan_check_range+0x15/0x1e0 [ 766.544618][ C1] Code: 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 85 f6 0f 84 7a 01 00 00 48 89 f8 41 54 41 89 d0 <48> 01 f0 55 53 0f 82 e6 00 00 00 eb 0f cc cc cc 48 b8 00 00 00 00 [ 766.544650][ C1] RSP: 0018:ffffc90000a08ce8 EFLAGS: 00000002 [ 766.544676][ C1] RAX: ffffc90000a08d20 RBX: ffffffff9b3dc3a0 RCX: ffffffff81e54168 [ 766.544698][ C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000a08d20 [ 766.544719][ C1] RBP: ffffffff9b3dc3a8 R08: 0000000000000001 R09: fffffbfff367b874 [ 766.544740][ C1] R10: ffffffff9b3dc3a3 R11: 0000000000000001 R12: 1ffff920001411a0 [ 766.544761][ C1] R13: ffffffff9b3dc3b0 R14: ffff88802a275300 R15: 1ffff920001411b8 [ 766.544786][ C1] FS: 00007fbee78a06c0(0000) GS:ffff888124423000(0000) knlGS:0000000000000000 [ 766.544816][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 766.544838][ C1] CR2: 0000558ae15d3060 CR3: 0000000066de7000 CR4: 0000000000350ef0 [ 766.544859][ C1] Call Trace: [ 766.544870][ C1] [ 766.544884][ C1] do_raw_spin_lock+0x128/0x260 [ 766.544922][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.544963][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 766.545000][ C1] ? lock_acquire+0x301/0x370 [ 766.545028][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.545068][ C1] ? do_raw_spin_unlock+0x145/0x1e0 [ 766.545106][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.545149][ C1] _raw_spin_lock_irqsave+0x42/0x60 [ 766.545188][ C1] ? debug_object_deactivate+0x135/0x3b0 [ 766.545237][ C1] debug_object_deactivate+0x135/0x3b0 [ 766.545287][ C1] ? __pfx_debug_object_deactivate+0x10/0x10 [ 766.545340][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.545379][ C1] ? timerqueue_linked_add+0x260/0x430 [ 766.545416][ C1] __hrtimer_run_queues+0x2e9/0x9c0 [ 766.545469][ C1] hrtimer_interrupt+0x3e5/0x940 [ 766.545524][ C1] __sysvec_apic_timer_interrupt+0x109/0x470 [ 766.545574][ C1] sysvec_apic_timer_interrupt+0x9e/0xc0 [ 766.545617][ C1] [ 766.545628][ C1] [ 766.545639][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 766.545676][ C1] RIP: 0010:cpus_read_lock+0x6c/0x170 [ 766.545709][ C1] Code: bf 01 00 00 00 e8 b4 50 0e 00 e8 cf cc cd 09 31 ff 89 c3 89 c6 e8 84 f3 42 00 58 85 db 75 5d e8 ca f8 42 00 8b 1d 64 1b a1 0c <31> ff 89 de e8 6b f3 42 00 85 db 0f 85 bd 00 00 00 e8 ae f8 42 00 [ 766.545741][ C1] RSP: 0018:ffffc90009d0fb50 EFLAGS: 00000283 [ 766.545766][ C1] RAX: 00000000000001fd RBX: 0000000000000000 RCX: ffffc9001434d000 [ 766.545787][ C1] RDX: 0000000000080000 RSI: ffffffff81c66576 RDI: ffff888033323e00 [ 766.545809][ C1] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 766.545828][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 766.545848][ C1] R13: 1ffff920013a1f77 R14: ffffc90009d0fc80 R15: ffff8880333247e8 [ 766.545878][ C1] ? cpus_read_lock+0x66/0x170 [ 766.545912][ C1] clock_was_set+0x96/0x850 [ 766.545956][ C1] ? __pfx___do_adjtimex+0x10/0x10 [ 766.545992][ C1] ? __pfx_clock_was_set+0x10/0x10 [ 766.546035][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.546074][ C1] ? rcu_is_watching+0x12/0xc0 [ 766.546115][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.546158][ C1] do_adjtimex+0x302/0x370 [ 766.546194][ C1] ? __pfx_do_adjtimex+0x10/0x10 [ 766.546243][ C1] ? __pfx_posix_clock_realtime_adj+0x10/0x10 [ 766.546284][ C1] __do_sys_clock_adjtime+0x177/0x290 [ 766.546325][ C1] ? __pfx___do_sys_clock_adjtime+0x10/0x10 [ 766.546366][ C1] ? __pfx_do_futex+0x10/0x10 [ 766.546403][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.546460][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 766.546499][ C1] ? rcu_is_watching+0x12/0xc0 [ 766.546541][ C1] do_syscall_64+0x115/0x870 [ 766.546594][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 766.546627][ C1] RIP: 0033:0x7fbee699ce59 [ 766.546651][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 766.546683][ C1] RSP: 002b:00007fbee78a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000131 [ 766.546712][ C1] RAX: ffffffffffffffda RBX: 00007fbee6c16180 RCX: 00007fbee699ce59 [ 766.546733][ C1] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 766.546753][ C1] RBP: 00007fbee6a32e6f R08: 0000000000000000 R09: 0000000000000000 [ 766.546773][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 766.546792][ C1] R13: 00007fbee6c16218 R14: 00007fbee6c16180 R15: 00007ffec1d94268 [ 766.546827][ C1] [ 767.014401][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 767.021089][ C0] CPU: 0 UID: 0 PID: 11610 Comm: syz.9.1539 Tainted: G L syzkaller #0 PREEMPT(full) [ 767.032049][ C0] Tainted: [L]=SOFTLOCKUP [ 767.036370][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 767.046447][ C0] Call Trace: [ 767.049725][ C0] [ 767.052749][ C0] dump_stack_lvl+0x100/0x190 [ 767.057795][ C0] vpanic+0x552/0x970 [ 767.061787][ C0] ? __pfx_vpanic+0x10/0x10 [ 767.066296][ C0] ? __entry_text_end+0x1020b5/0x1020b9 [ 767.071859][ C0] ? do_raw_spin_unlock+0x145/0x1e0 [ 767.077080][ C0] panic+0xd1/0xe0 [ 767.080811][ C0] ? __pfx_panic+0x10/0x10 [ 767.085235][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.090883][ C0] ? __pfx_printk_trigger_flush+0x10/0x10 [ 767.096628][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.102276][ C0] ? wq_watchdog_touch+0xec/0x1a0 [ 767.107323][ C0] ? watchdog_timer_fn.cold+0x5/0x25 [ 767.112625][ C0] ? watchdog_timer_fn+0x702/0x7a0 [ 767.117752][ C0] watchdog_timer_fn.cold+0x16/0x25 [ 767.122974][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 767.128443][ C0] __hrtimer_run_queues+0x13f/0x9c0 [ 767.133672][ C0] hrtimer_interrupt+0x3e5/0x940 [ 767.138655][ C0] __sysvec_apic_timer_interrupt+0x109/0x470 [ 767.144662][ C0] sysvec_apic_timer_interrupt+0x9e/0xc0 [ 767.150324][ C0] [ 767.153249][ C0] [ 767.156175][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 767.162171][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xf/0x70 [ 767.168267][ C0] Code: 00 00 00 5b e9 b2 0d f4 02 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 8b 05 e5 71 06 12 48 8b 34 24 <65> 48 8b 15 c1 71 06 12 a9 00 01 ff 00 74 1b f6 c4 01 74 07 a9 00 [ 767.187885][ C0] RSP: 0018:ffffc90008b2f648 EFLAGS: 00000202 [ 767.193992][ C0] RAX: 0000000000000002 RBX: 0000000000000001 RCX: ffffffff81fcc8bd [ 767.201965][ C0] RDX: 0000000000000001 RSI: ffffffff81fcc897 RDI: ffff888050701f00 [ 767.209949][ C0] RBP: ffff8880b85411c0 R08: 0000000000000005 R09: 0000000000000000 [ 767.217928][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000003 [ 767.225905][ C0] R13: ffffed10170a8239 R14: 0000000000000001 R15: ffff8880b843c840 [ 767.233892][ C0] ? smp_call_function_many_cond+0x5ad/0x16c0 [ 767.240000][ C0] ? smp_call_function_many_cond+0x587/0x16c0 [ 767.246111][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.251769][ C0] smp_call_function_many_cond+0x587/0x16c0 [ 767.257707][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 767.262925][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.268577][ C0] ? free_pgd_range+0x2a0/0x10d0 [ 767.273536][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 767.279911][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.285569][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 767.290789][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 767.295940][ C0] flush_tlb_mm_range+0x45f/0x16f0 [ 767.301077][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 767.306206][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.311858][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 767.317426][ C0] tlb_finish_mmu+0x3fe/0x810 [ 767.322135][ C0] exit_mmap+0x454/0xa00 [ 767.326406][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 767.331193][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.336845][ C0] ? rcu_is_watching+0x12/0xc0 [ 767.341632][ C0] ? uprobe_clear_state+0x49/0x260 [ 767.346760][ C0] ? uprobe_clear_state+0x5f/0x260 [ 767.351884][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.357541][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.363191][ C0] ? __mutex_unlock_slowpath+0x35d/0x930 [ 767.368862][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.374542][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 767.380209][ C0] __mmput+0x12a/0x410 [ 767.384309][ C0] mmput+0x67/0x80 [ 767.388072][ C0] do_exit+0x8b1/0x2ae0 [ 767.392256][ C0] ? __pfx_do_exit+0x10/0x10 [ 767.396868][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.402557][ C0] ? do_raw_spin_lock+0x128/0x260 [ 767.407601][ C0] ? get_signal+0x7e0/0x21e0 [ 767.412201][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.417856][ C0] do_group_exit+0xd5/0x2a0 [ 767.422384][ C0] get_signal+0x1ec7/0x21e0 [ 767.426936][ C0] ? __pfx_get_signal+0x10/0x10 [ 767.431799][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.437466][ C0] ? do_futex+0x190/0x440 [ 767.441817][ C0] arch_do_signal_or_restart+0x91/0x7e0 [ 767.447396][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 767.453670][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.459319][ C0] ? fput+0x79/0x100 [ 767.463248][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.468987][ C0] ? rcu_is_watching+0x12/0xc0 [ 767.473775][ C0] exit_to_user_mode_loop+0x139/0x6f0 [ 767.479159][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 767.484808][ C0] ? rcu_is_watching+0x12/0xc0 [ 767.489614][ C0] do_syscall_64+0x666/0x870 [ 767.494234][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.500139][ C0] RIP: 0033:0x7fda35f9ce59 [ 767.504554][ C0] Code: Unable to access opcode bytes at 0x7fda35f9ce2f. [ 767.511567][ C0] RSP: 002b:00007fda36e330e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 767.519997][ C0] RAX: fffffffffffffe00 RBX: 00007fda36215fa8 RCX: 00007fda35f9ce59 [ 767.527970][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fda36215fa8 [ 767.535948][ C0] RBP: 00007fda36215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 767.543924][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 767.551894][ C0] R13: 00007fda36216038 R14: 00007ffd7460c5e0 R15: 00007ffd7460c6c8 [ 767.559883][ C0] [ 768.722135][ C0] Shutting down cpus with NMI [ 768.727108][ C0] Kernel Offset: disabled [ 768.731451][ C0] Rebooting in 86400 seconds..