last executing test programs: 4m7.595925911s ago: executing program 3 (id=97): creat(0x0, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0) syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x9, 0x1, 0x401}}}, 0x7) openat$kvm(0xffffffffffffff9c, 0x0, 0x20040, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_emit_vhci(&(0x7f0000000200)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x0, 0x14}, @l2cap_cid_le_signaling={{0x10}, @l2cap_ecred_conn_req={{0x17, 0x2, 0xc}, {0xfbff, 0xd, 0xd, 0x1, [0x5, 0x3]}}}}, 0x19) socket$inet(0x2, 0x4000000000000001, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_vhci(&(0x7f0000004340)=@HCI_SCODATA_PKT={0x3, {0xc8}}, 0x4) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2) r2 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) ftruncate(r2, 0xffff) fcntl$addseals(r2, 0x409, 0x7) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000140)={r2, 0x1, 0x0, 0x4000}) 4m6.367768835s ago: executing program 3 (id=101): rseq(&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @loopback, 0x4e24, 0x1, 'none\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e22, 0x2, 0xfffffffe, 0x4, 0x12d5c}}, 0x44) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x69, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0) syz_emit_ethernet(0x3e, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) openat$kvm(0xffffffffffffff9c, 0x0, 0x20042, 0x0) 4m3.736006596s ago: executing program 3 (id=104): bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000300)={0x2, 0x4e1d, @broadcast}, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004800}, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setresuid(0x0, 0x0, 0x0) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0) 4m2.465285481s ago: executing program 3 (id=106): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x123a82, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f00000000c0)={0x2000011, 0x0, 0x14, 0x1b, 0xb, 0x1000063, 0x5, 0xf5, 0xffffffffffffffff}) 4m2.183962017s ago: executing program 3 (id=107): bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xa}, @hci_rp_pin_code_neg_reply={{0x6}, {0x6, @none}}}}, 0xd) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x40000000000080, 0x0) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48) r0 = timerfd_create(0x3, 0x80000) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) getrusage(0x0, &(0x7f0000000180)) timerfd_gettime(r0, &(0x7f00000000c0)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, 0x0) 4m0.001112699s ago: executing program 3 (id=111): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x68, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) clock_gettime(0x0, &(0x7f0000000980)) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x4, 0x5, &(0x7f0000000240)=ANY=[@ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) capset(&(0x7f0000000580)={0x20080522, r0}, &(0x7f0000000040)={0x200000, 0xffffffff, 0x9, 0xd, 0x20002004, 0x800}) syslog(0x3, &(0x7f0000000000)=""/222, 0xde) 3m42.698705867s ago: executing program 32 (id=111): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x68, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) clock_gettime(0x0, &(0x7f0000000980)) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x4, 0x5, &(0x7f0000000240)=ANY=[@ANYRES64], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) capset(&(0x7f0000000580)={0x20080522, r0}, &(0x7f0000000040)={0x200000, 0xffffffff, 0x9, 0xd, 0x20002004, 0x800}) syslog(0x3, &(0x7f0000000000)=""/222, 0xde) 2m43.646732842s ago: executing program 4 (id=130): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) setresgid(0xee00, 0x0, 0xee00) setresgid(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10) sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000010240)={0x0, 0x0, &(0x7f0000010200)={0x0}}, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000019100)={[&(0x7f0000000200)=' ']}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x84}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048050}, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffffe5, 0x0, 0x0, 0x11) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x24}}, 0x0) recvfrom$inet(r0, &(0x7f0000000080), 0x0, 0x700, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x5, &(0x7f0000000000)=0xffffffff, 0x4) 2m42.477836675s ago: executing program 4 (id=195): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$unix(0x1, 0x5, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={0xffffffffffffffff, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r5}, 0x20) close_range(r3, 0xffffffffffffffff, 0x0) fallocate(r5, 0x20, 0xb2, 0x1000f4) r6 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x8, 0x4, 0x5, 0xd, 0x6, 0x7, 0x3, 0x50, 0xf, 0xfffffff9, 0x222, 0x0, 0xa, 0xb701, [0xcf, 0x59c]}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000000000000000000d0a0000000000000002000006040000000200000000000000000000000000000000005f"], &(0x7f0000001f40)=""/4089, 0x44, 0xff9, 0x1}, 0x20) 2m39.921212995s ago: executing program 0 (id=196): r0 = creat(&(0x7f0000000580)='\x00', 0x44) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) unshare(0x4020400) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0900000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB], 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r5, 0x50, 0x0}, 0x10) r6 = fanotify_init(0xf00, 0x0) fanotify_mark(r6, 0x105, 0x40009975, r0, 0x0) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x87) connect$inet6(r7, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.parent_freezing\x00', 0x275a, 0x0) write$binfmt_script(r8, &(0x7f0000000440), 0x1000a) sendfile(r7, r8, &(0x7f0000000000)=0x5, 0x20001) r9 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) r10 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) write$binfmt_register(r10, &(0x7f0000000300)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0xffffffffffffffff, 0x3a, 'allow_other', 0x3a, '', 0x3a, './cgroup.cpu/cpuset.cpus', 0x3a, [0x50, 0x43]}, 0x45) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r9, 0x40305829, &(0x7f00000002c0)={0x17c04, 0xffffffffffffffff, 0x8006, 0x8a, 0x0, 0x8001}) 2m39.871285336s ago: executing program 4 (id=198): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r3}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) r6 = socket(0x10, 0x2, 0x0) recvmmsg(r6, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x0, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) ioctl$UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, 0x0) 2m38.770493757s ago: executing program 0 (id=199): syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000800}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001800)=@newtaction={0x494, 0x30, 0x12f, 0x0, 0x0, {}, [{0x480, 0x1, [@m_police={0x47c, 0x1, 0x0, 0x0, {{0xb}, {0x450, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x4, 0x2, 0x4, 0x4, {0x3, 0x0, 0x101, 0x9, 0x5, 0x2}, {0x3, 0x1, 0x3ff, 0x2, 0x5}, 0x2, 0x3, 0xeea4}}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x8, 0x8, 0x9, 0x8, 0x5, 0x4, 0x2, 0x8, 0x80000000, 0x2, 0x4, 0x2, 0x8001, 0x7, 0xffffff80, 0x80, 0x2, 0x9, 0xffffffff, 0xe5, 0x6, 0x85, 0xe8d, 0x2, 0xfffffff9, 0x5, 0x8, 0xd, 0xffff, 0x8, 0x7, 0x1ff, 0x80000001, 0x9, 0x4, 0x8, 0x99, 0x81, 0x8, 0x351, 0xf27c, 0x0, 0x2, 0xff, 0x8, 0x5, 0x9, 0x400, 0x8, 0x3, 0x10, 0x788, 0x8, 0x4, 0x7, 0x800, 0x4e, 0x80000000, 0xc, 0xe0, 0x10, 0x7fffffff, 0x5ee3db3e, 0x7, 0xb, 0xc9, 0x9ca, 0x95, 0x7, 0xfffffffd, 0x9, 0x8, 0x56a7, 0x1, 0x9, 0xfffffff9, 0xffffffff, 0x4, 0xfffffffc, 0x3, 0x8, 0x7, 0xf5e, 0xcd, 0x7ff, 0x7, 0xc21, 0x1, 0x1, 0xbc6, 0x1, 0x0, 0x4, 0xf, 0xfffffff7, 0xffff, 0xb, 0xfffffffe, 0x5, 0x0, 0x7ff, 0x9, 0xf, 0x7, 0x4, 0x0, 0x9, 0x6, 0x5, 0x6, 0xfff, 0x4, 0x2, 0x1ff, 0x7, 0x9, 0x1, 0xffff, 0x0, 0x6d87, 0x76, 0x1f, 0x7, 0x100, 0x0, 0x101, 0x71b, 0x7ff, 0x10001, 0x7, 0x2, 0x7, 0x81, 0x2, 0x3, 0x0, 0x5ef, 0xd, 0x6e7000, 0xc05, 0x4, 0x8, 0x0, 0xb, 0x10, 0x80000000, 0xd, 0x3, 0xd0e, 0x2, 0x3, 0x35, 0x9, 0x3, 0x8d55, 0x9, 0x164, 0xc9b, 0x5, 0xffffff87, 0x2, 0x81, 0x1ff, 0xfff, 0x7, 0x2, 0x7, 0x4, 0x7, 0x5, 0x3, 0x2, 0xa, 0xfffff800, 0xffffffff, 0x80, 0xc34e, 0x33f60b9f, 0x58d0, 0xbbf, 0x80, 0x2, 0x9, 0x9, 0x1, 0x5, 0x7, 0x4, 0xdc16d9f5, 0x5dc0, 0x33, 0x5, 0x3f, 0x4, 0x3d, 0x800, 0x5, 0xfffffffe, 0x8, 0x7fff, 0x36078901, 0xf, 0x2, 0x8, 0xa9, 0x10001, 0x7dcc, 0x4, 0xffff, 0x3, 0x8, 0x3, 0x9, 0x347, 0x200, 0x2, 0x400, 0x0, 0x9, 0xca, 0x6, 0x7, 0x7, 0x0, 0x7, 0x7, 0x3, 0x0, 0x0, 0x0, 0x54, 0x2, 0x1, 0x0, 0xffffffff, 0x3, 0x5, 0x9, 0x6, 0xee1, 0x7, 0x1, 0x10001, 0x4, 0xffffffcb, 0x1, 0x7a, 0x0, 0x6, 0x5, 0x1, 0xff80, 0x1, 0x0, 0x4]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8000000000000000}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x494}}, 0x0) 2m36.900906653s ago: executing program 0 (id=202): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) connect$unix(0xffffffffffffffff, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r3, &(0x7f0000000000)=[{0x0}], 0x1) 2m30.979790009s ago: executing program 4 (id=208): sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) msgsnd(0x0, &(0x7f0000002900)=ANY=[@ANYBLOB="03"], 0xfd1, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000002880)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x7}, 0x0, 0x0, 0x1, 0x1414, 0x10001, 0x4e, 0xffffffffffffffca, 0x8, 0x8580, 0x3, r1}) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) read$FUSE(0xffffffffffffffff, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x800) 2m28.40763965s ago: executing program 0 (id=210): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() socket$unix(0x1, 0x5, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)) r4 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_PREPARE(r4, 0x4140, 0x0) syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x33a}, &(0x7f0000000100), 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) ioctl$USBDEVFS_IOCTL(r3, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect) r6 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0) write$binfmt_format(r6, &(0x7f0000000180)='1\x00', 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) memfd_create(0x0, 0x2) 2m26.590067525s ago: executing program 0 (id=211): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) ioctl$FS_IOC_GETFSSYSFSPATH(0xffffffffffffffff, 0x80811501, 0x0) r0 = request_key(0x0, 0x0, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, r0) keyctl$link(0x8, r2, r0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x80c82) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'}) r5 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$sock_int(r5, 0x1, 0x2c, &(0x7f0000000180)=0xfffffffd, 0x4) 2m22.343995638s ago: executing program 0 (id=214): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) timerfd_create(0x0, 0x80000) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) 2m15.381810634s ago: executing program 33 (id=208): sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) msgsnd(0x0, &(0x7f0000002900)=ANY=[@ANYBLOB="03"], 0xfd1, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000002880)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x7}, 0x0, 0x0, 0x1, 0x1414, 0x10001, 0x4e, 0xffffffffffffffca, 0x8, 0x8580, 0x3, r1}) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) read$FUSE(0xffffffffffffffff, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x800) 2m6.597674506s ago: executing program 34 (id=214): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) timerfd_create(0x0, 0x80000) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) 39.284844302s ago: executing program 2 (id=301): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$unix(0x1, 0x5, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r6, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r5}, 0x20) close_range(r3, 0xffffffffffffffff, 0x0) fallocate(r5, 0x20, 0xb2, 0x1000f4) r7 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r7, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x8, 0x4, 0x5, 0xd, 0x6, 0x7, 0x3, 0x50, 0xf, 0xfffffff9, 0x222, 0x0, 0xa, 0xb701, [0xcf, 0x59c]}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000000000000000000d0a0000000000000002000006040000000200000000000000000000000000000000005f"], &(0x7f0000001f40)=""/4089, 0x44, 0xff9, 0x1}, 0x20) 36.729226502s ago: executing program 2 (id=302): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() socket$unix(0x1, 0x5, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) 27.268071157s ago: executing program 5 (id=307): bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x20) openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, 0x0, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0xa00) 26.956141483s ago: executing program 6 (id=225): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$unix(0x1, 0x5, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r6, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r5}, 0x20) close_range(r3, 0xffffffffffffffff, 0x0) fallocate(r5, 0x20, 0xb2, 0x1000f4) r7 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r7, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x8, 0x4, 0x5, 0xd, 0x6, 0x7, 0x3, 0x50, 0xf, 0xfffffff9, 0x222, 0x0, 0xa, 0xb701, [0xcf, 0x59c]}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000000000000000000d0a0000000000000002000006040000000200000000000000000000000000000000005f"], &(0x7f0000001f40)=""/4089, 0x44, 0xff9, 0x1}, 0x20) 24.980041852s ago: executing program 6 (id=308): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$unix(0x1, 0x5, 0x0) close(0xffffffffffffffff) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r4}, 0x20) close_range(r3, 0xffffffffffffffff, 0x0) fallocate(r4, 0x20, 0xb2, 0x1000f4) r6 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x8, 0x4, 0x5, 0xd, 0x6, 0x7, 0x3, 0x50, 0xf, 0xfffffff9, 0x222, 0x0, 0xa, 0xb701, [0xcf, 0x59c]}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000000000000000000d0a0000000000000002000006040000000200000000000000000000000000000000005f"], &(0x7f0000001f40)=""/4089, 0x44, 0xff9, 0x1}, 0x20) 24.848528504s ago: executing program 2 (id=309): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffff}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x5120400, 0x0, 0xffffffffffffff48, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) openat$ptmx(0xffffffffffffff9c, 0x0, 0x40200, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) creat(0x0, 0x100) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r3 = dup(r2) sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0) 21.585683678s ago: executing program 2 (id=312): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) write(r0, &(0x7f0000000000)='\"', 0xfdef) 19.874717342s ago: executing program 1 (id=313): mkdirat(0xffffffffffffff9c, 0x0, 0xb4) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e75"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x4000, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) chdir(&(0x7f0000000100)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x88040, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85) prctl$PR_SET_SECUREBITS(0x1c, 0x15) setuid(0xee00) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe11) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000240)='./file3\x00', 0x4002, &(0x7f0000000000)={[], [{@subj_type={'subj_type', 0x3d, 'Ext4\x00'}}]}, 0x2, 0xbd2, &(0x7f0000000540)="$eJzs3N1rXGUaAPDnnEymaZvtpMuybPdmsyxLC8tOky4p27KwrVS88ULQW6EhnZSQ6QdJpCbNxUT/AVGvBW8EtShe2OveKHrrjba3ihdCkdgoiGjkzEeSNjNJ2s70hPb3g3fO+553Zp7nmcPMOS/MTABPrOHsJo04FBFnk4hSc38aEcV6byCi1rjfyvLixE/LixNJrK4+/30SSUTcWV6caD1X0tzubw4GIuKLp5L446ub487OL0yPV6uVmeb46NyFy0dn5xf+PXVh/HzlfOXi6PH/jh0bOz5yYqxrtf789anrP/79mW9rv7z367Uf3ngniVMx2JzbWEe3DMfw2muyUSEixrsdLCd9zXo21pkUtnlQ2uOkAADoKN1wDffnKEVfrF+8leKTL3NNDgAAAOiK1b6IVQAAAOAxl1j/AwAAwGOu9T2AO8uLE62W7zcSHq3bpyNiqFH/SrM1ZgpRq28Hoj8i9t1JYuPPWpPGwx7acER8c+vEh1mLHv0OeSu1pYj4S7vjn9TrH6r/intz/WlEjHQh/vA9423q7+tCyLs8TP2nuhD/PusHgK64cbpxItt8/kvXrn+izfmv0Obc9SDanP+6fo7fSuv6b2XT9d96/X0drv+e22GMq+++daXTXFb//64//UGrZfGz7bZPuu2frOzM7aWIvxba1Z+s1Z90qP/sDmOUfrtS6TT3wPV3yerbEYejff0tydb/T3R0cqpaGWncto2x9PnY+53i511/dvz3dai/9f9PnY7/5R3GePHMmY827by13t26/vS7YvJCvVds7nl5fG5uZjSimDy7ef+xrXNp3af1HFn9R/6x9fu/Xf3ZZ0Kt+Tpka4Gl5jYbv3JPzP9fu/pxp3xa6788j/+5Dsd/Y/2fFTYf/9d2GOOfn75+pNPcxvVv1rL4rbUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVpe66dpuRyxPyL+FPvS6qXZuX9NXnrp4rlsLmIo+tPJqWplJCJKjXGSjUfr/fXxsXvG/4mIgxHxZmlvfVyeuFQ9l3fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNkfEYORpOWISCNipZSm5XLeWQEAAABddyDvBAAAAICeG8o7AQAAAKDnrP8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosYN/u3EziYjayb31lik25/pzzQzotTTvBIDc9OWdAJCbQt4JALm5zzW+ywV4DCXbzA90nNnT9VwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L0OH7pxM4mI2sm99ZYpNuf6c80M6LU07wSA3PR1mhiIiMKjzQV4tLzF4clljQ8k28wPrN+ndvfMnp7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDuM1hvSVqOiGJzX7kc8YeIGIr+ZHKqWhmJiAMR8VWpf082Hs05ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALpvdn5herxarcxknTSanbU9OuudpPGK1XZLPjoP2SnGrkhjl3by/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPs/ML0+PVamVmNu9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLzNzi9Mj1erlZkedvKuEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/PweAAD//1pFCiI=") 18.049980467s ago: executing program 5 (id=314): connect$inet(0xffffffffffffffff, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) socket$inet6_tcp(0xa, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) socket$inet_udp(0x2, 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') r3 = fsopen(&(0x7f0000000180)='proc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) 16.036263697s ago: executing program 6 (id=315): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000380)={0xc0, 0x0, 0xe000}) 13.576468565s ago: executing program 5 (id=316): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$unix(0x1, 0x5, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r4) listen(r4, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6}, 0x20) close_range(r3, 0xffffffffffffffff, 0x0) fallocate(0xffffffffffffffff, 0x20, 0xb2, 0x1000f4) r6 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x8, 0x4, 0x5, 0xd, 0x6, 0x7, 0x3, 0x50, 0xf, 0xfffffff9, 0x222, 0x0, 0xa, 0xb701, [0xcf, 0x59c]}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000000000000000000d0a0000000000000002000006040000000200000000000000000000000000000000005f"], &(0x7f0000001f40)=""/4089, 0x44, 0xff9, 0x1}, 0x20) 13.405701848s ago: executing program 2 (id=317): prlimit64(0x0, 0xe, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() socket$unix(0x1, 0x5, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) 13.136413213s ago: executing program 1 (id=318): copy_file_range(0xffffffffffffffff, &(0x7f0000000000)=0x8, 0xffffffffffffffff, 0x0, 0x4, 0x0) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) ioprio_set$pid(0x3, 0x0, 0x6000) r0 = socket(0xa, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0xe501, 0x3, 0x1460, 0x0, 0x6affffff, 0x3403000b, 0x12f0, 0x7, 0x13c8, 0x230, 0x230, 0x13c8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth0_to_bridge\x00', 'veth1_to_team\x00'}, 0x0, 0x12d0, 0x12f0, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x2001, [{0x6}, {}, {0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10}, {}, {}, {0x0, 0x2}, {0x0, 0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0x30}, {}, {}, {0x0, 0x0, 0x10}, {0x0, 0x10}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x4000}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3e, 0x0, 0x80000001}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {0x100, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x9}, {0x0, 0x8}, {}, {0x0, 0x3, 0x0, 0x1}]}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x1, 0x0, './cgroup.cpu/syz1\x00', 0xe05f}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x1, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x14c0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000200)={[{@discard}, {@umask={'umask', 0x3d, 0x1}}, {@dmask={'dmask', 0x3d, 0x3df5}}, {@allow_utime={'allow_utime', 0x3d, 0x7}}, {@namecase}, {@discard}, {@allow_utime={'allow_utime', 0x3d, 0x4}}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x1f000}}, {@errors_remount}]}, 0x1, 0x154e, &(0x7f0000001c00)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEmSJLklJE1yJCExhCQNSUguQxJDSC4Tk8b9fr8kJEmTJCG5Jev/THjUqc45/3+d9D/e3/Ps51vvt/a79trf++1vX1y+7jy4RqOaVRsQEfwheO4lCQBiAaA/AOQGgAAAysaVjQMMILvEpD+2Efbnuj/1Us+AXRK9zr9y/S9rfPxf3rj+lzeu/+WN63954/pf3rj+lzeuP2OXs4lTCsRtmFLgqv8Pl9jzu/DnjZkNAH6770d/6ff3v7L8dc//gZ///+3w+f9/SGap0Z+vKnVNF4CY/zSF63954/r/zwr+k5W4/pc3rv/lKvZST4D9DfDxfznI9rs9XP/LG9efscvZpX7+fKkXiPzNPoND2c8V5q/af8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7C9w0l+kAOBC+1LPizHGGGOMMcYYY38en+1Sz4AxxhhjjDHGGGP/fQgCJCgIIAayQSxkhxwgAOBKyAW5IQJXQRxcDXngGsgL+SA/FIB4KAiFQIMBCwQhFIYiEIVroShcB8WgOJSAkuCgFCTA9VAaboAycCOUhZugHNwM5aECVIRKcAtUhluhCtwGVeF2qAbVoQbUhDugFtwJteEuqAN3Q124B+rBvVAf7oMGcD80hAegETwIjeEhaAJNoRk0hxb/T/nPQnd4DnpAT0iCXtAbnoc+0Bf6wQvQH16EAfASDISXIRkGwWB4BYbAqzAUXoNhMBxGwOswEt6AUTAaxsBYSIFxMB7ehAnwFkxeBTAJJkMqTIGp8A5Mg+kwA96FmfAezILZMAfmQhq8D/NgPqTDB7AAPoQMWAiLYDEsgaWwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANPoLt8DHsgJ2wCz6B3fDpz/IBkn6q57/KP/FP+V0QEFCgQIUKYzAGYzEWc2AOzIk5MRfmwghGMA7jMA/mwbyYF/NjfozHeCyEhdCgQULCwlgYoxjFolgUi2ExLIEl0KHDBEzA0ngDlsEyWBbLYjksh+WxAlbASlgJK2NlrIJVsCpWxWpYDWtgDbwD78BeWBtrYx2sg3Wx7oXHU9gAG2BDbIiNsBE2xsbYBJtgM2yGLbAFtsSW2ApbYRtsg22xLbbDdpiIidge22MH7IAdsSN2wk7YGTtjF+yKXTOfzQb4HD6HPbGa6IW9sTf2weRs/fAFfAFfxAH4Er6EL2MyDsLB+Aq+gq/iUDyOw3A4jsARWFm8gaNwNJIYiymYguNxPE7ACZg10bdxMqbiFJyKU3EaTsfp+C7OxPfwPZyNs3EupmEazsP5mI7puABPYAYuxEW4GJfgUlyCy3EFLsdVuBpX4Vpci+txPW7EjbgZN+NW3IofoQLAj3En7sRk3I27cQ/uwb24F/fhPszETNyP+/EAHsCDeBAP4SE8jEfwKB7BY3gMj+MJPIkn8TSexjP4dPyXDT8qvjIZRBYllIgRMSJWxIocIofIKXKKXCKXiIiIiBNxIo/II/KKvCK/yC/iRbwoJAoJI4wgEcYAgIiKqCgqiopiopgoIUoIJ5xIEAmitCgtyogyoqy4SZQTN4vyooJo7SqJSqKyaOOqiNtEVVFVVBPVRQ1RU9QUtUQtUVvUFnVEHVFX1BX1xL2ivuiF/fB+kVWZRmIQNhaDsYloKuT5X7CWYii2Eq1FG/GoGI7DsJ1o6RLFE6K9GIUdxD/EaHxKdBJjsbN4RnQRXUU38azoLlq5HqKnmIi9RG8xGfuIvqKfeEFMw+riXZyZvYZ4WSSLQWKweEXMxVfFUPGaGCaGixHidTFSvCFGidFijBgrUsQ4MV68KSaIt8RE8baYJCaLVDFFTBXviGliupgh3hUzxXtilpgt5oi5Ik28L+aJ+SJdfCAWiA9FhlgoFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2iY/EdvGx2CF2il3iE7FbfCr2iM/EXvG52Ce+EJniS7FffCUOiK/FQfGNOCS+FYfFEXFUfCeOie/FcXFCnBSnxGnxgzgjfhRnhRcgUQoppZKBjJHZZKzMLnPIK2ROGZz/dK+ScfJqmUdeI/PKfDK/LCDjZUFZSGpppJUkQ1lYFpFRea0sKq+TxWRxWUKWlE6Wkgnyella3iDLyBtlWXmTLCdvluVlBVlRVpK3yMryVgmRc9uoJqvLGrKmvEMmwZ2ytrxL1pF3y7ryHllP3ivry/tkA3m/bCgfkI3kg7KxfEg2kU1lM9lctpAPy5byEdlKtpZt5KOyrXxMtpOPy0T5hGwv/fmvyFOyk3xadpbPyC6yq+wmf5RnpZc9ZE8JvUD2ls/LPrKv7BcLAPJFOUC+JAfKl2WyHCQHy1fkEPmqHCpfk8PkcDlCvi5HyjfkKDlajpFjZYocJ8fLN+UE+ZacKN+Wk+RkmSqnyH6y/08jzZDy3+a/+Rv5A3/a+nq5QW6Um+RmuUVuldvkR3K73C53yB1yl9wld8vdco/cI/fKvXKf3CczZabcL/fLA/KAPCgPykPykDwsj8hT8jt5TH4vj8sT8oQ8JU/L0/LM+c8AFCqhpFIqUDEqm4pV2VUOdYXKqa5UuVRuFVFXqTh1tcqjrlF5VT6VXxVQ8aqgKqS0MsoqUqEqrIqoqLoWz39hVAlVUjlVSiWo6/9v8lVRdZ0qpor/Iv/C/JJ+Z34tVAvVUrVUrVQr1Ua1UW1VW9VOtVOJKlG1V+1VB9VBdVQdVSfVSXVWnVUX1UV1U91Ud9Vd9VA9VJJKUr3V86qP6qv6qRdUf/WiGqAGqIFqoEpWyWqwGqyGqCFqqBqqhqlhaoQaoUaqkWqUGqXGqDEqRaWo8Wq8mqAmqIlqopqkJqlUlaqmqqlqmpqmZqgZaqaaqWapWWqOmqPSVJqap+apdJWuFqgFKkMtVAvVYrVYLVVL1XK1XK1UK9VqtVqtVWtVhtqgNqhNapPaoraobWqb2q62qx1qh9qldqndarfao/aovWqv2qf2qUyVqfar/eqAOqAOqoPqkDqkDqvD6qg6qo6pY+q4Oq5OqpPqtDqtzqgz6qw6m3XZF4hABCpQQUwQE8QGsUGOIEeQM8gZ5ApyBZEgEsQFcUGe4Jogb5AvyB8UCOKDgkGhQAcmsIE4X/RocG1QNLguKBYUD0oEJQMXlAoSguuD0sENQZngxqBscFNQLrg5KB9UCCoGlYJbgsrBrUGV4LaganB7UC2oHtQIagZ3BLWCO4PawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZOgadAsaB60+IPjZx3yF8f3/ni+R1wP3VMn6V66t35e99F9dT/9gu6vX9QD9Et6oH5ZJ+tBerB+RQ/Rr+qh+jU9TA/XI/TreqR+Q4/So/UYPVan6HF6vH5TT9Bv6Yn6bT1JT9apeoqeqt/R0/R0PUO/q2fq9/QsPVvP0XN1mn5fz9Pzdbr+QC/QH+oMvVAv0ov1Er1UL9PL9Qq9Uq/Sq/UavVav0+v1Br1Rb9Kb9Ra9VW/TH+nt+mO9Q+/Uu/Qnerf+VO/Rn+m9+nO9T3+hM/WXer/+Sh/QX+uD+ht9SH+rD+sj+qj+Th/T3+vj+oQ+qU/p0/oHfUb/qM9qn3Vxn3V6N8ooE2NiTKyJNTlMDpPT5DS5TC4TMRETZ+JMHpPH5DV5TX6T38SbeFPIFDJZyJApbAqbqImaoqaoKWaKmRKmhHHGmQSTYEqb0qaMKWPKmrKmnClnypvypqKpaG4xt5hbza3mNnObud3cbqqb6qamqWlqmVqmtqlt6pg6pq6pa+qZeqa+qW8amAamoWloGplGprFpbJqYJqaZaWZamBampWlpWplW5sIPUzvTziSaRNPetDcdTAfT0XQ0nUwn09l0Nl1MF9PNdDPdTXfTw/QwSSbJ9Da9TR/Tx/Qz/Ux/098MMAPMQDPQJJtkM9gMNkPMEDPUDDXDzHAzIutC1bxhRpnRZowZa1JMihlvxpsJZoKZaCaaSWaSSTWpZqqZaqaZaWaGmWFmmplmlpll5pg5Js2kmXlmnkk36WaBWWAyTIZZZBaZJWaJWWaWmRVmhVllVpk1sMasM+vMBrPBbDKbzBazxWwz28x2s93sMDvMLrPL7Da7zR6zx+w1e80+s89kmkyz3+w3B8wBc9AcNIfMIXPYHDZHzVFzzBwzx81xc9KcNKdNvvPnS29ibXabw15hc9orbS6b2/5znN8WsPG2oC1ktc1r8/0iNtbaYra4LWFLWmdL2QR7/a/i8raCrWgr2VtsZXurrfKruJa909a2d9k69m5b097xi7iuvcfWsw/a+ogAtqltaJvbRvZB29g+ZJvYpraZbW7b2sdsO/u4TbRP2Pb2yV/F8+x8u8KutKvsarvD7rQn7Sl7wH5tT9sfbA/b0/a3L9oB9iU70L5sk+2gX8Uj7Ot2pH3DjrKj7Rg79lfxJDvZptopdqp9x06z038Vp9n37UybbmfZ2XaOnftTnDWndPuBXWA/tBk2gEV2sV1il9pldvmFufrcdq1dZ9fb7fZju8lutlvsVrvtwoWw3Wl32U/sbvup3W+/snvt53afPWgz7Zc/xVn7d9B+Yw/Zb+1he8Qetd/ZY/Z7dSE7a9+/sz/as9ZbICQgSYoCiqFsFEvZKQddQTnpSspFuSlCV1EcXU156BrKS/koPxWgeCpIhUiTIUtEIRWmIhSla+nC9EpQSXJUihLoeipNN1AZupHK0k1Ujm6m8lSBKlIluoUq061UhW6jqnQ7VaPqVINq0h1Ui+6k2nQX1aG7qS7dQ/XoXqpP91EDup8a0gPUiB6kxvQQNaGm1IyaUwt6mFrSI9SKWlMbepTa0mPUjh6nRHqC2tOT1IH+QR3pKepET1Nneoa6UFfqRs9Sd3qOelBPSqJe1Juepz7Ul/rRC9SfXqQB9BINpJcpmQbRYHqFhtCrNJReo2E0nEbQ6zSS3qBRNJrG0FhKoXE0nt6kCfQWTaS3aRJNplSaQlPpHZpG02kGvUsz6T2aRbNpDs2lNHqf5tF8SqcPaAF9SBm0kBbRYlpCS2kZLacVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRt9RNvpY9pBO2kXfUK76VPaQ5/RXvqc9tEXlElf0n76ig7Q13SQvvE96Vs6TEfoKH1Hx+h7Ok4n6CSdotP0A52hH+kseYIQQxHKUIVBGBNmC2PD7GGO8IowZ3hlmCvMHUbCq8K48OowT3hNmDfMF+YPC4TxYcGwUKhDE9qQwjAsHBYJo+G1YdHwurBYWDwsEZYMXVgqTAivD0uHN4RlwhvDsuFNYbnw5rB8WCF88O5K4S1h5fDWsEp4W1g1vD2sFlYPa4Q1wzvCWuGdYe3wrrBOeHdYJrwnrBfeG9YP7wsbhPeHDcMHwkbhg2Hj8KGwSdg0bBY2D1uED4ctw0fCVmHrsE34aNg2fCxsFz4eJoZPhO3DJ3/qv2f+7/cnhb3C3uHz4fOh93fJOdG50bTo+9F50fnR9OgH0QXRD6MZ0YXRRdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH1Ue9rZgOHTjjplAtcjMvmYl12l8Nd4XK6K10ul9tF3FUuzl3t8rhrXF6Xz+V3BVy8K+gKOe2Ms45c6Aq7Ii7qrnVF3XWumCvuSriSzrlSLsE1dy1cC9fSPeJaudaujXvUPeoec4+5x93j7gnX3j3pOrh/uI7uKdfJPe2eds+4Lq6r6+aedd3duFznjskk19v1dn1cH9fP9XP9XX83wA1wA91Al+yS3WA32A1xQ9xQN9QNc8PcCDfCjXQj3Sg3yo1xY1yKS3Hj3Xg3wU1wE91EN8lNcqku1U11U900N81Vnn5uK7PcLDfHzXFpLs3Nc1nXjOlugVvgMlyGW+QWuSVuiVvmlrkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+FznxvU7XZ73B631+11+9wXLtN96fa7r9wB97U76L5xh9y37rA74o6679wx97077k64k+6UO+1+cGfcj+6s8y4lMi4yPvJmZELkrcjEyNuRSZHJkdTIlMjUyDuRaZHpkRmRdyMzI+9FZkVmR+ZE5kbSIu9H5kXmR9IjH0QWRD6MZEQWRhZFFkeWRJZGvC+4KfSFfREf9df6ov46X8wX9yV8Se98KZ/gr/el/Q2+jL/Rl/U3+XL+Zl/eV/AV/UO+iW/qm/nmvoV/2Lf0j/hWvrVv4x/1bf1jvp1/3Cf6J3x7/6Tv4P/hO/qnfKefTtHP+C6+q+/mn/Xd/XO+h+/pk3wv39s/7/v4vr6ff8H39y/6Af4lP9C/7JP9ID/Yv+KH+Ff9UP+aH+aH+xExr/uRF26RYaxP8eP8eP+mn+Df8hP9236Sn+xT/RQ/1b/jp/npfoZ/18/07/lZfraf4+f6NP++n+fn+3T/gV/gP/QZfuGFh8p+mV/uV/iVfpVf7df4tX6dX+83+I1+k9/st/itfpv/yG/3H/sdfqff5T/xu/2nfo//zO/1n/t9/guf6b/0+/1X/oD/2h/03/hD/lt/2B/xR/13XsL3/rg/4U/6U/60/8Gf8T/6s/xv1hhjjDHG/iPjLjbFL3vOPTXr9Rs54mcr9waAKzcXyPx5f9YV5Zq859p9RXzbCAA80bPz/ReWatWSkpLOr5shISgyG+DCnwRliYGL8UJoA49BIrSG0r85/76i62n6N+NHbwLI8bOcWLgYXxz/MwBM+o3xH350xLxy4cm4fzH+bIBiRS7mZIeL8UJo89PzldZQ5nfmn6/l78wfz4+f/fMUgFY/y8kJF+OL80+AR+BJSPzFmowxxhhjjDHG2Dl9RcWOF+4/L/yNz9+6P49XF3OywcX4392fM8YYY4wxxhhj7NJ7qmu3xx9OTGzd8V81roTf6qryb7L+YKPxb26UG/+1hvcAF95RAPAHBwTIasi/ci82/iXbSj5/6Pxz15JTPoC/Ryn/jMYl/mFijDHGGGOM/ekuXvT/8n31T6+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhj77/kr/juxS72PjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2KX2fwIAAP//dxXwBg==") bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) ptrace$setregs(0xd, r1, 0x0, &(0x7f00000002c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$getregset(0x4205, r1, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78}) ptrace$getregset(0x4204, r1, 0x2, &(0x7f0000000740)={0x0}) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x2003, @local, 0x2}, 0x1c) 12.623913103s ago: executing program 6 (id=319): socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) shutdown(r0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0) 12.366223688s ago: executing program 1 (id=320): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xce7c1000) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r4, 0x0, r3, 0x0, 0x6, 0x0) 10.786062719s ago: executing program 1 (id=321): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) unshare(0x400) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000000), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500), 0x69) mount$fuse(0x0, 0x0, 0x0, 0xa0001c, &(0x7f0000002640)=ANY=[]) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000340)="18000000010005", 0x7) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x2c000010) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000100)={[{@abort}, {@data_err_ignore}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==") pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x401) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000040)={0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffdffffff}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) 8.103620542s ago: executing program 5 (id=322): r0 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x200000087}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_io_uring_setup(0x48be, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000000), &(0x7f0000001180)) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100) syz_usb_connect$uac1(0x5, 0x71, &(0x7f00000001c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x85, 0x50, 0xf, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x5, 0xa2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x83, 0x1, 0x1, {0x7, 0x25, 0x1, 0x81, 0xc, 0x5}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x9, 0xe9, 0x4, {0x7, 0x25, 0x1, 0x1, 0x8, 0x9}}}}}}}]}}, 0x0) inotify_init() r5 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) copy_file_range(r5, 0x0, r5, 0x0, 0x101, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x70bd2c, 0x25dfdbfd, {0xa, 0x14, 0x20, 0xe, 0xff, 0x0, 0xfe, 0x9, 0x1000}, [@RTA_MARK={0x8, 0x10, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x100}, 0x40000) r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000080)=""/110, 0x6e, 0x36) sendmsg$MPTCP_PM_CMD_ANNOUNCE(r6, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={0x0}}, 0x20048000) read$FUSE(0xffffffffffffffff, 0x0, 0x0) 6.092153101s ago: executing program 1 (id=323): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) semget$private(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$unix(0x1, 0x5, 0x0) close(0xffffffffffffffff) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r4}, 0x20) close_range(r3, 0xffffffffffffffff, 0x0) fallocate(r4, 0x20, 0xb2, 0x1000f4) r6 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000140)=@ethtool_cmd={0xb, 0x0, 0x8, 0x4, 0x5, 0xd, 0x6, 0x7, 0x3, 0x50, 0xf, 0xfffffff9, 0x222, 0x0, 0xa, 0xb701, [0xcf, 0x59c]}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000004000000000000000000000d0a0000000000000002000006040000000200000000000000000000000000000000005f"], &(0x7f0000001f40)=""/4089, 0x44, 0xff9, 0x1}, 0x20) 4.09739622s ago: executing program 6 (id=324): connect$inet(0xffffffffffffffff, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) socket$inet6_tcp(0xa, 0x1, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) socket$inet_udp(0x2, 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00') r3 = fsopen(&(0x7f0000000180)='proc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) 2.296704595s ago: executing program 5 (id=325): r0 = socket(0x10, 0x803, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000400)=[{&(0x7f0000003480)=""/102379, 0x18feb}], 0x1, 0x0, 0x8) read$FUSE(r2, &(0x7f0000001440)={0x2020}, 0xfffffe76) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$mouse(&(0x7f0000000400), 0xbbb, 0x22042) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000180)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x401, 0x1, 0x8000002}}) sendmsg$inet6(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0xa, 0x4e24, 0xd600, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x8}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000040)="9032dbaf0f240823ca7faada4723522bdbff8663b01d50770c02a5ec7d22044fe7e83cd4151d00b0403a5988399d9d957131ac36cffa4b8db99a285473037c073afe2d148e133c27b14a4e9b1194f9ac5e7a2485ede564fe67ccd12d3c5ebe0bb07c2068c10b32ca78667cb0ac8f58b802b69f4a096be1e3786ccc9bd148555263deb504e150bd2cf38050c09d122c9ddf42207987462ec3b0f0f7ec6a669bc2022fb17ae97fb5cf48913ddf4df0a75ada9fce8522afc9fc9b1b6aceed15837997567940afc0d1fb01552e9290e6cee7f685f84112c4e3badd4d65fb930b", 0xde}, {&(0x7f0000000180)}, {&(0x7f00000001c0)="82a490c980147d8fb779a01f1ade11fc3a7232d9516df1532865e85f60fab56f5b704e5269856a4adf541a85365e7b45c878597d611eccc32e43e87c5e26e2e5f69e71a91c65d6d99823ba", 0x4b}, {&(0x7f0000000240)}], 0x4}, 0x4010) syz_emit_ethernet(0x6e, &(0x7f0000000440)={@link_local, @random="fd137b07daa7", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @empty, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x2f, 0xff, @mcast1, @loopback={0x0, 0xffffac1414aa}, [], "8d0022eb00000000"}}}}}}}, 0x0) 2.269154986s ago: executing program 1 (id=326): mkdirat(0xffffffffffffff9c, 0x0, 0xb4) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e75"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x4000, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) chdir(&(0x7f0000000100)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x88040, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85) prctl$PR_SET_SECUREBITS(0x1c, 0x15) setuid(0xee00) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe11) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000240)='./file3\x00', 0x4002, &(0x7f0000000000)={[], [{@subj_type={'subj_type', 0x3d, 'Ext4\x00'}}]}, 0x2, 0xbd2, &(0x7f0000000540)="$eJzs3N1rXGUaAPDnnEymaZvtpMuybPdmsyxLC8tOky4p27KwrVS88ULQW6EhnZSQ6QdJpCbNxUT/AVGvBW8EtShe2OveKHrrjba3ihdCkdgoiGjkzEeSNjNJ2s70hPb3g3fO+553Zp7nmcPMOS/MTABPrOHsJo04FBFnk4hSc38aEcV6byCi1rjfyvLixE/LixNJrK4+/30SSUTcWV6caD1X0tzubw4GIuKLp5L446ub487OL0yPV6uVmeb46NyFy0dn5xf+PXVh/HzlfOXi6PH/jh0bOz5yYqxrtf789anrP/79mW9rv7z367Uf3ngniVMx2JzbWEe3DMfw2muyUSEixrsdLCd9zXo21pkUtnlQ2uOkAADoKN1wDffnKEVfrF+8leKTL3NNDgAAAOiK1b6IVQAAAOAxl1j/AwAAwGOu9T2AO8uLE62W7zcSHq3bpyNiqFH/SrM1ZgpRq28Hoj8i9t1JYuPPWpPGwx7acER8c+vEh1mLHv0OeSu1pYj4S7vjn9TrH6r/intz/WlEjHQh/vA9423q7+tCyLs8TP2nuhD/PusHgK64cbpxItt8/kvXrn+izfmv0Obc9SDanP+6fo7fSuv6b2XT9d96/X0drv+e22GMq+++daXTXFb//64//UGrZfGz7bZPuu2frOzM7aWIvxba1Z+s1Z90qP/sDmOUfrtS6TT3wPV3yerbEYejff0tydb/T3R0cqpaGWncto2x9PnY+53i511/dvz3dai/9f9PnY7/5R3GePHMmY827by13t26/vS7YvJCvVds7nl5fG5uZjSimDy7ef+xrXNp3af1HFn9R/6x9fu/Xf3ZZ0Kt+Tpka4Gl5jYbv3JPzP9fu/pxp3xa6788j/+5Dsd/Y/2fFTYf/9d2GOOfn75+pNPcxvVv1rL4rbUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVpe66dpuRyxPyL+FPvS6qXZuX9NXnrp4rlsLmIo+tPJqWplJCJKjXGSjUfr/fXxsXvG/4mIgxHxZmlvfVyeuFQ9l3fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArNkfEYORpOWISCNipZSm5XLeWQEAAABddyDvBAAAAICeG8o7AQAAAKDnrP8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosYN/u3EziYjayb31lik25/pzzQzotTTvBIDc9OWdAJCbQt4JALm5zzW+ywV4DCXbzA90nNnT9VwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L0OH7pxM4mI2sm99ZYpNuf6c80M6LU07wSA3PR1mhiIiMKjzQV4tLzF4clljQ8k28wPrN+ndvfMnp7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDuM1hvSVqOiGJzX7kc8YeIGIr+ZHKqWhmJiAMR8VWpf082Hs05ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALpvdn5herxarcxknTSanbU9OuudpPGK1XZLPjoP2SnGrkhjl3by/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPs/ML0+PVamVmNu9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLzNzi9Mj1erlZkedvKuEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/PweAAD//1pFCiI=") 1.064065619s ago: executing program 6 (id=327): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @private1, {[], {{0x3a00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 532.81486ms ago: executing program 2 (id=328): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r0 = creat(&(0x7f0000000140)='./bus\x00', 0x80) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./bus\x00', 0x0, 0x63d014, 0x0) r1 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r1, 0x0) syz_mount_image$squashfs(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x8000, &(0x7f0000000cc0)=ANY=[@ANYRESOCT=r0, @ANYBLOB="322d6825fe8cf7050cedffff3c57c86c0b18fa14eb854c5c2e26da314f1cae655aa13f05abe701b22a5d7801c560ffcaa7a9dd43edce1570072b0ef862679690e41a47e87f451affc318d2e01fa6e062186de79664ac21bb4786923b19c25c8a11b176a7a3ef1425b6d5e0c9ef15bd14e3c9d30fb24d50b512afb6ab04794571f1b53ae1a1d0f87c76239c9f6700ed8f08cbdb137cad2901209b2c77c46608d398435233cdf13d5d7a7f68304cc8956bda78a62e3872bcee78cfeee8c6051bbe2470c9646cfe9343a022b0618ce422f210c275b35df1507d54b51f86f9f3290a0ff8bd1ba812836252179d3656536b3a23ac27bb810f78ecba4a277ad5540a767bb07151ed892973dfd0eb7ba7f8f7ec0821927a58787096a95b010ebc1df715150bfa78e63eed7e8eb33f0ea0277fb3eb31c9cd233c14ab7fc9c7957dfbb865082a", @ANYRES64=r0, @ANYBLOB="a92fe8de136908e852768595aa546296821087e5b1bbc32156ada61f7c8a700880fe17c721514fd66f6d073702603f43f39d10ed62b784f0ea603a459b42f61a2174a30374bec0296612104179832730d5741398231d9ffd1e9995a06bb5ada99b9f2d4a71c580fe19a6dea2485a8ef6042e0d96839465522c03ac9b1e3e4be07bd09a1568add843860228063e6e4a59adc27ad98e26260605e1df1bd5e5dcc1735af362ce57237d4455a267daeea0b2368f8c69ed577f4849d608dcd60b0dabe1d6dada51feb6b1751dfa136da4ab1a73a25bcfba9ba846676558290f27b2a256c2257003da000000", @ANYRESHEX=r1, @ANYRESHEX, @ANYRES16=0x0, @ANYRES32=r0, @ANYRESHEX, @ANYRESHEX, @ANYRES8, @ANYBLOB="171263d59f8cbffd0f9f9a2ef9a5f6f2c8c119f2d43929f3ee0d855e7515bc347d06201637efc696515095ee16034c8ed8bdc0c0fd6ec7dc41f9930a8b2420722f76faf7000000000000000029c9330167f231926712da08cfe34bfbd13b1f10c34104fe0af226f51805ce2ae0e3528544a8d316b2b399737407ccf56665b4a27e5f8c9856d29aed796ed0d8e51b6253074bfff7d11910a8be994780298bcf31176d21c35274c32f39673cc639e0a3f7605ebba065c3c879dd25d39227611cb596abbc901d7778bc7c28f974c0941786141582322aac673d4c113026aed1585a83932473e679c479244e3d9a494d5458f02ce5a84c1cc8118b83c57736eb3eb2518dd342d5b0d662063faee3cc946a910827a7de0286dafa1839706c6e5b305231dd59ae322e4752e711feb4f4daf111cae0caab60bd6088b55bcb456f1ad9c143005c3dd834309224b588b0dda054d14d8cb344be2e8c551a5cdf4e510d2156d2f2a3ad7a31fc5372dc3e6f6ec570933eb4769c38e2300f3ecf8fbf06a0df8c6a76c273b8ed46a890d07e175e0c4a49743bb433cc5aa20b02046064495b07095a6651de2537c12459e2a06c72a6b852fe09498ddb3b95191e14392bb4895759f5416226da247f5590336d5c22164e334d4088a9f3529ed157ad15a27d879be7ddc94f913ff14558a080c24131a27ccf43ac420c0b3ec06f24ffb86a25333da5"], 0x10, 0x1c4, &(0x7f0000000440)="$eJzsVb/uEkEQ/uZu4UAtqG0lQqPA2fgG8gA+gAROJB7+4S5RCMVpQ2NhfAkSn8LCRHsLY0xssNBECyxJDGZ359YlasDkyO/3S/ZLyHzzzc7sDpedvZM8TAIAP9fzPmpQIFzARyIIAA3S2qas7Q+2W8YXof0O6y/ZfmabTGfvnmk6u9uL42iSTPcQImDfmh1y0KLDydunuwqhqMpFk9TX/+yfoec7SvC3NZyLE++iOOL/s52vRe9VwrHbAYxCB2R9eKE/52n5Fkci3n9lJeDxldx44uG7ct6v531JbvEUk9pA//IrodZI57W15qIAMoB8bE0doaYl0ADQSscPWsl0dmU07g2jYXQvDJG135znKxq1W7dHcdQm6xieJAIG8p5WrXgJwKff8QwWyDqaxDmA7Fw5f/Ph3LxkJVYBz8q1a+i6r0yNgDX5V9zEZVQAPMpkOGS1DllNQLXWBcFnpyOscwIbeKiowNX+/XiwAIHytCWEqdFZoSQdyoAoZEdFrl037S/Y1tl22S7Zrtjmb1f+JglV4Rt7zQwo43EvTSfq8dLMaKHRwprZ2eNd89eQ8pMEcHBwcHBwcHA4I/gVAAD//7B1VIM=") chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x121c80, 0x47) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000280)=0x40000000) syz_emit_ethernet(0x0, 0x0, 0x0) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') 0s ago: executing program 5 (id=329): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xce7c1000) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r4, 0x0, r3, 0x0, 0x6, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.203' (ED25519) to the list of known hosts. syzkaller login: [ 80.910261][ T5776] cgroup: Unknown subsys name 'net' [ 81.051759][ T5776] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.771028][ T5776] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.549997][ T5794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.573882][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.582862][ T5800] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.591298][ T5800] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.592990][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.600188][ T5800] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.614635][ T5800] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.618694][ T5797] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.623951][ T5800] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.629314][ T5794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.639558][ T5802] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 84.646268][ T5801] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.651787][ T5802] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.657374][ T5797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.664470][ T5802] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.673117][ T5797] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 84.680527][ T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.686182][ T5797] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.693251][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.698802][ T5801] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.706763][ T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 84.718992][ T5801] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 84.721408][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.727364][ T5801] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.254746][ T5786] chnl_net:caif_netlink_parms(): no params data found [ 85.338308][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 85.409174][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 85.505512][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.514683][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.522051][ T5786] bridge_slave_0: entered allmulticast mode [ 85.529422][ T5786] bridge_slave_0: entered promiscuous mode [ 85.548326][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 85.580544][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.587857][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.595347][ T5786] bridge_slave_1: entered allmulticast mode [ 85.602496][ T5786] bridge_slave_1: entered promiscuous mode [ 85.673207][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.680392][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.688134][ T5787] bridge_slave_0: entered allmulticast mode [ 85.695764][ T5787] bridge_slave_0: entered promiscuous mode [ 85.704929][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.712101][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.720233][ T5787] bridge_slave_1: entered allmulticast mode [ 85.727472][ T5787] bridge_slave_1: entered promiscuous mode [ 85.768898][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.793938][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.801123][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.808628][ T5785] bridge_slave_0: entered allmulticast mode [ 85.815735][ T5785] bridge_slave_0: entered promiscuous mode [ 85.831287][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.864772][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.872019][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.879450][ T5785] bridge_slave_1: entered allmulticast mode [ 85.886722][ T5785] bridge_slave_1: entered promiscuous mode [ 85.913812][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.926268][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.974496][ T5786] team0: Port device team_slave_0 added [ 86.009313][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.034453][ T5786] team0: Port device team_slave_1 added [ 86.040593][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.048099][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.055656][ T5788] bridge_slave_0: entered allmulticast mode [ 86.063167][ T5788] bridge_slave_0: entered promiscuous mode [ 86.075709][ T5787] team0: Port device team_slave_0 added [ 86.084099][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.118243][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.125611][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.133009][ T5788] bridge_slave_1: entered allmulticast mode [ 86.139983][ T5788] bridge_slave_1: entered promiscuous mode [ 86.156806][ T5787] team0: Port device team_slave_1 added [ 86.219275][ T5785] team0: Port device team_slave_0 added [ 86.228702][ T5785] team0: Port device team_slave_1 added [ 86.236872][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.243960][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.270045][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.299663][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.334432][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.341525][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.367883][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.387987][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.412688][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.419870][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.446202][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.472064][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.479205][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.505808][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.518921][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.526020][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.552050][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.576173][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.583545][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.609825][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.661317][ T5788] team0: Port device team_slave_0 added [ 86.670456][ T5788] team0: Port device team_slave_1 added [ 86.685894][ T5786] hsr_slave_0: entered promiscuous mode [ 86.693150][ T5786] hsr_slave_1: entered promiscuous mode [ 86.768386][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.776416][ T50] Bluetooth: hci0: command tx timeout [ 86.776767][ T5792] Bluetooth: hci2: command tx timeout [ 86.786990][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.788701][ T5801] Bluetooth: hci1: command tx timeout [ 86.819447][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.845331][ T5785] hsr_slave_0: entered promiscuous mode [ 86.855075][ T5785] hsr_slave_1: entered promiscuous mode [ 86.861325][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.862943][ T5801] Bluetooth: hci3: command tx timeout [ 86.870686][ T5785] Cannot create hsr debugfs directory [ 86.899591][ T5787] hsr_slave_0: entered promiscuous mode [ 86.906302][ T5787] hsr_slave_1: entered promiscuous mode [ 86.913087][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.920682][ T5787] Cannot create hsr debugfs directory [ 86.927149][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.935290][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.961651][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.121449][ T5788] hsr_slave_0: entered promiscuous mode [ 87.130091][ T5788] hsr_slave_1: entered promiscuous mode [ 87.136611][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.144813][ T5788] Cannot create hsr debugfs directory [ 87.615916][ T5786] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.634284][ T5786] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.661751][ T5786] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.684451][ T5786] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.808414][ T5785] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.823635][ T5785] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.837918][ T5785] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.873345][ T5785] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.902461][ T5788] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.914485][ T5788] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.930891][ T5788] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.970707][ T5788] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.048032][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.074479][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.093340][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.107846][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.126625][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.193890][ T5786] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.242012][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.249499][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.264730][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.271911][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.396724][ T5786] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.447512][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.461515][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.508702][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.551041][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.571509][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.578744][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.614707][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.621897][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.638225][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.645417][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.670734][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.683806][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.690985][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.848621][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.858101][ T5801] Bluetooth: hci1: command tx timeout [ 88.858638][ T5792] Bluetooth: hci2: command tx timeout [ 88.863897][ T5801] Bluetooth: hci0: command tx timeout [ 88.908728][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.924209][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.931417][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.943685][ T5801] Bluetooth: hci3: command tx timeout [ 88.968022][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.975268][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.148126][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.206568][ T5786] veth0_vlan: entered promiscuous mode [ 89.251372][ T5786] veth1_vlan: entered promiscuous mode [ 89.381391][ T5786] veth0_macvtap: entered promiscuous mode [ 89.404183][ T5786] veth1_macvtap: entered promiscuous mode [ 89.464914][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.486824][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.523643][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.539110][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.557863][ T5786] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.567846][ T5786] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.578201][ T5786] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.587789][ T5786] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.708831][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.724770][ T5788] veth0_vlan: entered promiscuous mode [ 89.759291][ T5788] veth1_vlan: entered promiscuous mode [ 89.800979][ T5785] veth0_vlan: entered promiscuous mode [ 89.832087][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.848930][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.880908][ T5785] veth1_vlan: entered promiscuous mode [ 89.917753][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.941282][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.957940][ T5788] veth0_macvtap: entered promiscuous mode [ 89.979863][ T5787] veth0_vlan: entered promiscuous mode [ 90.006351][ T5788] veth1_macvtap: entered promiscuous mode [ 90.030501][ T5787] veth1_vlan: entered promiscuous mode [ 90.071848][ T5785] veth0_macvtap: entered promiscuous mode [ 90.095643][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.106856][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.119574][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.131145][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.142958][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.156192][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.175434][ T5785] veth1_macvtap: entered promiscuous mode [ 90.237539][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.249092][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.260627][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.269709][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.293455][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.632886][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 90.635044][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 90.641163][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 90.735250][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 90.735281][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 90.782636][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 90.837529][ T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!! [ 90.862805][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 90.940051][ T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!! [ 92.312680][ T5792] Bluetooth: hci0: command tx timeout [ 92.314427][ T966] cfg80211: failed to load regulatory.db [ 92.318148][ T5792] Bluetooth: hci1: command tx timeout [ 92.331585][ T50] Bluetooth: hci3: command tx timeout [ 92.337404][ T5801] Bluetooth: hci2: command tx timeout [ 92.440276][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.456781][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.467153][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.485089][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.501058][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.519831][ T5787] veth0_macvtap: entered promiscuous mode [ 92.575285][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.586692][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.597525][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.608473][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.620653][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.633169][ T5787] veth1_macvtap: entered promiscuous mode [ 92.669281][ T5785] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.689423][ T5785] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.699014][ T5785] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.708190][ T5785] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.775573][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.787100][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.799329][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.811448][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.821847][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.832856][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.845531][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.864452][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.873432][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.907679][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.922160][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.936325][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.953810][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.966260][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.980826][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.995966][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.051587][ T2935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.061533][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.079017][ T2935] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.087762][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.102214][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.112493][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.248281][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.994907][ T5801] Bluetooth: hci2: command tx timeout [ 95.000406][ T5801] Bluetooth: hci1: command tx timeout [ 95.002004][ T5796] Bluetooth: hci0: command tx timeout [ 95.011625][ T5792] Bluetooth: hci3: command tx timeout [ 95.019816][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.147354][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.179256][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.316055][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.346516][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.456977][ T1069] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.491865][ T1069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.578040][ T5894] syz.2.3[5894]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 95.635500][ T5894] loop2: detected capacity change from 0 to 512 [ 95.774667][ T5894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.612642][ T5894] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.798469][ T5903] loop3: detected capacity change from 0 to 128 [ 97.801786][ T5894] capability: warning: `syz.2.3' uses deprecated v2 capabilities in a way that may be insecure [ 97.828907][ T5903] FAT-fs (loop3): Unrecognized mount option "ÿ18446744073709551615" or missing value [ 97.954631][ T5903] loop3: detected capacity change from 0 to 1764 [ 98.305471][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.446208][ T5911] loop1: detected capacity change from 0 to 764 [ 103.993049][ T5915] rock: directory entry would overflow storage [ 104.056869][ T5915] rock: sig=0x4f50, size=4, remaining=3 [ 104.086372][ T5915] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 104.115940][ T5919] Bluetooth: MGMT ver 1.22 [ 104.979348][ T5925] loop1: detected capacity change from 0 to 1024 [ 105.009045][ T5925] ======================================================= [ 105.009045][ T5925] WARNING: The mand mount option has been deprecated and [ 105.009045][ T5925] and is ignored by this kernel. Remove the mand [ 105.009045][ T5925] option from the mount to silence this warning. [ 105.009045][ T5925] ======================================================= [ 105.149460][ T5925] EXT4-fs: Ignoring removed oldalloc option [ 105.177186][ T5925] EXT4-fs: Ignoring removed bh option [ 105.232994][ T5925] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 105.326273][ T5925] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.348616][ T5930] loop3: detected capacity change from 0 to 2048 [ 105.375815][ T5928] loop0: detected capacity change from 0 to 2048 [ 105.463780][ T5928] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 105.508509][ T5930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 105.577142][ T5928] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 105.637299][ T5930] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.637777][ T28] audit: type=1804 audit(1757717889.275:2): pid=5925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.13" name="/newroot/3/file1/file1" dev="loop1" ino=15 res=1 errno=0 [ 105.814078][ T28] audit: type=1804 audit(1757717889.445:3): pid=5925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.13" name="/newroot/3/file1/file1" dev="loop1" ino=15 res=1 errno=0 [ 105.821057][ T5940] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.14: bg 0: block 345: padding at end of block bitmap is not set [ 105.894240][ T5940] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 143 with error 117 [ 105.904682][ T28] audit: type=1804 audit(1757717889.495:4): pid=5925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.13" name="/newroot/3/file1/file1" dev="loop1" ino=15 res=1 errno=0 [ 106.021870][ T5940] EXT4-fs (loop3): This should not happen!! Data will be lost [ 106.021870][ T5940] [ 106.744572][ T5949] process 'syz.0.15' launched './file0' with NULL argv: empty string added [ 108.437912][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.871055][ T61] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28 [ 108.887209][ T61] EXT4-fs (loop3): This should not happen!! Data will be lost [ 108.887209][ T61] [ 109.077710][ T61] EXT4-fs (loop3): Total free blocks count 0 [ 109.084015][ T61] EXT4-fs (loop3): Free/Dirty block details [ 109.095362][ T61] EXT4-fs (loop3): free_blocks=0 [ 109.109136][ T61] EXT4-fs (loop3): dirty_blocks=16 [ 109.125120][ T61] EXT4-fs (loop3): Block reservation details [ 113.242256][ C1] sched: RT throttling activated [ 113.610684][ T5966] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 114.154713][ T5979] warning: `syz.0.25' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 114.312977][ T5909] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 116.168899][ T5909] usb 3-1: Using ep0 maxpacket: 32 [ 116.200400][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.263823][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.799474][ T5987] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.23' sets config #1986356271 [ 118.024840][ T5909] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 118.048851][ T5909] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.085730][ T5909] usb 3-1: config 0 descriptor?? [ 118.268968][ T5991] loop1: detected capacity change from 0 to 8 [ 118.310784][ T5909] usbhid 3-1:0.0: can't add hid device: -71 [ 118.329000][ T5909] usbhid: probe of 3-1:0.0 failed with error -71 [ 118.334046][ T5991] SQUASHFS error: lzo decompression failed, data probably corrupt [ 118.358448][ T5909] usb 3-1: USB disconnect, device number 2 [ 118.391155][ T5991] SQUASHFS error: Failed to read block 0x91: -5 [ 118.424638][ T5991] SQUASHFS error: Unable to read metadata cache entry [8f] [ 118.431981][ T5991] SQUASHFS error: Unable to read inode 0x11f [ 118.624580][ T5991] loop1: detected capacity change from 0 to 2048 [ 118.651691][ T5991] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 118.679765][ T5991] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 121.312181][ T28] audit: type=1326 audit(1757717904.945:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6003 comm="syz.3.28" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc2f778eba9 code=0x0 [ 122.276443][ T6028] loop0: detected capacity change from 0 to 1024 [ 122.319065][ T6028] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 122.342474][ T9] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 122.420369][ T6028] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 122.432935][ T6028] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.645132][ T9] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 122.658444][ T9] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 123.152595][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 123.168516][ T9] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 123.198137][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.210977][ T61] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 123.224538][ T9] usb 4-1: Product: syz [ 123.244254][ T9] usb 4-1: Manufacturer: syz [ 123.258380][ T61] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 2048 with error 28 [ 123.271142][ T9] usb 4-1: SerialNumber: syz [ 123.288471][ T61] EXT4-fs (loop0): This should not happen!! Data will be lost [ 123.288471][ T61] [ 123.322421][ T61] EXT4-fs (loop0): Total free blocks count 0 [ 123.336699][ T61] EXT4-fs (loop0): Free/Dirty block details [ 123.347884][ T61] EXT4-fs (loop0): free_blocks=4293918720 [ 123.367010][ T61] EXT4-fs (loop0): dirty_blocks=8496 [ 123.372525][ T61] EXT4-fs (loop0): Block reservation details [ 123.378711][ T61] EXT4-fs (loop0): i_reserved_data_blocks=531 [ 124.981153][ T6037] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.36' sets config #1986356271 [ 125.577510][ T9] usb 4-1: 0:2 : does not exist [ 125.587287][ T61] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2088 with max blocks 2048 with error 28 [ 125.691229][ T9] usb 4-1: USB disconnect, device number 2 [ 125.815789][ T5804] udevd[5804]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 127.526532][ T5787] EXT4-fs: 7 callbacks suppressed [ 127.526550][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 128.938565][ T6070] loop0: detected capacity change from 0 to 1024 [ 128.948172][ T6070] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 128.993578][ T6068] Illegal XDP return value 4294967274 on prog (id 17) dev N/A, expect packet loss! [ 129.050476][ T6070] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 129.143586][ T6070] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.305159][ T6081] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.47' sets config #1986356271 [ 131.372902][ T6073] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 131.463887][ T42] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 2048 with error 28 [ 131.514347][ T42] EXT4-fs (loop0): This should not happen!! Data will be lost [ 131.514347][ T42] [ 131.742061][ T42] EXT4-fs (loop0): Total free blocks count 0 [ 131.880592][ T6086] netlink: 452 bytes leftover after parsing attributes in process `syz.3.48'. [ 131.903189][ T6086] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 132.027900][ T42] EXT4-fs (loop0): Free/Dirty block details [ 132.053764][ T42] EXT4-fs (loop0): free_blocks=4293918720 [ 132.081670][ T42] EXT4-fs (loop0): dirty_blocks=4800 [ 133.092373][ T42] EXT4-fs (loop0): Block reservation details [ 133.098448][ T42] EXT4-fs (loop0): i_reserved_data_blocks=300 [ 133.331056][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.338614][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.591247][ T42] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2088 with max blocks 2048 with error 28 [ 136.265560][ T6104] loop0: detected capacity change from 0 to 1024 [ 136.316227][ T6104] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 136.388445][ T6104] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz.0.55: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 136.429170][ T6104] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.55: couldn't read orphan inode 11 (err -117) [ 136.654067][ T6104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.529316][ T6104] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.55: Invalid block bitmap block 0 in block_group 0 [ 139.200057][ T6104] Quota error (device loop0): write_blk: dquota write failed [ 139.264783][ T6104] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 139.314681][ T6104] EXT4-fs error (device loop0): ext4_acquire_dquot:6940: comm syz.0.55: Failed to acquire dquot type 0 [ 139.433483][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.443591][ T2935] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8 [ 139.472955][ T2935] EXT4-fs error (device loop0): ext4_release_dquot:6976: comm kworker/u4:8: Failed to release dquot type 0 [ 149.832350][ T5792] Bluetooth: hci2: command tx timeout [ 152.140592][ T6162] loop0: detected capacity change from 0 to 512 [ 152.213595][ T6162] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 152.335175][ T6162] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.479297][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.547884][ T6168] loop2: detected capacity change from 0 to 2048 [ 154.582717][ T6160] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 161.838843][ T6202] netlink: 20 bytes leftover after parsing attributes in process `syz.2.81'. [ 162.843615][ T6209] loop2: detected capacity change from 0 to 2048 [ 163.016170][ T6209] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 165.001659][ T6220] trusted_key: syz.0.86 sent an empty control message without MSG_MORE. [ 166.557795][ T6224] 9pnet_fd: Insufficient options for proto=fd [ 168.381227][ T6225] loop2: detected capacity change from 0 to 4096 [ 168.433597][ T6225] ext4: Unknown parameter 'subj_type' [ 168.522402][ T6163] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 170.626196][ T6239] loop2: detected capacity change from 0 to 2048 [ 170.654878][ T6239] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 170.684093][ T6239] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 172.953303][ T6244] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field [ 174.429460][ T6254] loop1: detected capacity change from 0 to 8 [ 174.823600][ T5792] Bluetooth: Unexpected continuation frame (len 20) [ 184.417673][ T6308] netlink: 452 bytes leftover after parsing attributes in process `syz.1.113'. [ 189.758027][ T6332] loop0: detected capacity change from 0 to 1024 [ 189.776696][ T6332] EXT4-fs: Ignoring removed bh option [ 189.803288][ T6332] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 189.877095][ T6332] EXT4-fs: test_dummy_encryption requires encrypt feature [ 193.429500][ T28] audit: type=1326 audit(1757717977.065:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz.0.123" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f299658eba9 code=0x0 [ 194.696108][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.702593][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.167654][ T6353] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'. [ 195.353806][ T6353] netlink: 4 bytes leftover after parsing attributes in process `syz.0.126'. [ 201.397156][ T6376] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 207.019560][ T5104] Bluetooth: hci1: command 0x0406 tx timeout [ 207.019631][ T5797] Bluetooth: hci0: command 0x0406 tx timeout [ 207.019747][ T5797] Bluetooth: hci2: command 0x0406 tx timeout [ 207.025820][ T5104] Bluetooth: hci3: command 0x0406 tx timeout [ 207.498843][ T5792] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 207.542817][ T5792] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 207.551132][ T5792] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 207.560152][ T5792] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 207.568358][ T5792] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 207.584862][ T5792] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 209.653264][ T5801] Bluetooth: hci4: command tx timeout [ 211.045374][ T6398] chnl_net:caif_netlink_parms(): no params data found [ 211.515298][ T6420] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 211.732366][ T5801] Bluetooth: hci4: command tx timeout [ 212.730516][ T2935] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 214.289453][ T5801] Bluetooth: hci4: command tx timeout [ 214.478917][ T2935] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.375734][ T6452] loop1: detected capacity change from 0 to 128 [ 215.393577][ T6398] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.400889][ T6398] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.411003][ T6452] FAT-fs (loop1): Unrecognized mount option "ÿ18446744073709551615" or missing value [ 215.439991][ T6398] bridge_slave_0: entered allmulticast mode [ 215.473711][ T6398] bridge_slave_0: entered promiscuous mode [ 215.654186][ T6398] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.661377][ T6398] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.043375][ T6454] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 216.265176][ T6398] bridge_slave_1: entered allmulticast mode [ 216.273690][ T6398] bridge_slave_1: entered promiscuous mode [ 216.492917][ T5801] Bluetooth: hci4: command tx timeout [ 216.514211][ T2935] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.219648][ T2935] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.286341][ T6398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.864213][ T6398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 223.113574][ T6398] team0: Port device team_slave_0 added [ 223.153933][ T6398] team0: Port device team_slave_1 added [ 223.437908][ T6398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 223.458727][ T6398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.596285][ T6398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 224.902487][ T6398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 224.909537][ T6398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 224.992646][ T6398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 225.387572][ T6398] hsr_slave_0: entered promiscuous mode [ 225.421874][ T6398] hsr_slave_1: entered promiscuous mode [ 225.451406][ T6398] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 225.472726][ T6398] Cannot create hsr debugfs directory [ 227.419915][ T6496] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 230.956231][ T6398] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 231.054246][ T6398] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 231.455937][ T6398] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 231.510774][ T6398] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 233.517675][ T6398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 233.535803][ T6398] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.586645][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.593855][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.602891][ T6548] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.163' sets config #1986356271 [ 233.632809][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.640046][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 235.075320][ T2935] hsr_slave_0: left promiscuous mode [ 236.921753][ T6561] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 237.136348][ T2935] hsr_slave_1: left promiscuous mode [ 237.153919][ T2935] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 237.187598][ T2935] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 237.273483][ T2935] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 237.337878][ T2935] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 237.413175][ T2935] bridge_slave_1: left allmulticast mode [ 237.419033][ T2935] bridge_slave_1: left promiscuous mode [ 237.463884][ T2935] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.539616][ T2935] bridge_slave_0: left allmulticast mode [ 237.576127][ T2935] bridge_slave_0: left promiscuous mode [ 237.606826][ T2935] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.780603][ T2935] veth1_macvtap: left promiscuous mode [ 237.795174][ T2935] veth0_macvtap: left promiscuous mode [ 237.903553][ T2935] veth1_vlan: left promiscuous mode [ 237.928899][ T2935] veth0_vlan: left promiscuous mode [ 238.586394][ T6582] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.174' sets config #1986356271 [ 245.321233][ T2935] team0 (unregistering): Port device team_slave_1 removed [ 245.462714][ T2935] team0 (unregistering): Port device team_slave_0 removed [ 245.623186][ T2935] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 245.776955][ T2935] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 247.327319][ T2935] bond0 (unregistering): Released all slaves [ 250.344097][ T6398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.976365][ T6398] veth0_vlan: entered promiscuous mode [ 254.059529][ T6398] veth1_vlan: entered promiscuous mode [ 254.746076][ T6398] veth0_macvtap: entered promiscuous mode [ 254.837508][ T6398] veth1_macvtap: entered promiscuous mode [ 254.959091][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 254.969730][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.981811][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.013116][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.032614][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.054239][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.084208][ T6398] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 255.145541][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.332452][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.345120][ T6666] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.183' sets config #1986356271 [ 255.362447][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.652896][ T6667] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 255.886799][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.937289][ T6398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.951483][ T6398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.963674][ T6398] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.111921][ T6398] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.120850][ T6398] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.129730][ T6398] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.141288][ T6398] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.153174][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.159660][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.071559][ T2908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.111900][ T2908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.203795][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.252646][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.384932][ T6719] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.197' sets config #1986356271 [ 269.009772][ T6752] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 271.839307][ T6771] netlink: 452 bytes leftover after parsing attributes in process `syz.1.203'. [ 273.328793][ T6773] loop1: detected capacity change from 0 to 1024 [ 273.364820][ T6773] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 273.770609][ T6773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 274.625103][ T6785] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.210' sets config #1986356271 [ 275.538704][ T6773] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 276.656031][ T2935] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 276.820825][ T2935] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 2048 with error 28 [ 276.860292][ T2935] EXT4-fs (loop1): This should not happen!! Data will be lost [ 276.860292][ T2935] [ 276.877898][ T2935] EXT4-fs (loop1): Total free blocks count 0 [ 276.884404][ T2935] EXT4-fs (loop1): Free/Dirty block details [ 276.890452][ T2935] EXT4-fs (loop1): free_blocks=4293918720 [ 276.967112][ T2935] EXT4-fs (loop1): dirty_blocks=3472 [ 277.012477][ T2935] EXT4-fs (loop1): Block reservation details [ 277.018540][ T2935] EXT4-fs (loop1): i_reserved_data_blocks=217 [ 277.343966][ T2935] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2088 with max blocks 1404 with error 28 [ 282.355686][ T6823] loop2: detected capacity change from 0 to 128 [ 282.399818][ T6823] FAT-fs (loop2): Unrecognized mount option "ÿ18446744073709551615" or missing value [ 291.756469][ T6856] netlink: 452 bytes leftover after parsing attributes in process `syz.1.217'. [ 293.428210][ T5792] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 293.447927][ T5792] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 293.462825][ T5792] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 293.475266][ T5792] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 293.483827][ T5792] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 293.498946][ T5792] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 295.595368][ T5801] Bluetooth: hci0: command tx timeout [ 297.672535][ T5801] Bluetooth: hci0: command tx timeout [ 298.311016][ T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 298.424407][ T5792] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 298.471880][ T5792] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 298.485061][ T5792] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 298.515358][ T5792] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 298.533052][ T5792] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 298.553731][ T5792] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 299.269214][ T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.367420][ T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.573377][ T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.763207][ T5792] Bluetooth: hci0: command tx timeout [ 301.183260][ T5801] Bluetooth: hci3: command tx timeout [ 301.189442][ T5792] Bluetooth: hci1: command 0x0406 tx timeout [ 301.457754][ T6860] chnl_net:caif_netlink_parms(): no params data found [ 301.894975][ T5792] Bluetooth: hci0: command tx timeout [ 302.761974][ T6860] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.772977][ T6860] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.791737][ T6860] bridge_slave_0: entered allmulticast mode [ 302.813029][ T6860] bridge_slave_0: entered promiscuous mode [ 302.860737][ T6860] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.871576][ T6860] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.910367][ T6860] bridge_slave_1: entered allmulticast mode [ 302.945073][ T6860] bridge_slave_1: entered promiscuous mode [ 303.261236][ T5792] Bluetooth: hci3: command tx timeout [ 304.998629][ T6946] loop2: detected capacity change from 0 to 128 [ 305.025308][ T6946] FAT-fs (loop2): Unrecognized mount option "ÿ18446744073709551615" or missing value [ 305.038650][ T6860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 305.083319][ T6860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 305.117229][ T6893] chnl_net:caif_netlink_parms(): no params data found [ 305.156382][ T6946] loop2: detected capacity change from 0 to 1764 [ 305.409034][ T5792] Bluetooth: hci3: command tx timeout [ 305.589665][ T6860] team0: Port device team_slave_0 added [ 305.810788][ T6860] team0: Port device team_slave_1 added [ 306.174316][ T6860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 306.181425][ T6860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 306.263041][ T6860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 306.424739][ T6860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 306.442050][ T6860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 306.505801][ T6860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 307.006160][ T6893] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.032401][ T6893] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.052434][ T6893] bridge_slave_0: entered allmulticast mode [ 307.060012][ T6893] bridge_slave_0: entered promiscuous mode [ 307.517989][ T5792] Bluetooth: hci3: command tx timeout [ 307.567062][ T6860] hsr_slave_0: entered promiscuous mode [ 307.586997][ T6860] hsr_slave_1: entered promiscuous mode [ 307.599678][ T6860] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 307.616899][ T6860] Cannot create hsr debugfs directory [ 307.648183][ T6893] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.668083][ T6893] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.675663][ T6893] bridge_slave_1: entered allmulticast mode [ 307.687653][ T6893] bridge_slave_1: entered promiscuous mode [ 309.177427][ T6893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 309.249802][ T6893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 309.930282][ T11] hsr_slave_0: left promiscuous mode [ 309.943241][ T11] hsr_slave_1: left promiscuous mode [ 309.992978][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 310.000470][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 310.049682][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 310.072561][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 310.106780][ T11] bridge_slave_1: left allmulticast mode [ 310.133457][ T11] bridge_slave_1: left promiscuous mode [ 310.139411][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.192436][ T11] bridge_slave_0: left allmulticast mode [ 310.198257][ T11] bridge_slave_0: left promiscuous mode [ 310.291560][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 310.420148][ T11] veth1_macvtap: left promiscuous mode [ 310.460507][ T11] veth0_macvtap: left promiscuous mode [ 310.484137][ T11] veth1_vlan: left promiscuous mode [ 310.510269][ T11] veth0_vlan: left promiscuous mode [ 312.899050][ T7016] loop1: detected capacity change from 0 to 128 [ 312.920552][ T7016] FAT-fs (loop1): Unrecognized mount option "ÿ18446744073709551615" or missing value [ 312.971359][ T6914] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 313.007473][ T7016] loop1: detected capacity change from 0 to 1764 [ 314.223308][ T11] team0 (unregistering): Port device team_slave_1 removed [ 314.335815][ T11] team0 (unregistering): Port device team_slave_0 removed [ 314.461240][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 314.612946][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 314.914708][ T7028] netlink: 452 bytes leftover after parsing attributes in process `syz.2.246'. [ 317.763599][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.778946][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.985364][ T11] bond0 (unregistering): Released all slaves [ 322.316202][ T6893] team0: Port device team_slave_0 added [ 323.992643][ T6893] team0: Port device team_slave_1 added [ 324.124108][ T6893] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 324.131203][ T6893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.202618][ T6893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 324.325788][ T6893] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 324.342433][ T6893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 324.402323][ T6893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 324.603027][ T6893] hsr_slave_0: entered promiscuous mode [ 324.623318][ T6893] hsr_slave_1: entered promiscuous mode [ 324.644907][ T6893] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 324.662311][ T6893] Cannot create hsr debugfs directory [ 324.739992][ T7052] loop1: detected capacity change from 0 to 128 [ 324.769808][ T7052] FAT-fs (loop1): Unrecognized mount option "ÿ18446744073709551615" or missing value [ 324.899722][ T7052] loop1: detected capacity change from 0 to 1764 [ 329.212395][ T6860] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 329.289314][ T6860] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 329.364959][ T6860] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 329.408763][ T6860] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 329.831412][ T6893] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 329.891677][ T6893] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 329.956985][ T6893] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 332.306640][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.352343][ T6893] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 332.622548][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.809599][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.575677][ T6860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 334.667629][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 334.807563][ T6893] 8021q: adding VLAN 0 to HW filter on device bond0 [ 334.851726][ T6860] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.916239][ T6893] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.994476][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.001740][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 335.034287][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.041491][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 335.131878][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.139137][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 335.183881][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.191095][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 338.028358][ T6893] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 338.181754][ T6860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 343.579291][ T6893] veth0_vlan: entered promiscuous mode [ 343.652803][ T11] hsr_slave_0: left promiscuous mode [ 343.683955][ T11] hsr_slave_1: left promiscuous mode [ 343.690373][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 343.712260][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 343.720633][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 343.743395][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 343.756944][ T11] bridge_slave_1: left allmulticast mode [ 343.770204][ T11] bridge_slave_1: left promiscuous mode [ 343.784098][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.800874][ T11] bridge_slave_0: left allmulticast mode [ 343.812449][ T11] bridge_slave_0: left promiscuous mode [ 343.822891][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.910813][ T11] veth1_macvtap: left promiscuous mode [ 343.916552][ T11] veth0_macvtap: left promiscuous mode [ 343.932789][ T11] veth1_vlan: left promiscuous mode [ 343.938214][ T11] veth0_vlan: left promiscuous mode [ 349.456821][ T11] team0 (unregistering): Port device team_slave_1 removed [ 349.619889][ T11] team0 (unregistering): Port device team_slave_0 removed [ 349.797862][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 350.003034][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 350.043238][ T5801] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 350.053291][ T5801] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 350.066792][ T5801] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 350.076699][ T5801] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 350.099106][ T5801] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 350.107636][ T5801] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 352.212318][ T5792] Bluetooth: hci4: command tx timeout [ 352.636767][ T7221] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 352.995317][ T11] bond0 (unregistering): Released all slaves [ 353.105546][ T6860] veth0_vlan: entered promiscuous mode [ 353.338312][ T6893] veth1_vlan: entered promiscuous mode [ 353.736950][ T6893] veth0_macvtap: entered promiscuous mode [ 353.791166][ T6893] veth1_macvtap: entered promiscuous mode [ 353.985583][ T6893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.052261][ T6893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.082194][ T6893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.102196][ T6893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.125629][ T6893] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 354.305417][ T5792] Bluetooth: hci4: command tx timeout [ 355.807773][ T6893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.836558][ T6893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.856267][ T6893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.894440][ T6893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.944167][ T6893] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 356.376947][ T5792] Bluetooth: hci4: command tx timeout [ 356.546353][ T7213] chnl_net:caif_netlink_parms(): no params data found [ 357.381054][ T5801] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 357.968458][ T5801] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 357.984311][ T5801] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 357.993860][ T5801] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 358.007076][ T5801] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 358.015912][ T5801] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 358.462679][ T5801] Bluetooth: hci4: command tx timeout [ 358.678007][ T7213] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.690931][ T7213] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.706769][ T7213] bridge_slave_0: entered allmulticast mode [ 358.714262][ T7213] bridge_slave_0: entered promiscuous mode [ 358.743475][ T7213] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.751141][ T7213] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.762909][ T7213] bridge_slave_1: entered allmulticast mode [ 358.771015][ T7213] bridge_slave_1: entered promiscuous mode [ 359.761634][ T7213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 361.382493][ T5801] Bluetooth: hci0: command tx timeout [ 361.387786][ T7213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 361.772966][ T7213] team0: Port device team_slave_0 added [ 361.841832][ T7213] team0: Port device team_slave_1 added [ 361.951100][ T7213] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 361.969187][ T7213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.026283][ T7213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 362.158697][ T7213] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 362.178078][ T7213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.263136][ T7213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 362.519529][ T7213] hsr_slave_0: entered promiscuous mode [ 362.572734][ T7213] hsr_slave_1: entered promiscuous mode [ 362.601180][ T7213] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 362.621639][ T7213] Cannot create hsr debugfs directory [ 363.412481][ T5801] Bluetooth: hci0: command tx timeout [ 363.667117][ T7294] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 364.166041][ T7255] chnl_net:caif_netlink_parms(): no params data found [ 364.601191][ T11] hsr_slave_0: left promiscuous mode [ 364.652525][ T11] hsr_slave_1: left promiscuous mode [ 364.682530][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 364.703439][ T7317] loop1: detected capacity change from 0 to 256 [ 364.710450][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 364.743283][ T11] bridge_slave_1: left allmulticast mode [ 364.749000][ T11] bridge_slave_1: left promiscuous mode [ 364.759904][ T7317] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 364.800528][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.816730][ T11] bridge_slave_0: left allmulticast mode [ 364.827034][ T11] bridge_slave_0: left promiscuous mode [ 364.833371][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.866669][ T11] veth0_vlan: left promiscuous mode [ 366.579571][ T5801] Bluetooth: hci0: command tx timeout [ 367.581217][ T11] team0 (unregistering): Port device team_slave_1 removed [ 367.644608][ T11] team0 (unregistering): Port device team_slave_0 removed [ 367.747397][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 367.827108][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 368.622710][ T5801] Bluetooth: hci0: command tx timeout [ 369.349523][ T11] bond0 (unregistering): Released all slaves [ 369.851834][ T7313] netlink: 56 bytes leftover after parsing attributes in process `syz.1.283'. [ 370.263268][ T7255] bridge0: port 1(bridge_slave_0) entered blocking state [ 370.271980][ T7255] bridge0: port 1(bridge_slave_0) entered disabled state [ 370.289700][ T7255] bridge_slave_0: entered allmulticast mode [ 370.297671][ T7255] bridge_slave_0: entered promiscuous mode [ 370.501976][ T7344] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 370.560138][ T7255] bridge0: port 2(bridge_slave_1) entered blocking state [ 370.641094][ T7255] bridge0: port 2(bridge_slave_1) entered disabled state [ 370.724786][ T7255] bridge_slave_1: entered allmulticast mode [ 370.811172][ T7255] bridge_slave_1: entered promiscuous mode [ 371.136618][ T7255] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 371.166141][ T7255] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 371.337868][ T7354] loop1: detected capacity change from 0 to 8192 [ 371.421002][ T7255] team0: Port device team_slave_0 added [ 371.494300][ T7255] team0: Port device team_slave_1 added [ 372.580319][ T7213] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 372.629483][ T7213] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 372.665015][ T7255] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 372.672017][ T7255] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 372.752948][ T7255] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 372.802790][ T7213] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 372.834782][ T7255] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 372.841773][ T7255] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 372.916220][ T7255] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 372.988110][ T7213] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 373.535389][ T7255] hsr_slave_0: entered promiscuous mode [ 374.069096][ T7255] hsr_slave_1: entered promiscuous mode [ 374.084020][ T7255] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 374.095118][ T7255] Cannot create hsr debugfs directory [ 374.647455][ T7385] loop1: detected capacity change from 0 to 256 [ 374.738054][ T7385] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x76dfe2a7, utbl_chksum : 0xe619d30d) [ 374.766761][ T7385] exFAT-fs (loop1): failed to load alloc-bitmap [ 374.783146][ T7385] exFAT-fs (loop1): failed to recognize exfat type [ 374.960114][ T28] audit: type=1326 audit(1757718158.595:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.1.294" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe7ec58eba9 code=0x0 [ 375.808068][ T7397] netlink: 452 bytes leftover after parsing attributes in process `syz.1.295'. [ 375.949821][ T7213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 376.098249][ T7213] 8021q: adding VLAN 0 to HW filter on device team0 [ 376.250225][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.257506][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 376.354236][ T2987] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.361505][ T2987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 378.468232][ T7409] loop1: detected capacity change from 0 to 512 [ 378.518574][ T7255] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 378.817744][ T7255] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 378.875334][ T7255] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 379.031877][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.039057][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.139041][ T2935] hsr_slave_0: left promiscuous mode [ 379.152503][ T2935] hsr_slave_1: left promiscuous mode [ 379.179285][ T2935] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 379.192595][ T2935] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 379.214673][ T2935] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 379.234792][ T2935] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 379.272374][ T2935] bridge_slave_1: left allmulticast mode [ 379.278101][ T2935] bridge_slave_1: left promiscuous mode [ 379.298809][ T2935] bridge0: port 2(bridge_slave_1) entered disabled state [ 379.331044][ T2935] bridge_slave_0: left allmulticast mode [ 379.337318][ T2935] bridge_slave_0: left promiscuous mode [ 379.353520][ T2935] bridge0: port 1(bridge_slave_0) entered disabled state [ 379.405254][ T2935] veth1_macvtap: left promiscuous mode [ 379.411860][ T2935] veth0_macvtap: left promiscuous mode [ 379.420202][ T2935] veth1_vlan: left promiscuous mode [ 379.428548][ T2935] veth0_vlan: left promiscuous mode [ 381.416474][ T2935] team0 (unregistering): Port device team_slave_1 removed [ 381.506042][ T2935] team0 (unregistering): Port device team_slave_0 removed [ 382.840291][ T2935] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 382.899868][ T2935] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 383.521394][ T2935] bond0 (unregistering): Released all slaves [ 385.238181][ T7255] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 385.554572][ T7213] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 387.627181][ T7255] 8021q: adding VLAN 0 to HW filter on device bond0 [ 387.713998][ T7255] 8021q: adding VLAN 0 to HW filter on device team0 [ 387.764260][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 387.771479][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 387.816732][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 387.823986][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 388.069003][ T7213] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 388.647848][ T7255] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 389.094872][ T7213] veth0_vlan: entered promiscuous mode [ 389.189175][ T7213] veth1_vlan: entered promiscuous mode [ 390.789968][ T7213] veth0_macvtap: entered promiscuous mode [ 390.847238][ T7213] veth1_macvtap: entered promiscuous mode [ 390.926257][ T7213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 390.972302][ T7213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.002172][ T7213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 391.031906][ T7213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.075081][ T7213] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 391.131810][ T7213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 391.192299][ T7213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.225964][ T7213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 391.268713][ T7213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 391.305273][ T7213] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 391.416659][ T7213] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.479896][ T7213] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.501474][ T7213] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.540997][ T7213] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 391.695935][ T7255] veth0_vlan: entered promiscuous mode [ 391.826418][ T7255] veth1_vlan: entered promiscuous mode [ 391.836510][ T7146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 391.872371][ T7146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 392.027791][ T7146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 392.047723][ T7146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 392.106153][ T7255] veth0_macvtap: entered promiscuous mode [ 392.170994][ T7255] veth1_macvtap: entered promiscuous mode [ 392.258487][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.274308][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.352333][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.403367][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.441679][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 392.493710][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.515182][ T7255] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 392.575006][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.586027][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.625347][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.662700][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.691335][ T7255] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 392.693304][ T7496] loop5: detected capacity change from 0 to 4096 [ 392.747773][ T7255] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 392.794209][ T7255] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 392.810577][ T7496] ext4: Unknown parameter 'subj_type' [ 392.850226][ T7255] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.892548][ T7255] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.932090][ T7255] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.950540][ T7499] loop1: detected capacity change from 0 to 4096 [ 392.957366][ T7255] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 392.979683][ T7499] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 392.987839][ T7499] UDF-fs: Scanning with blocksize 512 failed [ 393.036396][ T7499] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 393.312495][ T28] audit: type=1800 audit(1757718176.945:8): pid=7499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.305" name="bus" dev="loop1" ino=1347 res=0 errno=0 [ 393.362289][ T2908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 393.400732][ T2908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 393.571941][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 393.632188][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 398.017978][ T7524] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 408.599396][ T7571] loop1: detected capacity change from 0 to 4096 [ 408.648247][ T7571] ext4: Unknown parameter 'subj_type' [ 409.196018][ T7582] loop1: detected capacity change from 0 to 256 [ 409.249472][ T7582] exfat: Deprecated parameter 'namecase' [ 409.288498][ T7582] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 409.325195][ T7582] exFAT-fs (loop1): Invalid exboot-signature(sector = 1): 0xaa000000 [ 409.382806][ T7582] exFAT-fs (loop1): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x1219aba6) [ 409.428764][ T7582] exFAT-fs (loop1): invalid boot region [ 409.451924][ T7582] exFAT-fs (loop1): failed to recognize exfat type [ 414.949342][ T7618] loop1: detected capacity change from 0 to 2048 [ 415.024723][ T7618] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.484967][ T7623] Bluetooth: MGMT ver 1.22 [ 415.569268][ T7621] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 416.031636][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.925599][ T7655] loop2: detected capacity change from 0 to 128 [ 422.004338][ T7655] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 422.037313][ T7655] ext4 filesystem being mounted at /101/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 422.219246][ T7655] general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN [ 422.231148][ T7655] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [ 422.239600][ T7655] CPU: 0 PID: 7655 Comm: syz.2.328 Not tainted syzkaller #0 [ 422.246891][ T7655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 422.257051][ T7655] RIP: 0010:utf8nlookup+0x39/0xa50 [ 422.262276][ T7655] Code: 89 44 24 10 49 89 ce 48 89 14 24 89 f5 49 89 fd 49 bf 00 00 00 00 00 fc ff df e8 62 e5 f7 fe 49 8d 5d 18 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 68 30 4f ff 48 8b 1b 48 83 c3 30 [ 422.281913][ T7655] RSP: 0018:ffffc900054c7440 EFLAGS: 00010206 [ 422.288088][ T7655] RAX: 0000000000000003 RBX: 0000000000000018 RCX: 0000000000080000 [ 422.296064][ T7655] RDX: ffffc9000d06b000 RSI: 0000000000000454 RDI: 0000000000000455 [ 422.304047][ T7655] RBP: 0000000000000001 R08: 0000000000000003 R09: 0000000000000000 [ 422.312027][ T7655] R10: ffffc900054c75d8 R11: fffff52000a98ebe R12: dffffc0000000000 [ 422.320027][ T7655] R13: 0000000000000000 R14: ffff888076b97c58 R15: dffffc0000000000 [ 422.328013][ T7655] FS: 00007f11eb8086c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 422.336960][ T7655] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 422.343555][ T7655] CR2: 00007f11e07f7000 CR3: 000000005d0ec000 CR4: 00000000003506f0 [ 422.351531][ T7655] Call Trace: [ 422.354814][ T7655] [ 422.357770][ T7655] ? __kasan_kmalloc+0x8f/0xa0 [ 422.362565][ T7655] ? ext4_fname_prepare_lookup+0x213/0x3a0 [ 422.368384][ T7655] ? ext4_lookup+0xfa/0x6d0 [ 422.372909][ T7655] ? __lookup_slow+0x281/0x3b0 [ 422.377684][ T7655] ? lookup_slow+0x53/0x70 [ 422.382117][ T7655] utf8byte+0x34f/0x1370 [ 422.386390][ T7655] ? utf8ncursor+0x170/0x210 [ 422.390995][ T7655] utf8_casefold+0x130/0x230 [ 422.395596][ T7655] ? utf8_strncasecmp_folded+0x250/0x250 [ 422.401247][ T7655] ext4_fname_setup_ci_filename+0x1d5/0x430 [ 422.407254][ T7655] ext4_fname_prepare_lookup+0x213/0x3a0 [ 422.412906][ T7655] ? ext4_fname_free_filename+0xb0/0xb0 [ 422.418468][ T7655] ? d_alloc_parallel+0x1373/0x1480 [ 422.423681][ T7655] ext4_lookup+0xfa/0x6d0 [ 422.428020][ T7655] ? ext4_add_entry+0xd70/0xd70 [ 422.432882][ T7655] ? __init_waitqueue_head+0xa9/0x150 [ 422.438256][ T7655] __lookup_slow+0x281/0x3b0 [ 422.442857][ T7655] ? lookup_one_len+0x2c0/0x2c0 [ 422.447722][ T7655] ? try_to_unlazy+0x34c/0x5a0 [ 422.452576][ T7655] ? down_read+0x1ac/0x2e0 [ 422.457000][ T7655] lookup_slow+0x53/0x70 [ 422.461250][ T7655] link_path_walk+0x970/0xe00 [ 422.465936][ T7655] ? handle_lookup_down+0x130/0x130 [ 422.471146][ T7655] path_lookupat+0x9d/0x440 [ 422.475667][ T7655] filename_lookup+0x1f4/0x510 [ 422.480438][ T7655] ? __virt_addr_valid+0x18c/0x540 [ 422.485557][ T7655] ? hashlen_string+0x110/0x110 [ 422.490445][ T7655] ? strncpy_from_user+0x197/0x2e0 [ 422.495590][ T7655] ? getname_flags+0x20a/0x500 [ 422.500366][ T7655] user_path_at_empty+0x42/0x60 [ 422.505231][ T7655] __se_sys_chdir+0x95/0x290 [ 422.509827][ T7655] ? __x64_sys_chdir+0x40/0x40 [ 422.514599][ T7655] ? lockdep_hardirqs_on+0x98/0x150 [ 422.519809][ T7655] do_syscall_64+0x55/0xb0 [ 422.524232][ T7655] ? clear_bhb_loop+0x40/0x90 [ 422.528910][ T7655] ? clear_bhb_loop+0x40/0x90 [ 422.533592][ T7655] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 422.539500][ T7655] RIP: 0033:0x7f11ea98eba9 [ 422.543965][ T7655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.563598][ T7655] RSP: 002b:00007f11eb808038 EFLAGS: 00000246 ORIG_RAX: 0000000000000050 [ 422.572105][ T7655] RAX: ffffffffffffffda RBX: 00007f11eabd5fa0 RCX: 00007f11ea98eba9 [ 422.580096][ T7655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000002c0 [ 422.588101][ T7655] RBP: 00007f11eaa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 422.596077][ T7655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 422.604068][ T7655] R13: 00007f11eabd6038 R14: 00007f11eabd5fa0 R15: 00007ffc384b92a8 [ 422.612052][ T7655] [ 422.615086][ T7655] Modules linked in: [ 423.588269][ T7575] udevd[7575]: incorrect jbd checksum on /dev/loop2 [ 423.684511][ T7655] ---[ end trace 0000000000000000 ]--- [ 423.711027][ T7655] RIP: 0010:utf8nlookup+0x39/0xa50 [ 423.733070][ T7655] Code: 89 44 24 10 49 89 ce 48 89 14 24 89 f5 49 89 fd 49 bf 00 00 00 00 00 fc ff df e8 62 e5 f7 fe 49 8d 5d 18 48 89 d8 48 c1 e8 03 <42> 80 3c 38 00 74 08 48 89 df e8 68 30 4f ff 48 8b 1b 48 83 c3 30 [ 423.802608][ T7655] RSP: 0018:ffffc900054c7440 EFLAGS: 00010206 [ 423.808765][ T7655] RAX: 0000000000000003 RBX: 0000000000000018 RCX: 0000000000080000 [ 423.843676][ T7655] RDX: ffffc9000d06b000 RSI: 0000000000000454 RDI: 0000000000000455 [ 423.865805][ T7655] RBP: 0000000000000001 R08: 0000000000000003 R09: 0000000000000000 [ 423.894418][ T7655] R10: ffffc900054c75d8 R11: fffff52000a98ebe R12: dffffc0000000000 [ 423.925778][ T7655] R13: 0000000000000000 R14: ffff888076b97c58 R15: dffffc0000000000 [ 423.958597][ T7655] FS: 00007f11eb8086c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 423.992995][ T7655] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 424.019497][ T7655] CR2: 00005571a26e9078 CR3: 000000005d0ec000 CR4: 00000000003506f0 [ 424.048492][ T7655] Kernel panic - not syncing: Fatal exception [ 424.054961][ T7655] Kernel Offset: disabled [ 424.059302][ T7655] Rebooting in 86400 seconds..