last executing test programs: 7m34.935757767s ago: executing program 3 (id=461): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) write$dsp(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000002c0)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x4, 0x0, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x1, 0x3a, 0x28, 0x64, 0x0, 0xa, 0x6, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote}, {{0x4e23, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x80, 0x3, 0x0, 0x8}}}}, 0x36) 7m32.632977214s ago: executing program 3 (id=469): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000300)={0x20000002}) epoll_pwait2(r1, &(0x7f00000001c0)=[{}], 0x1, 0x0, 0x0, 0x0) epoll_pwait(r1, &(0x7f00000002c0)=[{}], 0x1, 0xfffffffe, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r2 = io_uring_setup(0x406, &(0x7f0000000040)={0x0, 0xc8a0, 0xc000, 0x8, 0xc1}) writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000180)={0x800001f}) 7m30.880531843s ago: executing program 3 (id=476): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000240)=0x15) openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0) socket$rxrpc(0x21, 0x2, 0xa) ioctl$SNDCTL_DSP_GETFMTS(0xffffffffffffffff, 0x8004500b, &(0x7f00000000c0)=0xc00) syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x2000c53, &(0x7f0000000300)=ANY=[@ANYBLOB="6d61703d6f66662c73686f776173736f632c756e686964652c696f636861727365743d6d616363726f617469616e6cd569643d", @ANYRESHEX=0x0, @ANYRESOCT, @ANYRES32, @ANYRES8], 0x0, 0xa00, &(0x7f0000000dc0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==") 7m28.3299113s ago: executing program 3 (id=480): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r1 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg(r1, &(0x7f0000000380)=[{{&(0x7f0000000080)=@in={0x2, 0x4e24, @local}, 0x80, 0x0, 0x0, &(0x7f00000017c0)=[{0x10, 0x104, 0x6}, {0x10, 0x11, 0x2}], 0x20}}], 0x1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file3\x00', 0x1c0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0xa500014c) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file0/file3\x00', 0xd0000080) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00') read$FUSE(r2, &(0x7f0000000580)={0x2020}, 0x2020) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1c0) r4 = open$dir(&(0x7f0000000000)='./file1\x00', 0x500, 0x1a2) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r4, 0x800c6613, &(0x7f0000000080)=@v1={0x0, @aes128, 0x3, @desc3}) add_key$fscrypt_v1(&(0x7f0000000140), &(0x7f0000000180)={'fscrypt:', @desc3}, &(0x7f00000001c0)={0x0, "f05dc0057f016134671cd397d7a8951548e73425c46f4d31eabd5d4386ad4f726cbaf6e432afea727f71df874bcbb9f99c19a6a808b6b709d63243f5db10eeb3", 0x18}, 0x48, r3) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file4\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x4) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, 0x0}}], 0x1, 0x34000811) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000640)=ANY=[@ANYBLOB="12e01b398adda16e"], 0x1000f) 7m27.791327284s ago: executing program 3 (id=484): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0), 0x50) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80}, 0x0) syz_open_dev$vim2m(&(0x7f0000000040), 0xfffffd, 0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x60f}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8003, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") 7m25.351591046s ago: executing program 3 (id=488): move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000) mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0xf000, 0x3, &(0x7f0000009000/0xf000)=nil) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000ff7000/0x7000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f000000f000/0x3000)=nil, &(0x7f000000d000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') munmap(&(0x7f000000e000/0x3000)=nil, 0x3000) preadv(r0, &(0x7f0000001200)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x9, 0x6a76) 7m9.149962347s ago: executing program 32 (id=488): move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000) mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0xf000, 0x3, &(0x7f0000009000/0xf000)=nil) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000ff7000/0x7000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f000000f000/0x3000)=nil, &(0x7f000000d000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') munmap(&(0x7f000000e000/0x3000)=nil, 0x3000) preadv(r0, &(0x7f0000001200)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x9, 0x6a76) 3m39.575471189s ago: executing program 6 (id=1239): signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x7fffffff]}, 0x8) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001400)={'batadv_slave_1\x00'}) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r1 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0xfffffffe, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000200)=0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a64", 0x16, 0xebec93e830f96115}) io_uring_enter(r1, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0) r8 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) unshare(0x2c020400) shutdown(r7, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, 0xffffffffffffffff, 0x0) 3m38.182788463s ago: executing program 6 (id=1244): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x18}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000000140), &(0x7f0000000300)) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 3m33.814047839s ago: executing program 6 (id=1247): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000fb0100000000000080000000850000002c00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000010001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 3m33.504295441s ago: executing program 6 (id=1248): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x141, 0x30, 0xf5, 0x69, 0x20, 0x5ac, 0x219, 0xf072, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x55, 0x7, 0x1, 0x3, 0x49, 0x2, 0x0, [], [{{0x9, 0x5, 0x82, 0x3, 0x400, 0x0, 0x33, 0x81}}]}}]}}]}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f0000000180)={0x40, 0xc, 0x8, "61bcc4b3b6ade544"}, 0x0, 0x0}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x40, &(0x7f00000000c0)=ANY=[]) syz_usb_control_io(r0, 0x0, 0x0) 3m26.852504237s ago: executing program 6 (id=1255): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000f1fffff18500000017000000bf91000000000000b7020000020000008500000085000000b700000000001bfc95"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 3m26.499701869s ago: executing program 6 (id=1257): r0 = socket$inet(0x2, 0x2, 0xfffffffd) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10) rt_sigprocmask(0x2, &(0x7f0000000080)={[0xffffffffffffffff]}, 0x0, 0x8) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000740)='./file0\x00', 0x800, &(0x7f00000006c0)=ANY=[], 0x5, 0x7fd, &(0x7f0000000840)="$eJzs3U1oHPfZAPBnZMmRlfc1Ie+LX2NsZ+LkBRscZSU7CiKFZLMayZOsdsXuKtiEkphaDsZyE+IGah/q+JLS0hJ66jHJoZf2VHppKbTQHtpTob32Fgj0kLS0t5aAyszs2pL14S/FNunvJ6z5eub/f+av9TwaSTMbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAkjZlabSKJZt5aPJlurjHTac9vsX3Q3q/XTLboNyIp/sXoaOytVu393+ub9xSfDsX+aml/jBaT0bj88J5Hnvuf4aHB/lsktN2GN1p58dLl86eXl5fevpUWRrY9p+3y3V+uWfzRWNziyM5lrbzbzufrc1mad9vp9NRU7ekTs910Nm9m3VPdXjafNjpZvdfupIcbR9KJ6eljaTZ+qr3YmpupN7N0uFr57FOTtdpU+tL4QlbvdNutp18a7zZO5M1m3pordyw2FzHPFi/El/Ne2svq82l69tzy0rG1Ke1al2QRNLFmzecrq5f2P/nIJ+98/I9zS5M3O9zJ2uTkxMTk5MRUEhG12vD1Fc9MP/NsrTZcu0Gsi7inL1oeQNt8Boc7N9Sv/9GMPFqxGCcj3fCjETPRiXbMx/UX8OrtfYP6//9P//UPW/X7/qr6X1X5of17r2/eF2X9P1gtHdys/ld973xok5y/qI/SV4pPF+NSXI7zcTqWYzmW4u0vpL9k+9oa2t7M5iKLVuTRjXbkMR/1ck3aX5PGdEzFVNTitTgRs9GNNGYjj2Zk0Y1T0Y1eZOUrqhGdyKIevWhHJ9I4HI04EmlMxHRMx7FII4vxOBXtWIxWzMVM1MtWzsa5ctyP3ZDXnm+9/os3/vjJB+VXaxA0sdUQvxtRBv19i6B1xVz957ZFxG+37wQOd2FlUP8BAACAL62k/Ol7cf0/EgfKudm8mb26JubVz27ca7j49O49TBMAAAC4C+Vv/vdHUs3EgUiK6//a2qCfjJSTh+5DfgAAAMDdS8p77IqL/7F4rJob3C5Vu9+5AQAAANuj/LX/wWIyFnGlXOH6HwAAAL5kXvlZf+bGZ+x/PHjG7tDCQ8mv/hadzkhy/MOTTyYX6kVc/cKOar/+5JVrLfZm9w3uJqjamhq+/HCxPNzI9ieDBwV/3r+ZoHq0wL7ha7uvzeOFXdXaJEmKBK4ubJpArElgd/8oriVQLsX34vEq5vEz1fTMYEt1tGOzeTMbb7Sbz01Evb57qJed7L3z9XPfjPLwv9Oa353E2XPLS+Nfe3P5TJnL1aKVqxf6x7vuOYpb5LIyuJ3iwPqnGxdNjZQ3YvT7Hav6ra0+/qGLu4uZoRvHYIs+34tD/1XGHBqrYsfWHv9o0efE+GZHP1Yd38S6Ix9e/8KqsjjVXyqyuHb7yHvxRDXzxOEnqskGWUxulUUxFpOrs6jGLIZuY/w3ySIeiYgPHr9y8sBoRHbsZlkcu8ssAO6Xs+VTf4oqVJ2eqyr0r5VKUf87nZGdsabuVDvc6lkuKXu5yTv5jBSn/luq7v9c2eKMfriKOVx9PzG8b4O6UtvgjP7Wubd+1z+jH//xDz/86sHf//SO6/roIGTXYObR3zw8FGUWu/pZXO5v6Ywk379WSaqq+lGx/qNN++02J5NiCHd848JbsefipctPnbtw+o2lN5Z2RsRU7Xit9kyS9L94K+V3DGoPABs4FAerQr7pe+xs8i485TcAZURyfKur6h2RPHrtTwqKmvhmLMeZOFrebRARj23c79iqP0M4Gof6yW581Tq26h1ejm50VXclrsUWdbKKndw4dsN2j60asf/7wRf59QCAe+HQTerwpvX/ekRy9CbX3Wtr+ZEq9sggg81reUQ8f29HAwD+M2Sdz5Kx3reTTidfeG1ienqi3juRpZ124+W0k8/MZWne6mWdGK635rJ0odPutRvtZjHzSj6TddPu4sJCu9NLZ9uddKHdzU+W7/ye9t/6vZvN11u9vNFdaGb1bpY22q1evdFLZ/JuI11YfLGZd09knXLn7kLWyGfzRr2Xt1tpt73YaWTjadrNslWB+UzW6uWzeTHbShc6+Xy9czUimovzWTqTdRudfKHXrhoc9JW3Ztud+bLZv+y+36MNAA+Gi5cunz+9vLz09p3N/PlWgjfvfXTkXh4rAFC5XqU//e8bt/nhOwAAAAAAAAAAAAAAPBju8v6/9TO7trfB0a1iVq5ErN+UrKys3EYXu+ImMTurkdoR2ztQ92Tm6ra0MxQbjfODM5Nsvun1558/v9nuL17Ze+LWurjp/5ThiOjf6vrupzt//n616YU7Opyh29/rTxFxB32tJFvE3OcTEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs4N8BAAD//2uxZPA=") r1 = gettid() getpid() r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000) read$FUSE(r2, &(0x7f000000a4c0)={0x2020}, 0xa5) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000002200)=0x1) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) 3m10.865449115s ago: executing program 33 (id=1257): r0 = socket$inet(0x2, 0x2, 0xfffffffd) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10) rt_sigprocmask(0x2, &(0x7f0000000080)={[0xffffffffffffffff]}, 0x0, 0x8) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000740)='./file0\x00', 0x800, &(0x7f00000006c0)=ANY=[], 0x5, 0x7fd, &(0x7f0000000840)="$eJzs3U1oHPfZAPBnZMmRlfc1Ie+LX2NsZ+LkBRscZSU7CiKFZLMayZOsdsXuKtiEkphaDsZyE+IGah/q+JLS0hJ66jHJoZf2VHppKbTQHtpTob32Fgj0kLS0t5aAyszs2pL14S/FNunvJ6z5eub/f+av9TwaSTMbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAkjZlabSKJZt5aPJlurjHTac9vsX3Q3q/XTLboNyIp/sXoaOytVu393+ub9xSfDsX+aml/jBaT0bj88J5Hnvuf4aHB/lsktN2GN1p58dLl86eXl5fevpUWRrY9p+3y3V+uWfzRWNziyM5lrbzbzufrc1mad9vp9NRU7ekTs910Nm9m3VPdXjafNjpZvdfupIcbR9KJ6eljaTZ+qr3YmpupN7N0uFr57FOTtdpU+tL4QlbvdNutp18a7zZO5M1m3pordyw2FzHPFi/El/Ne2svq82l69tzy0rG1Ke1al2QRNLFmzecrq5f2P/nIJ+98/I9zS5M3O9zJ2uTkxMTk5MRUEhG12vD1Fc9MP/NsrTZcu0Gsi7inL1oeQNt8Boc7N9Sv/9GMPFqxGCcj3fCjETPRiXbMx/UX8OrtfYP6//9P//UPW/X7/qr6X1X5of17r2/eF2X9P1gtHdys/ld973xok5y/qI/SV4pPF+NSXI7zcTqWYzmW4u0vpL9k+9oa2t7M5iKLVuTRjXbkMR/1ck3aX5PGdEzFVNTitTgRs9GNNGYjj2Zk0Y1T0Y1eZOUrqhGdyKIevWhHJ9I4HI04EmlMxHRMx7FII4vxOBXtWIxWzMVM1MtWzsa5ctyP3ZDXnm+9/os3/vjJB+VXaxA0sdUQvxtRBv19i6B1xVz957ZFxG+37wQOd2FlUP8BAACAL62k/Ol7cf0/EgfKudm8mb26JubVz27ca7j49O49TBMAAAC4C+Vv/vdHUs3EgUiK6//a2qCfjJSTh+5DfgAAAMDdS8p77IqL/7F4rJob3C5Vu9+5AQAAANuj/LX/wWIyFnGlXOH6HwAAAL5kXvlZf+bGZ+x/PHjG7tDCQ8mv/hadzkhy/MOTTyYX6kVc/cKOar/+5JVrLfZm9w3uJqjamhq+/HCxPNzI9ieDBwV/3r+ZoHq0wL7ha7uvzeOFXdXaJEmKBK4ubJpArElgd/8oriVQLsX34vEq5vEz1fTMYEt1tGOzeTMbb7Sbz01Evb57qJed7L3z9XPfjPLwv9Oa353E2XPLS+Nfe3P5TJnL1aKVqxf6x7vuOYpb5LIyuJ3iwPqnGxdNjZQ3YvT7Hav6ra0+/qGLu4uZoRvHYIs+34tD/1XGHBqrYsfWHv9o0efE+GZHP1Yd38S6Ix9e/8KqsjjVXyqyuHb7yHvxRDXzxOEnqskGWUxulUUxFpOrs6jGLIZuY/w3ySIeiYgPHr9y8sBoRHbsZlkcu8ssAO6Xs+VTf4oqVJ2eqyr0r5VKUf87nZGdsabuVDvc6lkuKXu5yTv5jBSn/luq7v9c2eKMfriKOVx9PzG8b4O6UtvgjP7Wubd+1z+jH//xDz/86sHf//SO6/roIGTXYObR3zw8FGUWu/pZXO5v6Ywk379WSaqq+lGx/qNN++02J5NiCHd848JbsefipctPnbtw+o2lN5Z2RsRU7Xit9kyS9L94K+V3DGoPABs4FAerQr7pe+xs8i485TcAZURyfKur6h2RPHrtTwqKmvhmLMeZOFrebRARj23c79iqP0M4Gof6yW581Tq26h1ejm50VXclrsUWdbKKndw4dsN2j60asf/7wRf59QCAe+HQTerwpvX/ekRy9CbX3Wtr+ZEq9sggg81reUQ8f29HAwD+M2Sdz5Kx3reTTidfeG1ienqi3juRpZ124+W0k8/MZWne6mWdGK635rJ0odPutRvtZjHzSj6TddPu4sJCu9NLZ9uddKHdzU+W7/ye9t/6vZvN11u9vNFdaGb1bpY22q1evdFLZ/JuI11YfLGZd09knXLn7kLWyGfzRr2Xt1tpt73YaWTjadrNslWB+UzW6uWzeTHbShc6+Xy9czUimovzWTqTdRudfKHXrhoc9JW3Ztud+bLZv+y+36MNAA+Gi5cunz+9vLz09p3N/PlWgjfvfXTkXh4rAFC5XqU//e8bt/nhOwAAAAAAAAAAAAAAPBju8v6/9TO7trfB0a1iVq5ErN+UrKys3EYXu+ImMTurkdoR2ztQ92Tm6ra0MxQbjfODM5Nsvun1558/v9nuL17Ze+LWurjp/5ThiOjf6vrupzt//n616YU7Opyh29/rTxFxB32tJFvE3OcTEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs4N8BAAD//2uxZPA=") r1 = gettid() getpid() r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000) read$FUSE(r2, &(0x7f000000a4c0)={0x2020}, 0xa5) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(r1, 0x1, &(0x7f0000002200)=0x1) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) 2m21.117372285s ago: executing program 7 (id=1400): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @loopback, 0x2}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) bind$inet6(r2, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) bind$inet6(r3, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r4 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @mcast1, 0x5}, 0x1c) r5 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r5, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x6}, 0x1c) r6 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r6, &(0x7f0000000000)={0xa, 0xe20, 0x0, @empty}, 0x1c) r7 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000080)=0x5, 0x4) bind$inet6(r7, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) r8 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r8, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r9 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r9, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast2, 0x2}, 0x1c) r10 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r10, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) bind$inet6(r10, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) bind$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @loopback, 0x5}, 0x65) 2m20.623021255s ago: executing program 7 (id=1403): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0), 0x50) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80}, 0x0) syz_open_dev$vim2m(&(0x7f0000000040), 0xfffffd, 0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x60f}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8003, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") 2m18.147760545s ago: executing program 7 (id=1406): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) io_uring_enter(0xffffffffffffffff, 0x847be, 0xdbff, 0x48, 0x0, 0x43) io_uring_register$IORING_REGISTER_PBUF_STATUS(0xffffffffffffffff, 0x1a, 0x0, 0x1) r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000000)='cpu.stat\x00', 0x300, 0x0) read$FUSE(r5, &(0x7f0000000480)={0x2020}, 0x2020) 2m16.746541842s ago: executing program 7 (id=1408): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x0, 0x0}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40102, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0x1, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x21021, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000805}, 0x4000000) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000400)=""/148, &(0x7f00000004c0)=""/198}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000000)) r2 = dup(r1) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)={0x0, r2}) 2m16.198285359s ago: executing program 7 (id=1411): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) 2m14.593006785s ago: executing program 7 (id=1412): signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x7fffffff]}, 0x8) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001400)={'batadv_slave_1\x00'}) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r1 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0xfffffffe, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000200)=0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a645f85b19ba9030648cd046d1f26aad019", 0x26, 0xebec93e830f96115}) io_uring_enter(r1, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0) r8 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) unshare(0x2c020400) shutdown(r7, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, 0xffffffffffffffff, 0x0) 2m5.751373536s ago: executing program 2 (id=1436): openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x581d80, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00') r4 = open_tree(r3, &(0x7f0000000640)='\x00', 0x89901) statx(r4, &(0x7f0000000100)='.\x00', 0x0, 0xffff4a9c0080ffff, &(0x7f0000000240)) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r5, &(0x7f0000000080), 0x0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10043, 0x0) close(0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b15, &(0x7f0000000000)={'wlan1\x00', @remote}) 2m4.615674273s ago: executing program 2 (id=1440): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) 2m1.109912086s ago: executing program 2 (id=1441): close(0x3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) pipe2$watch_queue(0x0, 0x80) landlock_restrict_self(0xffffffffffffffff, 0x1) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2060, 0x0) fcntl$setlease(r3, 0x400, 0x0) fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000040), 0x0, 0x0, 0x0) fremovexattr(r3, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00') 1m58.456575033s ago: executing program 34 (id=1412): signalfd(0xffffffffffffffff, &(0x7f0000000040)={[0x7fffffff]}, 0x8) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001400)={'batadv_slave_1\x00'}) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r1 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0xfffffffe, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000200)=0x0) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a645f85b19ba9030648cd046d1f26aad019", 0x26, 0xebec93e830f96115}) io_uring_enter(r1, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0) r8 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) unshare(0x2c020400) shutdown(r7, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, 0xffffffffffffffff, 0x0) 1m52.006598193s ago: executing program 2 (id=1456): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x800714, &(0x7f0000000000), 0xff, 0x4a7, &(0x7f0000000280)="$eJzs3M9rHFUcAPDv7OZHfyfWWm1tdbWKxR9Jk1btwYOKggcFQQ/1GJO01mwbaSLYEjQVqUcpeBePgn+BNy+iHkTwquBRCkWD0NRTZHZm2s1mkyZpkm2znw9s9r35se99Z+btvpmXmQDaViX9k0TsiIjfI6Iny85foJK9zc5MDV+fmRpOYm7urb+T2nLXZqaGi0WL9bbnmcOliNJnSbyYLCx34vyFsaFqdfRcnu+fPPNB/8T5C8+cPjN0avTU6NnB48ePHR14/rnBZ9ckzjSua/s/Hj+w77V3Lr8xfOLyuz99m1Zr78Fsfn0ct3S9SUBNVNKt9s9cTeO8x1dQ97vBzrp00tHCirAi5YhId1dnrf33RDlu7ryeePXTllYOWFfpb1P34rOn54BNLIlW1wBojeKHPj3/LV4b1PW4I1x9KaIrT8/OTA3P3oi/I0r59M51LL8SESem//sqfcVKr0MAAKxCrW/zdLP+Xyn21t6zsY5d+RhKb0TcExG7I+LeiNgTEfdF1Ja9PyIeyFae61lm+ZWG/ML+T+lK0zqvkbT/90Jd32+2Lv78rbec53bW4u9MTp6ujh7Jt8nh6OxO8wNLlPH9K799sdi8+v5f+krLL/qCeQWudDRcoBsZmhxaq41w9WLE/o5m8Sc3RgLSI2BfROxf2UfvKhKnn/zmwGIL3Tr+JazBONPc1xFPZPt/OhriLyRLj0/2b4nq6JH+4qhY6OdfL72ZJ7sa591W/Gsg3f/b5h//+ZyL+XvPv0k2XtsZ1erouYmVl3Hpj88XPadZ7fHflbxdG7P+5b1s2kdDk5PnBiK6ktdr+WJD16YP3ly3yBfLp/EfPtS8/e/O10njfzAi0oP4YEQ8FBEP53V/JCIejYhDS8T/48uPvb9E/Ekk0dL9P9L0++/G8d+b1I/XryJRHvvhu/zTtiyMv5i01P4/FtO179pM7fvvFpZbwdvcfAAAAHBXKEXEjkhKfVm6siNKpb6+7H/498S2UnV8YvKpk+Mfnh3J7hHojc5ScaWrp+566EAynX9ilh/MrxUX84/m142/LG+t5fuGx6sjLY4d2t32+e0/ivaf+qvc6toB6879WtC+Gtt/qUX1ADbecn7/nQvA5tSk/W9tRT2Ajef8H9pXs/b/SUNe/x82p4Xt/88mj6wDNiP9f2hf2j+0L+0f2tJy7+LviojuiFj1QwDmJYqbBVa6evFFdWFsy7Lv8L/zEpV1+eTiiRfrWfmtcXNKlO6IjbmBifJYd8tKT1vMxhba5GE1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAd6H/AwAA///g6dxC") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1b5cb000) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r5, 0x4b72, 0x0) write(r0, &(0x7f0000000180)="7e7226ce9b4d692092ffa2b579f0ff5793012c9738a9be19ff3e69a683a0a1bbace0dc3853c661a4e1019e7a1f3af60350126cb99c5f3ace6f5616c00e0fb30b2832398fed6233b8632a001dd0a846cbb8a5d77e3208db486b055edb6ae7917f07ccf4b6811be57047aa17799359e733ec395940d1feb7a9ec2ddadb1ff61070c9c00f9db8e47f74a5271fa77b6e692e6ac97aaae883e5522f8e86c2403aec0ff8dee1cba5d40f0969470b9a2a95f6f22f9d4250809400ea8403a6540948", 0xfffffec6) 1m50.500433343s ago: executing program 2 (id=1459): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r1}, 0x18) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read(r4, &(0x7f0000000040)=""/148, 0xffffff96) 1m46.740299111s ago: executing program 2 (id=1465): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) 1m45.960865119s ago: executing program 35 (id=1465): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) 24.753143612s ago: executing program 5 (id=1609): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{}, 0x0, &(0x7f00000003c0)='%ps \x00'}, 0x20) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(r0, 0xe, &(0x7f0000000140)={0x5, 0x6}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$set_reqkey_keyring(0xf, 0xfffffffb) socket$l2tp(0x2, 0x2, 0x73) r3 = socket(0x2c, 0x3, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) getsockopt(0xffffffffffffffff, 0x200000000114, 0x2714, 0x0, &(0x7f0000000000)) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 21.184280441s ago: executing program 5 (id=1615): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0xc8300, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, 0x0) ioctl$SW_SYNC_IOC_INC(r5, 0x40045701, 0x0) bind$inet(r0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x29, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x40000, &(0x7f0000000000)={0x2, 0x4e22, @rand_addr=0x64010100}, 0x10) sendto$inet(r0, &(0x7f0000000340)="76e6ef824edc69dbcead9a2600230de45909b92408ab49183c809e5d44cfdc477e2db5549c4af02f9c1f6bc56a7b54e6d7e1c41230e4b5317479ece188736a832a7b24afbabf2811a6082de91c8f30f3796a5e11d0ebc20f74e9e74bc0c532243f7065c2ed040679a081fe62a239c236457a0d96adafb0eeab3970ae3dbddf289fa0882f820100000043a47e6c7f", 0x8e, 0x4040, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000fed000/0x1000)=nil, 0x0, 0x36}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r6 = io_uring_setup(0x1ed0, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0x2c, 0xa0002f5}) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4) io_uring_enter(r6, 0x2219, 0x7721, 0x16, 0x0, 0x0) 18.731577948s ago: executing program 5 (id=1617): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) ioprio_get$pid(0x3, 0x0) 13.23151785s ago: executing program 5 (id=1626): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{}, 0x0, &(0x7f00000003c0)='%ps \x00'}, 0x20) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(r0, 0xe, &(0x7f0000000140)={0x5, 0x6}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$set_reqkey_keyring(0xf, 0xfffffffb) socket$l2tp(0x2, 0x2, 0x73) r3 = socket(0x2c, 0x3, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) getsockopt(0xffffffffffffffff, 0x200000000114, 0x2714, 0x0, &(0x7f0000000000)) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 12.995477034s ago: executing program 4 (id=1629): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x200000, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}, {@allow_other}, {@default_permissions}, {@default_permissions}, {@allow_other}, {@max_read={'max_read', 0x3d, 0x400}}], [{@hash}]}}, 0x0, 0x0, 0x0) 12.071384141s ago: executing program 0 (id=1630): syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_LE_SET_ADV_SET_RAND_ADDR={{0x96}, 0xa}}}, 0x7) 10.347557856s ago: executing program 1 (id=1631): preadv(0xffffffffffffffff, 0x0, 0x0, 0x5, 0x7) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x10, 0x803, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000008fc0)=@newtfilter={0x3c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x5}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}, @TCA_RATE={0x6, 0x5, {0x2, 0xe}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x24040084) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x3}, 0x4) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x6}, 0x4) ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000100)={0xa, 0x7, 0x3, 0x6, 0x3}) 10.273181868s ago: executing program 4 (id=1632): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet(0x2, 0x1, 0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ptrace$getenv(0x4201, r0, 0x4, 0x0) mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000580000/0x4000)=nil) socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000040)={0x4, 0x5}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x1f, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, [@call={0x85, 0x0, 0x0, 0x25}]}, 0x0, 0x3, 0x0, 0x0, 0x41000, 0x10}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8) tkill(0x0, 0x14) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f00000001c0)={&(0x7f0000000180)={[0x800]}, 0x8}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) 10.048751957s ago: executing program 0 (id=1633): r0 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) pwritev(r1, &(0x7f0000000300)=[{&(0x7f0000000040)="0e0e", 0x2}], 0x1, 0x7c58fc9b, 0xc) 9.039627178s ago: executing program 1 (id=1634): socket(0x10, 0x3, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x20040084) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x4, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0xba48, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r9, {0x4}, {0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x9, 0x0, 0xf, 0x10, 0x6, 0xf, 0x2, 0xf, 0x6, 0x6, 0x1, 0x8, 0x1, 0x10, 0x4], 0x3, [0xb, 0x101, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfdf1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x401, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x201, 0x8]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffc00, {0x0, 0x0, 0x0, r10, {0x8}, {0xffff}, {0xfff2, 0xffe1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xe, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x6, 0x1, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x5, 0x7fff, 0x1fff, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x8000, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0x2, 0x5, 0x2, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) 7.252110614s ago: executing program 5 (id=1635): openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) recvmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40010004) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$loop(0x0, 0x7fffffff, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x298, 0xffffffff, 0x168, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x200, 0x200, 0x200, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x3e020000, 0x70, 0x98, 0x0, {0x88000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x4}}}, {{@uncond, 0x0, 0x70, 0xd0, 0x0, {0x122}}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, {0x0, [0x0, 0x0, 0x0, 0x1]}}}}, {{@ip={@rand_addr=0x64010101, @empty, 0xffffffff, 0xffffffff, 'batadv_slave_1\x00', 'veth1_to_batadv\x00', {0xff}, {}, 0x4, 0x2, 0x47}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f8) 6.499467515s ago: executing program 0 (id=1636): r0 = socket(0x2, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f00000001c0)=[{0x30, 0x3, 0x51, 0xfffff034}, {0x6, 0x4, 0x6, 0x6}]}, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f03fe7f37e9140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548", 0x36, 0x0, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff02000000000000000000000000000106"], 0xffe) 6.440666529s ago: executing program 4 (id=1637): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioprio_get$pid(0x3, 0x0) 3.307678451s ago: executing program 4 (id=1638): memfd_create(&(0x7f0000000340)='\b\x9dF\xd8\b\xb3~u\xa5\"\xdc\xfdq\xf6c\r;\xfcO\x8c=\x81\xb1\xfa\x8b\x8aWpAO\x0fKR\xe2{mn\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe/m\xdf\xb6]\xc2\xaa\x86\xec(\xf7\xcd\xa6\xd9n^.\x13*\xd4\xb8\xe8\xe4\xefb\x14Vx\xc6\xfe\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97$\xee\x845n,B\xd5?\xe5E:+Pm\x1d\xb4\xb8\xeb\xe8Op2\x82\xc7\x0e\x97\x03\xef\x1a\xa5\x00.\x89\b!m\f\xd9\x8b$}\x9f\fX\x81\xa8\xf6\x94\xbc\xed\x80|l]\xe9\xca\xd3\xc9\xa3\x9e\x9cJI\xf1\xa2\xa0\xc4:\x00\x00\x00\x00\x00\x00\b\xfey\bJ\x86\x8d\xdf\x16\xbb3\x85\xf5\xe0zYe\xc2\n\x0f\x87\xc4\x8f\x8e\xec\xee\xcd\f\xd1\xa4\xbc\x97,\xb7!\xf2\x93\xd3\t\xd9=\x93\x1d\x945\x97\x1e\x9d\xa6\xe9\xa6\xf9p,\xf7v>\xcd\xd9\xc4\x1b\x9c(\xb8\x90\xdeg\xbf[n\x82\x96\xaev\xd4\xac \x14\xf0\x18@\xc3\xf1\xe2\x14\x1c\x0f\xa4-\xde\xae\xfa;\xaf\xae\x06\x9ag\x02\x98\xd0C2\xe7?\xfb\xb01\x9d\xf8\xd3Q\xb3\xb2\x18V\xe8\x8c\x87\xf4\t\x1c\x85\xa4\xc1\xb1\xf4k!G\xf5\xbb\xbbs&\xeac\xb3\xafW\x846\v\xb3\xca\xeb\xb7\x9e\x9e#]\x10lj\xaf\xaf\xd1\'{\x11\xaa,\x0f\xc5OY\"\x82\x84\xb6:J\x8c\xf37\x1d\xca\xf1\xef\x9f\xcf\a\xcf\xcb\x00'/361, 0x2) r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff00000000000000"], 0x310) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/121, 0x79}, {&(0x7f0000000340)=""/113, 0x71}], 0x2, 0x8, 0x0) 3.036172078s ago: executing program 1 (id=1639): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x800, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) socket$vsock_stream(0x28, 0x1, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 2.983747818s ago: executing program 0 (id=1640): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000026c0)={{0x8, 0x0, 0x0, 0x1020000, 'syz0\x00'}, 0x0, [0x0, 0x7, 0x73, 0x0, 0x0, 0x0, 0x1, 0x10000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x44, 0x8, 0xfffffffffffffffd, 0x100000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0xd451, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10000, 0x7785, 0x0, 0x0, 0x0, 0x3, 0x2000000000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1000000000, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1900, 0x3, 0x1000000000000, 0x0, 0x0, 0x5, 0xf7fffffffffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7ff, 0x5, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80000001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]}) 2.840151065s ago: executing program 5 (id=1641): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x180}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@loopback, 0x3, 0x1, 0x2, 0x6, 0x2, 0xfff9}, 0x20) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101) 2.78177161s ago: executing program 1 (id=1642): bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @private=0xa010100}, 0x10) 2.780799282s ago: executing program 4 (id=1643): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000200), 0x2, 0x483, &(0x7f0000000480)="$eJzs3M1vFOUfAPDvTLttgR+/VsQXEKSKRuJLS8uLHLxoNOGgiYkeMJ5qW0ilUENrIoRo9YBHQ+Ld+F8YT3ox6kUTr3o3JMRwAfUyZnZm2tLu9oUuLXQ/n2S2zzMzu8/znZln5pl5dhtA2+rPX5KI/0XE7xHRW2RvX6G/+HPrxuXRv29cHk0iy976K6mvd/PG5dFq1ep9O4pMlpX57gblXnk3YmRycvxCmR+cOffB4PTFSy9MnBs5M35m/PzwiRNHj+zvOj58rAVR9tRfb+79eGrfnpPvXH1j9NTV935K0ijijkVxtEp/sXUberrVhW2ynQvSSWfMbfOIA7/ML+nOOja4Xiwv3x/57qrV239vdMS2uWW98dpnm1o54K7KsixrdH0uzWbAFpbEZtcA2BzVhT6//62mDep63BOuv1zcAOVx3yqnYklnpEXiQG3R/W0r9UfEqdl/vsqnuEvPIQAAFvou7/8836j/l8bDRaIrf/l/OTbUFxEPRMSuiHgwInZHxEMR9XUfiYhH11j+4hGSpf2f9NodB7cKef/vpXJs6/b+X1qt0tdR5nbW468lpycmxw+X2+RQ1LpPTyTjQ8uU8f2rv33RbNnC/l8+5eVXfcGyHtc6Fz2gGxuZGVlPzAtd/zRib2ej+JP6uECU43p7ImLvHZYx8Wxn02Urx7+M5h+7atnXEc8U+382FsVfSZqOTw69eHz42GBPTI4fHqyOiqV+/vXKm83KX1f8LZDv/+0Nj/+5+PuSnojpi5fO1sdrp9dexpU/Pm96T7OG4z8/D53cWR7/XcnbczNzH43MzFwYiuhKXl86f3j+06p8tX4e/6GDjdv/rpjfEo9FxL6I2B8Rj+c3hWXdn4iIJyPi4DLx//jKU++vPf5lnsq3UB7/2Er7Pxbu/7UnOs7+8O3K8fdERLP9f7SeOlTOWc35ryw8P3UvW8H1bDsAAAC4XxTfgU/Sgfl0MjBQfId/d2xPJ6emZ547PfXh+bHiu/J9UUurJ129C56HDpXPhqv88KL8kfK58Zcd2+r5gdGpybHNDh7a3I4l7T9N8/af+9OPNWDra8E4GnCf0v6hfWn/0J6SFdt/bcPqAmw8139oX43a/ydN1x745q5WBthQrv/QvlbR/meLP817BcD9yfUf2pf2D22p6W/j03X95H/DE/+W/8/wXqnP1k9Eek9UY+snOmO9n1Nb2paz3qL953O6G75rs89MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArfFfAAAA///eZeRa") 2.665274208s ago: executing program 0 (id=1644): syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4002, &(0x7f0000000000)={[{@test_dummy_encryption_v1}, {@dioread_nolock}]}, 0x1, 0xbe4, &(0x7f0000003c00)="$eJzs3N9rXFkdAPDvvTOZJm10UhGxvhgRaUGcJpUUWwRbqfjig6CvQkM6KSHTHySRmjTgRP8BUZ8FXwS1KD7Y574ou6/7stu+7rIPC2XJNruwLLtZ7vxI0s5MkrYzudnm84Ez95x7ZuZ8v/cyc8+BuRPAkTWePaQRpyLiahJRbu1PI6LUqA1H1JvP21hfnflofXUmic3NX7yfRBIRT9ZXZ9rvlbS2J1qN4Yh448dJfOX3neMuLq/MT9dq1YVW++zSjdtnF5dXvjd3Y/p69Xr15uT5H0ydmzo/cWGqb7l+/Pal+x9+66fv1j/5x6f3PvjT35K4FKOtvp159Mt4jG8dk52KETHd78FyUmjlszPPpLjHi9LWdmiAgQEA0FW6Yw73tShHIbYnb+X435u5BgcAAAD0xWYhYhMAAAB4xSXW/wAAAPCKa/8O4Mn66ky75PuLhIP1+HJEjDXz32iVZk8x6o3tcOM21eNPkth5W2vSfNlLG4+Idx5d+HdWYkD3Ie+mvhYRX+92/pNG/mONu7g7808jYqIP448/094j/0IfhnzKy+R/qQ/jP2f+MYhjAMDR8+By80LWef1Lt+Y/0eX6V+xy7XoRXa5/B3p9a8//Njrmf9v5F3rM/36+zzHu/v0vd3r1Zfn/8P5P/tUu2fjZ9qWSeg6P1yK+UeyWf7KVf9Ij/6v7HKP82Z1qr76889/8a8Tp6J5/W7L7/xOdnZ2rVSeaj13HWHt96p+9xt9P/iP9S7dDdv6P98i//f9Pvc7/7X2O8asrV/7TsfPRdnX3/NP3SskvG7VSa89vppeWFiYjSsnPOvef2z2W9nPa75Hlf+bbu3/+u+WffSfUW8chWwustbZZ+3fPjPmje3f/2yue9vovz8//tR7nf2f+rxU7z/8f9jnGd/7/xzO9+nauf7OSjd9eCwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAWxoRo5Gkla16mlYqESci4qtxPK3dWlz67uytX9+8lvVFjMVQOjtXq05ERLnZTrL2ZKO+3T73TPv7EXEyIv5cHmm0KzO3atfyTh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtJyJiNJK0EhFpRGyU07RSyTsqAAAAoO/GXvSFQ/2NAwAAABicF17/AwAAAF8Y1v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM2MlvPniYRET94kijZEqtvqFcIwMGLc07ACA3heZmM8k7EODAFfMOAMjNc67xC4OKA8jPXvP/4Z49x/oeCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH1+lTDx4mEVG/ONIomVKrbyjXyIBBS/MOAMhNYbfO4sHFARw8H3E4uqzxgWSP/uHt59Sf7jk2sJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHxGGyVJKxFRau2rVCK+FBFjMZTMztWqExHx5Yh4qzx0LGtP5hwzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/be4vDI/XatVF7JKGq3K1p4jWNn8bY+upHnE6rlHqNKfSikORRiHtJL3NxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHlYXF6Zn67VqguLeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1xeWV+ularLgywkneOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADk5/MAAAD//w92C94=") setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) truncate(&(0x7f0000000080)='./file1\x00', 0x400000f000) 2.523624919s ago: executing program 1 (id=1645): openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x5, 0x3, &(0x7f00000000c0)=@framed={{0x3d, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0xa8}}, &(0x7f0000000000)='GPL\x00'}, 0x90) 961.333939ms ago: executing program 1 (id=1646): syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0xa00000, &(0x7f0000000000), 0xfc, 0x579, &(0x7f0000000680)="$eJzs3c9rHOUbAPBnNtk2/fH9JoVS1IMEerBSu2kSf1TwUI+ixYLe65JsQ8mmW7Kb0sSC7cFevEgRRCyI3jx491j8B/wrClooUoIevERmM5tuk910k+wmaffzgUned2Y2z/vuzPPmnZ1dNoC+NZr+yEW8HBFfJxHDTdsGI9s4urrf8uObU+mSxMrKJ38lkWTrGvsn2e8jWeWliPjty4jTuY1xq4tLs8VyuTSf1cdqc9fGqotLZ67MFWdKM6WrE5OT596anHj3nbe71tfXL/7z3cf3Pzj31cnlb395eOxuEufjaLatuR87cKu5Mhqj2XOSj/PrdhzvQrD9JNnrBrAtA1me5yMdA4ZjIMv6llaGd7NpQI99kaY10KcS+Q99qjEPaFzbd+k6+Lnx6P3VC6CN/R9cfW0khurXRoeXk6eujNLr3ZEuxE9j/PrnvbvpEt17HQLgmW7djoizg4Mbx78kG/+272wH+6yPkcXP7zA00IH76fznjVbzn9za/CdazH+OtMjd7WiT/01yD7sQpq10/vdey/nv2k2rkYGs9r/6nC+fXL5SLqVj2/8j4lTkD6b1Te7nfJZbfrDSbmPz/C9d0viNuWDWjoeDB59+zHSxVtxRp5s8uh3xSsv5b7J2/JMWxz99Pi52GONE6d6r7bY9u/9renKLaeXHiNdaHv/kqcCb3J8cq58PY42zYqO/75z4vV38LfS/Jx79nBXa938kab5fW916jB+G/i2127bd8/9A8mm9fCBbd6NYq82PRxxIPtq4fuLJYxv1xv7p+X/q5ObjX6vz/1Ca2B32/87xO827Dm2t/72V9n968/N/3fHfeuHBh59/3y5+Z8f/zXrpVLamk/Gv0wbu5LkDAAAAAACA/SYXEUcjyRXWyrlcobD6/o7jcThXrlRrpy9XFq5OR/2zsiORzzXudA83vR9iPHs/bKM+sa4+GRHHIuKbgUP1emGqUp7e684DAAAAAAAAAAAAAAAAAADAPnEkYqjV5/9TfwzsdeuAntvkK7+BF1z7/M+2dOObnoB9adv//4e62w5g95n/Q/+S/9C/5D/0L/kP/Uv+Q/+S/9C/tpL/P13oYUMAAAAAAAAAAAAAAAAAAAAAAAAAAADgxXDxwoV0WVl+fHMqrU9fX1yYrVw/M12qzhbmFqYKU5X5a4WZSmWmXCpMVeae9ffKlcq18YlYuDFWK1VrY9XFpUtzlYWrtUtX5oozpUul/K70CgAAAAAAAAAAAAAAAAAAAJ4v1cWl2WK5XJpXUNhWYXB/NEOhy4W9HpkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4In/AgAA//+z7zor") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) getpgrp(0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, &(0x7f0000000200)={0x2f, 0x6, 0x0, {0x1, 0x4, 0x6, 0x0, '\'-[/\xc7,'}}, 0x2f) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$SNDRV_PCM_IOCTL_RESUME(0xffffffffffffffff, 0x4147, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ipv6_route\x00') lseek(r4, 0x1008000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0) r5 = socket(0xa, 0x1, 0x0) ustat(0x1, 0x0) getsockopt(r5, 0x1, 0x2f, &(0x7f0000001940)=""/8, &(0x7f0000000040)=0x8) 416.427646ms ago: executing program 0 (id=1647): r0 = syz_usb_connect(0x3, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) pwritev(r1, &(0x7f0000000300)=[{&(0x7f0000000040)="0e", 0x1}], 0x1, 0x7c58fc9b, 0xc) 0s ago: executing program 4 (id=1648): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioprio_get$pid(0x3, 0x0) kernel console output (not intermixed with test programs): descriptor?? [ 306.909032][ T6048] gspca_main: sonixj-2.14.0 probing 0c45:6128 [ 307.035197][ T7655] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 307.297280][ T7655] EXT4-fs (loop1): 1 orphan inode deleted [ 307.377291][ T7655] EXT4-fs (loop1): 1 truncate cleaned up [ 307.678324][ T7655] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 307.734195][ T6048] gspca_sonixj: reg_r err -32 [ 307.738967][ T6048] sonixj 1-1:0.0: probe with driver sonixj failed with error -32 [ 308.190081][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.861885][ T6009] usb 1-1: USB disconnect, device number 7 [ 312.486365][ T7686] loop1: detected capacity change from 0 to 128 [ 312.530664][ T7689] loop0: detected capacity change from 0 to 512 [ 312.572814][ T7686] ufs: You didn't specify the type of your ufs filesystem [ 312.572814][ T7686] [ 312.572814][ T7686] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 312.572814][ T7686] [ 312.572814][ T7686] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 312.792218][ T7689] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 313.035172][ T7691] loop4: detected capacity change from 0 to 1764 [ 313.425155][ T7686] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 313.528305][ T7689] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.525: bad orphan inode 131083 [ 313.558481][ T7695] ubi31: attaching mtd0 [ 313.616769][ T7689] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 313.703913][ T7695] ubi31: scanning is finished [ 313.708630][ T7695] ubi31: empty MTD device detected [ 314.209956][ T31] audit: type=1326 audit(1768210254.994:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 314.688313][ T31] audit: type=1326 audit(1768210255.024:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 314.717139][ T31] audit: type=1326 audit(1768210255.044:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 314.739831][ T31] audit: type=1326 audit(1768210255.044:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 314.746708][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.801759][ T31] audit: type=1326 audit(1768210255.074:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 314.911533][ T31] audit: type=1326 audit(1768210255.074:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 314.942674][ T5849] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 314.974691][ T5849] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 314.984855][ T5849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 315.006638][ T5849] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 315.024787][ T5849] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 315.333855][ T31] audit: type=1326 audit(1768210255.084:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 315.551457][ T7695] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4 [ 315.737244][ T31] audit: type=1326 audit(1768210255.214:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 315.762463][ T31] audit: type=1326 audit(1768210255.214:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 315.784783][ T31] audit: type=1326 audit(1768210255.214:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7700 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc04f8f749 code=0x7ffc0000 [ 316.401524][ T6656] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 316.612028][ T6656] usb 6-1: Using ep0 maxpacket: 8 [ 316.752560][ T6656] usb 6-1: New USB device found, idVendor=0c45, idProduct=6128, bcdDevice=c4.6d [ 317.001540][ T6656] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.071528][ T6656] usb 6-1: Product: syz [ 317.091679][ T5840] Bluetooth: hci6: command tx timeout [ 317.101564][ T6656] usb 6-1: Manufacturer: syz [ 317.106170][ T6656] usb 6-1: SerialNumber: syz [ 317.174948][ T6656] usb 6-1: config 0 descriptor?? [ 317.244064][ T6656] gspca_main: sonixj-2.14.0 probing 0c45:6128 [ 317.528770][ T7713] chnl_net:caif_netlink_parms(): no params data found [ 318.022221][ T6656] gspca_sonixj: reg_r err -32 [ 318.027035][ T6656] sonixj 6-1:0.0: probe with driver sonixj failed with error -32 [ 318.535377][ T7713] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.551960][ T7713] bridge0: port 1(bridge_slave_0) entered disabled state [ 318.696650][ T7713] bridge_slave_0: entered allmulticast mode [ 319.023888][ T7713] bridge_slave_0: entered promiscuous mode [ 319.062212][ T7713] bridge0: port 2(bridge_slave_1) entered blocking state [ 319.124151][ T7713] bridge0: port 2(bridge_slave_1) entered disabled state [ 319.173329][ T7713] bridge_slave_1: entered allmulticast mode [ 319.181516][ T5840] Bluetooth: hci6: command tx timeout [ 319.222094][ T7713] bridge_slave_1: entered promiscuous mode [ 319.420881][ T5888] usb 6-1: USB disconnect, device number 5 [ 319.679208][ T7713] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 319.746444][ T7713] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 320.083966][ T7752] loop5: detected capacity change from 0 to 1764 [ 321.113839][ T7713] team0: Port device team_slave_0 added [ 321.175064][ T7713] team0: Port device team_slave_1 added [ 321.251857][ T5840] Bluetooth: hci6: command tx timeout [ 321.401668][ T6656] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 321.801516][ T6656] usb 5-1: Using ep0 maxpacket: 8 [ 321.844367][ T6656] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 321.926763][ T6656] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 321.994961][ T6656] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.085729][ T6656] usb 5-1: config 0 descriptor?? [ 322.146301][ T7713] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 322.165815][ T7713] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 322.278664][ T7713] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 322.388880][ T6656] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 322.427157][ T7713] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 322.503227][ T7713] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 322.575332][ T7713] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 322.762694][ T1221] usb 5-1: USB disconnect, device number 12 [ 323.351497][ T5840] Bluetooth: hci6: command tx timeout [ 324.220467][ T7713] hsr_slave_0: entered promiscuous mode [ 324.252665][ T7713] hsr_slave_1: entered promiscuous mode [ 324.282412][ T7713] debugfs: 'hsr0' already exists in 'hsr' [ 324.288162][ T7713] Cannot create hsr debugfs directory [ 324.461563][ T1221] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 324.661524][ T1221] usb 2-1: Using ep0 maxpacket: 8 [ 325.446002][ T1221] usb 2-1: New USB device found, idVendor=0c45, idProduct=6128, bcdDevice=c4.6d [ 325.471978][ T1221] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.479987][ T1221] usb 2-1: Product: syz [ 325.501455][ T1221] usb 2-1: Manufacturer: syz [ 325.506069][ T1221] usb 2-1: SerialNumber: syz [ 325.563164][ T1221] usb 2-1: config 0 descriptor?? [ 325.604748][ T1221] gspca_main: sonixj-2.14.0 probing 0c45:6128 [ 325.951551][ T5917] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 326.121480][ T5917] usb 5-1: Using ep0 maxpacket: 8 [ 326.169272][ T5917] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 326.249056][ T5917] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 326.448873][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.752838][ T5917] usb 5-1: config 0 descriptor?? [ 326.892074][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 326.898436][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 326.904959][ T1221] gspca_sonixj: reg_r err -32 [ 326.909716][ T1221] sonixj 2-1:0.0: probe with driver sonixj failed with error -32 [ 327.046953][ T5917] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 327.254883][ T7713] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 327.305331][ T7713] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 327.350071][ T7713] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 327.415305][ T7713] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 327.466319][ T1221] usb 5-1: USB disconnect, device number 13 [ 327.666442][ T5917] usb 2-1: USB disconnect, device number 9 [ 328.644831][ T7825] loop5: detected capacity change from 0 to 4096 [ 328.691023][ T7713] 8021q: adding VLAN 0 to HW filter on device bond0 [ 328.869398][ T7713] 8021q: adding VLAN 0 to HW filter on device team0 [ 329.864125][ T6771] bridge0: port 1(bridge_slave_0) entered blocking state [ 329.871347][ T6771] bridge0: port 1(bridge_slave_0) entered forwarding state [ 329.894480][ T6771] bridge0: port 2(bridge_slave_1) entered blocking state [ 329.901642][ T6771] bridge0: port 2(bridge_slave_1) entered forwarding state [ 331.427365][ T7713] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 333.167206][ T7867] loop4: detected capacity change from 0 to 512 [ 333.412941][ T7867] EXT4-fs: Ignoring removed oldalloc option [ 333.729251][ T7867] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.865859][ T7713] veth0_vlan: entered promiscuous mode [ 333.875687][ T7867] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 333.946406][ T7713] veth1_vlan: entered promiscuous mode [ 334.059815][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.087115][ T7713] veth0_macvtap: entered promiscuous mode [ 334.137618][ T7713] veth1_macvtap: entered promiscuous mode [ 334.356441][ T7713] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 334.394334][ T7713] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 334.443886][ T6012] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.492075][ T6012] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.561536][ T6048] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 334.561783][ T6012] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.645796][ T6012] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 334.741818][ T6048] usb 5-1: Using ep0 maxpacket: 8 [ 334.773111][ T6048] usb 5-1: New USB device found, idVendor=0c45, idProduct=6128, bcdDevice=c4.6d [ 334.791713][ T3479] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 334.809793][ T6048] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.827618][ T3479] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 334.862071][ T6048] usb 5-1: Product: syz [ 334.866248][ T6048] usb 5-1: Manufacturer: syz [ 334.882044][ T6048] usb 5-1: SerialNumber: syz [ 334.934984][ T6048] usb 5-1: config 0 descriptor?? [ 335.002362][ T6048] gspca_main: sonixj-2.14.0 probing 0c45:6128 [ 335.025910][ T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 335.072776][ T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 335.797758][ T6048] gspca_sonixj: reg_r err -32 [ 335.907819][ T6048] sonixj 5-1:0.0: probe with driver sonixj failed with error -32 [ 338.142700][ T6048] usb 5-1: USB disconnect, device number 14 [ 338.244642][ T7911] netlink: 4 bytes leftover after parsing attributes in process `syz.5.585'. [ 338.280963][ T7911] netlink: 4 bytes leftover after parsing attributes in process `syz.5.585'. [ 338.370610][ T7913] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 341.631493][ T6009] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 341.964771][ T6009] usb 3-1: Using ep0 maxpacket: 8 [ 342.319992][ T6009] usb 3-1: New USB device found, idVendor=0c45, idProduct=6128, bcdDevice=c4.6d [ 342.350636][ T6009] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.369386][ T6009] usb 3-1: Product: syz [ 343.162588][ T6009] usb 3-1: Manufacturer: syz [ 343.373030][ T6009] usb 3-1: SerialNumber: syz [ 343.428883][ T6009] usb 3-1: config 0 descriptor?? [ 343.644452][ T6009] usb 3-1: can't set config #0, error -71 [ 343.676049][ T6009] usb 3-1: USB disconnect, device number 10 [ 347.612987][ T8009] netlink: 48 bytes leftover after parsing attributes in process `syz.4.617'. [ 349.221466][ T114] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 349.429088][ T114] usb 6-1: Using ep0 maxpacket: 8 [ 349.493049][ T114] usb 6-1: New USB device found, idVendor=0c45, idProduct=6128, bcdDevice=c4.6d [ 349.541474][ T114] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 349.549527][ T114] usb 6-1: Product: syz [ 349.575048][ T114] usb 6-1: Manufacturer: syz [ 349.579671][ T114] usb 6-1: SerialNumber: syz [ 349.657454][ T114] usb 6-1: config 0 descriptor?? [ 349.710872][ T114] gspca_main: sonixj-2.14.0 probing 0c45:6128 [ 349.885532][ T8038] loop2: detected capacity change from 0 to 512 [ 350.006138][ T8038] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 350.217629][ T8038] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.631: bad orphan inode 131083 [ 350.311579][ T8038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 350.891658][ T8049] loop6: detected capacity change from 0 to 1764 [ 352.651771][ T8057] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 352.811923][ T114] usb 6-1: USB disconnect, device number 6 [ 353.161949][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.741531][ T6656] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 353.769151][ T8077] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 353.845239][ T8081] loop2: detected capacity change from 0 to 136 [ 353.971561][ T6656] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 354.031517][ T6656] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.051745][ T6656] usb 1-1: Product: syz [ 354.066261][ T6656] usb 1-1: Manufacturer: syz [ 354.070883][ T6656] usb 1-1: SerialNumber: syz [ 354.135603][ T6656] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 354.184782][ T10] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 355.704021][ T8095] loop5: detected capacity change from 0 to 1764 [ 355.812079][ T5917] usb 1-1: USB disconnect, device number 8 [ 355.886604][ T10] usb 1-1: Service connection timeout for: 257 [ 355.898854][ T10] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services [ 355.908110][ T10] ath9k_htc: Failed to initialize the device [ 355.948070][ T5917] usb 1-1: ath9k_htc: USB layer deinitialized [ 356.367463][ T8075] loop6: detected capacity change from 0 to 32768 [ 356.639801][ T8104] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 356.936435][ T4469] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.190935][ T8119] loop1: detected capacity change from 0 to 2048 [ 357.318056][ T8119] loop1: p1 p3 p4 [ 357.458807][ T8128] ./file0: Can't lookup blockdev [ 357.475612][ T4469] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.805175][ T8119] loop1: p4 size 589824 extends beyond EOD, truncated [ 358.170834][ T4469] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.269871][ T6038] udevd[6038]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 358.295441][ T6124] udevd[6124]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 358.313409][ T5844] udevd[5844]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 358.589383][ T4469] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 358.729204][ T8142] loop4: detected capacity change from 0 to 4096 [ 358.909978][ T8147] loop1: detected capacity change from 0 to 1764 [ 360.077864][ T4469] gretap0: left allmulticast mode [ 360.083263][ T4469] gretap0: left promiscuous mode [ 360.102202][ T4469] bridge0: port 3(gretap0) entered disabled state [ 360.255659][ T4469] bridge_slave_1: left allmulticast mode [ 360.319366][ T4469] bridge_slave_1: left promiscuous mode [ 360.351070][ T4469] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.428417][ T4469] bridge_slave_0: left allmulticast mode [ 360.492184][ T4469] bridge_slave_0: left promiscuous mode [ 360.497938][ T4469] bridge0: port 1(bridge_slave_0) entered disabled state [ 361.997920][ T8198] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 362.259207][ T8206] loop6: detected capacity change from 0 to 256 [ 362.507338][ T8208] loop2: detected capacity change from 0 to 1764 [ 362.871035][ T4469] dvmrp6 (unregistering): left allmulticast mode [ 362.917686][ T8212] loop5: detected capacity change from 0 to 4096 [ 363.743870][ T4469] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 363.774424][ T4469] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 363.809490][ T4469] bond0 (unregistering): Released all slaves [ 364.071229][ T8219] netlink: 11 bytes leftover after parsing attributes in process `syz.2.690'. [ 364.585576][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 365.441449][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 365.493708][ T10] usb 7-1: config 162 has an invalid interface number: 188 but max is 0 [ 365.528971][ T10] usb 7-1: config 162 has no interface number 0 [ 365.562868][ T10] usb 7-1: config 162 interface 188 has no altsetting 0 [ 365.604508][ T10] usb 7-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=56.74 [ 365.681428][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.720167][ T10] usb 7-1: Product: syz [ 365.737764][ T10] usb 7-1: Manufacturer: syz [ 365.765774][ T10] usb 7-1: SerialNumber: syz [ 366.101487][ T4469] hsr_slave_0: left promiscuous mode [ 366.136764][ T4469] hsr_slave_1: left promiscuous mode [ 366.164227][ T4469] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 366.189799][ T8257] loop2: detected capacity change from 0 to 4096 [ 366.198407][ T8260] loop1: detected capacity change from 0 to 4096 [ 366.207591][ T4469] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 366.251720][ T4469] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.284904][ T4469] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 366.434591][ T4469] veth1_macvtap: left promiscuous mode [ 366.462677][ T4469] veth0_macvtap: left promiscuous mode [ 366.492795][ T4469] veth1_vlan: left promiscuous mode [ 366.506823][ T4469] veth0_vlan: left promiscuous mode [ 369.429974][ T5917] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 369.456658][ T8319] loop6: detected capacity change from 0 to 1764 [ 369.554726][ T4469] team0 (unregistering): Port device team_slave_1 removed [ 369.594126][ T5917] usb 2-1: device descriptor read/64, error -71 [ 369.606399][ T4469] team0 (unregistering): Port device team_slave_0 removed [ 369.831832][ T5917] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 370.034510][ T10] peak_usb 7-1:162.188 can0: sending cmd f=0x6 n=0x1 failure: -22 [ 370.096196][ T10] peak_usb 7-1:162.188: unable to read PCAN-USB serial number (err -22) [ 370.122145][ T5917] usb 2-1: device descriptor read/64, error -71 [ 370.151516][ T6656] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 370.232201][ T5917] usb usb2-port1: attempt power cycle [ 370.292192][ T10] peak_usb 7-1:162.188: probe with driver peak_usb failed with error -22 [ 370.402073][ T8329] loop6: detected capacity change from 0 to 512 [ 370.455548][ T8329] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 370.515060][ T6656] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 370.614628][ T8329] EXT4-fs (loop6): 1 orphan inode deleted [ 370.620692][ T8329] EXT4-fs (loop6): 1 truncate cleaned up [ 370.638389][ T8329] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.715554][ T6656] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.838922][ T10] usb 7-1: USB disconnect, device number 2 [ 370.864825][ T6656] usb 1-1: Product: syz [ 370.941920][ T6656] usb 1-1: Manufacturer: syz [ 371.049238][ T6656] usb 1-1: SerialNumber: syz [ 371.157316][ T5917] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 371.182085][ T5917] usb 2-1: device descriptor read/8, error -71 [ 371.268481][ T6656] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 371.426684][ T5917] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 371.442771][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.492236][ T5917] usb 2-1: device descriptor read/8, error -71 [ 371.642011][ T5917] usb usb2-port1: unable to enumerate USB device [ 371.752259][ T6048] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 372.941623][ T6093] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 373.014484][ T5904] usb 1-1: USB disconnect, device number 9 [ 373.135307][ T6093] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 373.453852][ T6093] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 373.464096][ T6093] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 373.473449][ T6093] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.653703][ T6048] usb 1-1: Service connection timeout for: 257 [ 373.747490][ T6048] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services [ 374.032509][ T6048] ath9k_htc: Failed to initialize the device [ 374.054658][ T6656] usb 5-1: USB disconnect, device number 15 [ 374.336333][ T5904] usb 1-1: ath9k_htc: USB layer deinitialized [ 375.396812][ T8384] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 375.455986][ T8370] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 375.848545][ T8394] loop4: detected capacity change from 0 to 512 [ 375.875486][ T8394] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 376.162058][ T8394] EXT4-fs (loop4): 1 orphan inode deleted [ 376.168064][ T8394] EXT4-fs (loop4): 1 truncate cleaned up [ 376.190811][ T8394] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 376.693926][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.091796][ T8415] loop2: detected capacity change from 0 to 512 [ 378.125990][ T8415] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 378.137137][ T8417] netlink: 'syz.5.741': attribute type 1 has an invalid length. [ 378.413610][ T5904] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 378.551472][ T5904] usb 5-1: device descriptor read/64, error -71 [ 378.709008][ T8417] bond1: entered promiscuous mode [ 378.722056][ T8417] 8021q: adding VLAN 0 to HW filter on device bond1 [ 378.801606][ T5904] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 378.816565][ T8421] bond1: (slave bridge1): making interface the new active one [ 378.863540][ T8421] bridge1: entered promiscuous mode [ 378.913027][ T8421] bond1: (slave bridge1): Enslaving as an active interface with an up link [ 378.971995][ T5904] usb 5-1: device descriptor read/64, error -71 [ 379.092528][ T5904] usb usb5-port1: attempt power cycle [ 380.365923][ T5904] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 380.485874][ T5904] usb 5-1: device descriptor read/8, error -71 [ 380.828051][ T5904] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 380.852072][ T6518] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 380.882211][ T5904] usb 5-1: device descriptor read/8, error -71 [ 381.030301][ T6518] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 381.031918][ T5904] usb usb5-port1: unable to enumerate USB device [ 381.140469][ T8458] loop5: detected capacity change from 0 to 512 [ 381.153595][ T6518] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 381.190184][ T8458] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 381.288094][ T6518] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 381.357728][ T8458] EXT4-fs (loop5): 1 orphan inode deleted [ 381.363717][ T8458] EXT4-fs (loop5): 1 truncate cleaned up [ 381.384471][ T8458] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 381.500717][ T6518] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 381.612000][ T8461] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 381.902142][ T8461] EXT4-fs (loop5): Remounting filesystem read-only [ 382.388451][ T5904] usb 2-1: USB disconnect, device number 14 [ 382.410455][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 382.420339][ T8471] loop2: detected capacity change from 0 to 512 [ 382.874370][ T8471] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 383.484429][ T31] kauditd_printk_skb: 62 callbacks suppressed [ 383.484453][ T31] audit: type=1326 audit(1768210324.214:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 383.657516][ T31] audit: type=1326 audit(1768210324.214:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 384.239044][ T31] audit: type=1326 audit(1768210324.214:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 384.281770][ T8491] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 384.381474][ T31] audit: type=1326 audit(1768210324.214:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 384.828671][ T31] audit: type=1326 audit(1768210324.214:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 385.791466][ T31] audit: type=1326 audit(1768210324.264:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 385.914107][ T31] audit: type=1326 audit(1768210324.264:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 386.191036][ T31] audit: type=1326 audit(1768210324.264:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f35e49c2005 code=0x7ffc0000 [ 386.395947][ T31] audit: type=1326 audit(1768210324.274:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f35e49c2005 code=0x7ffc0000 [ 386.423892][ T8519] loop0: detected capacity change from 0 to 512 [ 386.472519][ T8519] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 386.491745][ T6009] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 386.525283][ T31] audit: type=1326 audit(1768210324.274:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8483 comm="syz.1.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f35e49c2005 code=0x7ffc0000 [ 387.071470][ T6009] usb 2-1: device descriptor read/64, error -71 [ 387.342372][ T6009] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 387.523567][ T6009] usb 2-1: device descriptor read/64, error -71 [ 387.541477][ T30] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 387.554721][ T8536] loop6: detected capacity change from 0 to 512 [ 387.581017][ T8536] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 387.641992][ T6009] usb usb2-port1: attempt power cycle [ 388.611674][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.618414][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.660930][ T30] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 388.723286][ T30] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1 [ 388.760301][ T30] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 388.862920][ T30] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.001549][ T6009] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 389.053061][ T6009] usb 2-1: device descriptor read/8, error -71 [ 389.175742][ T30] usb 3-1: USB disconnect, device number 11 [ 392.729056][ T8597] loop4: detected capacity change from 0 to 512 [ 392.736510][ T8597] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 394.786828][ T8623] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 395.221469][ T6656] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 395.366123][ T8634] loop1: detected capacity change from 0 to 512 [ 395.412721][ T8634] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 395.451814][ T6656] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 395.619224][ T8634] EXT4-fs (loop1): 1 orphan inode deleted [ 395.625147][ T8634] EXT4-fs (loop1): 1 truncate cleaned up [ 395.641286][ T8634] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.660274][ T6656] usb 1-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 396.017757][ T8637] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 396.018149][ T6656] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 396.054892][ T8637] EXT4-fs (loop1): Remounting filesystem read-only [ 396.229182][ T6656] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 396.254257][ T6656] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.428970][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.434948][ T6656] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 397.308544][ T6656] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 397.617563][ T6656] usb 1-1: USB disconnect, device number 10 [ 397.800518][ T7273] udevd[7273]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 399.210840][ T8662] loop5: detected capacity change from 0 to 512 [ 399.279428][ T8662] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 401.376938][ T8689] loop1: detected capacity change from 0 to 512 [ 401.461555][ T8689] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 402.085152][ T8689] EXT4-fs (loop1): 1 orphan inode deleted [ 402.090973][ T8689] EXT4-fs (loop1): 1 truncate cleaned up [ 402.143837][ T8689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.538447][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.631494][ T6093] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 403.485081][ T6093] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 403.505698][ T6093] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 403.516994][ T6093] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 403.530282][ T6093] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 403.541335][ T6093] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.640209][ T6093] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 403.816637][ T6093] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2 [ 403.844314][ T7273] udevd[7273]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 404.262353][ T6093] usb 5-1: USB disconnect, device number 20 [ 404.897967][ T8724] loop1: detected capacity change from 0 to 512 [ 404.982071][ T8724] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 405.857566][ T8742] loop4: detected capacity change from 0 to 512 [ 405.871891][ T8742] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 405.941694][ T8742] EXT4-fs (loop4): 1 orphan inode deleted [ 405.947856][ T8742] EXT4-fs (loop4): 1 truncate cleaned up [ 405.965386][ T8742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 407.231575][ T8749] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 407.348134][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 410.566514][ T8797] loop2: detected capacity change from 0 to 512 [ 410.609249][ T8797] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 415.215654][ T8862] loop2: detected capacity change from 0 to 512 [ 415.260024][ T8862] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 416.547010][ T31] kauditd_printk_skb: 20 callbacks suppressed [ 416.547129][ T31] audit: type=1326 audit(1768210357.334:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.170249][ T31] audit: type=1326 audit(1768210357.394:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.197251][ T31] audit: type=1326 audit(1768210357.434:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.219638][ T31] audit: type=1326 audit(1768210357.464:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.242138][ T31] audit: type=1326 audit(1768210357.464:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.369971][ T31] audit: type=1326 audit(1768210357.494:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.464061][ T31] audit: type=1326 audit(1768210357.494:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.611050][ T31] audit: type=1326 audit(1768210357.534:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.711444][ T31] audit: type=1326 audit(1768210357.534:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 417.865315][ T31] audit: type=1326 audit(1768210357.534:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8894 comm="syz.6.863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4e2f8f749 code=0x7ffc0000 [ 418.510686][ T8932] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 418.831225][ T8947] loop0: detected capacity change from 0 to 512 [ 419.188338][ T8947] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 420.180744][ T8953] loop1: detected capacity change from 0 to 4096 [ 420.207677][ T8957] netlink: 36 bytes leftover after parsing attributes in process `syz.6.878'. [ 422.164358][ T8189] ntfs3(loop1): ino=5, mi_enum_attr [ 423.142324][ T8987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.881'. [ 423.151252][ T8987] netlink: 12 bytes leftover after parsing attributes in process `syz.1.881'. [ 424.174294][ T8995] loop0: detected capacity change from 0 to 512 [ 424.289082][ T8995] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 425.478182][ T9024] overlayfs: failed to resolve './file0': -2 [ 427.118662][ T9045] netlink: 8 bytes leftover after parsing attributes in process `syz.6.907'. [ 427.127814][ T9045] netlink: 12 bytes leftover after parsing attributes in process `syz.6.907'. [ 428.595576][ T9055] loop2: detected capacity change from 0 to 512 [ 428.643558][ T9055] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 428.986469][ T9061] overlayfs: failed to resolve './file0': -2 [ 431.730474][ T9098] loop2: detected capacity change from 0 to 512 [ 431.760413][ T9098] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 433.997496][ T9125] loop1: detected capacity change from 0 to 512 [ 434.552640][ T9125] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 436.841078][ T9125] EXT4-fs (loop1): 1 orphan inode deleted [ 436.864938][ T9125] EXT4-fs (loop1): 1 truncate cleaned up [ 436.902678][ T9125] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 437.347325][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.805095][ T9151] loop2: detected capacity change from 0 to 512 [ 437.830692][ T9151] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 438.210459][ T9157] netlink: 12 bytes leftover after parsing attributes in process `syz.6.950'. [ 440.311606][ T9181] loop0: detected capacity change from 0 to 512 [ 440.536564][ T9181] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 440.672590][ T9181] EXT4-fs (loop0): 1 orphan inode deleted [ 440.678437][ T9181] EXT4-fs (loop0): 1 truncate cleaned up [ 440.704292][ T9181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 441.062911][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.357697][ T9195] loop6: detected capacity change from 0 to 512 [ 441.411463][ T5849] Bluetooth: hci6: command 0x0406 tx timeout [ 441.556476][ T9195] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 442.306877][ T9201] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 444.550267][ T9233] netlink: 16 bytes leftover after parsing attributes in process `syz.5.972'. [ 444.978540][ T9237] loop6: detected capacity change from 0 to 512 [ 445.011169][ T9237] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 445.557453][ T9237] EXT4-fs (loop6): 1 orphan inode deleted [ 445.563424][ T9237] EXT4-fs (loop6): 1 truncate cleaned up [ 445.659632][ T9237] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 446.104489][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.479017][ T9251] loop6: detected capacity change from 0 to 136 [ 446.497365][ T9253] loop1: detected capacity change from 0 to 512 [ 446.567859][ T9253] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 449.295764][ T9281] loop0: detected capacity change from 0 to 512 [ 449.568009][ T9281] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 449.584908][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.594830][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.674255][ T9281] EXT4-fs (loop0): 1 orphan inode deleted [ 449.680105][ T9281] EXT4-fs (loop0): 1 truncate cleaned up [ 449.694509][ T9281] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 450.160854][ T9295] overlayfs: failed to resolve './file0': -2 [ 450.286392][ T9299] loop6: detected capacity change from 0 to 136 [ 450.310231][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.669837][ T31] kauditd_printk_skb: 15 callbacks suppressed [ 450.669861][ T31] audit: type=1326 audit(1768210391.454:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 450.763818][ T31] audit: type=1326 audit(1768210391.454:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 450.816778][ T31] audit: type=1326 audit(1768210391.454:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 450.839215][ T31] audit: type=1326 audit(1768210391.454:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 450.946746][ T31] audit: type=1326 audit(1768210391.484:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 451.121478][ T31] audit: type=1326 audit(1768210391.484:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 451.189665][ T31] audit: type=1326 audit(1768210391.484:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 451.289486][ T9323] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 451.309329][ T31] audit: type=1326 audit(1768210391.494:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 451.508408][ T31] audit: type=1326 audit(1768210391.494:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9308 comm="syz.1.999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f35e498f749 code=0x7ffc0000 [ 453.651575][ T9342] loop4: detected capacity change from 0 to 512 [ 453.713955][ T9342] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 456.286614][ T9342] EXT4-fs (loop4): 1 orphan inode deleted [ 456.308703][ T9342] EXT4-fs (loop4): 1 truncate cleaned up [ 456.362979][ T9342] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 456.620636][ T9356] overlayfs: failed to resolve './file0': -2 [ 457.428144][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 459.899801][ T9398] loop4: detected capacity change from 0 to 512 [ 459.920909][ T9398] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 460.059167][ T9398] EXT4-fs (loop4): 1 orphan inode deleted [ 460.065033][ T9398] EXT4-fs (loop4): 1 truncate cleaned up [ 460.108758][ T9398] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 460.744081][ T31] audit: type=1326 audit(1768210401.534:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 460.802764][ T9408] overlayfs: failed to resolve './file0': -2 [ 460.871513][ T31] audit: type=1326 audit(1768210401.574:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 460.918208][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 461.014348][ T31] audit: type=1326 audit(1768210401.574:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 461.073443][ T31] audit: type=1326 audit(1768210401.574:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 461.152390][ T31] audit: type=1326 audit(1768210401.594:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 461.238499][ T31] audit: type=1326 audit(1768210401.594:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 461.341953][ T31] audit: type=1326 audit(1768210401.594:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 461.628634][ T31] audit: type=1326 audit(1768210401.594:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 461.651931][ T31] audit: type=1326 audit(1768210401.594:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 461.675338][ T31] audit: type=1326 audit(1768210401.594:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9403 comm="syz.5.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f422bb8f749 code=0x7ffc0000 [ 463.368640][ T9448] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 463.497954][ T9457] loop6: detected capacity change from 0 to 1764 [ 464.515937][ T9470] loop5: detected capacity change from 0 to 512 [ 464.669059][ T9470] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 464.816208][ T9470] EXT4-fs (loop5): 1 orphan inode deleted [ 464.822048][ T9470] EXT4-fs (loop5): 1 truncate cleaned up [ 464.838519][ T9470] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 466.095210][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.376471][ T31] kauditd_printk_skb: 91 callbacks suppressed [ 468.376497][ T31] audit: type=1800 audit(1768210409.164:278): pid=9512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1064" name="bus" dev="tmpfs" ino=1002 res=0 errno=0 [ 468.595191][ T9519] loop4: detected capacity change from 0 to 512 [ 468.631589][ T9519] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 468.835921][ T9519] EXT4-fs (loop4): 1 orphan inode deleted [ 468.841779][ T9519] EXT4-fs (loop4): 1 truncate cleaned up [ 468.907579][ T9519] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 469.506981][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.277039][ T9539] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 472.131274][ T9576] input: syz1 as /devices/virtual/input/input12 [ 474.705019][ T9589] loop1: detected capacity change from 0 to 512 [ 474.784098][ T9590] loop5: detected capacity change from 0 to 2048 [ 474.841757][ T9590] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 475.035206][ T9589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 476.751024][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 477.515204][ T9637] loop6: detected capacity change from 0 to 512 [ 477.565662][ T9637] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 477.695772][ T9637] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 478.673146][ T9637] EXT4-fs error (device loop6): ext4_get_first_dir_block:3538: inode #12: comm syz.6.1100: directory missing '.' [ 478.818302][ T9637] EXT4-fs (loop6): Remounting filesystem read-only [ 478.849053][ T9656] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 479.144309][ T31] audit: type=1326 audit(1768210419.924:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 479.210901][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.279529][ T31] audit: type=1326 audit(1768210419.964:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 479.351642][ T31] audit: type=1326 audit(1768210419.964:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 479.661705][ T789] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 480.381018][ T31] audit: type=1326 audit(1768210419.964:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 480.411675][ T789] usb 6-1: Using ep0 maxpacket: 8 [ 480.426758][ T789] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 480.475680][ T31] audit: type=1326 audit(1768210419.964:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 480.680593][ T31] audit: type=1326 audit(1768210419.964:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe36658f749 code=0x7ffc0000 [ 480.707773][ T789] usb 6-1: config 179 has no interface number 0 [ 480.725507][ T789] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 480.750512][ T789] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 480.808088][ T789] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 480.812936][ T31] audit: type=1326 audit(1768210419.964:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe3665c2005 code=0x7ffc0000 [ 480.896159][ T9677] loop6: detected capacity change from 0 to 512 [ 480.948771][ T9677] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 481.138815][ T9677] EXT4-fs (loop6): 1 orphan inode deleted [ 481.144870][ T9677] EXT4-fs (loop6): 1 truncate cleaned up [ 481.159072][ T31] audit: type=1326 audit(1768210419.974:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe3665c2005 code=0x7ffc0000 [ 481.202427][ T9677] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 481.566624][ T31] audit: type=1326 audit(1768210419.974:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe3665c2005 code=0x7ffc0000 [ 481.659438][ T789] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 481.670992][ T789] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 481.687273][ T789] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 481.696966][ T789] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.709798][ T9679] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 481.790356][ T9667] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 481.791621][ T31] audit: type=1326 audit(1768210419.984:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9658 comm="syz.2.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe3665c2005 code=0x7ffc0000 [ 481.854482][ T9679] EXT4-fs (loop6): Remounting filesystem read-only [ 481.996675][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.116361][ T9667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 482.194974][ T9667] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 482.315655][ T789] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input13 [ 482.717955][ T5888] usb 6-1: USB disconnect, device number 7 [ 482.717962][ C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 482.718106][ C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 484.216851][ T9725] loop6: detected capacity change from 0 to 512 [ 484.305744][ T9725] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 484.629266][ T9725] EXT4-fs (loop6): 1 orphan inode deleted [ 484.641605][ T9725] EXT4-fs (loop6): 1 truncate cleaned up [ 484.756106][ T9725] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 485.151637][ T9727] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 485.626422][ T9727] EXT4-fs (loop6): Remounting filesystem read-only [ 485.703599][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.999241][ T9738] loop1: detected capacity change from 0 to 512 [ 486.604044][ T9738] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 486.756963][ T9738] ext4 filesystem being mounted at /195/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 486.961747][ T9749] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 487.154727][ T9759] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 487.259040][ T9757] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 487.351732][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 488.138505][ T9779] netlink: 'syz.4.1141': attribute type 7 has an invalid length. [ 488.147517][ T9779] warning: `syz.4.1141' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 488.212394][ T9780] loop2: detected capacity change from 0 to 512 [ 488.241094][ T9780] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 488.290628][ T9780] EXT4-fs (loop2): 1 orphan inode deleted [ 488.296624][ T9780] EXT4-fs (loop2): 1 truncate cleaned up [ 488.311793][ T9780] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 490.272636][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.281553][ T9789] loop1: detected capacity change from 0 to 512 [ 490.528253][ T9789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 490.551632][ T9789] ext4 filesystem being mounted at /197/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 490.788592][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.892040][ T9819] loop5: detected capacity change from 0 to 512 [ 491.986648][ T9819] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 492.266965][ T9819] EXT4-fs (loop5): 1 orphan inode deleted [ 492.272888][ T9819] EXT4-fs (loop5): 1 truncate cleaned up [ 492.335718][ T9819] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 492.530961][ T9818] loop4: detected capacity change from 0 to 128 [ 492.690868][ T9826] loop0: detected capacity change from 0 to 2048 [ 492.703328][ T9821] syz.4.1157: attempt to access beyond end of device [ 492.703328][ T9821] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 492.726182][ T9826] EXT4-fs: Ignoring removed nobh option [ 492.734529][ T9821] syz.4.1157: attempt to access beyond end of device [ 492.734529][ T9821] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128 [ 492.757329][ T9821] syz.4.1157: attempt to access beyond end of device [ 492.757329][ T9821] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 492.771140][ T9821] syz.4.1157: attempt to access beyond end of device [ 492.771140][ T9821] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 492.799382][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 492.813187][ T9826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 492.920220][ T9826] ext4 filesystem being mounted at /199/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 493.699428][ T9818] syz.4.1157: attempt to access beyond end of device [ 493.699428][ T9818] loop4: rw=8912896, sector=145, nr_sectors = 8 limit=128 [ 493.866503][ T31] kauditd_printk_skb: 19 callbacks suppressed [ 493.866528][ T31] audit: type=1800 audit(1768210434.654:308): pid=9826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1159" name="file0" dev="loop0" ino=13 res=0 errno=0 [ 493.963815][ T9818] syz.4.1157: attempt to access beyond end of device [ 493.963815][ T9818] loop4: rw=8912896, sector=161, nr_sectors = 8 limit=128 [ 494.145298][ T9818] syz.4.1157: attempt to access beyond end of device [ 494.145298][ T9818] loop4: rw=8912896, sector=177, nr_sectors = 8 limit=128 [ 495.383134][ T3422] kworker/u8:10: attempt to access beyond end of device [ 495.383134][ T3422] loop4: rw=8388609, sector=200, nr_sectors = 1 limit=128 [ 495.418123][ T3422] Buffer I/O error on dev loop4, logical block 200, lost async page write [ 495.461966][ T3422] kworker/u8:10: attempt to access beyond end of device [ 495.461966][ T3422] loop4: rw=1, sector=201, nr_sectors = 17 limit=128 [ 495.745179][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 495.941529][ T9] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 496.112788][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 496.149437][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 496.171965][ T9869] loop6: detected capacity change from 0 to 512 [ 496.183984][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 496.207850][ T9869] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 496.450754][ T9870] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 496.486435][ T9869] EXT4-fs (loop6): 1 orphan inode deleted [ 496.492350][ T9869] EXT4-fs (loop6): 1 truncate cleaned up [ 496.517052][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 496.530321][ T9869] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.578610][ T9] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 496.796828][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 496.976981][ T9] usb 5-1: config 0 descriptor?? [ 497.121191][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.231014][ T9] microsoft 0003:045E:07DA.0004: ignoring exceeding usage max [ 500.282809][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.290053][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.297528][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.304810][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.313215][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.324760][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.345988][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.585390][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 500.606052][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 501.401414][ T9] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 501.410616][ T9] HID 045e:07da: Invalid code 65791 type 1 [ 501.453751][ T9888] loop6: detected capacity change from 0 to 512 [ 501.512031][ T9] HID 045e:07da: Invalid code 768 type 1 [ 501.517698][ T9] HID 045e:07da: Invalid code 769 type 1 [ 501.561392][ T9] HID 045e:07da: Invalid code 770 type 1 [ 501.581913][ T9] HID 045e:07da: Invalid code 771 type 1 [ 501.587568][ T9] HID 045e:07da: Invalid code 772 type 1 [ 501.607561][ T9888] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 501.681392][ T9] HID 045e:07da: Invalid code 773 type 1 [ 501.729147][ T9] HID 045e:07da: Invalid code 774 type 1 [ 501.994682][ T9] HID 045e:07da: Invalid code 775 type 1 [ 502.000380][ T9] HID 045e:07da: Invalid code 776 type 1 [ 503.107344][ T9] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0004/input/input14 [ 503.333890][ T9] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 503.396577][ T9] usb 5-1: USB disconnect, device number 21 [ 503.529300][ T9911] fido_id[9911]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory [ 503.985410][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.028014][ T9929] loop6: detected capacity change from 0 to 512 [ 506.144769][ T9929] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 506.249119][ T9929] EXT4-fs (loop6): 1 orphan inode deleted [ 506.256044][ T9929] EXT4-fs (loop6): 1 truncate cleaned up [ 506.273515][ T9929] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 506.490207][ T9933] loop5: detected capacity change from 0 to 512 [ 506.584184][ T9933] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 506.702306][ T7713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.744198][ T9938] loop4: detected capacity change from 0 to 512 [ 506.847935][ T9938] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 507.227942][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.260080][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.525121][ T9957] loop5: detected capacity change from 0 to 1024 [ 507.557286][ T9960] loop4: detected capacity change from 0 to 128 [ 507.879486][ T9960] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 508.354783][ T9960] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 508.624135][ T31] audit: type=1804 audit(1768210449.414:309): pid=9960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1198" name="/newroot/201/file0/file1" dev="loop4" ino=12 res=1 errno=0 [ 508.776803][ T5831] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 511.163347][T10000] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1209'. [ 512.325821][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 512.354325][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.782662][T10004] loop5: detected capacity change from 0 to 512 [ 512.891931][T10004] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 513.395128][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.465049][T10041] loop2: detected capacity change from 0 to 1024 [ 515.615798][T10041] hfsplus: invalid file type 0120411 for inode 2 [ 515.660647][T10041] hfsplus: failed to load root directory [ 516.654907][T10041] loop2: detected capacity change from 0 to 1024 [ 518.436004][T10041] EXT4-fs: inline encryption not supported [ 518.548686][T10041] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 518.571523][T10041] EXT4-fs: failed to create workqueue [ 518.661949][T10041] EXT4-fs (loop2): mount failed [ 520.707860][ T5846] Bluetooth: hci6: command 0x0406 tx timeout [ 522.701595][T10082] loop1: detected capacity change from 0 to 256 [ 522.728360][T10082] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 522.791808][T10082] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 522.811063][T10089] loop2: detected capacity change from 0 to 512 [ 522.853304][T10089] ext4: Unknown parameter 'fowner<00000000000000000000' [ 522.872559][T10082] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 522.948050][T10082] exFAT-fs (loop1): failed to load alloc-bitmap [ 523.012834][T10082] exFAT-fs (loop1): failed to recognize exfat type [ 523.592024][T10098] netlink: 'syz.2.1238': attribute type 7 has an invalid length. [ 529.611830][ T114] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 530.111633][ T114] usb 7-1: Using ep0 maxpacket: 32 [ 530.145394][ T114] usb 7-1: config 0 has an invalid interface number: 85 but max is 0 [ 530.229660][ T114] usb 7-1: config 0 has no interface number 0 [ 530.287386][ T114] usb 7-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 530.418745][ T114] usb 7-1: config 0 interface 85 has no altsetting 0 [ 530.521998][ T114] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 530.577089][ T114] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 530.633240][ T114] usb 7-1: Product: syz [ 530.667931][ T114] usb 7-1: Manufacturer: syz [ 530.707689][ T114] usb 7-1: SerialNumber: syz [ 530.752756][ T114] usb 7-1: config 0 descriptor?? [ 535.891823][ T114] appletouch 7-1:0.85: Failed to request geyser raw mode [ 535.899127][ T114] appletouch 7-1:0.85: probe with driver appletouch failed with error -5 [ 535.992784][ T114] usb 7-1: USB disconnect, device number 3 [ 536.428671][T10152] loop6: detected capacity change from 0 to 764 [ 536.474067][T10152] rock: directory entry would overflow storage [ 536.480476][T10152] rock: sig=0x4654, size=5, remaining=4 [ 538.638517][ T5846] Bluetooth: hci6: command 0x0406 tx timeout [ 538.678518][T10160] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 538.932372][T10159] loop2: detected capacity change from 0 to 2048 [ 539.238012][T10159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 539.647643][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.351629][T10176] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 541.643644][T10178] loop4: detected capacity change from 0 to 512 [ 541.687347][T10178] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 542.827067][T10191] loop2: detected capacity change from 0 to 256 [ 544.351562][T10191] exFAT-fs (loop2): failed to test first cluster bit of root dir(5) [ 544.497387][T10194] netlink: 'syz.5.1266': attribute type 4 has an invalid length. [ 544.505741][T10194] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1266'. [ 544.593122][T10191] exFAT-fs (loop2): start_clu is invalid cluster(0x400) [ 550.873175][T10226] loop1: detected capacity change from 0 to 512 [ 550.880695][T10226] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 552.820656][ T5846] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 552.829683][ T5846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 552.838936][ T5846] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 552.850395][ T5846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 552.860970][ T5846] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 554.511025][T10242] chnl_net:caif_netlink_parms(): no params data found [ 554.934467][ T5840] Bluetooth: hci5: command tx timeout [ 555.048933][T10281] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 555.148991][T10281] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 555.401604][T10271] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 556.263635][T10289] loop5: detected capacity change from 0 to 512 [ 556.366335][T10289] EXT4-fs: mb_optimize_scan should be set to 0 or 1. [ 557.013344][ T5840] Bluetooth: hci5: command tx timeout [ 557.823375][T10242] bridge0: port 1(bridge_slave_0) entered blocking state [ 557.833479][T10242] bridge0: port 1(bridge_slave_0) entered disabled state [ 557.840691][T10242] bridge_slave_0: entered allmulticast mode [ 557.899598][T10242] bridge_slave_0: entered promiscuous mode [ 557.923672][T10242] bridge0: port 2(bridge_slave_1) entered blocking state [ 557.948595][T10242] bridge0: port 2(bridge_slave_1) entered disabled state [ 557.965022][T10311] loop1: detected capacity change from 0 to 512 [ 557.994333][T10242] bridge_slave_1: entered allmulticast mode [ 558.030797][T10242] bridge_slave_1: entered promiscuous mode [ 558.057211][T10311] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 558.372912][T10311] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 558.709488][T10242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 559.341403][ T5846] Bluetooth: hci5: command tx timeout [ 559.545268][T10242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 559.893794][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.109267][T10242] team0: Port device team_slave_0 added [ 560.777050][T10242] team0: Port device team_slave_1 added [ 561.421382][ T5840] Bluetooth: hci5: command tx timeout [ 561.456165][T10242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 563.424299][T10242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 563.553850][T10242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 563.783284][T10365] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 563.878070][T10242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 563.890211][T10378] loop0: detected capacity change from 0 to 1024 [ 563.891440][T10242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 563.983845][T10378] EXT4-fs: inline encryption not supported [ 564.003060][T10378] EXT4-fs: Ignoring removed nobh option [ 564.020175][T10378] EXT4-fs: Ignoring removed bh option [ 564.025872][T10242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 564.124102][T10378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 564.252887][ T37] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.297095][ T31] audit: type=1800 audit(1768210505.084:310): pid=10378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1315" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 564.324624][T10378] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4214: comm syz.0.1315: Allocating blocks 497-513 which overlap fs metadata [ 564.418396][T10378] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4214: comm syz.0.1315: Allocating blocks 497-513 which overlap fs metadata [ 564.582450][ T37] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 564.702372][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.963734][ T37] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.063799][ T37] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.128739][T10242] hsr_slave_0: entered promiscuous mode [ 566.153132][T10242] hsr_slave_1: entered promiscuous mode [ 566.163471][T10242] debugfs: 'hsr0' already exists in 'hsr' [ 566.169211][T10242] Cannot create hsr debugfs directory [ 569.041418][ T789] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 569.093308][ T37] bridge_slave_1: left allmulticast mode [ 569.098975][ T37] bridge_slave_1: left promiscuous mode [ 569.108321][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 569.122484][ T37] bridge_slave_0: left allmulticast mode [ 569.142066][ T37] bridge_slave_0: left promiscuous mode [ 569.147839][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 569.224488][ T789] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 569.280017][ T789] usb 2-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18 [ 569.455008][ T789] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 569.492540][ T789] usb 2-1: Product: syz [ 569.496729][ T789] usb 2-1: Manufacturer: syz [ 569.521671][ T789] usb 2-1: SerialNumber: syz [ 569.548040][ T789] usb 2-1: config 0 descriptor?? [ 570.133878][ T789] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 570.506848][ T789] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 570.536107][ T789] usb 2-1: USB disconnect, device number 19 [ 570.640930][T10235] udevd[10235]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 570.703834][T10448] cgroup: noprefix used incorrectly [ 572.132201][ T6048] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 572.173480][T10463] loop2: detected capacity change from 0 to 256 [ 572.312494][T10466] loop5: detected capacity change from 0 to 16 [ 572.337430][ T6048] usb 2-1: Using ep0 maxpacket: 32 [ 572.361877][ T6048] usb 2-1: config 0 has an invalid interface number: 85 but max is 0 [ 572.399477][ T6048] usb 2-1: config 0 has no interface number 0 [ 572.434195][T10463] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 572.504738][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.515001][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.560844][T10466] erofs (device loop5): mounted with root inode @ nid 36. [ 572.642810][ T6048] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 572.868270][ T6048] usb 2-1: config 0 interface 85 has no altsetting 0 [ 572.895940][ T6048] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 572.930483][ T6048] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 572.957058][ T6048] usb 2-1: Product: syz [ 572.968373][ T6048] usb 2-1: Manufacturer: syz [ 572.974061][ T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 573.015220][ T6048] usb 2-1: SerialNumber: syz [ 573.043010][ T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 573.062802][ T6048] usb 2-1: config 0 descriptor?? [ 573.080248][ T37] bond0 (unregistering): Released all slaves [ 573.683774][ T6048] appletouch 2-1:0.85: Geyser mode initialized. [ 573.829054][ T6048] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input16 [ 574.075559][ T6048] usb 2-1: USB disconnect, device number 20 [ 574.075580][ C1] appletouch 2-1:0.85: atp_complete: usb_submit_urb failed with result -19 [ 574.258128][ T6048] appletouch 2-1:0.85: input: appletouch disconnected [ 574.416716][T10242] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 574.555919][T10242] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 574.844009][T10242] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 574.933416][T10502] loop1: detected capacity change from 0 to 1024 [ 574.951112][T10502] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 574.994150][T10242] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 575.050465][T10502] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 575.059587][T10502] EXT4-fs (loop1): orphan cleanup on readonly fs [ 575.068422][T10502] EXT4-fs error (device loop1): ext4_free_blocks:6727: comm syz.1.1351: Freeing blocks not in datazone - block = 0, count = 4096 [ 575.088682][T10502] EXT4-fs (loop1): 1 orphan inode deleted [ 575.103484][T10502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 575.372895][ T37] hsr_slave_0: left promiscuous mode [ 575.386993][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.400212][ T37] hsr_slave_1: left promiscuous mode [ 575.430884][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 575.479955][ T37] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 575.549996][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 575.575750][ T37] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 575.930354][ T37] veth1_macvtap: left promiscuous mode [ 575.936806][ T37] veth0_macvtap: left promiscuous mode [ 575.942596][ T37] veth1_vlan: left promiscuous mode [ 575.947947][ T37] veth0_vlan: left promiscuous mode [ 579.428887][ T37] team0 (unregistering): Port device team_slave_1 removed [ 579.493880][ T37] team0 (unregistering): Port device team_slave_0 removed [ 580.127801][ T31] audit: type=1326 audit(1768210520.914:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.163962][ T31] audit: type=1326 audit(1768210520.914:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.193715][T10557] loop0: detected capacity change from 0 to 1024 [ 580.197383][ T31] audit: type=1326 audit(1768210520.914:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.241002][T10555] loop1: detected capacity change from 0 to 2048 [ 580.260354][T10555] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 580.303208][T10555] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 580.326851][ T31] audit: type=1326 audit(1768210520.914:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.369912][ T31] audit: type=1326 audit(1768210520.914:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.407407][ T31] audit: type=1326 audit(1768210520.914:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.471345][ T31] audit: type=1326 audit(1768210520.914:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.563197][ T31] audit: type=1326 audit(1768210520.914:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.668076][ T31] audit: type=1326 audit(1768210520.914:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.724492][ T31] audit: type=1326 audit(1768210520.914:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10556 comm="syz.0.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 580.977498][T10242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 581.242354][T10565] loop5: detected capacity change from 0 to 512 [ 581.510021][T10242] 8021q: adding VLAN 0 to HW filter on device team0 [ 581.536684][T10565] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 581.849118][ T6090] bridge0: port 1(bridge_slave_0) entered blocking state [ 581.856384][ T6090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 582.280199][ T6090] bridge0: port 2(bridge_slave_1) entered blocking state [ 582.287444][ T6090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 582.548834][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 584.069394][ T6168] hfsplus: b-tree write err: -5, ino 4 [ 585.355095][ T31] kauditd_printk_skb: 161 callbacks suppressed [ 585.355119][ T31] audit: type=1326 audit(1768210526.144:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 585.419472][T10597] loop0: detected capacity change from 0 to 512 [ 585.530264][T10597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 585.541431][ T31] audit: type=1326 audit(1768210526.194:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb97d78f749 code=0x7ffc0000 [ 585.565997][ T31] audit: type=1326 audit(1768210526.194:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb97d78f783 code=0x7ffc0000 [ 585.598111][ T31] audit: type=1326 audit(1768210526.194:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb97d78e1ff code=0x7ffc0000 [ 585.620477][T10597] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 585.633927][ T31] audit: type=1326 audit(1768210526.204:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb97d78f7d7 code=0x7ffc0000 [ 585.834272][ T31] audit: type=1326 audit(1768210526.204:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb97d78df90 code=0x7ffc0000 [ 585.858001][T10613] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 585.916616][ T31] audit: type=1326 audit(1768210526.204:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb97d78f34b code=0x7ffc0000 [ 586.021608][ T31] audit: type=1326 audit(1768210526.264:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb97d78e3aa code=0x7ffc0000 [ 586.029983][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.335167][ T31] audit: type=1326 audit(1768210526.264:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb97d78e3aa code=0x7ffc0000 [ 586.486924][ T31] audit: type=1326 audit(1768210526.264:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10596 comm="syz.0.1371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fb97d78de97 code=0x7ffc0000 [ 586.495061][T10242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 586.913519][T10638] loop5: detected capacity change from 0 to 512 [ 587.080653][T10638] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 587.262713][T10638] EXT4-fs (loop5): 1 orphan inode deleted [ 587.268544][T10638] EXT4-fs (loop5): 1 truncate cleaned up [ 587.303592][T10638] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.596911][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.486536][T10242] veth0_vlan: entered promiscuous mode [ 593.544638][T10242] veth1_vlan: entered promiscuous mode [ 593.705818][T10242] veth0_macvtap: entered promiscuous mode [ 593.754116][T10242] veth1_macvtap: entered promiscuous mode [ 594.160665][T10688] loop0: detected capacity change from 0 to 8 [ 594.175375][T10688] squashfs: Unknown parameter 'Fails 0 [ 594.175375][T10688] Ip6FragOKs 2 [ 594.175375][T10688] Ip6FragFails 0 [ 594.175375][T10688] Ip6FragCreates 4 [ 594.175375][T10688] Ip6InMcastPkts 504 [ 594.175375][T10688] Ip6OutMcastPkts 827 [ 594.175375][T10688] Ip6InOctets ' [ 594.791205][T10689] loop5: detected capacity change from 0 to 512 [ 594.824597][T10689] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 595.024007][T10689] EXT4-fs (loop5): 1 orphan inode deleted [ 595.029847][T10689] EXT4-fs (loop5): 1 truncate cleaned up [ 595.045908][T10689] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 595.310637][T10242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 595.325808][T10242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 595.356741][ T990] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 595.402235][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.432586][ T6763] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 595.512156][ T6763] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 595.520934][ T6763] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.011901][ T1004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.019754][ T1004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 598.190933][ T7341] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.241395][ T7341] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 600.708439][T10730] loop2: detected capacity change from 0 to 512 [ 600.867894][T10730] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 601.835662][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.475945][T10754] loop7: detected capacity change from 0 to 512 [ 602.559930][T10754] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 602.727514][T10754] EXT4-fs (loop7): 1 orphan inode deleted [ 602.733451][T10754] EXT4-fs (loop7): 1 truncate cleaned up [ 602.748372][T10754] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 604.581851][ T6220] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 604.622219][T10242] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 604.771403][ T6220] usb 5-1: Using ep0 maxpacket: 16 [ 604.795027][ T6220] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 604.854567][ T6220] usb 5-1: config 0 has no interfaces? [ 604.890456][ T6220] usb 5-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 605.110838][ T6220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 605.141026][ T6220] usb 5-1: config 0 descriptor?? [ 606.080765][ T6220] usb 5-1: USB disconnect, device number 22 [ 608.419002][T10791] loop4: detected capacity change from 0 to 512 [ 608.564794][T10791] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 608.857387][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 618.237452][T10875] loop0: detected capacity change from 0 to 512 [ 618.551933][T10875] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 619.571737][T10875] EXT4-fs (loop0): 1 orphan inode deleted [ 619.578231][T10875] EXT4-fs (loop0): 1 truncate cleaned up [ 619.604081][T10875] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 620.051900][ T6518] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 621.652298][T10883] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 621.672265][ T6518] usb 6-1: device descriptor read/64, error -71 [ 621.722216][T10883] EXT4-fs (loop0): Remounting filesystem read-only [ 621.941597][ T6518] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 621.976224][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 622.219403][T10896] loop5: detected capacity change from 0 to 512 [ 624.634212][T10896] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 626.004899][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 626.284112][ T5846] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 626.294360][ T5846] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 626.302196][ T5846] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 626.361920][ T5846] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 626.371960][ T5846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 627.065278][T10140] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 628.871454][ T5846] Bluetooth: hci6: command tx timeout [ 629.013019][T10140] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 629.066039][T10140] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 629.131914][T10140] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 629.171591][T10140] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 629.180651][T10140] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.263729][T10140] usb 6-1: config 0 descriptor?? [ 629.340704][ T7341] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 629.426663][T10917] chnl_net:caif_netlink_parms(): no params data found [ 629.594755][ T7341] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 629.720647][T10140] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 630.064545][ T7341] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 630.932056][ T5846] Bluetooth: hci6: command tx timeout [ 631.058127][T10973] loop2: detected capacity change from 0 to 512 [ 631.175771][T10973] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.1456: inode has both inline data and extents flags [ 631.248966][T10973] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.1456: couldn't read orphan inode 15 (err -117) [ 631.286276][ T7341] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 631.343687][T10973] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 631.424849][T10917] bridge0: port 1(bridge_slave_0) entered blocking state [ 631.443574][T10917] bridge0: port 1(bridge_slave_0) entered disabled state [ 631.460927][T10917] bridge_slave_0: entered allmulticast mode [ 631.731176][T10917] bridge_slave_0: entered promiscuous mode [ 632.200490][T10140] usb 6-1: USB disconnect, device number 10 [ 632.275284][T10917] bridge0: port 2(bridge_slave_1) entered blocking state [ 632.343089][T10917] bridge0: port 2(bridge_slave_1) entered disabled state [ 632.359802][T10917] bridge_slave_1: entered allmulticast mode [ 632.418259][T10917] bridge_slave_1: entered promiscuous mode [ 632.698518][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.185750][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.192424][ T5846] Bluetooth: hci6: command tx timeout [ 634.198757][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.722823][T10917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 635.803858][T10917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 636.193976][T10917] team0: Port device team_slave_0 added [ 636.221337][ T5846] Bluetooth: hci6: command tx timeout [ 636.231571][ T7341] bridge_slave_1: left allmulticast mode [ 636.237206][ T7341] bridge_slave_1: left promiscuous mode [ 636.281668][ T7341] bridge0: port 2(bridge_slave_1) entered disabled state [ 636.382535][ T7341] bridge_slave_0: left allmulticast mode [ 636.388197][ T7341] bridge_slave_0: left promiscuous mode [ 636.449951][ T7341] bridge0: port 1(bridge_slave_0) entered disabled state [ 637.039058][T11012] loop0: detected capacity change from 0 to 2048 [ 638.365216][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 638.375102][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 638.382852][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 638.391025][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 638.398796][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 639.872106][ T7341] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 639.938220][ T7341] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 639.959144][ T7341] bond0 (unregistering): Released all slaves [ 640.025287][T10917] team0: Port device team_slave_1 added [ 640.272034][T11049] loop5: detected capacity change from 0 to 128 [ 640.451743][ T5846] Bluetooth: hci1: command tx timeout [ 640.691225][T10917] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 640.862416][T10917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 640.911723][T11049] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 640.988660][T11049] ext4 filesystem being mounted at /262/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 641.062035][T10917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 641.087223][T10917] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 641.101664][T10917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 641.181126][T11049] EXT4-fs (loop5): resizing filesystem from 64 to 2 blocks [ 641.236861][T11049] EXT4-fs warning (device loop5): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 641.265080][T10917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 641.418960][ T5832] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 642.872185][ T5846] Bluetooth: hci1: command tx timeout [ 645.301319][ T5846] Bluetooth: hci1: command tx timeout [ 645.643529][T10917] hsr_slave_0: entered promiscuous mode [ 645.650305][T10917] hsr_slave_1: entered promiscuous mode [ 645.779500][T10917] debugfs: 'hsr0' already exists in 'hsr' [ 645.974141][T10917] Cannot create hsr debugfs directory [ 646.291010][T11089] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 647.351358][ T5846] Bluetooth: hci1: command tx timeout [ 647.468203][ T7341] hsr_slave_0: left promiscuous mode [ 647.606519][ T7341] hsr_slave_1: left promiscuous mode [ 647.702316][ T7341] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 647.709749][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 647.937599][ T7341] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 647.972010][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 648.420137][ T7341] veth1_macvtap: left promiscuous mode [ 648.438237][ T7341] veth0_macvtap: left promiscuous mode [ 648.455350][ T7341] veth1_vlan: left promiscuous mode [ 648.484043][ T7341] veth0_vlan: left promiscuous mode [ 651.626492][T11121] loop4: detected capacity change from 0 to 512 [ 651.715869][T11121] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.984765][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.295023][ T7341] team0 (unregistering): Port device team_slave_1 removed [ 654.373884][ T5930] kworker/0:5 (5930) used greatest stack depth: 19448 bytes left [ 654.395903][ T7341] team0 (unregistering): Port device team_slave_0 removed [ 657.594927][T11158] loop4: detected capacity change from 0 to 512 [ 657.734670][T11158] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 658.938106][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 659.202884][T11183] loop0: detected capacity change from 0 to 512 [ 659.248027][T11183] EXT4-fs: Ignoring removed i_version option [ 659.293782][T11183] ext4: Unknown parameter 'appraise' [ 659.771559][T11192] xt_limit: Overflow, try lower: 167772/2147483648 [ 661.526967][ T7341] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 662.960228][T11017] chnl_net:caif_netlink_parms(): no params data found [ 663.323785][ T7341] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 663.434735][T10917] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 663.532927][ T7341] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 663.612501][T10917] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 663.712069][T10917] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 663.853129][ T7341] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 664.123046][T10917] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 664.831953][T11017] bridge0: port 1(bridge_slave_0) entered blocking state [ 664.870014][T11017] bridge0: port 1(bridge_slave_0) entered disabled state [ 664.909133][T11017] bridge_slave_0: entered allmulticast mode [ 664.976449][T11017] bridge_slave_0: entered promiscuous mode [ 665.056193][T11017] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.084563][T11017] bridge0: port 2(bridge_slave_1) entered disabled state [ 665.109103][T11241] loop4: detected capacity change from 0 to 512 [ 665.122246][ T6048] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 665.141612][T11017] bridge_slave_1: entered allmulticast mode [ 665.149587][T11017] bridge_slave_1: entered promiscuous mode [ 665.260615][T11241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 665.302026][ T6048] usb 1-1: Using ep0 maxpacket: 32 [ 665.312754][ T6048] usb 1-1: config 0 has an invalid interface number: 85 but max is 0 [ 665.320925][ T6048] usb 1-1: config 0 has no interface number 0 [ 665.333696][ T6048] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 665.345017][ T6048] usb 1-1: config 0 interface 85 has no altsetting 0 [ 665.365009][ T6048] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 665.375195][ T6048] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 665.396118][ T6048] usb 1-1: Product: syz [ 665.400296][ T6048] usb 1-1: Manufacturer: syz [ 665.421324][ T6048] usb 1-1: SerialNumber: syz [ 665.447128][ T6048] usb 1-1: config 0 descriptor?? [ 665.507561][T11017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 665.535971][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 665.548856][T11017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 665.605070][T11254] loop5: detected capacity change from 0 to 1024 [ 665.712205][T11254] EXT4-fs: Ignoring removed oldalloc option [ 665.718185][T11254] EXT4-fs: Ignoring removed bh option [ 665.800771][T11254] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 665.838999][T11017] team0: Port device team_slave_0 added [ 666.103073][T11017] team0: Port device team_slave_1 added [ 667.069983][ T6048] appletouch 1-1:0.85: Geyser mode initialized. [ 667.093891][ T6048] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input17 [ 667.139240][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 667.705718][ T6048] usb 1-1: USB disconnect, device number 11 [ 667.711808][ C0] appletouch 1-1:0.85: atp_complete: usb_submit_urb failed with result -19 [ 667.923946][T11017] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 667.930931][T11017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 667.973329][ T6048] appletouch 1-1:0.85: input: appletouch disconnected [ 669.460657][T11017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 669.559305][T11017] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 669.580697][T11017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 669.712530][T11017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 670.207093][T11017] hsr_slave_0: entered promiscuous mode [ 670.226614][T11017] hsr_slave_1: entered promiscuous mode [ 670.246888][T11017] debugfs: 'hsr0' already exists in 'hsr' [ 671.540971][T11017] Cannot create hsr debugfs directory [ 671.575747][ T7341] bridge_slave_1: left allmulticast mode [ 671.582298][ T7341] bridge_slave_1: left promiscuous mode [ 671.588164][ T7341] bridge0: port 2(bridge_slave_1) entered disabled state [ 671.735768][ T7341] bridge_slave_0: left allmulticast mode [ 671.773255][ T7341] bridge_slave_0: left promiscuous mode [ 671.779018][ T7341] bridge0: port 1(bridge_slave_0) entered disabled state [ 672.238164][T11316] loop4: detected capacity change from 0 to 512 [ 672.272369][T11316] ext4: Unknown parameter 'uid<00000000000000000000' [ 673.289625][T11324] loop4: detected capacity change from 0 to 512 [ 673.336044][T11324] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 673.429299][T11324] EXT4-fs (loop4): 1 truncate cleaned up [ 673.497439][T11328] loop5: detected capacity change from 0 to 512 [ 673.535403][T11324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 673.551844][ T7341] dvmrp6 (unregistering): left allmulticast mode [ 673.635161][T11328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 673.907587][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.037352][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.123718][ T7341] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 674.214488][ T7341] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 674.252991][ T7341] bond0 (unregistering): Released all slaves [ 675.774303][T11366] loop5: detected capacity change from 0 to 8 [ 675.830597][T11366] SQUASHFS error: zlib decompression failed, data probably corrupt [ 675.838959][T11366] SQUASHFS error: Failed to read block 0x9b: -5 [ 675.845286][T11366] SQUASHFS error: Unable to read metadata cache entry [99] [ 675.852596][T11366] SQUASHFS error: Unable to read inode 0x127 [ 676.907039][T11382] loop4: detected capacity change from 0 to 8 [ 676.940195][T11382] unable to read inode lookup table [ 679.433778][T11400] loop0: detected capacity change from 0 to 256 [ 679.498936][T11400] FAT-fs (loop0): Directory bread(block 64) failed [ 679.518079][T11400] FAT-fs (loop0): Directory bread(block 65) failed [ 679.531421][T11400] FAT-fs (loop0): Directory bread(block 66) failed [ 679.538022][T11400] FAT-fs (loop0): Directory bread(block 67) failed [ 679.545080][ T7341] hsr_slave_0: left promiscuous mode [ 679.562976][T11400] FAT-fs (loop0): Directory bread(block 68) failed [ 679.579716][T11400] FAT-fs (loop0): Directory bread(block 69) failed [ 679.581519][ T7341] hsr_slave_1: left promiscuous mode [ 679.589940][T11400] FAT-fs (loop0): Directory bread(block 70) failed [ 679.611440][T11400] FAT-fs (loop0): Directory bread(block 71) failed [ 679.622763][ T7341] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 679.632431][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 679.639296][T11400] FAT-fs (loop0): Directory bread(block 72) failed [ 679.651482][T11400] FAT-fs (loop0): Directory bread(block 73) failed [ 679.660611][ T7341] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 679.691588][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 679.748824][ T7341] veth1_macvtap: left promiscuous mode [ 679.762225][ T7341] veth0_macvtap: left promiscuous mode [ 679.767956][ T7341] veth1_vlan: left promiscuous mode [ 679.778006][ T7341] veth0_vlan: left promiscuous mode [ 682.894039][T11423] loop0: detected capacity change from 0 to 8 [ 683.001615][T11423] unable to read inode lookup table [ 684.037042][ T7341] team0 (unregistering): Port device team_slave_1 removed [ 684.108918][ T7341] team0 (unregistering): Port device team_slave_0 removed [ 684.311439][ T5917] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 684.515487][ T5917] usb 5-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 684.535168][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 684.576721][ T5917] usb 5-1: config 0 descriptor?? [ 684.825695][ T5846] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 684.835710][ T5846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 684.850098][ T5846] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 684.867359][ T5846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 684.875676][ T5846] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 685.317431][ T10] usb 5-1: USB disconnect, device number 23 [ 687.410122][ T5846] Bluetooth: hci5: command tx timeout [ 687.499655][T11017] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 687.588295][T11017] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 687.669284][T11017] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 687.750112][T11017] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 689.854402][T11494] loop5: detected capacity change from 0 to 8 [ 691.731659][ T5846] Bluetooth: hci5: command tx timeout [ 691.741115][T11494] unable to read inode lookup table [ 692.438465][T11449] chnl_net:caif_netlink_parms(): no params data found [ 693.813205][ T5846] Bluetooth: hci5: command tx timeout [ 694.324196][T11017] 8021q: adding VLAN 0 to HW filter on device bond0 [ 694.437081][T11017] 8021q: adding VLAN 0 to HW filter on device team0 [ 696.589531][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 696.595956][ T5840] Bluetooth: hci5: command tx timeout [ 696.601679][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 696.665893][T11449] bridge0: port 1(bridge_slave_0) entered blocking state [ 696.681525][T11449] bridge0: port 1(bridge_slave_0) entered disabled state [ 696.688692][T11449] bridge_slave_0: entered allmulticast mode [ 696.766672][T11449] bridge_slave_0: entered promiscuous mode [ 696.786433][ T221] bridge0: port 1(bridge_slave_0) entered blocking state [ 696.793597][ T221] bridge0: port 1(bridge_slave_0) entered forwarding state [ 696.823018][ T221] bridge0: port 2(bridge_slave_1) entered blocking state [ 696.830151][ T221] bridge0: port 2(bridge_slave_1) entered forwarding state [ 696.901977][T11449] bridge0: port 2(bridge_slave_1) entered blocking state [ 696.921373][T11449] bridge0: port 2(bridge_slave_1) entered disabled state [ 696.941644][T11449] bridge_slave_1: entered allmulticast mode [ 696.971808][T11449] bridge_slave_1: entered promiscuous mode [ 698.574223][T11449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 698.734263][T11449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 699.187423][ T5846] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 699.197651][ T5846] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 699.221794][ T5846] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 699.222231][T11449] team0: Port device team_slave_0 added [ 699.236287][ T5846] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 699.246066][ T5846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 699.385218][T11449] team0: Port device team_slave_1 added [ 700.667589][T11449] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 700.691220][T11449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 700.751698][T11449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 700.971480][T11449] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 700.978491][T11449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 701.058711][T11449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 701.175552][ T7341] bridge_slave_1: left allmulticast mode [ 701.191107][ T7341] bridge_slave_1: left promiscuous mode [ 701.207424][ T7341] bridge0: port 2(bridge_slave_1) entered disabled state [ 701.246314][ T7341] bridge_slave_0: left allmulticast mode [ 701.263540][ T7341] bridge_slave_0: left promiscuous mode [ 701.277626][ T7341] bridge0: port 1(bridge_slave_0) entered disabled state [ 701.331337][ T5846] Bluetooth: hci6: command tx timeout [ 703.411589][ T5846] Bluetooth: hci6: command tx timeout [ 703.920785][T11591] fuse: Bad value for 'fd' [ 704.770547][ T7341] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 704.820804][ T7341] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 704.849525][ T7341] bond0 (unregistering): Released all slaves [ 705.972099][ T5846] Bluetooth: hci6: command tx timeout [ 706.090426][T11449] hsr_slave_0: entered promiscuous mode [ 706.158519][T11449] hsr_slave_1: entered promiscuous mode [ 706.200902][T11449] debugfs: 'hsr0' already exists in 'hsr' [ 706.267234][T11449] Cannot create hsr debugfs directory [ 706.681635][ T7341] hsr_slave_0: left promiscuous mode [ 706.924369][T11617] loop0: detected capacity change from 0 to 8 [ 706.931444][T11617] squashfs: Unknown parameter 'Fails 0 [ 706.931444][T11617] Ip6FragOKs 2 [ 706.931444][T11617] Ip6FragFails 0 [ 706.931444][T11617] Ip6FragCreates 4 [ 706.931444][T11617] Ip6InMcastPkts 534 [ 706.931444][T11617] Ip6OutMcastPkts 872 [ 706.931444][T11617] Ip6InOctets ' [ 707.712109][ T7341] hsr_slave_1: left promiscuous mode [ 707.742270][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 707.752477][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 708.051553][ T5846] Bluetooth: hci6: command tx timeout [ 708.642135][T11624] loop0: detected capacity change from 0 to 1024 [ 708.855543][ T4482] hfsplus: b-tree write err: -5, ino 4 [ 709.357247][ T7341] team0 (unregistering): Port device team_slave_1 removed [ 710.602210][ T7341] team0 (unregistering): Port device team_slave_0 removed [ 711.581780][T11664] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1604'. [ 718.394647][T11546] chnl_net:caif_netlink_parms(): no params data found [ 719.661805][T11546] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.692573][T11546] bridge0: port 1(bridge_slave_0) entered disabled state [ 719.731599][T11546] bridge_slave_0: entered allmulticast mode [ 719.744936][T11546] bridge_slave_0: entered promiscuous mode [ 719.772050][T11546] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.789418][T11546] bridge0: port 2(bridge_slave_1) entered disabled state [ 719.821601][T11546] bridge_slave_1: entered allmulticast mode [ 719.829606][T11546] bridge_slave_1: entered promiscuous mode [ 720.045357][T11546] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 720.073030][T11546] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 721.413233][T11546] team0: Port device team_slave_0 added [ 721.463881][T11546] team0: Port device team_slave_1 added [ 724.234542][ T7341] bridge_slave_1: left allmulticast mode [ 724.240243][ T7341] bridge_slave_1: left promiscuous mode [ 724.279136][ T7341] bridge0: port 2(bridge_slave_1) entered disabled state [ 724.328969][ T7341] bridge_slave_0: left allmulticast mode [ 724.345496][ T7341] bridge_slave_0: left promiscuous mode [ 724.376450][ T7341] bridge0: port 1(bridge_slave_0) entered disabled state [ 726.954546][ T7341] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 726.974791][ T7341] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 727.004732][ T7341] bond0 (unregistering): Released all slaves [ 727.043833][T11546] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 727.051989][T11546] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 727.133200][T11546] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 727.210416][T11546] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 727.242565][T11546] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 727.552869][T11546] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 727.567192][T11449] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 729.536725][T11449] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 729.634363][ T7341] hsr_slave_0: left promiscuous mode [ 729.671138][ T7341] hsr_slave_1: left promiscuous mode [ 729.692771][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 729.763371][ T7341] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 732.653429][ T5846] Bluetooth: hci0: unexpected event for opcode 0x2035 [ 733.101696][ T6220] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 733.371796][ T6220] usb 1-1: Using ep0 maxpacket: 16 [ 733.512614][ T6220] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 733.556325][ T6220] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 733.599298][ T6220] usb 1-1: Product: syz [ 733.609412][ T6220] usb 1-1: Manufacturer: syz [ 733.631485][ T6220] usb 1-1: SerialNumber: syz [ 733.679947][ T6220] usb 1-1: config 0 descriptor?? [ 733.838811][ T7341] team0 (unregistering): Port device team_slave_1 removed [ 733.918807][ T7341] team0 (unregistering): Port device team_slave_0 removed [ 734.121661][ T6220] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 734.173813][ T6220] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 734.210740][ T6220] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 734.238805][ T6220] usb 1-1: media controller created [ 734.285338][ T6220] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 734.925646][ T6220] zl10353_read_register: readreg error (reg=127, ret==0) [ 735.106854][ T6220] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 735.279115][ T6220] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 735.561333][ T6220] usb 1-1: USB disconnect, device number 12 [ 736.467113][ T6220] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 737.754006][T11831] ipt_REJECT: ECHOREPLY no longer supported. [ 739.496334][T11449] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 739.774148][T11449] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 740.147972][T11546] hsr_slave_0: entered promiscuous mode [ 740.156348][T11546] hsr_slave_1: entered promiscuous mode [ 740.172061][T11546] debugfs: 'hsr0' already exists in 'hsr' [ 740.181640][T11546] Cannot create hsr debugfs directory [ 740.318591][T11848] loop4: detected capacity change from 0 to 512 [ 742.023777][T11851] loop0: detected capacity change from 0 to 4096 [ 742.066706][T11851] EXT4-fs (loop0): Test dummy encryption mode enabled [ 742.117229][T11851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 742.261350][T11848] EXT4-fs (loop4): failed to open journal device unknown-block(2048,0) -6 [ 742.398828][ T5829] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 743.230286][ T789] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 744.402108][T11449] 8021q: adding VLAN 0 to HW filter on device bond0 [ 744.561401][ T789] usb 1-1: Using ep0 maxpacket: 16 [ 744.588558][ T789] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 744.598108][T11449] 8021q: adding VLAN 0 to HW filter on device team0 [ 744.612204][ T789] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 744.620220][ T789] usb 1-1: Product: syz [ 744.653369][ T789] usb 1-1: Manufacturer: syz [ 744.659873][ T4482] bridge0: port 1(bridge_slave_0) entered blocking state [ 744.667038][ T4482] bridge0: port 1(bridge_slave_0) entered forwarding state [ 744.675354][ T789] usb 1-1: SerialNumber: syz [ 744.704610][ T789] usb 1-1: config 0 descriptor?? [ 744.754025][ T4482] bridge0: port 2(bridge_slave_1) entered blocking state [ 744.761210][ T4482] bridge0: port 2(bridge_slave_1) entered forwarding state [ 745.141470][ T789] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 745.183837][ T789] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 745.242141][ T789] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 745.250093][ T789] usb 1-1: media controller created [ 745.361438][T11867] ------------[ cut here ]------------ [ 745.366951][T11867] usb 1-1: BOGUS control dir, pipe 80000d80 doesn't match bRequestType c0 [ 745.375518][T11867] WARNING: drivers/usb/core/urb.c:412 at usb_submit_urb+0x153e/0x1970, CPU#0: syz.0.1647/11867 [ 745.386022][T11867] Modules linked in: [ 745.390122][T11867] CPU: 0 UID: 0 PID: 11867 Comm: syz.0.1647 Tainted: G L syzkaller #0 PREEMPT(full) [ 745.401361][T11867] Tainted: [L]=SOFTLOCKUP SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 745.405692][T11867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 745.417249][T11867] RIP: 0010:usb_submit_urb+0x1549/0x1970 [ 745.424325][T11867] Code: 30 48 89 7c 24 38 e8 c6 e0 a9 fa 48 8b 7c 24 38 e8 3c 74 d0 fe 48 89 c6 48 8d 3d 02 e2 7f 09 48 8b 54 24 30 45 89 e8 44 89 f9 <67> 48 0f b9 3a e9 fd ed ff ff 48 89 7c 24 30 e8 93 e0 a9 fa 48 8b [ 745.444012][T11867] RSP: 0018:ffffc90004957778 EFLAGS: 00010283 [ 745.450101][T11867] RAX: ffffffff8c5458a0 RBX: ffff88802fe91500 RCX: 0000000080000d80 [ 745.458176][T11867] RDX: ffff888029aead80 RSI: ffffffff8c5458a0 RDI: ffffffff9094da20 [ 745.467283][T11867] RBP: ffff888079c3c058 R08: 00000000000000c0 R09: 0000000000000000 [ 745.476428][T11867] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888078ac2d40 [ 745.484598][T11867] R13: 00000000000000c0 R14: 0000000000000001 R15: 0000000080000d80 [ 745.492633][T11867] FS: 00007fb97e5f06c0(0000) GS:ffff8881248f3000(0000) knlGS:0000000000000000 [ 745.501628][T11867] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 745.508230][T11867] CR2: 000000110c3c54b1 CR3: 000000005511c000 CR4: 0000000000350ef0 [ 745.516268][T11867] Call Trace: [ 745.519555][T11867] [ 745.522560][T11867] ? __init_swait_queue_head+0xca/0x150 [ 745.528160][T11867] usb_start_wait_urb+0x104/0x4e0 [ 745.533276][T11867] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 745.538863][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.544652][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.550332][T11867] ? __asan_memset+0x23/0x50 [ 745.555874][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.561631][T11867] usb_control_msg+0x326/0x4a0 [ 745.567460][T11867] ? __pfx_usb_control_msg+0x10/0x10 [ 745.573810][T11867] ? look_up_lock_class+0x59/0x130 [ 745.578986][T11867] dtv5100_i2c_msg+0x1fa/0x360 [ 745.583844][T11867] dtv5100_i2c_xfer+0x1e0/0x420 [ 745.588735][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.594477][T11867] __i2c_transfer+0x6b6/0x2100 [ 745.599296][T11867] ? lockdep_hardirqs_on+0x7c/0x110 [ 745.604590][T11867] ? __pfx___i2c_transfer+0x10/0x10 [ 745.609829][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.615534][T11867] ? rt_mutex_slowtrylock+0xc9/0x100 [ 745.621494][T11867] i2c_transfer+0x1da/0x380 [ 745.626055][T11867] i2c_transfer_buffer_flags+0x10c/0x190 [ 745.631829][T11867] ? __pfx_i2c_transfer_buffer_flags+0x10/0x10 [ 745.638036][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.643752][T11867] ? _copy_from_user+0x59/0xd0 [ 745.648552][T11867] i2cdev_write+0x11e/0x240 [ 745.653175][T11867] ? __pfx_i2cdev_write+0x10/0x10 [ 745.658242][T11867] vfs_writev+0x5df/0xde0 [ 745.662643][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.669348][T11867] ? __pfx_vfs_writev+0x10/0x10 [ 745.675184][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.680873][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.686564][T11867] ? __fget_files+0x20e/0x3c0 [ 745.691359][T11867] ? do_pwritev+0x1a6/0x270 [ 745.695887][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.701613][T11867] do_pwritev+0x1a6/0x270 [ 745.705978][T11867] ? __pfx_do_pwritev+0x10/0x10 [ 745.710874][T11867] do_syscall_64+0xcd/0xf80 [ 745.715458][T11867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.721402][T11867] RIP: 0033:0x7fb97d78f749 [ 745.725832][T11867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.745534][T11867] RSP: 002b:00007fb97e5f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 745.754041][T11867] RAX: ffffffffffffffda RBX: 00007fb97d9e5fa0 RCX: 00007fb97d78f749 [ 745.762069][T11867] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000004 [ 745.771108][T11867] RBP: 00007fb97d813f91 R08: 000000000000000c R09: 0000000000000000 [ 745.780054][T11867] R10: 000000007c58fc9b R11: 0000000000000246 R12: 0000000000000000 [ 745.788110][T11867] R13: 00007fb97d9e6038 R14: 00007fb97d9e5fa0 R15: 00007ffc67aba658 [ 745.793203][T11546] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 745.796148][T11867] [ 745.805824][T11867] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 745.813117][T11867] CPU: 0 UID: 0 PID: 11867 Comm: syz.0.1647 Tainted: G L syzkaller #0 PREEMPT(full) [ 745.824078][T11867] Tainted: [L]=SOFTLOCKUP [ 745.828394][T11867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 745.838448][T11867] Call Trace: [ 745.841724][T11867] [ 745.844654][T11867] dump_stack_lvl+0x3d/0x1f0 [ 745.849276][T11867] vpanic+0x640/0x6f0 [ 745.853273][T11867] ? usb_submit_urb+0x153e/0x1970 [ 745.858302][T11867] panic+0xca/0xd0 [ 745.862034][T11867] ? __pfx_panic+0x10/0x10 [ 745.866481][T11867] check_panic_on_warn+0xab/0xb0 [ 745.871436][T11867] __warn+0x108/0x3c0 [ 745.875444][T11867] __report_bug+0x2a0/0x520 [ 745.879978][T11867] ? usb_submit_urb+0x153e/0x1970 [ 745.885012][T11867] ? __pfx___report_bug+0x10/0x10 [ 745.890060][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.895707][T11867] ? stack_trace_save+0x8e/0xc0 [ 745.900586][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 745.906240][T11867] report_bug_entry+0xe1/0x290 [ 745.911029][T11867] ? usb_submit_urb+0x1549/0x1970 [ 745.916059][T11867] handle_bug+0x18a/0x260 [ 745.920403][T11867] exc_invalid_op+0x17/0x50 [ 745.924920][T11867] asm_exc_invalid_op+0x1a/0x20 [ 745.929778][T11867] RIP: 0010:usb_submit_urb+0x1549/0x1970 [ 745.935417][T11867] Code: 30 48 89 7c 24 38 e8 c6 e0 a9 fa 48 8b 7c 24 38 e8 3c 74 d0 fe 48 89 c6 48 8d 3d 02 e2 7f 09 48 8b 54 24 30 45 89 e8 44 89 f9 <67> 48 0f b9 3a e9 fd ed ff ff 48 89 7c 24 30 e8 93 e0 a9 fa 48 8b [ 745.955034][T11867] RSP: 0018:ffffc90004957778 EFLAGS: 00010283 [ 745.961110][T11867] RAX: ffffffff8c5458a0 RBX: ffff88802fe91500 RCX: 0000000080000d80 [ 745.969083][T11867] RDX: ffff888029aead80 RSI: ffffffff8c5458a0 RDI: ffffffff9094da20 [ 745.977057][T11867] RBP: ffff888079c3c058 R08: 00000000000000c0 R09: 0000000000000000 [ 745.985034][T11867] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888078ac2d40 [ 745.993008][T11867] R13: 00000000000000c0 R14: 0000000000000001 R15: 0000000080000d80 [ 746.001001][T11867] ? usb_submit_urb+0x1534/0x1970 [ 746.006038][T11867] ? __init_swait_queue_head+0xca/0x150 [ 746.011614][T11867] usb_start_wait_urb+0x104/0x4e0 [ 746.016653][T11867] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 746.022204][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.027870][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.033516][T11867] ? __asan_memset+0x23/0x50 [ 746.038132][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.043784][T11867] usb_control_msg+0x326/0x4a0 [ 746.048561][T11867] ? __pfx_usb_control_msg+0x10/0x10 [ 746.053853][T11867] ? look_up_lock_class+0x59/0x130 [ 746.059008][T11867] dtv5100_i2c_msg+0x1fa/0x360 [ 746.063805][T11867] dtv5100_i2c_xfer+0x1e0/0x420 [ 746.068683][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.074337][T11867] __i2c_transfer+0x6b6/0x2100 [ 746.079138][T11867] ? lockdep_hardirqs_on+0x7c/0x110 [ 746.084369][T11867] ? __pfx___i2c_transfer+0x10/0x10 [ 746.089594][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.095241][T11867] ? rt_mutex_slowtrylock+0xc9/0x100 [ 746.100551][T11867] i2c_transfer+0x1da/0x380 [ 746.105089][T11867] i2c_transfer_buffer_flags+0x10c/0x190 [ 746.110755][T11867] ? __pfx_i2c_transfer_buffer_flags+0x10/0x10 [ 746.116942][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.122591][T11867] ? _copy_from_user+0x59/0xd0 [ 746.127371][T11867] i2cdev_write+0x11e/0x240 [ 746.131907][T11867] ? __pfx_i2cdev_write+0x10/0x10 [ 746.136955][T11867] vfs_writev+0x5df/0xde0 [ 746.141290][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.146950][T11867] ? __pfx_vfs_writev+0x10/0x10 [ 746.151820][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.157490][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.163139][T11867] ? __fget_files+0x20e/0x3c0 [ 746.167847][T11867] ? do_pwritev+0x1a6/0x270 [ 746.172358][T11867] ? srso_alias_return_thunk+0x5/0xfbef5 [ 746.178005][T11867] do_pwritev+0x1a6/0x270 [ 746.182348][T11867] ? __pfx_do_pwritev+0x10/0x10 [ 746.187221][T11867] do_syscall_64+0xcd/0xf80 [ 746.191735][T11867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 746.197637][T11867] RIP: 0033:0x7fb97d78f749 [ 746.202054][T11867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 746.221676][T11867] RSP: 002b:00007fb97e5f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 746.230104][T11867] RAX: ffffffffffffffda RBX: 00007fb97d9e5fa0 RCX: 00007fb97d78f749 [ 746.238076][T11867] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000004 [ 746.246051][T11867] RBP: 00007fb97d813f91 R08: 000000000000000c R09: 0000000000000000 [ 746.254028][T11867] R10: 000000007c58fc9b R11: 0000000000000246 R12: 0000000000000000 [ 746.262000][T11867] R13: 00007fb97d9e6038 R14: 00007fb97d9e5fa0 R15: 00007ffc67aba658 [ 746.269996][T11867] [ 746.273292][T11867] Kernel Offset: disabled [ 746.277612][T11867] Rebooting in 86400 seconds..