last executing test programs: 34.666800877s ago: executing program 2 (id=1872): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet6(0xa, 0x800000000000002, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r2, 0x0, 0x10) read$FUSE(0xffffffffffffffff, &(0x7f0000000800)={0x2020}, 0x2020) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f00000003c0)=0xc) syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x2, 0x14f5, &(0x7f0000003680)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==") r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r3, 0x0, 0x0) 30.638799802s ago: executing program 2 (id=1881): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) prlimit64(0x0, 0x6, 0x0, &(0x7f00000000c0)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) close(r2) r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1) fcntl$setlease(r4, 0x400, 0x1) r5 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0) write$binfmt_script(r5, &(0x7f0000000340)={'#! ', './file0'}, 0xb) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, 0x0) execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 25.393771097s ago: executing program 2 (id=1891): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet6(0xa, 0x800000000000002, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)) read$FUSE(0xffffffffffffffff, &(0x7f0000000800)={0x2020}, 0x2020) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f00000003c0)=0xc) syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x2, 0x14f5, &(0x7f0000003680)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==") r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r2, 0x0, 0x0) 23.552712068s ago: executing program 2 (id=1894): syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x936, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0), 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff) socket$caif_stream(0x25, 0x1, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = memfd_create(&(0x7f0000000600)='+\x88\xc7s\x00\x00\x942nodev\x00\x00\x8cZ_Pv\x03\xa7\xc1\b\xec\x90Q\x85\x83\xcd\x16\xdcw\'\x8a\xe5N\x8c\x02\x8f\xf5\n\xd1)\xc8\xa5x\x17\f\xbc\xd1.\x8cA\x17\x86\xb7-j!Y\x92\xd9\xc4\r8\xd0\xc9X\xa7\x11\xa3\xf0\x8a*\xbc\x87\xcd\x1fl\xfc\xf3]\xb8\xbd\x02\v<\fl\xa6]\xa5\xfb\x05\xcb\x9c\xe2\xc8\x05\xa5\xa5\xeb\xa9\xef\xe3\xf1b\x81\xec\xac\xb6\x80\xd5\xf5S\x85\x06O\x05\xb8\xa1\x15\xcc\x17\xe8sNe\xd3\xf4\xceM(\xa03\xe1\'\xc2\x9d3\xeb\x1d\x84\xb9\x15S\x95\x95B\xee_\x98\x91)\xe7\xa8+\x8c\xee\x83@q\x16\xcf3\x0f\x81\xa8\xa9`i\x01m:\xcc\x1c\xed<\xcfA3n\xfd\n>\x03\xae\f \xdbH\'\x05\x82\xdbLE\x14\xcdq\x1abcf\xdb8\xe9a\xa8\x00\x00\x00\x00\x00\x00\x8f\x05\x98\x93\xd0\xe6\xacQ&\xff\x01\x00\x00~K-\xa8`d^`&4\x99=\x10\x00$P\xfe\x99\xc1\x17\x17\a\xb4\x1d\xa5P\xfb\x04\xf7\xdc~\x17\x1e\xe6\f\x16\x10_\xfdM\x13\x01\xb3\xd2^\xd3\xe7ndMI)(\x98\xaa<&\xa2b\xff8o\xac\xb3\xb5\f\x82\x1b\x19\xdb\x1c\xfb\xee@\xbf\xdcSkrXj\x81\xf0\xc5\an<0\xdb\x93\x9e\xa8\xe2\xbd\x1c\xbd\xbb\xd6\xaf\xd7t\x90\xb2\xbevq/\v\xff8,4_\x10\x89\xef\xd0\x16\xd8Va\xc9\x99\x9a\x88\xf0\x93\xb8A', 0x1) fcntl$addseals(r2, 0x409, 0x12) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080), 0x0, 0xffffffffffffffff) keyctl$read(0x2, r6, &(0x7f00000000c0)=""/4096, 0x1000) sendmsg$DEVLINK_CMD_TRAP_SET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000140)={0x58, r1, 0x1, 0x7fffffff, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x82}}]}, 0x58}}, 0x20000054) 15.098197938s ago: executing program 0 (id=1918): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) gettid() timer_settime(0x0, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x80, 0x5, 0x7fff0003}]}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r4) ptrace$pokeuser(0x6, r4, 0x388, 0x41d9fda7) 13.985174657s ago: executing program 0 (id=1922): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r3, &(0x7f0000000040), 0x10) listen(r3, 0x0) r4 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) write$binfmt_elf64(r4, &(0x7f0000000240)=ANY=[], 0x40000) r5 = accept4$unix(r3, 0x0, 0x0, 0x0) recvfrom$unix(r5, &(0x7f0000000280)=""/253, 0xfd, 0x5b5f0d7fb119a04, 0x0, 0x0) 13.983950417s ago: executing program 2 (id=1923): prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x84}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ioperm(0x2, 0x7ff, 0x5c0c) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000440)={0x1c, r5, 0x1, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x24004084}, 0x68040010) 12.654394278s ago: executing program 0 (id=1925): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r6, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r7}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20) sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0) recvmsg$unix(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/229, 0xec1}], 0x1}, 0x0) 10.304524629s ago: executing program 3 (id=1935): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x77, 0x4) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r5 = accept4(r4, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0) recvmmsg(r5, &(0x7f0000001200)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000340)=""/121, 0x79}], 0x2}, 0x1}], 0x2, 0x2023, 0x0) 9.344104113s ago: executing program 4 (id=1937): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_pidfd_open(0x0, 0x0) mount_setattr(0xffffffffffffff9c, 0x0, 0x8000, &(0x7f0000001dc0)={0x8, 0x72, 0x80000}, 0x20) syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x80, 0x2000000, 0x3a6}, &(0x7f00000001c0), &(0x7f0000000200)) socket(0x2a, 0x800000002, 0x9) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r3, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r3, 0x5008, 0x0) ioctl$SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r3, 0x800c5012, &(0x7f0000000200)) 9.287629389s ago: executing program 0 (id=1938): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=") socket$inet6_udp(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x6, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x1}, 0x50) r4 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x4, 0x0, r4, 0x0, 0x0) mlockall(0x4) quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 9.119198765s ago: executing program 3 (id=1939): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x402, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727301743d6b6f69382d72752c6572726f72733d636f6e74696e75652c756d61736b3d30303030303000000000000000103030303030303030352c6572726f72733d72656d6f756ec07586a06661dd4865636173653d312c646973636172642c616c6c6f775f7574696d653d30303048303030303030303030303030303030303031302c646973636172642c616c6c6f775f7574696d653d30303030303030906685a47f12a5b6303030303030303030303030303030342c7569643d43b15b65e8cf52374def8426bc9d0f313d052b7f3542c10d89b5222b1d616c86e98da6930a36b76f7a81962c5038aa48fc5987cf0c151a75f823a6cdaa71c342e5b1b0697d321c1d53356f19e086d04b5cff521990e570bada644888594db5c6ee0a1aea6744acb3f8fcf1018223b9cbff22e31deeadf4b13aa42329321001c5dd3eacd3b870ff40ec4badb899761d91b4166c6e5bcde3fc1742e35d2a5e15e6000a", @ANYRESHEX=0x0, @ANYBLOB=',\x00'], 0x1, 0x1519, &(0x7f0000007640)="$eJzs3AucT9XaOPDnWWvtMSbp1ySXYa31bH7JZZkkySVJIkmSJMktIWmSIwmJIbekIQnJZUguQ0guE5PG/X6XhCRpkiQkt2T9PxP+TqfOe855T+/xft55vp/P/ljP7P2s/ezfM3v2BfNdl6E1G9eq3pCI4N+CF/5IBoBYABgIANcAQAAA5ePLx2evzy0x+d/bCftzPZx2pStgVxL3P2fj/uds3P+cjfufs3H/czbuf87G/c/ZuP+M5WSbpxe6lpecu/D7/5yMr///N1w8+eCrtWWu7woQ88/mcf9zNu7//1nBP7MR9z9n4/7nVLFXugD2vwCf/zlBrr+7hvufs3H/GcvJrvT75yu9QCRnfwZX+vuPMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljOcNpfpgDg0vhK18UYY4wxxhhjjLE/j891pStgjDHGGGOMMcbY/zwEARIUBBADuSAWckMcCAC4GvLCNRCBayEeroN8cD3khwJQEApBAhSGIqDBQAwQhFAUikEUboDicCOUgJJQCkqDgzKQCDdBWbgZysEtUB5uhQpwG1SESlAZqsDtUBXugGpwJ1SHu6AG3A01oRbcA7XhXqgD90FduB/qwQNQHx6EBvAQNISHoRE8Ao3hUWgCj0FTaAbNoQW0/G/lvwg94CXoCb0gGXpDH3gZ+kI/6A8DYCC8AoPgVRgMr0EKDIGh8DoMgzdgOLwJI2AkjIK3YDS8DWNgLIyD8ZAKE2AivAOT4F2YDFNgKkyDNJgOM+A9mAmzYDa8D3PgA5gL82A+LIB0+BAWwiLIgI9gMXwMmbAElsIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAW2wjbYDp/ADvgUdsJnsAt2wx74HPbCF/9i/qm/ye+KgIACBSpUGIMxGIuxGIdxmAfzYF7MixGMYDzGYz7Mh/kxPxbEgpiACVgEi6BBg4SERbEoRjGKxbE4lsASWApLoUOHiZiIZfFmLIflsDyWxwpYAStiJayEVbAKVsWqWA2rYXWsjjWwBtbEmngP3oO9sQ7WwbpYF+thvUuvp7AhNsRG2AgbY2Nsgk2wKTbF5tgcW2JLbIWtsDW2xrbYFtthO2yP7TEJk7ADdsCO2BE7YSfsjJ2xC3bBrtgNu2W9mAvwJXwJe2EN0Rv7YB/siym5+uMAHICv4CB8FV/F1zAFh+BQfB1fxzdwOJ7EETgSR+EorCrexjE4FkmMx1RMxYk4ESfhJJyMU3AKTsM0nI4zcAbOxFk4C9/HOfgBfoDzcB4uwHRMx4W4CDMwAxfjKczEJbgUl+FyXIHLcRWuxlW4FtfhWtyAG3ATbsItuAW34Tb8BD/BT1EB4Ge4G3djCu7FvbgP9+F+3I8H8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fD7hm0afllyTAiKbEkrEiBgRK2JFnIgTeUQekVfkFREREfEiXuQT+UR+kV8UFAVFgkgQRUQRYYQRJMIYABBRERXFRXFRQpQQpUQp4YQTiSJRlBVlRTlRTpQXt4oK4jZRUVQSbVwVUUVUFW1dNXGnqC6qixriblFT1BK1RG1RW9QRdURdUVfUE/VEffGgaCB6Y398WGR3prEYgk3EUGwqmgl58SdYKzEcW4s2oq14UozEEdhetHJJ4hnRQYzBjuIvYiw+JzqL8dhFvCC6im6iu3hR9BCtXU/RS0zG3qKPmIZ9RT/RXwwQM/Fu8T7OyV1TvCZSxBAxVLwuFuAbYrh4U4wQI8Uo8ZYYLd4WY8RYMU6MF6ligpgo3hGTxLtispgipoppIk1MFzPEe2KmmCVmi/fFHPGBmCvmifligUgXH4qFYpHIEB+JxeJjkSmWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLj4RO8SnYqf4TOwSu8Ue8bnYK74Q+8SXYr/4ShwQX4ss8Y04KL4Vh8R34rD4XhwRP4ij4pg4Ln4UJ8RP4qQ4JU6LM+Ks+FmcE7+I88ILkCiFlFLJQMbIXDJW5pZx8iqZRwYXP91rZby8TuaT18v8soAsKAvJBFlYFpFaGmklyVAWlcVkVN4gi8sbZQlZUpaSpaWTZWSivEmWlTfLcvIWWV7eKivI22RFWUlWllXk7bKqvENC5MI+asi7ZU1ZS94jk+FeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRD4mm8pmsrlsIVvKx2Ur+YRsLdvItvJJ2U4+JdvLp2WSfEZ2kP7it8hzsrN8XnaRL8iuspvsLn+R56WXPWUvCb1B9pEvy76yn+wvB8iB8hU5SL4qB8vXZIocIofK1+Uw+YYcLt+UI+RIOUq+JUfLt+UYOVaOk+NlqpwgJ8p35CT5rpwsp8ipcppMk9Nl/4szzZbyH+a/8wf5g3/d+ya5WW6RW/FiK+SncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8ILNkljwoD8pD8pA8LA/LI/KIPCqPyTPyR3lC/iRPylPylDwjz8qz8tzFzwAUKqGkUipQMSqXilW5VZy6SuVRV6u86hoVUdeqeHWdyqeuV/lVAVVQFVIJqrAqorQyyipSoSqqiqmouuFSlaqUKq2cKqMS1U3/Sr4qrm5UJVTJ3+Rfqi/579TXUrVUrVQr1Vq1Vm1VW9VOtVPtVXuVpJJUB9VBdVQdVSfVSXVWnVUX1UV1VV1Vd9Vd9VA9VE/VUyWrZNVHvaz6qn6qvxqgBqpX1CA1SA1Wg1WKSlFD1VA1TA1Tw9VwNUKNUKPUKDVajVZj1Bg1To1TqSpVTVQT1SQ1SU1Wk9VUNVWlqTQ1Q81QM9VMNVvNVnPUHDVXzVXz1XyVrtLVQrVQZagMtVgtVplqiVqilqllaoVaoVapVWqNWqPWqXVqg9qgMtVmtVltVVvVdrVd7VA71E61U+1Su9QetUftVXvVPrVP7Vf71QF1QGWpLHVQHVSH1CF1WB1WR9QRdVQdVcfVcXVCnVAn1Ul1Wp1WZ9VZdU6dU+fV+ezbvkAEIlBB9pU2JogNYoO4IC7IE+QJ8gZ5g0gQCeKD+CBfcH2QPygQFAwKBQlB4aBIoAMT2EBcbHo0uCEoHtwYlAhKBqWC0oELygSJwU1B2eDmoFxwS1A+uDWoENwWVAwqBZWDKsHtQdXgjqBacGdQPbgrqBHcHdQMagX3BLWDe4M6wX1B3eD+oF7wQFA/eDBoEDwUNAweDhoFjwSNg0eDJsFjQdOgWdA8aBG0/FPn9/5kgSfcJt1LJ+veuo9+WffV/XR/PUAP1K/oQfpVPVi/plP0ED1Uv66H6Tf0cP2mHqFH6lH6LT1av63H6LF6nB6vU/UEPVG/oyfpd/VkPUVP1dN0mp6uZ+j39Ew9S8/W7+s5+gM9V8/T8/UCna4/1Av1Ip2hP9KL9cc6Uy/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1Nr1df6J36E/1Tv2Z3qV36z36c71Xf6H36S/1fv2VPqC/1ln6G31Qf6sP6e/0Yf29PqJ/0Ef1MX1c/6hP6J/0SX1Kn9Zn9Fn9sz6nf9Hntc++uc++vBtllIkxMSbWxJo4E2fymDwmr8lrIiZi4k28yWfymfwmvyloCpoEk2CKmCImGxkyRU1REzVRU9wUNyVMCVPKlDLOOJNoEk1ZU9aUM+VMeVPeVDAVTEVT0VQ2lc3t5nZzh7nD3GnuNHeZu8zd5m5Ty9QytU1tU8fUMXVNXVPP1DP1TX3TwDQwDU1D08g0Mo1NY9PENDFNTVPT3DQ3LU1L08q0Mq1Na9PWtDXtTDvT3rQ3SSbJdDAdTEfT0XQynUxn09l0MV1MV9PVdDfdTQ/Tw/Q0PU2ySTZ9TB/T1/Q1/U1/M9AMNIPMIDPYDDYpJsUMNUPNMDPMDDfDzQgz0ozKPn3M22aMGWvGmfEm1aSaiWaimWQmmclmsplqppo0k2ZmmBlmpplpZpvZZo6ZY+aauWa+mW/STbpZaBaaDJNhFpvFJtNkmqVmqVlulpuVZqVZbVabtWatWQ/rzUaz0Ww2m81Ws9VsN9vNDrPD7DQ7zS6zy+wxe8xes9fsM/vMfrPfHDAHTJbJMgfNQXPIHDKHzWFzxBwxR81Rc9wcNyfMCXPSnDSnzWlz1hS4eL30JtbmtnH2KpvHXm3z2mvs38YFbSGbYAvbIlbb/LbAb2JjrS1hS9pStrR1toxNtDf9Lq5oK9nKtoq93Va1d9hqv4tr23ttHXufrWvvt7XsPb+J69kHbH37qG2ACGCb2Ua2hW1sH7VN7GO2qW1mm9sWtp19yra3T9sk+4ztYJ/9XbzQLrKr7Rq71q6zu+xue9qesYfsd/as/dn2tL3sQPuKHWRftYPtazbFDvldPMq+ZUfbt+0YO9aOs+N/F0+102yanW5n2PfsTDvrd3G6/dDOsRl2rp1n59sFv8bZNWXYj+xi+7HNtAEstcvscrvCrrSr/n+ty+wGu9FusjvtZ3ar3Wa320/sjks3wna33WM/t3vtF/ag/dbut1/ZA/awzbLf/BpnH99h+709Yn+wR+0xe9z+aE/Yn9Sl7Oxj/9H+Ys9bb4GQgCQpCiiGclEs5aY4uory0NWUl66hCF1L8XQd5aPrKT8VoIJUiBKoMBUhTYYsEYVUlIpRlG6gS+WVotLkqAwl0k1Ulm6mcnQLladbqQLdRhWpElWmKnQ7VaU7qBrdSdXpLqpx6fJCteleqkP3UV24n+rRA1SfHqQG9BA1pIepET1CjelRakKPUVNqRs2pBbWkx6kVPUGtqQ21pSepHT1F7elpSqJnqAM9Sx3pL9SJnqPO9Dx1oReoK3Wj7vQi9aCXqCf1omTqTX3oZepL/ag/DaCB9AoNoldpML1GKTSEhtLrNIzeoOH0Jo2gkTSK3qLR9DaNobE0jsZTKk2gifQOTaJ3aTJNoak0jdJoOs2g92gmzaLZ9D7NoQ9oLs2j+bSA0ulDWkiLKIM+osX0MWXSElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9QjvoU9pJn9Eu2k176HPaS1/QPvqS9tNXdIC+piz6hg7St3SIvqPD9L3vRT/QUTpGx+lHOkE/0Uk6RafpDJ2ln+kc/ULnyROEGIpQhioMwpgwVxgb5g7jwqvCPOHVYd7wmjASXhvGh9eF+cLrw/xhgbBgWChMCAuHRUIdmtCGFIZh0bBYGA1vCIuHN4YlwpJhqbB06MIyYWJ4U1g2vDksF94Slg9vDSuEt4UVw0rho/dXCW8Pq4Z3hNXCO8Pq4V1hjfDusGZYK7wnrB3eG9YJ7wvrhveH5cIHwvrhg2GD8KGwYfhw2Ch8JGwcPho2CR8Lm4bNwuZhi7Bl+HjYKnwibB22CduGT4btwqfC9uHTYVL4TNghfPbX9Q8s+vvrk8PeYZ/w5fDl0Pv75Pzogmh69MPowuiiaEb0o+ji6MfRzOiS6NLosujy6Iroyuiq6Oromuja6Lro+uiG6Mbopqj3tXKBQyecdMoFLsblcrEut4tzV7k87mqX113jIu5aF++uc/nc9S6/K+AKukIuwRV2RZx2xllHLnRFXTEXdTe44u5GV8KVdKVcaedcGZfoWriWrqVr5Z5wrV0b19Y96Z50T7mn3NPuafeM6+CedR3dX1wn95zr7J53z7sXXFfXzXV3L7oebkLeCydWsuvj+ri+rq/r7/q7gW6gG+QGucFusEtxKW6oG+qGuWFuuBvuRrgRbpQb5Ua70W6MG+PGuXEu1aW6iW6im+Qmucluspvqpro0l+ZmuBluppvpqs66sJe5bq6b7+a7dJfuFrrskzrDLXaLXabLdEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9PtdLv8NRcmdXvdPrfP7Xf73QH3tcty37iD7lt3yH3nDrvv3RH3gzvqjrnj7kd3wv3kTrpT7rQ74866n90594s777xLjUyITIy8E5kUeTcyOTIlMjUyLZIWmR6ZEXkvMjMyKzI78n5kTuSDyNzIvMj8yIJIeuTDyMLIokhG5KPI4sjHkczIksjSyLLI8siKiPeFt4a+qC/mo/4GX9zf6Ev4kr6UL+2dL+MT/U2+rL/Zl/O3+PL+Vl/B3+Yr+kq+sn/MN/XNfHPfwrf0j/tW/gnf2rfxbf2Tvp1/yrf3T/sk/4zv4J/1Hf1ffCf/nO/sn/dd/Au+q+/mu/sXfQ//ku/pe/lk39v38S/7vr6f7+8H+IH+FT/Iv+oH+9d8ih/ih/rX/TD/hh/u3/Qj/Eg/KuYtP/rSIzKM96l+gp/o3/GT/Ltwp5/ip/ppPs1P9zP8e36mn+Vn+/f9HP+Bn+vn+fl+gU/3H/qFfpHP8B/5xf5jn+mXXHqp7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX67/8Tv8J/6nf4zv8vv9nv8536v/8Lv81/6/f4rf8B/7bP8N/6g/9Yf8t/5w/57f8T/4I/6Y/64/9Gf8D/5k/6UP+3P+LP+Z3/O/+LP8/9ZY4wxxhj7p0y4PBS/XXPhdX7vP8gRf7VxHwC4eluhrL9en31HuT7/hXE/kdAuAgDP9Ory8KWlRo3k5OSL22ZKCIrNA7j0N0HZYuByvATawlOQBG2g7B/W3090O0v/YP7orQBxf5UTC5fjy/N/CYDJfzD/40+OWlghPB3/X8w/D6BEscs5ueFyvATa/vp+pQ2U+zv1F2j1D+rP/VUqQOu/yskDl+PL9SfCE/AsJP1mS8YYY4wxxhhj7IJ+onKnS8+fl/7F5x89nyeoyzm54HL8j57PGWOMMcYYY4wxduU91637048nJbXp9K8Pqv23sv7pQRP4n5qZB3848B7g0lcUAPybEwJkD+R/8ii2/Ef2lXLx1PnbVcvP+AD+d7Tyzxhc4R9MjDHGGGOMsT/d5Zv+335dXamCGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxHOg/8evErvQxMsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY1fa/wsAAP//5xD7MA==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000000002) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(0x0, 0x10000, 0x0) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r3}, 0x18) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x44014) 9.053948581s ago: executing program 1 (id=1940): prlimit64(0x0, 0x9, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffb}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) brk(0x689d80000000) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 7.474776056s ago: executing program 4 (id=1941): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44) setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, 0x0, 0x0) sendmsg$sock(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r4, &(0x7f00000004c0)={0x293, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, ' nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232) clock_gettime(0x0, 0x0) timer_delete(0x0) 6.82523039s ago: executing program 3 (id=1942): bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r5, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0) 6.00613469s ago: executing program 4 (id=1943): openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) r3 = syz_pidfd_open(0x0, 0x0) setns(r3, 0x24020000) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', 'syz', 0x20, 0x1000}, 0x2d, 0xfffffffffffffff9) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', 'trusted:'}, 0x20, 0xfffffffffffffffd) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 5.996452451s ago: executing program 1 (id=1944): pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, 0x0) ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0x40045010, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000640)={0x11, 0x17, r2, 0x1, 0x24, 0x6, @broadcast}, 0x14) bind$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0xf6, r2}, 0x14) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0) socket$inet6(0xa, 0x5, 0x800) r3 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000080)=0xe9) r4 = accept4$llc(0xffffffffffffffff, 0x0, 0x0, 0x800) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000100)={@initdev}, &(0x7f00000003c0)=0xc) sendmsg$inet(r4, 0x0, 0x8000) r5 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) prlimit64(0x0, 0x7, &(0x7f00000003c0), 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, r5, r0, 0x39) keyctl$KEYCTL_WATCH_KEY(0x20, r5, r1, 0xffffffffffffffff) 4.129245945s ago: executing program 1 (id=1945): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet6(0xa, 0x800000000000002, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)) read$FUSE(0xffffffffffffffff, &(0x7f0000000800)={0x2020}, 0x2020) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f00000003c0)=0xc) syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x2, 0x14f5, &(0x7f0000003680)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==") r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$FUSE(r3, &(0x7f0000000480)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) fchown(r2, r4, r5) 4.126162705s ago: executing program 3 (id=1946): r0 = socket$inet_udp(0x2, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() pread64(0xffffffffffffffff, 0x0, 0x0, 0x100008) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) setsockopt$sock_void(r0, 0x1, 0x0, 0x0, 0x0) r4 = syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r4, 0xc0305710, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0) mq_open(0x0, 0x1, 0x116, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 4.034942754s ago: executing program 4 (id=1947): r0 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000002480)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0) r2 = fanotify_init(0x200, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$unix(0x1, 0x1, 0x0) fanotify_mark(r2, 0x39, 0x1a, r1, 0x0) 4.002971297s ago: executing program 0 (id=1948): openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sysvipc/msg\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)={0x10, 0x140b, 0x11fcbe16f5dc6f71, 0x70bd29, 0xfffffffe}, 0x10}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0) syz_clone(0x25000, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) landlock_create_ruleset(&(0x7f00000002c0)={0x2001, 0x2, 0x1}, 0x18, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1}, 0x6e) connect$unix(r2, &(0x7f0000000640)=@file={0x1}, 0x6e) 3.956821622s ago: executing program 1 (id=1949): accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000001600)={0x54, r4, 0x1, 0xfffffffd, 0x0, {0x26}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x51}, {0xc, 0x8f, 0xfffffffffffffffe}, {0xc}}]}, 0x54}}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000c49c7b08b10e07700802010000010902120001000000000904000000c21e9b"], 0x0) 2.747238391s ago: executing program 1 (id=1950): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r2 = io_uring_setup(0x4a86, &(0x7f0000000300)={0x0, 0x4178, 0x40, 0x8001002, 0x3d7}) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10) r4 = socket(0x1e, 0x4, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00'}, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r6, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r3, &(0x7f0000003240), 0x4000000000000e4, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 2.745209731s ago: executing program 3 (id=1951): r0 = openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0) r1 = socket(0x1d, 0x2, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x400000088}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000240)=0x7d75, 0x4) connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x300) recvmmsg$unix(r1, &(0x7f0000002d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000040, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x80, 'syz0\x00', 0x8}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000840)) write$dsp(0xffffffffffffffff, &(0x7f0000000380)="065a", 0x2) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000002740)={'mpc624\x00', [0x4f27, 0x6, 0x2, 0x5, 0x5, 0x1100cc5, 0xc, 0x6, 0xb, 0xe8aa, 0x2, 0x1, 0xffffbffd, 0x80000001, 0x5, 0x4, 0xe, 0x1a44c, 0x3ff, 0x40000003, 0x200099, 0xcaa9, 0x0, 0x20001e57, 0x7, 0xe6b, 0x3c, 0xd0, 0x6, 0x0, 0xfce, 0x9]}) 2.442714449s ago: executing program 2 (id=1952): prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendto$packet(r3, &(0x7f0000000080)="a99c383d33c9c607b1b9d49688a883", 0xf, 0x0, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local}, 0x14) recvmmsg(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x10022, 0x0) 1.002861572s ago: executing program 4 (id=1953): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}, 0x6}, 0x1c) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)={0x14, 0x0, 0x5, 0x101, 0x0, 0x0, {0x5, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x2040014}, 0x8000) close_range(r3, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) 792.445792ms ago: executing program 1 (id=1954): setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2}, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$netlink(r3, 0x10e, 0xc, 0x0, 0x0) getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, &(0x7f0000000000)={'icmp6\x00'}, &(0x7f0000000040)=0x1e) socket$inet6_udplite(0xa, 0x2, 0x88) r4 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0) 213.755559ms ago: executing program 4 (id=1955): socket$inet6(0xa, 0x2, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x1, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0xffffffff, 0x1, 0x3, 0x1, 0x5b1f, 0x7b0, 0x7, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x8, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x863c, 0xff, 0x24, 0x5, 0x7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x61, 0x200, 0x6, 0x2, 0x2, 0x6, 0x10001, 0x8, 0x7, 0xf, 0xda56, 0x7ffffffe, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x6ae, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x2, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x5, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x2, 0x7fffffff, 0x0, 0xa, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x5, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x5, 0x3, 0x6, 0xffffffff, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x80001, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x0, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1080, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0x12, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x6, 0x98, 0x8, 0x6, 0x9, 0x1000, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0x7ff, 0x9, 0x2, 0x0, 0x2, 0x8, 0x4, 0x3, 0x9, 0xc, 0x0, 0x3, 0x3, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x3, 0x8, 0x9, 0x6, 0x6, 0x2, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x4, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0x3, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0xfff, 0x8, 0x7, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0xffff, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0xffffff01, 0xc0a1, 0x8, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x2, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x20000000, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x2, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0) 54.882815ms ago: executing program 0 (id=1956): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)=ANY=[], 0x50) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d) socket$inet_udp(0x2, 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="81bd2bbd7000fbdbdf2514"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c8c5}, 0x80) 0s ago: executing program 3 (id=1957): epoll_create1(0x0) pipe2(&(0x7f0000000000), 0x800) socket$nl_route(0x10, 0x3, 0x0) socket$alg(0x26, 0x5, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) memfd_secret(0x80000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x10, 0x803, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000240)) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz1\x00', {0x1b10, 0x0, 0x1, 0x2}, 0x2f, [0x2, 0x1, 0x704d, 0x1, 0x3, 0x1, 0x2, 0x7db, 0x1, 0xfffffc01, 0xfffffffb, 0x8, 0x200001, 0x100, 0xfe, 0x4a, 0x7, 0x5, 0x2ca, 0x8, 0x76, 0x8, 0x0, 0x200, 0x42, 0x19b2, 0x8000, 0x7, 0xc1, 0x4000000, 0x7, 0x3, 0xe, 0x7, 0x1, 0x1, 0x5, 0xf, 0x7, 0x80010001, 0x9, 0x7f, 0x8, 0x6, 0xb, 0x4, 0x6, 0x40, 0x7f, 0x9, 0x1, 0x6, 0x4, 0x2284919, 0x4, 0x5643fa73, 0xfffeffff, 0x7, 0x802, 0x2, 0x8a, 0x6, 0x1, 0x6], [0xfffffed2, 0x7fffffff, 0xffff, 0x7, 0xfffffff0, 0x3, 0x0, 0x9, 0xc33, 0xf, 0x7, 0xc00, 0x6c368000, 0x4, 0x1000007, 0x0, 0x10, 0x5, 0x8, 0x8001, 0x3, 0x7fff, 0x9, 0x0, 0x5, 0x0, 0x4, 0x8, 0x40, 0xc14, 0x80000001, 0x3, 0x3, 0x7, 0x7, 0x8, 0x0, 0x294, 0x4, 0x9, 0x5, 0x3, 0x2, 0x4, 0x0, 0xfff, 0xa4, 0x4, 0x5, 0xd69, 0x9, 0x40f404, 0xf1, 0x3, 0x3, 0x1, 0x4, 0x0, 0x0, 0x6, 0x8, 0x9, 0x4, 0x1000068], [0x3, 0x1, 0x4, 0xfffffffc, 0x0, 0x7fff, 0x405, 0x9, 0x2, 0xffc, 0x7, 0x4, 0xc, 0x7, 0x6, 0xa, 0x6, 0x4, 0x5, 0x5, 0x2, 0x30000000, 0x648, 0x2, 0xfffffffd, 0x7, 0x10000, 0x7f, 0x7ff, 0xd, 0x400, 0x0, 0x41, 0x81, 0xc99, 0x25a, 0x2, 0xfffffffc, 0x2, 0x5d9fff6, 0x3ff, 0xff, 0x4, 0x8, 0x10000, 0xe7, 0x200, 0x7af5, 0x0, 0x9, 0x0, 0xffff, 0x7, 0x6, 0x0, 0x81, 0x9, 0x2000002, 0x3, 0xfffff8ff, 0x8, 0x0, 0x6, 0x10], [0xffefff80, 0xd5800000, 0x0, 0x4, 0x2, 0x62a, 0x6, 0x407, 0xb343, 0x4, 0x1, 0x8, 0x7, 0x8, 0xffffff81, 0x80000000, 0x5, 0x3, 0x201, 0xfff, 0x3, 0x0, 0x10, 0xa, 0x6, 0x80, 0xffffffff, 0x3, 0x2, 0x7, 0x1, 0x7, 0x7, 0x8, 0x1, 0x0, 0x9, 0x17ce, 0x0, 0x3, 0x6fe, 0xe, 0x7, 0x13b, 0x7, 0x8, 0xb757, 0x2, 0x117, 0x996, 0x54, 0x8c1, 0x0, 0x5, 0x5, 0xf, 0x100, 0x10000400, 0x209, 0x1, 0x3, 0x0, 0xc, 0x2]}, 0x45c) r0 = syz_io_uring_setup(0xd2, &(0x7f0000000500)={0x0, 0x2000000, 0x800, 0x0, 0xc0}, &(0x7f00000002c0)=0x0, &(0x7f0000000640)=0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): atadv_slave_1 [ 76.612738][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 76.622755][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 76.632260][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 76.642813][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.655333][ T142] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.781160][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.923062][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.004314][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.055117][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.100122][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.135189][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.147170][ T4255] Bluetooth: hci2: command 0x0419 tx timeout [ 77.221652][ T4255] Bluetooth: hci0: command 0x0419 tx timeout [ 77.238869][ T4255] Bluetooth: hci1: command 0x0419 tx timeout [ 77.263908][ T4194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.288549][ T4255] Bluetooth: hci3: command 0x0419 tx timeout [ 77.330925][ T4194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.343759][ T4194] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.431622][ T4255] Bluetooth: hci4: command 0x0419 tx timeout [ 77.436864][ T4184] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.457021][ T4184] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.469921][ T4184] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.479342][ T4184] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.663883][ T4194] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.673449][ T4194] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.683476][ T4194] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.693449][ T4194] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.706314][ T1453] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.716194][ T1453] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.735571][ T1453] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.748670][ T1453] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.758463][ T3066] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.779459][ T1226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.829058][ T1226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.855249][ T1453] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.983070][ T4305] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4174239577 (267151332928 ns) > initial count (251236570432 ns). Using initial count to start timer. [ 78.008113][ T4305] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=2909660927 (93109149664 ns) > initial count (79433163680 ns). Using initial count to start timer. [ 78.009992][ T1453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.063410][ T3066] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.095728][ T1453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.101075][ T3066] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.138698][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.168072][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.229060][ T142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.248295][ T142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.253681][ T4309] block device autoloading is deprecated and will be removed. [ 78.265555][ T1453] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.274970][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.280477][ T1453] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.327561][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.685290][ T4318] process 'syz.0.10' launched './file0' with NULL argv: empty string added [ 78.737086][ T4322] loop4: detected capacity change from 0 to 1024 [ 79.725479][ T4332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12'. [ 80.092578][ T4342] bridge0: port 3(syz_tun) entered blocking state [ 80.099379][ T4342] bridge0: port 3(syz_tun) entered disabled state [ 80.120490][ T4342] device syz_tun entered promiscuous mode [ 80.129259][ T4342] bridge0: port 3(syz_tun) entered blocking state [ 80.137024][ T4342] bridge0: port 3(syz_tun) entered forwarding state [ 80.225998][ T3066] hfsplus: b-tree write err: -5, ino 4 [ 82.540660][ C0] sched: RT throttling activated [ 82.776860][ T4382] netlink: 8 bytes leftover after parsing attributes in process `syz.1.25'. [ 82.818288][ T4382] Zero length message leads to an empty skb [ 82.990508][ T4387] loop4: detected capacity change from 0 to 512 [ 83.125449][ T4391] loop2: detected capacity change from 0 to 2048 [ 83.201663][ T4391] ======================================================= [ 83.201663][ T4391] WARNING: The mand mount option has been deprecated and [ 83.201663][ T4391] and is ignored by this kernel. Remove the mand [ 83.201663][ T4391] option from the mount to silence this warning. [ 83.201663][ T4391] ======================================================= [ 84.122443][ T2281] Bluetooth: hci3: command 0x0401 tx timeout [ 84.339614][ T4391] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 84.387937][ T4387] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback. [ 84.415263][ C0] vkms_vblank_simulate: vblank timer overrun [ 84.465996][ T4398] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.479282][ T4387] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 84.533559][ T4391] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 1376) has entry at pos 232 with incorrect tag 0 [ 84.556543][ T4398] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 84.587686][ T3066] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 84.731643][ T4410] netlink: 224 bytes leftover after parsing attributes in process `syz.0.34'. [ 87.641905][ T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 88.420784][ T4287] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 88.569160][ T4452] mmap: syz.2.43 (4452) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 88.690787][ T4287] usb 1-1: Using ep0 maxpacket: 32 [ 88.861686][ T4287] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 88.874180][ T4449] bridge0: port 3(netdevsim0) entered blocking state [ 88.880864][ T4287] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.895905][ T4287] usb 1-1: config 0 descriptor?? [ 88.910894][ T4449] bridge0: port 3(netdevsim0) entered disabled state [ 88.955823][ T4449] device netdevsim0 entered promiscuous mode [ 88.964945][ T4449] bridge0: port 3(netdevsim0) entered blocking state [ 88.972134][ T4449] bridge0: port 3(netdevsim0) entered forwarding state [ 88.985684][ T4287] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 89.090909][ T4422] syz.1.38 (4422) used greatest stack depth: 21152 bytes left [ 89.198823][ T4456] loop1: detected capacity change from 0 to 1024 [ 89.200868][ T4287] gspca_nw80x: reg_w err -71 [ 89.210337][ T4287] nw80x: probe of 1-1:0.0 failed with error -71 [ 89.297266][ T4287] usb 1-1: USB disconnect, device number 2 [ 89.389086][ T4465] tipc: Started in network mode [ 89.417136][ T4456] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none. [ 89.444936][ T4465] tipc: Node identity fffffffa, cluster identity 4711 [ 89.491825][ T4465] tipc: Node number set to 4294967290 [ 89.581055][ T23] usb 5-1: device descriptor read/all, error -71 [ 89.620702][ T4245] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 89.941255][ T4475] netlink: 12 bytes leftover after parsing attributes in process `syz.4.50'. [ 89.961644][ T4479] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000 [ 90.041021][ T4245] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 256, setting to 64 [ 90.064766][ T4245] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 91.401068][ T4245] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 91.450693][ T4245] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 91.704445][ T4245] usb 4-1: Product: syz [ 91.708790][ T4245] usb 4-1: Manufacturer: syz [ 93.655861][ T7] cfg80211: failed to load regulatory.db [ 94.503254][ T4245] usb 4-1: SerialNumber: syz [ 94.557244][ T4245] usb 4-1: can't set config #1, error -71 [ 94.592790][ T4245] usb 4-1: USB disconnect, device number 2 [ 95.550915][ T4522] netlink: 16 bytes leftover after parsing attributes in process `syz.4.61'. [ 95.664566][ T4539] device syzkaller0 entered promiscuous mode [ 95.717574][ T4245] libceph: connect (1)[c::]:6789 error -101 [ 95.725807][ T4245] libceph: mon0 (1)[c::]:6789 connect error [ 96.676015][ T4245] libceph: connect (1)[c::]:6789 error -101 [ 96.682672][ T4245] libceph: mon0 (1)[c::]:6789 connect error [ 96.730923][ T4537] ceph: No mds server is up or the cluster is laggy [ 97.065976][ T4557] netlink: 'syz.2.74': attribute type 10 has an invalid length. [ 97.130696][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!! [ 97.140140][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!! [ 97.149496][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!! [ 97.159326][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #202!!! [ 97.465347][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 97.476001][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 97.486753][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 97.498458][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 97.509744][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 97.519933][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!! [ 98.732884][ T4557] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 98.801146][ T4573] netlink: 12 bytes leftover after parsing attributes in process `syz.3.78'. [ 98.958547][ T4557] syz.2.74 (4557) used greatest stack depth: 20608 bytes left [ 99.188139][ T4581] loop4: detected capacity change from 0 to 256 [ 100.260067][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.289331][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.364346][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.392746][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.528529][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.622008][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.643561][ T4603] loop3: detected capacity change from 0 to 512 [ 100.672148][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.690791][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.754412][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.770132][ T4581] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 100.782827][ T26] audit: type=1800 audit(1760987087.695:2): pid=4581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.83" name="file1" dev="loop4" ino=1048590 res=0 errno=0 [ 100.846471][ T4581] syz.4.83 (4581) used greatest stack depth: 20576 bytes left [ 100.886611][ T4612] netlink: 4 bytes leftover after parsing attributes in process `syz.2.90'. [ 100.891537][ T4603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.89: inode #1: comm syz.3.89: iget: illegal inode # [ 100.964215][ T4603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.89: error while reading EA inode 1 err=-117 [ 100.986761][ T4603] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 101.025805][ T4603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.89: inode #1: comm syz.3.89: iget: illegal inode # [ 101.062261][ T4615] syz.4.91 uses obsolete (PF_INET,SOCK_PACKET) [ 101.077442][ T4603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.89: error while reading EA inode 1 err=-117 [ 101.112177][ T4603] EXT4-fs (loop3): 1 orphan inode deleted [ 101.133960][ T4603] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,init_itable=0x0000000000000001,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,errors=continue,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none. [ 101.235172][ T4617] loop4: detected capacity change from 0 to 512 [ 101.323155][ T4617] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.92: casefold flag without casefold feature [ 101.357423][ T4617] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.92: couldn't read orphan inode 15 (err -117) [ 101.410825][ T4617] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 101.723461][ T4621] team0: Port device team_slave_0 removed [ 101.730214][ T26] audit: type=1800 audit(1760987088.635:3): pid=4617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.92" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 102.046761][ T4633] loop3: detected capacity change from 0 to 2048 [ 102.143890][ T4636] loop1: detected capacity change from 0 to 2048 [ 102.175613][ T4633] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 102.244560][ T4633] UDF-fs: error (device loop3): udf_read_inode: (ino 1347) failed !bh [ 102.821351][ T4636] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000008,grpid,abort,sb=0x0000000000000004,,errors=continue. Quota mode: none. [ 103.251701][ T4636] ext4 filesystem being mounted at /23/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.733529][ T4662] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 104.939230][ T4662] EXT4-fs error (device loop1): ext4_dirty_inode:6046: inode #15: comm syz.1.99: mark_inode_dirty error [ 104.962289][ T4662] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 104.976284][ T4662] EXT4-fs error (device loop1): ext4_write_end:1347: inode #15: comm syz.1.99: mark_inode_dirty error [ 105.294599][ T4684] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 105.333610][ T4680] loop1: detected capacity change from 0 to 2048 [ 105.353011][ T4689] sock: sock_set_timeout: `syz.3.110' (pid 4689) tries to set negative timeout [ 105.386349][ T4684] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 105.423016][ T4684] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 105.469932][ T4680] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 105.548809][ T4680] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 105.567600][ T4680] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 105.577276][ T4680] UDF-fs: Scanning with blocksize 512 failed [ 105.692113][ T4680] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.000859][ T13] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 107.463811][ T13] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 107.547475][ T13] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 107.667514][ T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.857109][ T13] usb 1-1: config 0 descriptor?? [ 107.928271][ T13] pwc: Askey VC010 type 2 USB webcam detected. [ 108.341149][ T13] pwc: recv_control_msg error -32 req 02 val 2b00 [ 108.407786][ T13] pwc: recv_control_msg error -32 req 02 val 2700 [ 108.461069][ T13] pwc: recv_control_msg error -32 req 02 val 2c00 [ 108.601651][ T13] pwc: recv_control_msg error -32 req 04 val 1000 [ 109.750973][ T13] pwc: recv_control_msg error -71 req 04 val 1300 [ 109.777226][ T13] pwc: recv_control_msg error -71 req 04 val 1400 [ 109.875247][ T13] pwc: recv_control_msg error -71 req 02 val 2000 [ 109.902375][ T13] pwc: recv_control_msg error -71 req 02 val 2100 [ 109.967266][ T4741] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 109.979902][ T4741] Cannot find add_set index 0 as target [ 109.998925][ T13] pwc: recv_control_msg error -71 req 04 val 1500 [ 110.182753][ T13] pwc: recv_control_msg error -71 req 02 val 2500 [ 110.341238][ T13] pwc: recv_control_msg error -71 req 02 val 2400 [ 110.590856][ T13] pwc: recv_control_msg error -71 req 02 val 2600 [ 110.651864][ T13] pwc: recv_control_msg error -71 req 02 val 2900 [ 110.671306][ T4746] loop3: detected capacity change from 0 to 512 [ 110.686186][ T13] pwc: recv_control_msg error -71 req 02 val 2800 [ 110.735485][ T13] pwc: recv_control_msg error -71 req 04 val 1100 [ 110.811019][ T13] pwc: recv_control_msg error -71 req 04 val 1200 [ 110.900068][ T4752] netlink: 12 bytes leftover after parsing attributes in process `syz.1.128'. [ 110.926643][ T13] pwc: Registered as video103. [ 110.945858][ T13] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input5 [ 111.400482][ T4758] loop0: detected capacity change from 0 to 4096 [ 111.945359][ T4746] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 111.966522][ T4746] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 111.979788][ T4758] ntfs3: loop0: RAW NTFS volume: Filesystem size 0.00 Gb > volume size 0.00 Gb. Mount in read-only [ 112.033613][ T13] usb 1-1: USB disconnect, device number 3 [ 112.090834][ T4758] ntfs3: loop0: mft corrupted [ 112.097449][ T4758] ntfs3: loop0: Failed to load $MFT. [ 112.616797][ T4764] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 112.647394][ T4764] device batadv_slave_0 entered promiscuous mode [ 113.088302][ T4786] loop3: detected capacity change from 0 to 256 [ 113.964123][ T4793] loop4: detected capacity change from 0 to 2048 [ 114.176011][ T4793] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 114.234196][ T26] audit: type=1326 audit(1760987101.145:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.124397][ T26] audit: type=1326 audit(1760987101.175:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.210291][ T26] audit: type=1326 audit(1760987101.355:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.240357][ T26] audit: type=1326 audit(1760987101.355:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.270792][ T26] audit: type=1326 audit(1760987101.355:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.305521][ T26] audit: type=1326 audit(1760987101.375:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.332683][ T26] audit: type=1326 audit(1760987101.405:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.436365][ T26] audit: type=1326 audit(1760987101.465:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.781592][ T26] audit: type=1326 audit(1760987101.535:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 115.808057][ T26] audit: type=1326 audit(1760987101.555:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4800 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 116.842266][ T4818] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1908810531 (122163873984 ns) > initial count (42142760512 ns). Using initial count to start timer. [ 118.499629][ T4852] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.509788][ T4852] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.520547][ T4852] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.529683][ T4852] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 118.940260][ T4852] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.950860][ T4852] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.960815][ T4852] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 118.971250][ T4852] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 119.599383][ T4232] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 119.668181][ T4859] loop4: detected capacity change from 0 to 1024 [ 119.682060][ T4232] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 119.764080][ T4859] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled [ 119.816780][ T4859] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 119.838777][ T4859] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 119.915300][ T4859] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,nolazytime,abort,errors=continue,dioread_nolock,jqfmt=vfsv0,nomblk_io_submit,nobarrier,,errors=continue. Quota mode: writeback. [ 120.783277][ T4877] loop3: detected capacity change from 0 to 40427 [ 120.800345][ T4874] fido_id[4874]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 120.847471][ T4877] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 120.856038][ T4877] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 120.918901][ T4877] F2FS-fs (loop3): invalid crc value [ 121.020185][ T4880] loop0: detected capacity change from 0 to 4096 [ 121.060259][ T4877] F2FS-fs (loop3): Found nat_bits in checkpoint [ 121.275613][ T26] kauditd_printk_skb: 25 callbacks suppressed [ 121.299135][ T26] audit: type=1326 audit(1760987108.145:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4882 comm="syz.1.166" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x0 [ 123.238535][ T4877] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 123.246129][ T4877] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 124.988226][ T4909] netlink: zone id is out of range [ 124.995564][ T4909] netlink: zone id is out of range [ 125.001702][ T4909] netlink: zone id is out of range [ 125.007217][ T4909] netlink: zone id is out of range [ 125.013603][ T4909] netlink: zone id is out of range [ 125.019989][ T4909] netlink: zone id is out of range [ 125.026008][ T4909] netlink: zone id is out of range [ 125.031426][ T4909] netlink: zone id is out of range [ 125.036907][ T4909] netlink: zone id is out of range [ 125.042541][ T4909] netlink: zone id is out of range [ 125.288973][ T4913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.174'. [ 125.532577][ T4918] netlink: 'syz.2.174': attribute type 10 has an invalid length. [ 125.686103][ T4918] team0: Port device dummy0 added [ 125.728672][ T4921] bridge0: port 3(vlan0) entered blocking state [ 125.776352][ T4921] bridge0: port 3(vlan0) entered disabled state [ 125.839896][ T4921] device vlan0 entered promiscuous mode [ 126.254874][ T4941] netlink: 'syz.3.171': attribute type 1 has an invalid length. [ 127.046792][ T4936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.180'. [ 127.098880][ T4936] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.108459][ T4936] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.118727][ T4936] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.128311][ T4936] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 127.329981][ T4946] 8021q: adding VLAN 0 to HW filter on device bond1 [ 127.418205][ T4957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.184'. [ 129.451901][ T4971] netlink: 'syz.0.187': attribute type 27 has an invalid length. [ 129.480860][ T4971] netlink: 'syz.0.187': attribute type 1 has an invalid length. [ 129.505675][ T4975] ptrace attach of "./syz-executor exec"[4184] was attempted by "./syz-executor exec"[4975] [ 129.547047][ T4971] bridge0: port 1(bridge_slave_0) entered learning state [ 129.585645][ T4975] netlink: 8 bytes leftover after parsing attributes in process `syz.4.192'. [ 129.645084][ T4975] loop4: detected capacity change from 0 to 128 [ 129.655174][ T4980] xt_bpf: check failed: parse error [ 129.710000][ T4956] netlink: 8 bytes leftover after parsing attributes in process `syz.1.186'. [ 131.218880][ T4999] netlink: 8 bytes leftover after parsing attributes in process `syz.4.198'. [ 131.370079][ T4999] 8021q: adding VLAN 0 to HW filter on device bond1 [ 132.406046][ T5004] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 132.429033][ T1226] net_ratelimit: 24 callbacks suppressed [ 132.429052][ T1226] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 132.588449][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 132.616373][ T4999] netlink: 4 bytes leftover after parsing attributes in process `syz.4.198'. [ 132.633711][ T1453] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 133.053038][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.059420][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.129346][ T5031] netlink: 'syz.4.206': attribute type 10 has an invalid length. [ 134.145540][ T5029] overlayfs: failed to resolve './cgroup': -2 [ 134.245716][ T5031] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.302320][ T5031] team0: Port device bond0 added [ 134.311409][ T5040] netlink: 4 bytes leftover after parsing attributes in process `syz.4.206'. [ 134.896112][ T5040] team0 (unregistering): Port device team_slave_0 removed [ 134.935980][ T5051] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 135.391570][ T5040] team0 (unregistering): Port device team_slave_1 removed [ 135.520395][ T5040] team0 (unregistering): Port device bond0 removed [ 135.915446][ T26] audit: type=1326 audit(1760987122.825:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 135.977499][ T26] audit: type=1326 audit(1760987122.855:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.053671][ T26] audit: type=1326 audit(1760987122.855:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.087188][ T26] audit: type=1326 audit(1760987122.855:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.164389][ T26] audit: type=1326 audit(1760987122.855:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.237644][ T5055] loop2: detected capacity change from 0 to 32768 [ 136.250397][ T26] audit: type=1326 audit(1760987122.855:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.304525][ T26] audit: type=1326 audit(1760987122.855:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.402418][ T26] audit: type=1326 audit(1760987122.855:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.517906][ T5055] JBD2: Ignoring recovery information on journal [ 136.525595][ T26] audit: type=1326 audit(1760987122.855:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 136.570799][ T2281] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 136.664623][ T5055] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 136.673812][ T26] audit: type=1326 audit(1760987122.855:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5060 comm="syz.3.215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 137.091955][ T2281] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 137.125944][ T2281] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.155474][ T2281] usb 4-1: Product: syz [ 137.168464][ T2281] usb 4-1: Manufacturer: syz [ 137.189772][ T2281] usb 4-1: SerialNumber: syz [ 137.399646][ T5055] syz.2.213 (5055) used greatest stack depth: 20552 bytes left [ 137.473550][ T5079] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 137.615349][ T4194] ocfs2: Unmounting device (7,2) on (node local) [ 137.685355][ T5066] udc-core: couldn't find an available UDC or it's busy [ 137.699073][ T5066] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 137.721051][ T2281] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71 [ 137.767984][ T2281] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71 [ 137.856140][ T2281] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 137.886923][ T5082] loop0: detected capacity change from 0 to 4096 [ 137.910060][ T2281] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 137.933047][ T2281] lan78xx: probe of 4-1:1.0 failed with error -71 [ 138.009285][ T2281] usb 4-1: USB disconnect, device number 3 [ 138.217060][ T5082] EXT4-fs (loop0): Test dummy encryption mode enabled [ 138.231647][ T5086] 8021q: adding VLAN 0 to HW filter on device bond1 [ 138.240833][ T5086] bond0: (slave bond1): Enslaving as an active interface with an up link [ 138.333913][ T5088] netlink: 14 bytes leftover after parsing attributes in process `syz.2.221'. [ 138.346617][ T5082] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 138.380319][ T5082] System zones: 0-5 [ 138.416583][ T5097] netlink: 4 bytes leftover after parsing attributes in process `syz.3.225'. [ 138.475003][ T5082] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,nodiscard,abort,,errors=continue. Quota mode: writeback. [ 138.639756][ T5088] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 138.658462][ T5082] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 138.727598][ T5088] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 138.817927][ T5088] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 138.895912][ T5088] bond0 (unregistering): (slave bond1): Releasing backup interface [ 138.949328][ T5088] bond0 (unregistering): Released all slaves [ 139.021737][ T5113] netlink: 12 bytes leftover after parsing attributes in process `syz.4.227'. [ 139.315982][ T5136] netlink: 36 bytes leftover after parsing attributes in process `syz.1.234'. [ 141.041282][ T5148] capability: warning: `syz.0.237' uses deprecated v2 capabilities in a way that may be insecure [ 141.920052][ T5161] device vlan1 entered promiscuous mode [ 142.170814][ T26] kauditd_printk_skb: 63 callbacks suppressed [ 142.170830][ T26] audit: type=1326 audit(1760987129.065:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 142.260699][ T26] audit: type=1326 audit(1760987129.065:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 142.430556][ T26] audit: type=1326 audit(1760987129.065:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.229596][ T26] audit: type=1326 audit(1760987129.065:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.317215][ T26] audit: type=1326 audit(1760987129.065:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.344750][ T26] audit: type=1326 audit(1760987129.075:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.372007][ T26] audit: type=1326 audit(1760987129.075:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.445037][ T26] audit: type=1326 audit(1760987129.075:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.474715][ T26] audit: type=1326 audit(1760987129.075:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.501258][ T26] audit: type=1326 audit(1760987129.075:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5157 comm="syz.2.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 143.789401][ T5165] bridge0: port 3(netdevsim0) entered disabled state [ 143.798218][ T5165] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.807958][ T5165] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.739605][ T5165] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 144.767999][ T5165] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 145.194379][ T5194] loop4: detected capacity change from 0 to 8 [ 145.361307][ T5194] SQUASHFS error: zlib decompression failed, data probably corrupt [ 145.370490][ T5194] SQUASHFS error: Failed to read block 0x13e: -5 [ 145.381088][ T5194] SQUASHFS error: Unable to read metadata cache entry [13c] [ 145.389321][ T5194] SQUASHFS error: Unable to read directory block [13c:26] [ 145.413569][ T5194] SQUASHFS error: Unable to read metadata cache entry [13c] [ 145.431131][ T5194] SQUASHFS error: Unable to read directory block [13c:26] [ 145.485767][ T5165] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.498288][ T5165] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.511081][ T5165] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.521919][ T5165] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.732260][ T5200] ieee802154 phy0 wpan0: encryption failed: -22 [ 145.748010][ T5200] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 145.808612][ T5187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.246'. [ 145.898590][ T5165] syz.3.242 (5165) used greatest stack depth: 19360 bytes left [ 145.961464][ T5187] device hsr_slave_0 left promiscuous mode [ 147.235318][ T5234] loop4: detected capacity change from 0 to 1024 [ 147.358742][ T5234] EXT4-fs (loop4): Ignoring removed oldalloc option [ 147.830900][ T5234] EXT4-fs (loop4): Ignoring removed bh option [ 147.837488][ T5234] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 147.922223][ T5234] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 149.860728][ T2281] Bluetooth: hci3: command 0x0401 tx timeout [ 151.325857][ T5302] loop1: detected capacity change from 0 to 2048 [ 151.631117][ T5302] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,journal_ioprio=0x0000000000000001,grpquota,errors=remount-ro,block_validity,noload,bsddf,errors=remount-ro,. Quota mode: writeback. [ 157.172252][ T5376] netlink: 4 bytes leftover after parsing attributes in process `syz.2.300'. [ 158.631685][ T5376] netlink: 12 bytes leftover after parsing attributes in process `syz.2.300'. [ 158.709554][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 158.709569][ T26] audit: type=1326 audit(1760987145.615:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 158.777942][ T26] audit: type=1326 audit(1760987145.615:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 158.855382][ T26] audit: type=1326 audit(1760987145.615:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 158.970746][ T26] audit: type=1326 audit(1760987145.615:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 160.526363][ T26] audit: type=1326 audit(1760987145.645:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 160.640837][ T26] audit: type=1326 audit(1760987145.645:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 160.733603][ T26] audit: type=1326 audit(1760987145.645:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 160.780826][ T26] audit: type=1326 audit(1760987145.645:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 160.780867][ T26] audit: type=1326 audit(1760987145.665:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 160.780904][ T26] audit: type=1326 audit(1760987145.665:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5381 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 160.919043][ T5415] loop0: detected capacity change from 0 to 1024 [ 160.939169][ T5417] netlink: 'syz.1.314': attribute type 1 has an invalid length. [ 161.142827][ T5417] device bond2 entered promiscuous mode [ 162.701517][ T5417] 8021q: adding VLAN 0 to HW filter on device bond2 [ 162.773133][ T5427] netlink: 4 bytes leftover after parsing attributes in process `syz.4.317'. [ 162.786915][ T5429] netlink: 24 bytes leftover after parsing attributes in process `syz.1.318'. [ 162.820142][ T5427] netlink: 12 bytes leftover after parsing attributes in process `syz.4.317'. [ 163.081835][ T5440] xt_l2tp: missing protocol rule (udp|l2tpip) [ 164.800402][ T5460] netlink: 'syz.2.328': attribute type 3 has an invalid length. [ 165.920811][ T13] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 165.970961][ T5469] netlink: 4 bytes leftover after parsing attributes in process `syz.0.331'. [ 165.999023][ T5469] netlink: 12 bytes leftover after parsing attributes in process `syz.0.331'. [ 166.391925][ T13] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 256, setting to 64 [ 166.484753][ T13] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 167.045679][ T5482] netlink: 44 bytes leftover after parsing attributes in process `syz.0.334'. [ 167.081015][ T13] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 167.180667][ T13] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 167.314269][ T13] usb 5-1: Product: syz [ 167.409859][ T13] usb 5-1: Manufacturer: syz [ 167.419701][ T13] usb 5-1: SerialNumber: syz [ 167.510811][ T13] usb 5-1: can't set config #1, error -71 [ 167.529124][ T13] usb 5-1: USB disconnect, device number 4 [ 170.414360][ T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 171.301313][ T23] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 256, setting to 64 [ 171.963338][ T23] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 172.199660][ T5607] netlink: 24 bytes leftover after parsing attributes in process `syz.3.356'. [ 172.260900][ T23] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 172.286792][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 172.468910][ T23] usb 3-1: Product: syz [ 172.708504][ T23] usb 3-1: Manufacturer: syz [ 173.094850][ T23] usb 3-1: SerialNumber: syz [ 173.311190][ T23] usb 3-1: can't set config #1, error -71 [ 173.328353][ T5648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.358'. [ 173.386786][ T23] usb 3-1: USB disconnect, device number 2 [ 173.396609][ T5647] netlink: 12 bytes leftover after parsing attributes in process `syz.0.358'. [ 173.478371][ T5656] netlink: 'syz.3.360': attribute type 10 has an invalid length. [ 173.626380][ T5660] loop7: detected capacity change from 0 to 7 [ 173.661960][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 173.673952][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 173.852380][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 173.864874][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 174.047612][ T5663] syz.4.362 sent an empty control message without MSG_MORE. [ 174.099953][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 174.114171][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 174.521800][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 174.533603][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 174.554076][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 174.567097][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 175.335694][ T5674] netlink: 'syz.0.365': attribute type 3 has an invalid length. [ 176.291368][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 176.303322][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 176.438315][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 176.449601][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 176.462086][ T5660] ldm_validate_partition_table(): Disk read failed. [ 176.477472][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 176.489531][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 176.711649][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 176.723842][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 178.824048][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 178.835155][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 178.872127][ T5514] wlan1: Trigger new scan to find an IBSS to join [ 178.900831][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 178.912615][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 178.921492][ T5660] Dev loop7: unable to read RDB block 0 [ 178.934394][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 178.945512][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 178.995278][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 178.999022][ T5693] netlink: 'syz.1.369': attribute type 10 has an invalid length. [ 179.006730][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 179.024701][ T5693] device syz_tun entered promiscuous mode [ 179.059525][ T5693] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 179.070804][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 179.082382][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 179.119614][ T5702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.370'. [ 179.160980][ C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 179.173551][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 179.192399][ T5660] loop7: unable to read partition table [ 179.198254][ T5660] loop7: partition table beyond EOD, truncated [ 179.218259][ T5660] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü¾CêjÌ–ã¢P=ý?ã}X‹ºÐ œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö˜Èµ4FLQkÝŠ) failed (rc=-5) [ 179.221695][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 179.245359][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 179.283721][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 179.295729][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 179.380525][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 179.393046][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 179.407794][ T5713] netlink: 'syz.4.374': attribute type 10 has an invalid length. [ 179.432343][ C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 179.444176][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 179.474274][ T5713] bridge0: port 3(syz_tun) entered disabled state [ 179.500403][ T5713] device syz_tun left promiscuous mode [ 179.550422][ T5713] bridge0: port 3(syz_tun) entered disabled state [ 179.632335][ T5713] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 179.671244][ T5718] bond1: option mode: unable to set because the bond device has slaves [ 179.731249][ T5720] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 179.739863][ T5720] bond1: (slave macvlan2): unknown ethtool speed (20010) for port 2 (set it to 0) [ 179.750448][ T5720] bond1: (slave macvlan2): speed changed to 0 on port 2 [ 179.769568][ T5720] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 181.076232][ T26] kauditd_printk_skb: 15 callbacks suppressed [ 181.076248][ T26] audit: type=1326 audit(1760987167.985:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 181.544050][ T5766] loop2: detected capacity change from 0 to 128 [ 181.551465][ T26] audit: type=1326 audit(1760987167.985:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 181.641531][ T26] audit: type=1326 audit(1760987167.985:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 181.758504][ T26] audit: type=1326 audit(1760987167.985:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 181.784955][ T26] audit: type=1326 audit(1760987167.985:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 181.810203][ T26] audit: type=1326 audit(1760987167.985:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 183.389675][ T5766] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 183.540520][ T5766] FAT-fs (loop2): Filesystem has been set read-only [ 183.762352][ T26] audit: type=1326 audit(1760987167.985:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 183.791638][ T5766] attempt to access beyond end of device [ 183.791638][ T5766] loop2: rw=524288, want=2073, limit=128 [ 183.833870][ T5766] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 183.851343][ T5766] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 184.546600][ T26] audit: type=1326 audit(1760987168.295:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 184.571917][ T9] wlan1: Trigger new scan to find an IBSS to join [ 184.614102][ T26] audit: type=1326 audit(1760987168.295:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 184.658985][ T5766] attempt to access beyond end of device [ 184.658985][ T5766] loop2: rw=0, want=2073, limit=128 [ 184.746165][ T26] audit: type=1326 audit(1760987168.295:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5715 comm="syz.2.375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7fc00000 [ 186.361058][ T13] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 189.927792][ T5514] wlan1: Creating new IBSS network, BSSID 32:e5:3f:d4:72:ac [ 190.060862][ T13] usb 1-1: device descriptor read/all, error -71 [ 191.955155][ T1107] Bluetooth: hci2: command 0x0406 tx timeout [ 191.974362][ T1107] Bluetooth: hci0: command 0x0406 tx timeout [ 191.983095][ T5835] rdma_op ffff8880241571f0 conn xmit_rdma 0000000000000000 [ 192.085062][ T1107] Bluetooth: hci1: command 0x0406 tx timeout [ 192.093507][ T1107] Bluetooth: hci3: command 0x0406 tx timeout [ 192.101290][ T1107] Bluetooth: hci4: command 0x0406 tx timeout [ 192.255933][ T5842] IPVS: wrr: FWM 3 0x00000003 - no destination available [ 192.300207][ T5842] IPVS: wrr: FWM 3 0x00000003 - no destination available [ 193.950373][ T5860] netlink: 'syz.4.411': attribute type 10 has an invalid length. [ 194.329534][ T5860] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 195.539768][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.546507][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.633280][ T5867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.415'. [ 195.742011][ T5867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.415'. [ 197.022079][ T5900] netlink: 341 bytes leftover after parsing attributes in process `syz.2.422'. [ 198.336578][ T5909] binder_alloc: 5907: pid 5907 spamming oneway? 2 buffers allocated for a total size of 5120 [ 199.247612][ T5912] binder_alloc: 5907: pid 5907 spamming oneway? 3 buffers allocated for a total size of 5128 [ 207.755492][ T5962] IPVS: wrr: FWM 3 0x00000003 - no destination available [ 207.796239][ T5962] IPVS: wrr: FWM 3 0x00000003 - no destination available [ 208.826867][ T5958] loop0: detected capacity change from 0 to 2048 [ 208.908545][ T5973] deleting an unspecified loop device is not supported. [ 208.918206][ T5974] netlink: 4 bytes leftover after parsing attributes in process `syz.4.443'. [ 208.937422][ T5958] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 208.968784][ T5958] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 209.018505][ T5958] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 209.046795][ T5974] bond0: (slave syz_tun): Releasing backup interface [ 209.058115][ T5958] UDF-fs: Scanning with blocksize 512 failed [ 209.108573][ T5958] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 209.301863][ T5982] netlink: 232 bytes leftover after parsing attributes in process `syz.2.447'. [ 209.625408][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.893960][ T6011] tipc: Failed to remove unknown binding: 66,1,1/4294967290:3856038057/3856038059 [ 211.973271][ T6021] netlink: 341 bytes leftover after parsing attributes in process `syz.3.459'. [ 213.089600][ T6011] tipc: Failed to remove unknown binding: 66,1,1/4294967290:3856038057/3856038059 [ 213.101768][ T6011] tipc: Failed to remove unknown binding: 66,1,1/4294967290:3856038057/3856038059 [ 214.793881][ T6045] overlayfs: failed to clone upperpath [ 215.525711][ T6065] netlink: 341 bytes leftover after parsing attributes in process `syz.0.471'. [ 216.610667][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 216.647483][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 216.711076][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 216.724770][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 216.886046][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 216.895394][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 216.911357][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 216.923292][ T6083] netlink: 788 bytes leftover after parsing attributes in process `syz.0.473'. [ 216.933444][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 217.636943][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 217.657586][ T6069] netlink: 'syz.2.472': attribute type 3 has an invalid length. [ 217.667906][ T6071] 8021q: VLANs not supported on vcan0 [ 217.677173][ T6079] netlink: 51 bytes leftover after parsing attributes in process `syz.1.474'. [ 219.886499][ T1226] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 220.142784][ T6122] loop4: detected capacity change from 0 to 1024 [ 220.191125][ T6122] EXT4-fs (loop4): Ignoring removed oldalloc option [ 220.208785][ T6122] EXT4-fs (loop4): Ignoring removed bh option [ 220.251848][ T6122] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 220.371774][ T6122] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 222.918056][ T6154] netlink: 12 bytes leftover after parsing attributes in process `syz.1.494'. [ 222.941763][ T6154] batman_adv: Cannot find parent device [ 222.948472][ T6154] device vlan3 entered promiscuous mode [ 223.000739][ T6154] device ip6gretap0 entered promiscuous mode [ 223.048717][ T6158] netlink: 12 bytes leftover after parsing attributes in process `syz.4.492'. [ 223.174394][ T6158] 8021q: adding VLAN 0 to HW filter on device bond3 [ 223.291522][ T6158] device veth3 entered promiscuous mode [ 223.301768][ T6158] bond3: (slave veth3): Enslaving as an active interface with an up link [ 224.301374][ T1226] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready [ 224.727235][ T6178] Cannot find add_set index 4 as target [ 225.036324][ T6180] lo speed is unknown, defaulting to 1000 [ 225.036596][ T6180] lo speed is unknown, defaulting to 1000 [ 225.041287][ T6180] lo speed is unknown, defaulting to 1000 [ 225.049507][ T6180] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 225.060942][ T6180] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 225.156970][ T6180] lo speed is unknown, defaulting to 1000 [ 225.163296][ T6180] lo speed is unknown, defaulting to 1000 [ 225.168537][ T6180] lo speed is unknown, defaulting to 1000 [ 225.174580][ T6180] lo speed is unknown, defaulting to 1000 [ 225.179791][ T6180] lo speed is unknown, defaulting to 1000 [ 225.983568][ T6176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.498'. [ 226.148571][ T6187] usb usb7: usbfs: process 6187 (syz.0.503) did not claim interface 0 before use [ 227.506953][ T6195] loop4: detected capacity change from 0 to 40427 [ 227.633026][ T6195] F2FS-fs (loop4): invalid crc value [ 227.655155][ T6195] F2FS-fs (loop4): Found nat_bits in checkpoint [ 227.695239][ T6199] netlink: 72 bytes leftover after parsing attributes in process `syz.2.509'. [ 227.718272][ T6195] F2FS-fs (loop4): Start checkpoint disabled! [ 227.748546][ T6195] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 227.985005][ T26] kauditd_printk_skb: 57 callbacks suppressed [ 227.985022][ T26] audit: type=1326 audit(1760987214.895:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 228.153104][ T26] audit: type=1326 audit(1760987214.925:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 228.181034][ T26] audit: type=1326 audit(1760987214.925:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 228.658182][ T26] audit: type=1326 audit(1760987214.925:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 229.199669][ T6221] fuse: Bad value for 'fd' [ 229.234494][ T26] audit: type=1326 audit(1760987214.925:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 229.270933][ T26] audit: type=1326 audit(1760987214.925:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 229.311356][ T150] block nbd2: Attempted send on invalid socket [ 229.320245][ T150] print_req_error: 1 callbacks suppressed [ 229.320264][ T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 229.396259][ T9] attempt to access beyond end of device [ 229.396259][ T9] loop4: rw=2049, want=40984, limit=40427 [ 229.411811][ T26] audit: type=1326 audit(1760987214.935:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 229.435557][ T26] audit: type=1326 audit(1760987214.935:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 229.461788][ T26] audit: type=1326 audit(1760987214.935:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 229.607585][ T26] audit: type=1326 audit(1760987214.935:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.2.511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 229.660534][ T6224] loop0: detected capacity change from 0 to 1024 [ 229.713192][ T6224] EXT4-fs (loop0): Ignoring removed oldalloc option [ 229.739706][ T6235] netlink: 4 bytes leftover after parsing attributes in process `syz.2.519'. [ 229.779748][ T6224] EXT4-fs (loop0): Ignoring removed bh option [ 229.810679][ T6224] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 229.921783][ T6224] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback. [ 230.093930][ T6224] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 230.161564][ T6246] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 234.262738][ T6286] netlink: 12 bytes leftover after parsing attributes in process `syz.1.533'. [ 235.565178][ T26] kauditd_printk_skb: 18 callbacks suppressed [ 235.565196][ T26] audit: type=1326 audit(1760987222.475:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 235.610049][ T26] audit: type=1326 audit(1760987222.475:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f17aa928e67 code=0x7ffc0000 [ 235.648745][ T26] audit: type=1326 audit(1760987222.475:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f17aa8ce099 code=0x7ffc0000 [ 235.683971][ T6299] loop0: detected capacity change from 0 to 512 [ 235.708143][ T26] audit: type=1326 audit(1760987222.475:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 235.740823][ T26] audit: type=1326 audit(1760987222.485:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 235.787415][ T26] audit: type=1326 audit(1760987222.485:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 236.713565][ T26] audit: type=1326 audit(1760987222.485:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 236.758509][ T26] audit: type=1326 audit(1760987222.485:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 236.800650][ T26] audit: type=1326 audit(1760987222.485:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f17aa928e67 code=0x7ffc0000 [ 236.832583][ T6299] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 236.872350][ T6299] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 236.945901][ T26] audit: type=1326 audit(1760987222.485:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f17aa8ce099 code=0x7ffc0000 [ 239.001344][ T6324] netlink: 104 bytes leftover after parsing attributes in process `syz.1.542'. [ 240.049822][ T6359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.554'. [ 240.122826][ T6361] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 240.210294][ T6366] netlink: 44 bytes leftover after parsing attributes in process `syz.3.556'. [ 240.249484][ T6366] netlink: 12 bytes leftover after parsing attributes in process `syz.3.556'. [ 240.314748][ T6366] netlink: 8 bytes leftover after parsing attributes in process `syz.3.556'. [ 240.338682][ T6366] netlink: 8 bytes leftover after parsing attributes in process `syz.3.556'. [ 242.166981][ T26] kauditd_printk_skb: 44 callbacks suppressed [ 242.166997][ T26] audit: type=1326 audit(1760987229.075:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 242.271522][ T26] audit: type=1326 audit(1760987229.125:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 242.345828][ T26] audit: type=1326 audit(1760987229.125:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 243.037283][ T26] audit: type=1326 audit(1760987229.125:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 244.788372][ T26] audit: type=1326 audit(1760987229.125:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 244.874954][ T26] audit: type=1326 audit(1760987229.125:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 244.945658][ T26] audit: type=1326 audit(1760987229.125:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 246.040890][ T26] audit: type=1326 audit(1760987229.125:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 246.117098][ T26] audit: type=1326 audit(1760987229.125:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 246.179843][ T26] audit: type=1326 audit(1760987229.135:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.0.559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd96d40fc9 code=0x7ffc0000 [ 246.488588][ T6421] capability: warning: `syz.2.573' uses 32-bit capabilities (legacy support in use) [ 247.691148][ T6424] netlink: 104 bytes leftover after parsing attributes in process `syz.0.568'. [ 248.373766][ T6441] kernel profiling enabled (shift: 6) [ 251.079620][ T5514] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 251.104245][ T6475] futex_wake_op: syz.3.591 tries to shift op by 32; fix this program [ 251.214422][ T6475] C: renamed from lo [ 251.224691][ T6475] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 252.038073][ T6487] netlink: 4 bytes leftover after parsing attributes in process `syz.2.594'. [ 253.603862][ T6501] netlink: 12 bytes leftover after parsing attributes in process `syz.4.599'. [ 253.682279][ T6503] loop2: detected capacity change from 0 to 512 [ 253.723883][ T6505] HTB: quantum of class 4000A is big. Consider r2q change. [ 253.773348][ T6503] EXT4-fs error (device loop2): ext4_fill_super:4841: inode #2: comm syz.2.600: iget: bad i_size value: -1 [ 253.793371][ T6503] EXT4-fs (loop2): get root inode failed [ 253.799551][ T6503] EXT4-fs (loop2): mount failed [ 253.851483][ T6501] HTB: quantum of class 4000A is big. Consider r2q change. [ 255.943628][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.951140][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.484735][ T6530] netlink: 28 bytes leftover after parsing attributes in process `syz.0.606'. [ 256.495621][ T6530] netlink: 8 bytes leftover after parsing attributes in process `syz.0.606'. [ 256.512288][ T6530] validate_nla: 40 callbacks suppressed [ 256.512307][ T6530] netlink: 'syz.0.606': attribute type 10 has an invalid length. [ 257.370241][ T6530] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.379459][ T6530] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.409692][ T6530] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.417447][ T6530] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.426351][ T6530] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.434107][ T6530] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.500779][ T6545] netlink: 'syz.2.609': attribute type 2 has an invalid length. [ 258.110663][ T6530] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 259.166112][ T6553] netlink: 24 bytes leftover after parsing attributes in process `syz.2.613'. [ 261.255297][ T6533] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.265156][ T6533] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.904285][ T6533] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 261.947097][ T6533] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 262.329015][ T6533] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.340448][ T6533] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.350479][ T6533] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.361530][ T6533] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.715539][ T6590] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 262.812259][ T6597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.623'. [ 262.832785][ T6597] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.918602][ T6604] loop0: detected capacity change from 0 to 164 [ 263.121618][ T6604] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 264.039849][ T6620] device bond0 entered promiscuous mode [ 264.164220][ T6620] device bond_slave_0 entered promiscuous mode [ 264.302655][ T6626] binder_alloc: 6625: pid 6625 spamming oneway? 1 buffers allocated for a total size of 4096 [ 264.549808][ T6620] device bond_slave_1 entered promiscuous mode [ 264.941315][ T6620] device dummy0 entered promiscuous mode [ 264.950320][ T6620] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 265.017936][ T6620] hsr1: Slave B (dummy0) is not up; please bring it up to get a fully working HSR network [ 265.083351][ T6620] device hsr1 entered promiscuous mode [ 265.133033][ T6638] netlink: 8 bytes leftover after parsing attributes in process `syz.0.638'. [ 265.190444][ T6638] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 265.263781][ T6636] netlink: 1032 bytes leftover after parsing attributes in process `syz.0.638'. [ 270.490413][ T6698] xt_socket: unknown flags 0x4c [ 272.558330][ T6722] netlink: 12 bytes leftover after parsing attributes in process `syz.0.663'. [ 274.788157][ T6742] xt_time: unknown flags 0xc [ 279.049462][ T6785] binder: 6784:6785 ioctl ae80 0 returned -22 [ 281.266689][ T6814] device bond0 entered promiscuous mode [ 281.320730][ T6814] device bond_slave_0 entered promiscuous mode [ 281.727452][ T6814] device bond_slave_1 entered promiscuous mode [ 282.110490][ T6814] device wlan1 entered promiscuous mode [ 282.118991][ T6817] loop2: detected capacity change from 0 to 1024 [ 282.128498][ T6814] device bond0 left promiscuous mode [ 282.151631][ T6814] device bond_slave_0 left promiscuous mode [ 282.191923][ T6817] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 282.206658][ T6814] device bond_slave_1 left promiscuous mode [ 282.213235][ T6814] device wlan1 left promiscuous mode [ 282.219927][ T6817] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 282.232293][ T6817] JBD2: no valid journal superblock found [ 282.241152][ T6817] EXT4-fs (loop2): error loading journal [ 282.282524][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 282.282543][ T26] audit: type=1326 audit(1760987269.195:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 282.333955][ T26] audit: type=1326 audit(1760987269.195:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 282.364020][ T26] audit: type=1326 audit(1760987269.195:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 282.383514][ T6810] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 282.398244][ T26] audit: type=1326 audit(1760987269.195:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6815 comm="syz.2.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 282.433390][ T6819] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 282.864291][ T6842] netlink: 8 bytes leftover after parsing attributes in process `syz.4.701'. [ 285.874316][ T6868] netlink: 12 bytes leftover after parsing attributes in process `syz.1.706'. [ 290.765571][ T6912] netlink: 'syz.3.719': attribute type 12 has an invalid length. [ 293.781023][ T6944] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 297.912913][ T6987] loop0: detected capacity change from 0 to 128 [ 298.002496][ T6987] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,nodelalloc,,errors=continue. Quota mode: writeback. [ 298.016371][ T6987] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 303.076525][ T7037] fuse: Bad value for 'fd' [ 304.489153][ T7052] loop0: detected capacity change from 0 to 1024 [ 304.507968][ T7052] hfsplus: unable to parse mount options [ 304.793914][ T7056] ip6t_srh: unknown srh invflags 7F00 [ 305.489673][ T7052] input: syz0 as /devices/virtual/input/input6 [ 305.537935][ T7062] netlink: 'syz.0.758': attribute type 4 has an invalid length. [ 305.805925][ T7062] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.758'. [ 310.995428][ T7112] netlink: 20 bytes leftover after parsing attributes in process `syz.4.776'. [ 311.193403][ T7118] netlink: 24 bytes leftover after parsing attributes in process `syz.2.780'. [ 311.294205][ T7123] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 313.845441][ T23] Bluetooth: hci1: command 0x2016 tx timeout [ 314.206499][ T7158] netlink: 24 bytes leftover after parsing attributes in process `syz.4.792'. [ 315.303482][ T7160] loop0: detected capacity change from 0 to 64 [ 316.540419][ T7181] input: syz1 as /devices/virtual/input/input7 [ 317.100704][ T4445] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 317.256159][ T23] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 317.291489][ T23] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 317.351173][ T4445] usb 1-1: Using ep0 maxpacket: 32 [ 317.373972][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.381663][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.481015][ T4445] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 317.506776][ T4445] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.561844][ T4445] usb 1-1: config 0 descriptor?? [ 317.820924][ T4445] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware [ 318.147278][ T7211] netlink: 277 bytes leftover after parsing attributes in process `syz.4.807'. [ 318.252257][ T7213] xt_cgroup: path and classid specified [ 319.156402][ T4445] usb 1-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2 [ 319.165767][ T4445] usb 1-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw [ 320.157450][ T7231] netlink: 4 bytes leftover after parsing attributes in process `syz.4.811'. [ 320.680777][ T7248] netlink: 'syz.0.815': attribute type 12 has an invalid length. [ 325.021910][ T7279] lo speed is unknown, defaulting to 1000 [ 327.124676][ T7311] netlink: 32 bytes leftover after parsing attributes in process `syz.2.835'. [ 327.174762][ T7311] netlink: 32 bytes leftover after parsing attributes in process `syz.2.835'. [ 330.291268][ T7335] bridge0: port 3(veth0_to_bridge) entered blocking state [ 330.359195][ T7335] bridge0: port 3(veth0_to_bridge) entered disabled state [ 330.575558][ T7335] device veth0_to_bridge entered promiscuous mode [ 331.064407][ T7363] netlink: 28 bytes leftover after parsing attributes in process `syz.1.850'. [ 331.187637][ T7363] netlink: 28 bytes leftover after parsing attributes in process `syz.1.850'. [ 337.350361][ T7432] loop0: detected capacity change from 0 to 8 [ 338.431667][ T26] audit: type=1800 audit(1760987325.345:330): pid=7432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.869" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 338.650152][ T7464] loop0: detected capacity change from 0 to 128 [ 338.682958][ T7464] FAT-fs (loop0): Unrecognized mount option "18446744073709551615ÿÿÿ" or missing value [ 341.389163][ T7499] loop2: detected capacity change from 0 to 8 [ 342.348604][ T26] audit: type=1800 audit(1760987329.255:331): pid=7499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.891" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 342.450795][ T7499] SQUASHFS error: Failed to read block 0x6e6: -5 [ 342.458989][ T7499] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 342.988635][ T26] audit: type=1800 audit(1760987329.295:332): pid=7499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.891" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 343.201319][ T7499] SQUASHFS error: read_indexes: reading block [6e4:0] [ 343.208429][ T7499] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 344.005669][ T7499] SQUASHFS error: read_indexes: reading block [6e4:0] [ 344.144970][ T7499] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 344.184435][ T7499] SQUASHFS error: read_indexes: reading block [6e4:0] [ 344.251485][ T7499] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 344.259295][ T7531] loop0: detected capacity change from 0 to 512 [ 344.331731][ T7499] SQUASHFS error: read_indexes: reading block [6e4:0] [ 344.445049][ T7529] sctp: [Deprecated]: syz.3.898 (pid 7529) Use of struct sctp_assoc_value in delayed_ack socket option. [ 344.445049][ T7529] Use struct sctp_sack_info instead [ 344.596647][ T7531] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 344.735732][ T7531] block device autoloading is deprecated and will be removed. [ 344.745144][ T7531] EXT4-fs (loop0): external journal has bad superblock [ 349.016138][ T7581] netlink: 'syz.2.914': attribute type 1 has an invalid length. [ 350.334711][ T7597] bond0: (slave gretap1): making interface the new active one [ 350.557316][ T7597] bond0: (slave gretap1): Enslaving as an active interface with an up link [ 351.081077][ T7597] syz.2.914 (7597) used greatest stack depth: 18664 bytes left [ 351.157893][ T7617] netlink: 4 bytes leftover after parsing attributes in process `syz.3.921'. [ 351.222215][ T7618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.922'. [ 351.530473][ T7630] xt_TPROXY: Can be used only with -p tcp or -p udp [ 351.937317][ T7618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.922'. [ 352.075478][ T7642] loop2: detected capacity change from 0 to 1024 [ 354.745333][ T7682] No such timeout policy "syz0" [ 355.285354][ T26] audit: type=1326 audit(1760987342.195:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.014843][ T26] audit: type=1326 audit(1760987342.525:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.136862][ T26] audit: type=1326 audit(1760987342.555:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.148957][ T7697] bridge0: port 3(veth0_to_bridge) entered blocking state [ 356.161003][ T26] audit: type=1326 audit(1760987342.585:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.168613][ T7697] bridge0: port 3(veth0_to_bridge) entered listening state [ 356.192791][ T26] audit: type=1326 audit(1760987342.625:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.199963][ T7697] bridge0: port 1(bridge_slave_0) entered blocking state [ 356.200012][ T7697] bridge0: port 1(bridge_slave_0) entered listening state [ 356.242502][ T26] audit: type=1326 audit(1760987342.655:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.266217][ T26] audit: type=1326 audit(1760987342.875:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.291088][ T26] audit: type=1326 audit(1760987342.875:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.316684][ T26] audit: type=1326 audit(1760987342.905:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.349792][ T26] audit: type=1326 audit(1760987342.905:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.3.945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 356.512823][ T7697] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 356.523269][ T7697] 8021q: adding VLAN 0 to HW filter on device team0 [ 356.541330][ T7697] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 358.068509][ T7712] device gretap1 entered promiscuous mode [ 358.184233][ C1] bridge0: port 3(veth0_to_bridge) entered blocking state [ 358.255243][ T7702] netlink: 'syz.3.956': attribute type 1 has an invalid length. [ 358.419195][ T7709] netlink: 28 bytes leftover after parsing attributes in process `syz.3.956'. [ 360.472256][ T7766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 360.545334][ T7766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 360.577460][ T7761] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 362.959290][ T7801] netlink: 'syz.3.972': attribute type 13 has an invalid length. [ 365.613084][ T7831] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 365.648833][ T7831] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 365.691875][ T7836] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 365.740785][ T7831] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 365.769985][ T7831] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 365.810970][ T7831] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 365.821989][ T7831] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 365.837000][ T7831] netlink: 'syz.0.979': attribute type 29 has an invalid length. [ 366.470588][ T7853] netlink: 'syz.3.988': attribute type 1 has an invalid length. [ 366.526060][ T7853] 8021q: adding VLAN 0 to HW filter on device bond2 [ 366.544767][ T7857] device vlan3 entered promiscuous mode [ 366.551037][ T7857] device bond2 entered promiscuous mode [ 366.674680][ T7853] bond2: (slave gretap1): making interface the new active one [ 366.770812][ T7853] device gretap1 entered promiscuous mode [ 366.787170][ T7853] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 366.842986][ T4548] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready [ 366.868994][ T4548] IPv6: ADDRCONF(NETDEV_CHANGE): vlan3: link becomes ready [ 367.648966][ T7867] netlink: 'syz.2.991': attribute type 1 has an invalid length. [ 367.989144][ T7868] loop0: detected capacity change from 0 to 32768 [ 368.008643][ T7876] xt_TPROXY: Can be used only with -p tcp or -p udp [ 368.145067][ T7868] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 368.154771][ T7868] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 368.201247][ T7868] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms [ 368.225949][ T4255] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 368.283237][ T4255] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 368.675419][ T4255] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 392ms [ 368.680836][ T4230] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 368.750879][ T4255] gfs2: fsid=syz:syz.0: jid=0: Done [ 368.767689][ T7868] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 368.781690][ T7868] attempt to access beyond end of device [ 368.781690][ T7868] loop0: rw=12288, want=9007199254757624, limit=32768 [ 368.794800][ T7868] gfs2: fsid=syz:syz.0: can't lock local "qc" file: -5 [ 368.919871][ T4230] usb 3-1: device descriptor read/64, error -71 [ 369.200730][ T4230] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 369.445321][ T4230] usb 3-1: device descriptor read/64, error -71 [ 369.581719][ T4230] usb usb3-port1: attempt power cycle [ 370.040864][ T4230] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 370.670820][ T4230] usb 3-1: device descriptor read/8, error -71 [ 372.576081][ T7923] xt_TPROXY: Can be used only with -p tcp or -p udp [ 374.433983][ T7940] No such timeout policy "syz0" [ 376.326884][ T7961] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1019'. [ 376.341795][ T26] kauditd_printk_skb: 19 callbacks suppressed [ 376.341810][ T26] audit: type=1326 audit(1760987363.255:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 376.372332][ T7961] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1019'. [ 376.392953][ T26] audit: type=1326 audit(1760987363.255:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 376.478117][ T26] audit: type=1326 audit(1760987363.255:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 376.523177][ T26] audit: type=1326 audit(1760987363.255:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 376.548924][ T26] audit: type=1326 audit(1760987363.255:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 376.576015][ T26] audit: type=1326 audit(1760987363.255:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 376.827577][ T7974] xt_TPROXY: Can be used only with -p tcp or -p udp [ 377.219356][ T26] audit: type=1326 audit(1760987363.255:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 377.264030][ T26] audit: type=1326 audit(1760987363.255:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 377.297921][ T26] audit: type=1326 audit(1760987363.255:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 377.451443][ T7983] xt_SECMARK: invalid mode: 2 [ 377.554786][ T26] audit: type=1326 audit(1760987363.255:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7963 comm="syz.2.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17aa931fc9 code=0x7ffc0000 [ 378.810633][ T7994] No such timeout policy "syz0" [ 379.479307][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.486189][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.188018][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 380.197113][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 380.207922][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 380.218555][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 380.227500][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 380.950832][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 380.977182][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 381.011583][ T8012] netlink: 'syz.2.1034': attribute type 29 has an invalid length. [ 384.105787][ T4445] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use /scripts/get_dvb_firmware to get the firmware [ 384.307054][ T4445] dvb_usb_az6027: probe of 1-1:0.0 failed with error -110 [ 384.339567][ T4445] usb 1-1: USB disconnect, device number 6 [ 386.029446][ T8064] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 386.173613][ T8072] loop0: detected capacity change from 0 to 2048 [ 386.263838][ T8064] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 386.343609][ T8072] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 386.481175][ T8072] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1058'. [ 386.492157][ C1] bridge0: port 1(bridge_slave_0) entered learning state [ 386.492364][ T8070] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 386.701970][ T8076] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1050'. [ 386.714099][ T8073] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 386.766950][ T8073] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 386.776976][ T8073] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 386.787448][ T8073] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 386.796332][ T8073] netlink: 'syz.4.1048': attribute type 29 has an invalid length. [ 388.181725][ T8094] IPVS: set_ctl: invalid protocol: 44 172.20.20.187:20000 [ 388.330932][ T8099] netlink: 'syz.0.1055': attribute type 16 has an invalid length. [ 388.529724][ T8099] netlink: 'syz.0.1055': attribute type 3 has an invalid length. [ 389.570826][ T8099] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1055'. [ 390.833478][ T4255] Bluetooth: hci3: command 0x0405 tx timeout [ 392.069523][ T8116] bond0: (slave wlan1): Releasing backup interface [ 392.138878][ T8125] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1064'. [ 395.024736][ T8160] loop0: detected capacity change from 0 to 32768 [ 395.331669][ T8160] XFS (loop0): Mounting V5 Filesystem [ 395.501270][ T8160] XFS (loop0): Ending clean mount [ 395.526622][ T8160] XFS (loop0): Quotacheck needed: Please wait. [ 395.757369][ T8160] XFS (loop0): Quotacheck: Done. [ 395.927673][ T8184] device batadv_slave_1 entered promiscuous mode [ 395.961442][ T8183] device batadv_slave_1 left promiscuous mode [ 396.732555][ T4185] XFS (loop0): Unmounting Filesystem [ 404.732388][ T8271] bridge2: port 1(macvlan3) entered blocking state [ 404.816376][ T8271] bridge2: port 1(macvlan3) entered disabled state [ 405.066727][ T8271] device macvlan3 entered promiscuous mode [ 406.092966][ T8289] device wg1 entered promiscuous mode [ 408.651040][ T26] kauditd_printk_skb: 23 callbacks suppressed [ 408.651057][ T26] audit: type=1326 audit(1760987395.505:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 408.740972][ T26] audit: type=1326 audit(1760987395.505:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 408.766279][ T26] audit: type=1326 audit(1760987395.505:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 408.808065][ T26] audit: type=1326 audit(1760987395.515:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 408.871046][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 408.904349][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 408.908729][ T26] audit: type=1326 audit(1760987395.515:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 408.943325][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 408.988026][ T8333] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 409.626550][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 409.699385][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 409.851790][ T26] audit: type=1326 audit(1760987395.515:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 409.892735][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 409.896061][ T26] audit: type=1326 audit(1760987395.515:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 409.914082][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 409.986822][ T26] audit: type=1326 audit(1760987395.525:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 410.022200][ T8333] wlan0 speed is unknown, defaulting to 1000 [ 410.110822][ T26] audit: type=1326 audit(1760987395.525:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 410.140606][ T26] audit: type=1326 audit(1760987395.535:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8324 comm="syz.1.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd69b30fc9 code=0x7ffc0000 [ 411.270076][ T8358] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1119'. [ 414.325627][ T8390] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1127'. [ 414.479868][ T8390] netlink: 'syz.4.1127': attribute type 1 has an invalid length. [ 415.131068][ T8390] netlink: 'syz.4.1127': attribute type 2 has an invalid length. [ 416.570647][ C1] bridge0: port 1(bridge_slave_0) entered forwarding state [ 416.578358][ C1] bridge0: topology change detected, propagating [ 416.603515][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 419.124844][ T8449] netlink: 'syz.3.1144': attribute type 10 has an invalid length. [ 419.137148][ T8449] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 422.847757][ T8499] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1157'. [ 425.587668][ T8522] loop2: detected capacity change from 0 to 256 [ 426.419897][ T8510] orangefs_mount: mount request failed with -4 [ 428.663896][ T8560] netlink: 'syz.1.1173': attribute type 4 has an invalid length. [ 428.721822][ T8561] netlink: 'syz.1.1173': attribute type 4 has an invalid length. [ 432.466753][ T8599] IPVS: Error connecting to the multicast addr [ 437.820063][ T8655] loop0: detected capacity change from 0 to 128 [ 440.227765][ T8678] binder: 8677:8678 ioctl c0306201 2000000003c0 returned -14 [ 440.253731][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.261316][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.266509][ T26] kauditd_printk_skb: 32 callbacks suppressed [ 441.266527][ T26] audit: type=1326 audit(1760987428.175:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8687 comm="syz.3.1210" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x0 [ 441.434313][ T8694] xt_NFQUEUE: number of total queues is 0 [ 442.582762][ T8710] netlink: 'syz.1.1214': attribute type 1 has an invalid length. [ 442.639977][ T8678] ODEBUG: Out of memory. ODEBUG disabled [ 443.453344][ T8713] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address [ 443.472206][ T8713] bond4: (slave vxcan3): Error -22 calling dev_set_mtu [ 443.486989][ T8678] syz.0.1205 (8678): drop_caches: 2 [ 443.579114][ T8718] bond4: (slave vlan3): Opening slave failed [ 443.626542][ T8728] netlink: 'syz.4.1220': attribute type 1 has an invalid length. [ 443.856313][ T8728] 8021q: adding VLAN 0 to HW filter on device bond4 [ 444.110954][ T26] audit: type=1107 audit(1760987430.805:438): pid=8737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 444.329748][ T8740] device gretap1 entered promiscuous mode [ 444.422982][ T8740] bond4: (slave gretap1): making interface the new active one [ 444.438321][ T8740] bond4: (slave gretap1): Enslaving as an active interface with an up link [ 444.790689][ T5525] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready [ 444.838687][ T8746] loop0: detected capacity change from 0 to 1024 [ 444.848919][ T8747] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1224'. [ 444.886296][ T26] audit: type=1326 audit(1760987431.785:439): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8748 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 444.936608][ T26] audit: type=1326 audit(1760987431.785:440): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8748 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 445.035928][ T26] audit: type=1326 audit(1760987431.785:441): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8748 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 445.174386][ T26] audit: type=1326 audit(1760987431.785:442): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8748 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 445.357540][ T26] audit: type=1326 audit(1760987431.785:443): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8748 comm="syz.3.1223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f955c5f8fc9 code=0x7ffc0000 [ 447.901335][ T8746] EXT4-fs: failed to create workqueue [ 447.921391][ T8746] EXT4-fs (loop0): mount failed [ 449.486822][ T8816] netlink: 'syz.4.1236': attribute type 10 has an invalid length. [ 449.507459][ T8810] netlink: 'syz.1.1239': attribute type 4 has an invalid length. [ 450.786217][ T8828] loop2: detected capacity change from 0 to 40427 [ 451.321266][ T8828] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 451.329608][ T8828] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 451.343809][ T8828] F2FS-fs (loop2): invalid crc value [ 451.469969][ T8837] overlayfs: failed to clone upperpath [ 452.566727][ T8828] F2FS-fs (loop2): Found nat_bits in checkpoint [ 452.665101][ T8828] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 452.672873][ T8828] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 455.883851][ T8883] overlayfs: failed to clone upperpath [ 457.280150][ T8900] loop0: detected capacity change from 0 to 8 [ 457.359325][ T8900] SQUASHFS error: Failed to read block 0x62: -5 [ 457.369201][ T8900] squashfs image failed sanity check [ 462.175723][ T8938] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 462.185192][ T8938] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 462.193959][ T8938] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 462.204144][ T8938] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 462.215299][ T8938] device geneve2 entered promiscuous mode [ 462.267688][ T8940] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1270'. [ 462.650250][ T8947] tipc: Enabling of bearer rejected, failed to enable media [ 463.416985][ T8948] loop2: detected capacity change from 0 to 4096 [ 463.991626][ T8962] SET target dimension over the limit! [ 464.196180][ T8930] loop0: detected capacity change from 0 to 40427 [ 465.091289][ T8966] loop2: detected capacity change from 0 to 2048 [ 465.197213][ T8968] netlink: 'syz.0.1277': attribute type 10 has an invalid length. [ 465.271186][ T8966] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 465.284018][ T8968] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 466.939657][ T8972] device bond_slave_0 entered promiscuous mode [ 466.947700][ T8972] device bond_slave_1 entered promiscuous mode [ 466.954781][ T8972] device bridge0 entered promiscuous mode [ 466.961712][ T8972] device syz_tun entered promiscuous mode [ 467.013593][ T8972] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 467.021696][ T8972] bond1: (slave macvlan2): speed changed to 0 on port 1 [ 467.742837][ T8972] bond1: (slave macvlan2): Enslaving as a backup interface with an up link [ 468.016955][ T8994] device syzkaller0 entered promiscuous mode [ 468.047803][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready [ 469.339145][ T9013] loop0: detected capacity change from 0 to 2048 [ 469.463592][ T9013] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 472.383906][ T9047] bond0: (slave syz_tun): Releasing backup interface [ 477.796390][ T9088] tipc: Enabling of bearer rejected, failed to enable media [ 479.558023][ T9126] overlayfs: failed to resolve './file0': -2 [ 479.783096][ T9131] netlink: 201392 bytes leftover after parsing attributes in process `syz.4.1318'. [ 481.791345][ T9152] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1327'. [ 483.831483][ T9172] loop2: detected capacity change from 0 to 16 [ 484.114324][ T9172] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 484.526011][ T8620] udevd[8620]: incorrect cramfs checksum on /dev/loop2 [ 485.163838][ T8620] udevd[8620]: incorrect cramfs checksum on /dev/loop2 [ 490.178981][ T9232] tipc: Started in network mode [ 490.184181][ T9232] tipc: Node identity aaaaaaaaaa3, cluster identity 4711 [ 490.192487][ T9232] tipc: Enabled bearer , priority 0 [ 491.252102][ T1107] tipc: Node number set to 10136234 [ 495.452485][ T9298] device vlan2 entered promiscuous mode [ 495.479400][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1364'. [ 495.605067][ T9306] overlayfs: failed to clone upperpath [ 497.619940][ C0] vcan0: j1939_tp_rxtimer: 0xffff888079e25400: rx timeout, send abort [ 497.631232][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880609c8800: rx timeout, send abort [ 497.640509][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888079e25400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 498.139875][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880609c8800: abort rx timeout. Force session deactivation [ 499.386755][ T9351] loop0: detected capacity change from 0 to 1024 [ 500.353182][ T9356] gfs2: not a GFS2 filesystem [ 500.567363][ T9351] EXT4-fs (loop0): Mount option "nodioread_nolock" incompatible with ext2 [ 501.711004][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.717805][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.312599][ T9390] device syzkaller0 left promiscuous mode [ 506.584971][ T9395] netlink: 'syz.4.1390': attribute type 1 has an invalid length. [ 506.593241][ T9395] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.1390'. [ 508.397824][ T9412] xt_connbytes: Forcing CT accounting to be enabled [ 508.405961][ T9412] set match dimension is over the limit! [ 508.779849][ T9413] bridge0: port 1(bridge_slave_0) entered disabled state [ 510.196638][ T9429] x_tables: duplicate underflow at hook 1 [ 511.346893][ T9433] tipc: Enabling of bearer rejected, failed to enable media [ 513.285150][ T9461] loop0: detected capacity change from 0 to 128 [ 513.352584][ T9466] tipc: Enabling of bearer rejected, failed to enable media [ 515.847497][ T4548] attempt to access beyond end of device [ 515.847497][ T4548] loop0: rw=1, want=1041, limit=128 [ 516.320846][ T9492] IPVS: Error connecting to the multicast addr [ 522.330619][ T9541] tipc: Started in network mode [ 522.336281][ T9541] tipc: Node identity b2cbc7af670a, cluster identity 4711 [ 522.354133][ T9541] tipc: Enabled bearer , priority 0 [ 523.282554][ T9541] device syzkaller0 entered promiscuous mode [ 523.372821][ T4437] tipc: Node number set to 3586246575 [ 523.563285][ T9553] tipc: Resetting bearer [ 523.570437][ T9553] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 523.580144][ T9553] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 524.321399][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 524.332102][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 524.343814][ T9540] tipc: Resetting bearer [ 524.404551][ T9540] tipc: Disabling bearer [ 525.776243][ T9566] tipc: Enabling of bearer rejected, failed to enable media [ 529.039682][ T9616] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1449'. [ 532.931013][ T9650] xt_TCPMSS: Only works on TCP SYN packets [ 536.215224][ T9684] tipc: Enabled bearer , priority 0 [ 536.397546][ T9686] device vlan2 entered promiscuous mode [ 536.938908][ T9691] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1465'. [ 537.421615][ T9692] device syzkaller0 entered promiscuous mode [ 538.195164][ T9708] delete_channel: no stack [ 538.523022][ T9694] tipc: Resetting bearer [ 538.783919][ T9720] xt_TCPMSS: Only works on TCP SYN packets [ 540.400146][ T9724] loop2: detected capacity change from 0 to 764 [ 540.545359][ T9694] tipc: Disabling bearer [ 541.111098][ T9739] dlm: no local IP address has been set [ 541.118038][ T9739] dlm: cannot start dlm midcomms -107 [ 545.574045][ T9770] tipc: Enabled bearer , priority 0 [ 545.583201][ T9770] device syzkaller0 entered promiscuous mode [ 546.977080][ T9770] tipc: Resetting bearer [ 547.150300][ T9769] tipc: Resetting bearer [ 547.334638][ T9769] tipc: Disabling bearer [ 547.813846][ T9780] tipc: Enabling of bearer rejected, failed to enable media [ 547.958191][ T9787] tipc: Enabling of bearer rejected, failed to enable media [ 555.372009][ T9850] ip6t_srh: unknown srh invflags 4000 [ 556.864634][ T9871] ipt_REJECT: TCP_RESET invalid for non-tcp [ 562.164344][ T9903] loop2: detected capacity change from 0 to 4096 [ 562.535689][ T9903] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 562.623018][ T9903] ntfs3: loop2: Failed to load $Extend. [ 563.331638][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.346513][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 566.733448][ T9951] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 566.783162][ T9951] bridge0: port 1(bridge_slave_0) entered disabled state [ 566.847310][ T9955] device syzkaller0 entered promiscuous mode [ 568.650988][ T4230] Process accounting resumed [ 574.663671][T10018] loop0: detected capacity change from 0 to 1024 [ 581.917105][T10083] overlayfs: failed to clone upperpath [ 582.412117][T10080] tipc: Started in network mode [ 582.418606][T10080] tipc: Node identity 080211000001, cluster identity 4711 [ 582.478795][T10080] tipc: Enabled bearer , priority 0 [ 582.761124][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1563'. [ 583.856217][ T4245] tipc: Node number set to 134418688 [ 589.574577][T10138] loop0: detected capacity change from 0 to 128 [ 592.737467][ T5531] attempt to access beyond end of device [ 592.737467][ T5531] loop0: rw=1, want=1041, limit=128 [ 592.796518][T10170] bridge0: mtu less than device minimum [ 592.886862][T10170] bridge0: port 1(bridge_slave_0) entered disabled state [ 592.956059][T10170] bridge0: mtu less than device minimum [ 595.121850][T10194] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1596'. [ 596.623064][T10210] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1597'. [ 601.987119][T10244] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1608'. [ 604.263151][T10264] tipc: Enabling of bearer rejected, failed to enable media [ 613.492009][T10363] loop2: detected capacity change from 0 to 764 [ 614.819725][T10380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1644'. [ 615.384051][T10388] ax25_connect(): syz.2.1645 uses autobind, please contact jreuter@yaina.de [ 621.236019][T10438] loop0: detected capacity change from 0 to 32768 [ 623.539192][ T26] audit: type=1800 audit(1760987610.395:444): pid=10455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1660" name="file1" dev="loop0" ino=7 res=0 errno=0 [ 625.782557][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.789674][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 628.991873][T10494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1672'. [ 630.690466][T10509] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.1676'. [ 633.561942][T10532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1680'. [ 633.687117][T10536] tipc: Enabled bearer , priority 0 [ 633.728243][T10518] Cannot find del_set index 286 as target [ 633.773592][T10537] device syzkaller0 entered promiscuous mode [ 633.826964][T10536] tipc: Resetting bearer [ 634.006697][T10534] tipc: Resetting bearer [ 634.065655][T10534] tipc: Disabling bearer [ 637.757487][T10559] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1691'. [ 639.114683][T10577] xt_recent: Unsupported userspace flags (000000de) [ 639.723092][T10583] loop2: detected capacity change from 0 to 1024 [ 641.312441][ T4230] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 642.270632][ T4230] usb 1-1: Using ep0 maxpacket: 8 [ 642.471776][ T4230] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08 [ 642.648888][ T4230] usb 1-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0 [ 642.791513][ T4230] usb 1-1: Manufacturer: syz [ 642.903006][ T4230] usb 1-1: config 0 descriptor?? [ 643.042951][ T4230] usb 1-1: can't set config #0, error -71 [ 643.061328][ T4230] usb 1-1: USB disconnect, device number 7 [ 643.641262][T10625] loop2: detected capacity change from 0 to 256 [ 648.659358][T10662] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 651.491875][ T4287] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 651.686867][T10711] loop2: detected capacity change from 0 to 128 [ 651.839882][T10711] EXT4-fs (loop2): Test dummy encryption mode enabled [ 651.848791][ T4287] usb 1-1: Using ep0 maxpacket: 16 [ 652.513519][ T4287] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 652.624829][T10711] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: none. [ 652.663129][ T4287] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 652.690614][T10711] ext4 filesystem being mounted at /306/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 652.711948][ T4287] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 652.730684][ T4287] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.801739][ T4287] usb 1-1: config 0 descriptor?? [ 653.918730][ T4287] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 653.949409][ T4287] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 653.979946][ T4287] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 654.051426][ T4287] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 654.087884][ T4287] mcp2221 0003:04D8:00DD.0003: unknown main item tag 0x0 [ 655.082685][ T4287] mcp2221 0003:04D8:00DD.0003: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 658.190305][ T4287] usb 1-1: USB disconnect, device number 8 [ 664.278666][T10805] loop2: detected capacity change from 0 to 1024 [ 664.999213][T10805] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none. [ 665.017804][T10805] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 665.395886][T10820] EXT4-fs error (device loop2): ext4_map_blocks:739: inode #15: block 3: comm syz.2.1757: lblock 3 mapped to illegal pblock 3 (length 3) [ 665.548839][T10820] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 665.564311][T10820] EXT4-fs (loop2): This should not happen!! Data will be lost [ 665.564311][T10820] [ 666.693826][ T9] EXT4-fs error (device loop2): ext4_map_blocks:739: inode #15: block 8: comm kworker/u4:0: lblock 8 mapped to illegal pblock 8 (length 8) [ 666.874024][ T9] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 666.934619][ T9] EXT4-fs (loop2): This should not happen!! Data will be lost [ 666.934619][ T9] [ 667.333623][T10827] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1762'. [ 668.368031][T10842] loop0: detected capacity change from 0 to 4096 [ 669.248393][T10868] loop2: detected capacity change from 0 to 256 [ 669.415419][T10868] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 672.522946][T10910] xt_SECMARK: invalid mode: 2 [ 676.685920][T10947] tipc: Enabling of bearer rejected, failed to enable media [ 677.781755][T10943] gfs2: gfs2 mount does not exist [ 685.338785][T11013] loop0: detected capacity change from 0 to 1024 [ 686.086419][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.112038][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.170588][ T4445] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 686.541830][T11034] loop0: detected capacity change from 0 to 128 [ 687.526075][T11037] netlink: 'syz.3.1818': attribute type 10 has an invalid length. [ 687.547576][T11034] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 687.600288][T11037] device netdevsim0 left promiscuous mode [ 687.612273][T11034] ext4 filesystem being mounted at /324/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 687.653667][T11037] bridge0: port 3(netdevsim0) entered disabled state [ 687.667072][T11046] loop2: detected capacity change from 0 to 256 [ 687.812227][T11037] team0: Port device netdevsim0 added [ 687.868983][T11054] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 687.950717][ T4445] usb 3-1: device not accepting address 7, error -71 [ 689.153814][T11060] delete_channel: no stack [ 689.564107][T11077] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 697.513974][T11115] loop0: detected capacity change from 0 to 256 [ 704.308713][T11164] loop0: detected capacity change from 0 to 256 [ 705.360458][T11162] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 705.581132][T11162] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 705.592210][T11187] loop2: detected capacity change from 0 to 256 [ 705.975938][T11162] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 706.249395][ T26] audit: type=1800 audit(1760987698.147:445): pid=11162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1854" name="file1" dev="loop0" ino=1048609 res=0 errno=0 [ 706.515750][T11162] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 706.536393][T11194] tipc: Enabling of bearer rejected, failed to enable media [ 710.559040][T11228] loop0: detected capacity change from 0 to 64 [ 712.053535][T11236] loop2: detected capacity change from 0 to 256 [ 713.786527][T11260] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 720.063828][T11313] loop2: detected capacity change from 0 to 256 [ 725.787602][T11360] netlink: 'syz.3.1902': attribute type 10 has an invalid length. [ 732.535079][T11444] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1926'. [ 732.600016][T11444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1926'. [ 732.929794][T11455] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1928'. [ 735.831980][T11482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1936'. [ 735.922550][T11487] loop0: detected capacity change from 0 to 1024 [ 735.979785][T11487] EXT4-fs (loop0): Ignoring removed bh option [ 736.027779][T11487] EXT4-fs (loop0): inline encryption not supported [ 737.068336][T11487] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 738.996951][T11487] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 2: comm syz.0.1938: lblock 2 mapped to illegal pblock 2 (length 1) [ 739.119308][T11487] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 739.131836][T11487] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 48: comm syz.0.1938: lblock 0 mapped to illegal pblock 48 (length 1) [ 739.160030][T11487] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 739.362473][T11487] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.1938: Failed to acquire dquot type 0 [ 739.392128][T11487] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 740.996460][T11487] EXT4-fs error (device loop0): ext4_evict_inode:282: inode #11: comm syz.0.1938: mark_inode_dirty error [ 741.032214][T11487] EXT4-fs warning (device loop0): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 741.062313][T11487] EXT4-fs (loop0): 1 orphan inode deleted [ 741.068121][T11487] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x00000000000008c9,debug,inlinecrypt,,errors=continue. Quota mode: writeback. [ 741.091403][ T8057] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:25: lblock 1 mapped to illegal pblock 1 (length 1) [ 741.175833][ T8057] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 741.300710][ T8057] EXT4-fs error (device loop0): ext4_release_dquot:6245: comm kworker/u4:25: Failed to release dquot type 0 [ 741.675464][ T4185] EXT4-fs error (device loop0): __ext4_get_inode_loc:4327: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 741.743274][ T4185] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5842: Corrupt filesystem [ 742.250880][ T4185] EXT4-fs error (device loop0): ext4_quota_off:6515: inode #3: comm syz-executor: mark_inode_dirty error [ 745.122296][ T5527] divide error: 0000 [#1] PREEMPT SMP KASAN [ 745.128697][ T5527] CPU: 1 PID: 5527 Comm: kworker/u4:19 Not tainted syzkaller #0 [ 745.136891][ T5527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 745.148503][ T5527] Workqueue: phy10 ieee80211_scan_work [ 745.154817][ T5527] RIP: 0010:mac80211_hwsim_bss_info_changed+0x3d6/0xea0 [ 745.162323][ T5527] Code: 00 4d 03 34 24 42 80 3c 2b 00 4c 8b 64 24 18 74 0e 48 89 fb 4c 89 e7 e8 68 60 16 fc 48 89 df 49 8b 0c 24 89 ce 4c 89 f0 31 d2 <48> f7 f6 29 d1 48 69 f1 e8 03 00 00 31 d2 b9 05 00 00 00 e8 f2 ae [ 745.184108][ T5527] RSP: 0018:ffffc900033bf920 EFLAGS: 00010246 [ 745.190573][ T5527] RAX: 0006419be8852d33 RBX: 1ffff1100bb0bdf8 RCX: 0000000000000000 [ 745.199838][ T5527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805d85f060 [ 745.208826][ T5527] RBP: ffffc900033bf9f0 R08: dffffc0000000000 R09: fffffbfff1ff7a26 [ 745.217625][ T5527] R10: fffffbfff1ff7a26 R11: 1ffffffff1ff7a25 R12: ffff88805d85efc0 [ 745.226104][ T5527] R13: dffffc0000000000 R14: 0006419be8852d33 R15: 0000000000000200 [ 745.234467][ T5527] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 745.245427][ T5527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 745.252859][ T5527] CR2: 000000110c4269f3 CR3: 000000007c4d7000 CR4: 00000000003506e0 [ 745.261043][ T5527] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083 [ 745.269245][ T5527] DR3: ffffffffefffff15 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 745.277265][ T5527] Call Trace: [ 745.280570][ T5527] [ 745.283985][ T5527] ? mac80211_hwsim_config+0xaa0/0xaa0 [ 745.289655][ T5527] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 745.296039][ T5527] ? mac80211_hwsim_config+0xaa0/0xaa0 [ 745.302321][ T5527] ieee80211_bss_info_change_notify+0x307/0x550 [ 745.309231][ T5527] ieee80211_offchannel_return+0x314/0x450 [ 745.315455][ T5527] ? mac80211_hwsim_sw_scan+0x160/0x160 [ 745.321557][ T5527] __ieee80211_scan_completed+0x64f/0x9b0 [ 745.328124][ T5527] ieee80211_scan_work+0xda/0x1b40 [ 745.333680][ T5527] process_one_work+0x863/0x1000 [ 745.339499][ T5527] ? worker_detach_from_pool+0x240/0x240 [ 745.346392][ T5527] ? lockdep_hardirqs_off+0x70/0x100 [ 745.353395][ T5527] ? _raw_spin_lock_irq+0xab/0xe0 [ 745.360549][ T5527] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 745.366427][ T5527] ? wq_worker_running+0x97/0x170 [ 745.372089][ T5527] worker_thread+0xaa8/0x12a0 [ 745.376924][ T5527] kthread+0x436/0x520 [ 745.381226][ T5527] ? rcu_lock_release+0x20/0x20 [ 745.386966][ T5527] ? kthread_blkcg+0xd0/0xd0 [ 745.392643][ T5527] ret_from_fork+0x1f/0x30 [ 745.399461][ T5527] [ 745.403663][ T5527] Modules linked in: [ 746.134725][ T5527] ---[ end trace afd1b2425cb27df2 ]--- [ 746.140264][ T5527] RIP: 0010:mac80211_hwsim_bss_info_changed+0x3d6/0xea0 [ 746.147439][ T5527] Code: 00 4d 03 34 24 42 80 3c 2b 00 4c 8b 64 24 18 74 0e 48 89 fb 4c 89 e7 e8 68 60 16 fc 48 89 df 49 8b 0c 24 89 ce 4c 89 f0 31 d2 <48> f7 f6 29 d1 48 69 f1 e8 03 00 00 31 d2 b9 05 00 00 00 e8 f2 ae [ 746.171548][ T5527] RSP: 0018:ffffc900033bf920 EFLAGS: 00010246 [ 746.186169][ T5527] RAX: 0006419be8852d33 RBX: 1ffff1100bb0bdf8 RCX: 0000000000000000 [ 746.195182][ T5527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88805d85f060 [ 746.204225][ T5527] RBP: ffffc900033bf9f0 R08: dffffc0000000000 R09: fffffbfff1ff7a26 [ 746.218547][ T5527] R10: fffffbfff1ff7a26 R11: 1ffffffff1ff7a25 R12: ffff88805d85efc0 [ 746.229891][ T5527] R13: dffffc0000000000 R14: 0006419be8852d33 R15: 0000000000000200 [ 746.241155][ T5527] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000 [ 746.253364][ T5527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 746.260957][ T5527] CR2: 00007fdd69d532f8 CR3: 0000000062651000 CR4: 00000000003506e0 [ 746.269617][ T5527] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000083 [ 746.278515][ T5527] DR3: ffffffffefffff15 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 746.287284][ T5527] Kernel panic - not syncing: Fatal exception [ 746.294156][ T5527] Kernel Offset: disabled [ 746.298642][ T5527] Rebooting in 86400 seconds..