last executing test programs: 17m20.154374205s ago: executing program 32 (id=11): socket$can_raw(0x1d, 0x3, 0x1) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$PTRACE_SETSIGMASK(0x420b, r0, 0x8, &(0x7f0000000000)={[0x5]}) 17m6.131153687s ago: executing program 3 (id=37): r0 = syz_usb_connect(0x2, 0x2d, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x63) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = mq_open(&(0x7f0000000000)='!selinu\xff\x7f\x00\x00inux\x00T\x8b\xb5\xf3\xcb\xdd\xe3\xbf2\x86\x01\x84\xdd\x8a\x8f_l\xa1L\xb1\xef\xb2\xc9\xf7+C\xb2\x8e9\xb8\xec\x1a\xe5\xaeq\x8fZ\xff\xbcY+\xaf0<\xa3\xb8\"Zm\x1c\x18\x11\x93\xb5z \xc2\x8b\xa9\xc5\x9es\t\xfe\x002\xa0-\xaf\xcdP\x9f\xe5Iv\xce*\xa8\xa3\x14i\x05\x8f\x9b\x1eB\x9f\x9d#E\x19\xdc\xfe\xc7\xeb\xb5\xcd\xc8\xe2U\xce\x00\x00', 0x6e93ebbbcc0884f2, 0x2c, &(0x7f0000000300)={0x2, 0x1, 0x5}) mq_timedreceive(r4, &(0x7f0000000340)=""/200, 0xc8, 0x200000000000, 0x0) lchown(&(0x7f0000000080)='./file0\x00', 0x0, 0xee00) syz_usb_control_io$rtl8150(r0, &(0x7f0000000140)={0x14, 0x0, 0x0}, &(0x7f0000000300)={0x2c, 0x0, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000280)={0xc0, 0x5, 0x5, "555c1cf44b"}, 0x0}) semget$private(0x0, 0x4000000009, 0x668) 17m2.440649759s ago: executing program 3 (id=41): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c000000020601080000000000000000000000000d0003006c6973743a736574000000000500050000000000050001000700000005000400000000000900020073797a32000000001400078008"], 0x5c}}, 0x0) 16m53.816880836s ago: executing program 3 (id=52): r0 = syz_usb_connect(0x2, 0x2d, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x63) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r1 = getpgrp(0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) mq_timedreceive(0xffffffffffffffff, &(0x7f0000000340)=""/200, 0xc8, 0x200000000000, 0x0) lchown(&(0x7f0000000080)='./file0\x00', 0x0, 0xee00) syz_usb_control_io$rtl8150(r0, &(0x7f0000000140)={0x14, 0x0, 0x0}, &(0x7f0000000300)={0x2c, 0x0, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000280)={0xc0, 0x5, 0x5, "555c1cf44b"}, 0x0}) semget$private(0x0, 0x4000000009, 0x668) 16m49.28814921s ago: executing program 3 (id=56): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) capset(&(0x7f0000000000)={0x20071026}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x80002, 0xffffffff, 0x2}) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x138) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000480), 0x0, 0x0) 16m48.544714804s ago: executing program 3 (id=58): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x10) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet6_udp(0xa, 0x2, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000100)={0x2c, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x2, 0x0, 0x0, @uid=r5}, @nested={0xb, 0x2, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0x5, 0x1, 0x0, 0x1, [@generic='+']}]}, 0x2c}], 0x1}, 0xcc000) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x8020) 16m46.215973062s ago: executing program 3 (id=61): r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x406, r0) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_clone(0x8000, 0x0, 0xffffffffffffffda, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xfffffffffffffff0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000902, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"}) ioctl$USBDEVFS_ALLOC_STREAMS(r6, 0x8008551c, &(0x7f0000000400)=ANY=[@ANYBLOB]) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000300)) 16m30.218769114s ago: executing program 33 (id=61): r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = fcntl$dupfd(r0, 0x406, r0) r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_clone(0x8000, 0x0, 0xffffffffffffffda, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xfffffffffffffff0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000902, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"}) ioctl$USBDEVFS_ALLOC_STREAMS(r6, 0x8008551c, &(0x7f0000000400)=ANY=[@ANYBLOB]) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000300)) 11m14.409131616s ago: executing program 0 (id=581): r0 = syz_usb_connect(0x2, 0x2d, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x63) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) mq_timedreceive(0xffffffffffffffff, &(0x7f0000000340)=""/200, 0xc8, 0x200000000000, 0x0) lchown(&(0x7f0000000080)='./file0\x00', 0x0, 0xee00) syz_usb_control_io$rtl8150(r0, &(0x7f0000000140)={0x14, 0x0, 0x0}, &(0x7f0000000300)={0x2c, 0x0, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000280)={0xc0, 0x5, 0x5, "555c1cf44b"}, 0x0}) semget$private(0x0, 0x4000000009, 0x668) 11m7.359388555s ago: executing program 0 (id=592): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x80000) socket$netlink(0x10, 0x3, 0xa) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000040)={{@local, 0xdd}, @any, 0x0, 0x0, 0x9, 0x0, 0x3, 0xffff, 0xf}) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$vfat(&(0x7f0000000400), &(0x7f00000000c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2008404, &(0x7f0000000b80)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYBLOB="999c07c03c5bc6a3d07b90faae21d196274f93a6593a9830472d5633665f2f51cfb24aaad481c74e142cd734ec6fd04935a94af71c756dbd6f5e2f39b2c4c30725d103d40d7e65129bb928ef73849dae618e438695e0a9078605ba418298145bf2fec11b0d16763288e7ecfe663aa5ff450d1e46d251160109c0378e04fe2629890c28366a6489e706ecf23195dc7f19e03fad", @ANYRESHEX, @ANYRESDEC, @ANYBLOB="c5ce1b9733c91520022860834995bd440de70a56f9b17205184d3be668bd36e2d9b2c62fb43e3a2a12e69d2eea113cf5ab1f668b2855d9a2bb426304b9bbf1debf4d593fe5"], 0x41, 0x2bd, &(0x7f00000007c0)="$eJzs3LFrE2EYx/HHpDZpSpsIIiioD7roEto4OGqQFsSAUpuiDsLVXjTkTMpdqETEZhFX/47i6Cao/0AXcXF3K4Lg0kE86d2lvbRpm7ZJk9rvB8r75p73x71NruVJILfy4N3zUsFJF4yqROIqEZG6rIqk1maBE8EY8eaDElaXq8O/v5+///DRnWwuNzGlOpmdvpZR1dGLn168en/pS3V45sPox5gspx6v/Mr8WB5cPrvyd/pZ0dGio+VKVQ2drVSqxqxl6lzRKaVV71mm4ZhaLDum3VQvWJX5+Zoa5bmRxLxtOo4a5ZqWzJpWK1q1a2o8NYplTafTOpKQYywiMtDGsvzS1JSR3bbsRju6KXTdUKuDtp2tty7mlw5hTwAAoM/s3P/7vf72/X9uxh/30v+f2b3/F6H/75J606Nd+n8cVdfDV79tZ41E8PfbjP4fAAAAAAAAAAAAAAAAAAAAAICjYNV1k67rJtfG4JD3OCYicRFxg3qPt4kuCb/+buhnl9f/Ro+2iw4LfXEvLmK9Xcgv5P3Rr2cLUhRLTBmTpPzxroeAP5+8nZsYU09KPluLQX5xIR+VWCPfkGqVv3Bq3M9rc/6kJMLnz0hSTrc+f6ZlflCuXA7l05KUr0+kIpbMedf1Rv71uOqtu7lN+SFvHQAAAAAA/4O0rtvy/t2rewvisrXu50OfD7iuu7jT5wOb3l8PyLl2blEJAAAAAAAOzKm9LBmWZdr7mMRE5ADxzk9cV6T324hKfzwbzZObItIH2zisSVxE/CO6n/jP9XhbKbeNNQMi0vOnZQ+TXv9nAgAAANBpG03/HkLf3nRxRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD/t3g+ssX5LqVHYIR46XfTQf0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgj/wLAAD//7KDHOI=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1f, 0x10, &(0x7f0000000bc0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$fuse(0x0, &(0x7f0000000ac0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100040, 0x0, 0x1, 0x0, 0x0) 11m5.746833576s ago: executing program 0 (id=594): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$pptp(0x18, 0x1, 0x2) connect$pptp(r5, &(0x7f0000000040)={0x18, 0x2, {0x2, @rand_addr=0x64010102}}, 0x1e) shutdown(r1, 0x0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000012c0)={0x24, 0x0, 0x407, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010100}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x40000) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r6, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x81, &(0x7f0000001180)={0xffffffffffffffff}, 0x111, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r7, 0x10, 0x0, @in={0x2, 0x4e22, @empty}}}, 0x90) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000680)={0x15, 0x110, 0xfa08, {r7, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x4e23, @empty}, @in={0x2, 0x8, @local}}}, 0x118) 11m3.935950314s ago: executing program 0 (id=596): syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x0, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==") mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x8) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f0000000000)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x141142, 0xeaff) 11m2.05932743s ago: executing program 0 (id=603): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x798, 0x3d8, 0x608, 0x1d0, 0x1d0, 0x3d8, 0x6f0, 0x6f0, 0x6f0, 0x6f0, 0x6f0, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @mcast1, [], [], 'veth1\x00', 'syz_tun\x00'}, 0x11e, 0xa8, 0x1d0, 0x1f000000, {0x0, 0x7}}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'unconfined\x00'}}}, {{@uncond, 0x0, 0x1e0, 0x208, 0x7400, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@dev, @empty, @remote, @private2, @private1, @dev, @loopback, @mcast2, @local, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, @loopback, @local, @private1, @dev]}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0xfff, 0x4}}}, {{@ipv6={@empty, @private0, [], [], 'sit0\x00', 'sit0\x00'}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@dst={{0x48}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x68}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@private, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7f8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) sched_getparam(r1, &(0x7f00000000c0)) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r3 = fsopen(&(0x7f00000001c0)='erofs\x00', 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r3, 0x4, &(0x7f0000000200)='dax\x00', &(0x7f0000000240)='./file0\x00', 0xffffffffffffff9c) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) read$msr(r2, 0x0, 0xfffffffffffffec9) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010800040000000000000b00000008000300", @ANYRES32=r6], 0x58}}, 0x0) socket(0x80000000000000a, 0x2, 0x0) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) fcntl$dupfd(r7, 0x406, r7) r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) socket(0x10, 0x80000, 0x401) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="0100000038ccd980bb0d0000000000010000000000000001410000001c001714000000006c6c65723000"/53], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r10, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x10, 0x13, @udp='udp:syz2\x00'}}, ["", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) eventfd2(0x0, 0x0) add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300e308002", 0x1001, r8) 10m56.940598132s ago: executing program 0 (id=612): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = semget$private(0x0, 0x6, 0x0) semop(r2, &(0x7f0000000000)=[{0x2, 0x0, 0x2000}], 0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) sendmmsg$inet(r4, &(0x7f0000005d00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x18}}], 0x1, 0x40008000) bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) fcntl$setstatus(r3, 0x4, 0x40800) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0xee01}, 0xc) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r5 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c) socket$inet(0x2, 0x800, 0x40000000) setsockopt$IP_VS_SO_SET_FLUSH(r5, 0x0, 0x485, 0x0, 0x0) 10m55.496214459s ago: executing program 2 (id=615): socket(0x400000000010, 0x3, 0x0) socket(0x2, 0x3, 0xff) r0 = fsopen(&(0x7f0000000340)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x86) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000040000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$inet6_sctp(0xa, 0x1, 0x84) userfaultfd(0x801) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) pipe2(&(0x7f0000000000), 0x80000) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x111, 0x5}}, 0x20) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) ppoll(&(0x7f0000000300)=[{r3, 0x4236}], 0x1, 0x0, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x8000001, &(0x7f0000000300), 0x2, 0x1}}, 0x20) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 10m54.650914011s ago: executing program 2 (id=618): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file1\x00', 0x60c42, 0xf) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) 10m53.259239263s ago: executing program 2 (id=619): r0 = syz_usb_connect(0x2, 0x2d, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x2) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) mq_timedreceive(0xffffffffffffffff, &(0x7f0000000340)=""/200, 0xc8, 0x200000000000, 0x0) lchown(&(0x7f0000000080)='./file0\x00', 0x0, 0xee00) syz_usb_control_io$rtl8150(r0, &(0x7f0000000140)={0x14, 0x0, 0x0}, &(0x7f0000000300)={0x2c, 0x0, &(0x7f0000000200)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000280)={0xc0, 0x5, 0x5, "555c1cf44b"}, 0x0}) semget$private(0x0, 0x4000000009, 0x668) 10m50.525226104s ago: executing program 2 (id=625): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNISCRNMAP(r1, 0x4b6a, 0x0) sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6(0xa, 0x1, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0) 10m49.214218355s ago: executing program 2 (id=629): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000540)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000040), 0x6) ioctl$sock_bt_hci(r4, 0x400448e6, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 10m46.946576603s ago: executing program 2 (id=631): mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) ioprio_set$uid(0x3, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) open(0x0, 0x143c62, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x2, 0x0, &(0x7f0000000100)) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102384, 0x18ff0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@dellink={0x40, 0x11, 0x1, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0xc0a742c700a80d57, 0x301}, [@IFLA_MAP={0x20, 0xe, {0xa7, 0x57, 0x100000001, 0x8, 0x2}}]}, 0x40}}, 0x800) 10m41.221556162s ago: executing program 34 (id=612): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = semget$private(0x0, 0x6, 0x0) semop(r2, &(0x7f0000000000)=[{0x2, 0x0, 0x2000}], 0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) sendmmsg$inet(r4, &(0x7f0000005d00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x18}}], 0x1, 0x40008000) bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) fcntl$setstatus(r3, 0x4, 0x40800) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0xee01}, 0xc) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r5 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c) socket$inet(0x2, 0x800, 0x40000000) setsockopt$IP_VS_SO_SET_FLUSH(r5, 0x0, 0x485, 0x0, 0x0) 10m31.622575817s ago: executing program 35 (id=631): mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) ioprio_set$uid(0x3, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) open(0x0, 0x143c62, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x2, 0x0, &(0x7f0000000100)) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102384, 0x18ff0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@dellink={0x40, 0x11, 0x1, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0xc0a742c700a80d57, 0x301}, [@IFLA_MAP={0x20, 0xe, {0xa7, 0x57, 0x100000001, 0x8, 0x2}}]}, 0x40}}, 0x800) 1m57.651719653s ago: executing program 6 (id=1891): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, 0x0, 0x0) shutdown(r0, 0x2) listen(r0, 0x5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) sendmmsg$inet(r1, &(0x7f0000004800)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001300)="9980", 0x2}], 0x1}}], 0x1, 0x48045) 1m57.347253997s ago: executing program 6 (id=1895): syz_open_procfs$namespace(0x0, &(0x7f0000000380)='ns/ipc\x00') r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) fchdir(r0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1043, 0x0) 1m56.169410152s ago: executing program 6 (id=1899): socket$inet(0x2, 0x4000000000000001, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) io_uring_setup(0x1c68, &(0x7f00000001c0)={0x0, 0xaebb, 0x2, 0x20000a, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xe}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) socket$inet_sctp(0x2, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='dctcp', 0x5) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12) recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r4) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) sendmsg$NFC_CMD_LLC_GET_PARAMS(r4, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000) 1m54.732101762s ago: executing program 6 (id=1902): setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x5) bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000180)=0x1, 0x4) sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)='n', 0x1, 0x24008084, &(0x7f00000001c0)={0xa, 0x2, 0xa, @loopback, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='htcp', 0x4) shutdown(0xffffffffffffffff, 0x1) 1m54.507006577s ago: executing program 6 (id=1905): prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) socket$inet6(0xa, 0x2, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x28100, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x2) io_setup(0x239f, &(0x7f0000000380)=0x0) io_submit(r3, 0x8e, &(0x7f0000000b40)=[&(0x7f0000000080)={0x200000000000000, 0x0, 0x0, 0x7, 0x8, r2, 0x0}]) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) 1m53.12731554s ago: executing program 6 (id=1910): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x20000, 0x0) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000300), 0xffffffffffffffff) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000040)="89e7ee0c7cda99b4b47380c988cafb", 0x140}, {&(0x7f0000000340)="448b7c", 0x3}, {&(0x7f0000000140)="03be00fbb46ecedbe0090a43", 0xc}], 0x3) 1m37.696653054s ago: executing program 36 (id=1910): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x20000, 0x0) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000300), 0xffffffffffffffff) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000040)="89e7ee0c7cda99b4b47380c988cafb", 0x140}, {&(0x7f0000000340)="448b7c", 0x3}, {&(0x7f0000000140)="03be00fbb46ecedbe0090a43", 0xc}], 0x3) 51.089829536s ago: executing program 1 (id=2155): r0 = fanotify_init(0x8, 0x40000) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') fanotify_mark(r0, 0x1, 0x8100011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 49.757871771s ago: executing program 1 (id=2158): r0 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 49.225119136s ago: executing program 1 (id=2161): r0 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x840) unshare(0x22020600) write$nci(r0, &(0x7f00000005c0)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x1, 0x3, 0x5, 0x9, @f_listen={0x5, 0x1, 0x2, 0x82, 0x7f, 0x3, 0x7f, {}, 0x81, 0x6, 0x0, 0x82, 0x7b, "f3fa4be0d6c6158d6b883d607f28feac99cebf2597ec914f5739e20207f9232220aa042ad270000000000000000857140b142e9d8b062c2d9abfd6192f1b8118706b981396115fdac1b0bc381c9ed4a37bc385c93c62e272a87b7bf6e15d4749763c509fbf7f9fda01534a85846a19c179a519c5a69bb8c2f52233"}}, 0x8b) 48.453772215s ago: executing program 1 (id=2163): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x64, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @random=0x7, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params, @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_AUTH_TYPE={0x8}]}, 0x64}}, 0x0) 47.435252043s ago: executing program 1 (id=2165): syz_emit_vhci(0x0, 0x0) socket(0x2b, 0x1, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) symlinkat(0x0, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2505000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r4 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2) ftruncate(r4, 0xffff) fcntl$addseals(r4, 0x409, 0x7) r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000000)={r4, 0x0, 0x0, 0x8000}) ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f00000001c0)=0x1) 46.022530032s ago: executing program 1 (id=2167): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0xfffffffffffffea3, &(0x7f00000002c0)=0x6) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) ptrace(0x4207, r2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0xcf) sendmsg$inet(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x4006041) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xf, 0x4, 0x4, 0x16, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50) r6 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[@ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20) sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) 23.839986264s ago: executing program 7 (id=2214): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x80000) socket$netlink(0x10, 0x3, 0xa) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000040)={{@local, 0xdd}, @any, 0x0, 0x0, 0x9, 0x0, 0x3, 0xffff, 0xf}) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$vfat(&(0x7f0000000400), &(0x7f00000000c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2008404, &(0x7f0000000b80)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYBLOB="999c07c03c5bc6a3d07b90faae21d196274f93a6593a9830472d5633665f2f51cfb24aaad481c74e142cd734ec6fd04935a94af71c756dbd6f5e2f39b2c4c30725d103d40d7e65129bb928ef73849dae618e438695e0a9078605ba418298145bf2fec11b0d16763288e7ecfe663aa5ff450d1e46d251160109c0378e04fe2629890c28366a6489e706ecf23195dc7f19e03fad", @ANYRESHEX, @ANYRESDEC, @ANYBLOB="c5ce1b9733c91520022860834995bd440de70a56f9b17205184d3be668bd36e2d9b2c62fb43e3a2a12e69d2eea113cf5ab1f668b2855d9a2bb426304b9bbf1debf4d593fe5"], 0x41, 0x2bd, &(0x7f00000007c0)="$eJzs3LFrE2EYx/HHpDZpSpsIIiioD7roEto4OGqQFsSAUpuiDsLVXjTkTMpdqETEZhFX/47i6Cao/0AXcXF3K4Lg0kE86d2lvbRpm7ZJk9rvB8r75p73x71NruVJILfy4N3zUsFJF4yqROIqEZG6rIqk1maBE8EY8eaDElaXq8O/v5+///DRnWwuNzGlOpmdvpZR1dGLn168en/pS3V45sPox5gspx6v/Mr8WB5cPrvyd/pZ0dGio+VKVQ2drVSqxqxl6lzRKaVV71mm4ZhaLDum3VQvWJX5+Zoa5bmRxLxtOo4a5ZqWzJpWK1q1a2o8NYplTafTOpKQYywiMtDGsvzS1JSR3bbsRju6KXTdUKuDtp2tty7mlw5hTwAAoM/s3P/7vf72/X9uxh/30v+f2b3/F6H/75J606Nd+n8cVdfDV79tZ41E8PfbjP4fAAAAAAAAAAAAAAAAAAAAAICjYNV1k67rJtfG4JD3OCYicRFxg3qPt4kuCb/+buhnl9f/Ro+2iw4LfXEvLmK9Xcgv5P3Rr2cLUhRLTBmTpPzxroeAP5+8nZsYU09KPluLQX5xIR+VWCPfkGqVv3Bq3M9rc/6kJMLnz0hSTrc+f6ZlflCuXA7l05KUr0+kIpbMedf1Rv71uOqtu7lN+SFvHQAAAAAA/4O0rtvy/t2rewvisrXu50OfD7iuu7jT5wOb3l8PyLl2blEJAAAAAAAOzKm9LBmWZdr7mMRE5ADxzk9cV6T324hKfzwbzZObItIH2zisSVxE/CO6n/jP9XhbKbeNNQMi0vOnZQ+TXv9nAgAAANBpG03/HkLf3nRxRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD/t3g+ssX5LqVHYIR46XfTQf0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgj/wLAAD//7KDHOI=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1f, 0x10, &(0x7f0000000bc0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$fuse(0x0, &(0x7f0000000ac0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100040, 0x0, 0x1, 0x0, 0x0) 22.271144877s ago: executing program 7 (id=2216): socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$kcm(0xa, 0x2, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = creat(&(0x7f0000000580)='./bus\x00', 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x40400, 0x8) fcntl$notify(r3, 0x402, 0x18) openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff) r4 = fanotify_init(0x1, 0x101000) fanotify_mark(r4, 0x105, 0x8971, r2, 0x0) creat(&(0x7f00000001c0)='./file1\x00', 0x24) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x26}, 0x4e1e, 0x3, 'sed\x00', 0x21, 0x2, 0x6e}, 0x2c) r5 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000580)={{0xc6, @broadcast, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7b}, {@private=0xa010100, 0x4e22, 0x2, 0xca, 0x80012d58, 0x12d5c}}, 0x44) socket$inet_sctp(0x2, 0x1, 0x84) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, 0x1c) sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 18.30604891s ago: executing program 7 (id=2231): openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) 17.203878548s ago: executing program 4 (id=2235): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000000c0)=0x6, 0x4) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x770, 0x0, 0xbabd}, 0x1c) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) 17.1266311s ago: executing program 5 (id=2236): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) shmget(0x1, 0x4000, 0xa20, &(0x7f0000ffb000/0x4000)=nil) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) listen(r2, 0x90004) syz_emit_vhci(&(0x7f0000000140)=ANY=[], 0x16) accept(r2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) socket(0x10, 0x803, 0x0) 15.086753346s ago: executing program 4 (id=2240): syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) syz_emit_vhci(0x0, 0x0) r0 = socket(0x2b, 0x1, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) symlinkat(0x0, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2505000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r5 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2) ftruncate(r5, 0xffff) fcntl$addseals(r5, 0x409, 0x7) r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={r5, 0x0, 0x0, 0x8000}) ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086200, &(0x7f00000001c0)=0x1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000004c0)={'wlan1\x00'}) 12.742535475s ago: executing program 5 (id=2241): socket$inet(0x2, 0x4000000000000001, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) io_uring_setup(0x1c68, &(0x7f00000001c0)={0x0, 0xaebb, 0x2, 0x20000a, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xe}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) socket$inet_sctp(0x2, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='dctcp', 0x5) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12) recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, r4) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) sendmsg$NFC_CMD_LLC_GET_PARAMS(r4, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000) 11.108421822s ago: executing program 9 (id=2243): open(&(0x7f00009e1000)='./file0\x00', 0x1ad2c0, 0x47) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = getpid() fcntl$setownex(r0, 0xf, &(0x7f0000000100)={0x2, r1}) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000001c0)) 10.626721626s ago: executing program 9 (id=2245): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800006, 0x12, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', [{0x20, '^*'}, {0x20, 'blkio.bfq.io_service_bytes_recursive\x00'}, {}, {0x20, ',\'.:'}, {0x20, 'blkio.bfq.io_service_bytes_recursive\x00'}]}, 0x155) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, &(0x7f0000000000)=0x1, 0x4) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xffe8}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x18, 0x2, [@TCA_FLOW_POLICE={0x4}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x5}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x3}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x800) 9.466997571s ago: executing program 8 (id=2246): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de979c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6ed49a1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e00008503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda940b023d190e6fba7f83060000003f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954ef19d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70346dcc43f59300676ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca00", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfd, 0x0, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x100, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902, 0x200000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x880, 0x0) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50) openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]}) 9.04285928s ago: executing program 8 (id=2247): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) ioctl$SNDCTL_SYNTH_ID(r0, 0xc08c5114, &(0x7f00000003c0)={"637bf629b5896eeb77e137c6e7f24b7891d6f012acc9fe23b2a34566bb56", 0x2, 0x1, 0x0, 0x101, 0x81, 0x5, 0x1, 0x6, [0x5, 0x4, 0x1, 0x401, 0x3, 0x2ab9, 0x4e2edc8b, 0x80000001, 0x8, 0x7, 0x3, 0x4, 0x7ef, 0xc, 0xffff0000, 0x2, 0x6, 0x7, 0x6]}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) syz_io_uring_setup(0x48, &(0x7f0000000300)={0x0, 0xf20f, 0x40, 0x2, 0x1b}, &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000000)) writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$comedi(0xffffff9c, &(0x7f0000000100)='/dev/comedi0\x00', 0x101001, 0x0) ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000140)={'dt2801\x00', [0x294, 0x8, 0x7fffffff, 0x8, 0x2f, 0x2006, 0xf1, 0x8, 0x80ffa, 0x2, 0x0, 0x7, 0x0, 0x1000004, 0x1, 0x10000, 0xffffffa8, 0x7ffffffd, 0x1ef, 0x200009ea, 0x20000010, 0x55, 0x8, 0x4008, 0x746f, 0x8, 0x6, 0x4, 0xee, 0x4, 0x7ffd]}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r3, 0x0, 0x20000011) sendmsg$kcm(r3, 0x0, 0xe07e872420dfefca) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003580)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010) r4 = socket$nl_rdma(0x10, 0x3, 0x14) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@map=r0, 0x36, 0x0, 0x1, &(0x7f00000001c0)=[0x0], 0x1, 0x0, &(0x7f0000000480)=[0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)={@fallback=r2, r0, 0x36, 0x0, 0x0, @void, @value=r0, @void, @void, r5}, 0x20) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x8040044}, 0x810) sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0) 5.907803331s ago: executing program 5 (id=2248): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf254400000008000300", @ANYRES32, @ANYBLOB="3c002380050011000100000005001d000100000005001f000100000008001400c9ffffff0600180005"], 0x58}, 0x1, 0x0, 0x0, 0x8851}, 0x4800) 5.84472938s ago: executing program 4 (id=2249): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x0, @private=0xfffffffc}}) 5.552909447s ago: executing program 9 (id=2250): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_AUTHENTICATE(r0, 0x0, 0x80) socket$inet6_sctp(0xa, 0x5, 0x84) syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8) mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x27) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x373e00, 0x0) r2 = socket(0x10, 0x803, 0x2) epoll_create1(0x80000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000180)={0x84, @remote, 0x0, 0x0, 'lblc\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x484, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x0, 0x34}, 0x28) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1a, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x1a, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1, r5, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x10042, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) syz_genetlink_get_family_id$ipvs(0x0, r2) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) 5.551607319s ago: executing program 7 (id=2251): file_setattr(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', &(0x7f00000002c0)={0x8000, 0x1, 0x9, 0x6, 0xc64}, 0x18, 0x1000) 5.391846348s ago: executing program 5 (id=2252): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f00000004c0)={r3, 0x0, 0x4, 0x0, 0x2, [0x0], [0x0, 0x0, 0x0, 0x10000], [0x0, 0x0, 0xfffffffc], [0x1]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r4, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={r4, 0x80000}) ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000240)={r3, 0xc89, 0xa, 0xfffffffa, 0x3, [0x0], [0x5, 0x5, 0xfffffffd, 0x2], [0xe, 0x7, 0xffffffff, 0x8000], [0xfffffffffffffff8, 0xa679, 0x1, 0x7f]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={r6}) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) 4.337478489s ago: executing program 4 (id=2253): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001d40)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRESDEC=r1], 0x40}}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r2 = io_uring_setup(0xc, &(0x7f0000000040)={0x0, 0x62bf, 0xdb00, 0x8, 0x29}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50) io_uring_enter(r2, 0x2219, 0x7721, 0x1f, 0x0, 0x0) 3.943141979s ago: executing program 8 (id=2254): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002"], 0x0, 0x3e}, 0x28) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x2, r1, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000280)={0x48, 0x15, r2}) 3.738319215s ago: executing program 8 (id=2255): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x121110, 0x4) r1 = socket$can_bcm(0x1d, 0x2, 0x2) sendmsg$can_bcm(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x10) sendmsg$can_bcm(r1, 0x0, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) migrate_pages(0x0, 0x9, 0x0, &(0x7f0000000380)=0x102) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x5c, r5, 0x405, 0x70bd27, 0x25dfdbff, {}, [{{0x8, 0x1, r6}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000401}, 0x4c004) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000000)) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0xa1ff, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r2, 0x1, 0x0, 0x25dfdbff, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0) 3.502293595s ago: executing program 9 (id=2256): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socket$alg(0x26, 0x5, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x40800) openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x101000, 0x0) ioctl$COMEDI_CMD(r1, 0x80506409, &(0x7f0000000180)={0x1, 0x80, 0x80, 0xd, 0x10, 0x3e8, 0x2, 0x0, 0x20, 0x1, 0x20, 0xffffffff, &(0x7f0000000600)=[0x7], 0x1, 0x0}) close_range(r0, 0xffffffffffffffff, 0x0) 3.331482355s ago: executing program 7 (id=2257): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_LEAVE_IBSS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048000}, 0x4001000) 3.160134577s ago: executing program 9 (id=2258): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de979c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6ed49a1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e00008503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda940b023d190e6fba7f83060000003f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954ef19d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70346dcc43f59300676ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca00", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfd, 0x0, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x100, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902, 0x200000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x880, 0x0) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50) openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]}) 2.998958453s ago: executing program 5 (id=2259): socket$inet(0x2, 0x4000000000000001, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) io_uring_setup(0x1c68, &(0x7f00000001c0)={0x0, 0xaebb, 0x2, 0x20000a, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xe}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) socket$inet_sctp(0x2, 0x1, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='dctcp', 0x5) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12) recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, r4) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) sendmsg$NFC_CMD_LLC_GET_PARAMS(r4, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000) 1.438447732s ago: executing program 8 (id=2260): syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) syz_emit_vhci(0x0, 0x0) r0 = socket(0x2b, 0x1, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) symlinkat(0x0, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2505000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r5 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2) ftruncate(r5, 0xffff) fcntl$addseals(r5, 0x409, 0x7) r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={r5, 0x0, 0x0, 0x8000}) ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086200, &(0x7f00000001c0)=0x1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000004c0)={'wlan1\x00'}) 1.349732154s ago: executing program 4 (id=2261): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800006, 0x12, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa', [{0x20, '^*'}, {0x20, 'blkio.bfq.io_service_bytes_recursive\x00'}, {}, {0x20, ',\'.:'}, {0x20, 'blkio.bfq.io_service_bytes_recursive\x00'}]}, 0x155) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, &(0x7f0000000000)=0x1, 0x4) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=@newtfilter={0x48, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xffe8}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x18, 0x2, [@TCA_FLOW_POLICE={0x4}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x5}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x3}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x800) 1.321794132s ago: executing program 9 (id=2262): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x8824}, 0x840) write$nci(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="610579"], 0x7f) 706.954594ms ago: executing program 7 (id=2263): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg$NL80211_CMD_JOIN_MESH(r0, 0x0, 0x4800) 320.500565ms ago: executing program 8 (id=2264): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x840) unshare(0x22020600) write$nci(r0, &(0x7f00000005c0)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x1, 0x3, 0x5, 0x9, @f_listen={0x5, 0x1, 0x2, 0x82, 0x7f, 0x3, 0x7f, {}, 0x81, 0x6, 0x0, 0x82, 0x7b, "f3fa4be0d6c6158d6b883d607f28feac99cebf2597ec914f5739e20207f9232220aa042ad270000000000000000857140b142e9d8b062c2d9abfd6192f1b8118706b981396115fdac1b0bc381c9ed4a37bc385c93c62e272a87b7bf6e15d4749763c509fbf7f9fda01534a85846a19c179a519c5a69bb8c2f52233"}}, 0x8b) 216.168799ms ago: executing program 5 (id=2265): r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000bc0), r0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x30, r2, 0x1, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_VLAN={0x8}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000000) 0s ago: executing program 4 (id=2266): syz_open_dev$sndpcmc(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$vim2m(0x0, 0x10000000000088a, 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) clock_adjtime(0x0, &(0x7f00000003c0)={0x7, 0x9, 0x37fffd, 0x6794, 0x7fffffff, 0xffffffffffbffff7, 0x9, 0x0, 0x1, 0x6, 0x20000007, 0x4, 0xfffffffffffff04f, 0x3, 0x200000080000000, 0xfffffffffffffff8, 0xfffffffffffffffe, 0x200000005, 0x1, 0x100, 0x6, 0x2, 0x5, 0x3, 0x34, 0x8}) clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0x20000000e, 0x89, 0x0, 0xf, 0x8000000000000000, 0xe, 0x2, 0x9, 0x4, 0x5, 0x8000000040000000, 0xc, 0x4, 0x7, 0x9, 0x8, 0x3, 0x8, 0x80000000, 0xffffffffffbffffe, 0x5, 0x7, 0x7, 0x3, 0x6}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x6bb, &(0x7f0000000040)={0x0, 0xbb84, 0x1c080, 0xa, 0x20082f5}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa00fea0"], 0x0, 0x7fff, 0x0, 0x0, 0x1e00, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) kernel console output (not intermixed with test programs): 41][ T5632] ldusb 10-1:0.0: Interrupt in endpoint not found [ 688.623163][ T5900] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 688.685978][ T5900] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 688.734423][ T5900] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 688.783342][ T5900] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 688.881918][ T5632] usb 10-1: USB disconnect, device number 4 [ 688.928222][T10388] veth0_macvtap: entered promiscuous mode [ 689.008039][T10388] veth1_macvtap: entered promiscuous mode [ 689.302830][T10824] netlink: 56 bytes leftover after parsing attributes in process `syz.8.908'. [ 689.312023][T10824] netlink: 12 bytes leftover after parsing attributes in process `syz.8.908'. [ 689.321069][T10824] netlink: 31 bytes leftover after parsing attributes in process `syz.8.908'. [ 689.331467][T10824] netlink: 31 bytes leftover after parsing attributes in process `syz.8.908'. [ 690.229760][T10388] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 690.277269][T10388] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 690.525587][ T1124] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 690.554640][ T1124] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 690.619965][ T1124] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.077705][ T1124] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 692.794118][ T1124] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 692.949948][ T1124] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 693.099415][ T7033] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 693.316509][ T7033] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 693.459861][T10865] 9p: Bad value for 'rfdno' [ 694.364274][ T47] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 694.391147][ T47] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 695.083420][T10877] netlink: 56 bytes leftover after parsing attributes in process `syz.8.923'. [ 695.092729][T10877] netlink: 12 bytes leftover after parsing attributes in process `syz.8.923'. [ 695.101866][T10877] netlink: 31 bytes leftover after parsing attributes in process `syz.8.923'. [ 695.110995][T10877] netlink: 31 bytes leftover after parsing attributes in process `syz.8.923'. [ 696.945544][ T5632] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 697.039985][ T10] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 699.342547][ T10] usb 9-1: Using ep0 maxpacket: 32 [ 700.148844][ T5632] usb 6-1: device descriptor read/all, error -71 [ 700.244909][ T10] usb 9-1: device descriptor read/all, error -71 [ 700.673695][ T989] IPVS: starting estimator thread 0... [ 700.819993][T10913] IPVS: using max 23 ests per chain, 55200 per kthread [ 701.867238][T10929] 9p: Bad value for 'rfdno' [ 704.142731][T10947] netlink: 56 bytes leftover after parsing attributes in process `syz.8.938'. [ 704.151817][T10947] netlink: 12 bytes leftover after parsing attributes in process `syz.8.938'. [ 704.160841][T10947] netlink: 31 bytes leftover after parsing attributes in process `syz.8.938'. [ 704.171208][T10947] netlink: 31 bytes leftover after parsing attributes in process `syz.8.938'. [ 705.253628][ T5889] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 705.554689][ T5357] IPVS: starting estimator thread 0... [ 705.782419][T10957] IPVS: using max 23 ests per chain, 55200 per kthread [ 706.394899][ T5906] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.215562][T10969] syzkaller0: entered promiscuous mode [ 707.266567][T10969] syzkaller0: entered allmulticast mode [ 707.601534][ T24] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 707.624680][ T5644] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 707.841142][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 707.846515][ T5644] usb 10-1: Using ep0 maxpacket: 32 [ 707.871027][ T24] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 707.880511][ T5644] usb 10-1: config index 0 descriptor too short (expected 156, got 27) [ 707.910380][ T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 707.927658][ T5644] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 707.970746][ T24] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 707.992004][ T5644] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 708.025232][ T24] usb 6-1: config 0 interface 0 altsetting 191 has 0 endpoint descriptors, different from the interface descriptor's value: 144 [ 708.039303][ T5644] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 708.077921][ T5644] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 708.102317][ T24] usb 6-1: config 0 interface 0 has no altsetting 0 [ 708.130451][ T24] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 708.150057][ T5644] usb 10-1: config 0 interface 0 has no altsetting 0 [ 708.167153][ T24] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 708.186420][ T5644] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 708.199378][ T24] usb 6-1: Product: syz [ 708.206924][ T5644] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 708.219139][ T24] usb 6-1: Manufacturer: syz [ 708.236456][ T5644] usb 10-1: Product: syz [ 708.243542][ T24] usb 6-1: SerialNumber: syz [ 708.256149][ T5644] usb 10-1: Manufacturer: syz [ 708.285290][ T24] usb 6-1: config 0 descriptor?? [ 708.293045][ T5644] usb 10-1: SerialNumber: syz [ 708.313630][ T24] ldusb 6-1:0.0: Interrupt in endpoint not found [ 708.326710][ T5644] usb 10-1: config 0 descriptor?? [ 708.385656][ T5644] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 708.445963][ T5644] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 708.446430][T10996] fuse: Bad value for 'fd' [ 708.584738][ T9] usb 6-1: USB disconnect, device number 19 [ 708.597012][T10993] loop6: detected capacity change from 0 to 2048 [ 708.659446][ T5644] usb 10-1: USB disconnect, device number 5 [ 708.716339][ T5644] ldusb 10-1:0.0: LD USB Device #0 now disconnected [ 709.500313][T11007] netlink: 56 bytes leftover after parsing attributes in process `syz.1.954'. [ 709.509508][T11007] netlink: 12 bytes leftover after parsing attributes in process `syz.1.954'. [ 709.519553][T11007] netlink: 31 bytes leftover after parsing attributes in process `syz.1.954'. [ 709.529105][T11007] netlink: 31 bytes leftover after parsing attributes in process `syz.1.954'. [ 710.194349][T11010] loop8: detected capacity change from 0 to 512 [ 710.292376][T11010] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 711.457672][ T1124] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 712.433965][T11010] EXT4-fs (loop8): 1 orphan inode deleted [ 712.440333][T11010] EXT4-fs (loop8): 1 truncate cleaned up [ 712.517091][T11010] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 713.026334][T10084] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 713.451156][ T10] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 714.536395][ T10] usb 10-1: config 0 has an invalid interface number: 64 but max is 0 [ 714.566467][ T10] usb 10-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 714.630754][T11057] netlink: 56 bytes leftover after parsing attributes in process `syz.1.968'. [ 714.640169][T11057] netlink: 12 bytes leftover after parsing attributes in process `syz.1.968'. [ 714.649183][T11057] netlink: 31 bytes leftover after parsing attributes in process `syz.1.968'. [ 714.658294][T11057] netlink: 31 bytes leftover after parsing attributes in process `syz.1.968'. [ 715.316088][ T10] usb 10-1: config 0 has no interface number 0 [ 715.326585][ T10] usb 10-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 715.346412][ T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.354708][ T10] usb 10-1: Product: syz [ 715.368712][ T10] usb 10-1: Manufacturer: syz [ 715.376805][ T10] usb 10-1: SerialNumber: syz [ 715.417163][ T10] usb 10-1: config 0 descriptor?? [ 715.750019][ T9609] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 715.912624][ T9609] usb 7-1: Using ep0 maxpacket: 32 [ 715.931429][ T10] uvcvideo 10-1:0.64: Found UVC 0.00 device syz (046d:0823) [ 715.949744][ T9609] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 715.960821][ T10] uvcvideo 10-1:0.64: No valid video chain found. [ 715.968083][ T9609] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 715.981848][ T10] usb 10-1: USB disconnect, device number 6 [ 715.996369][ T9609] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 716.008303][ T9] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 717.183513][ T9609] usb 7-1: config 0 interface 0 altsetting 191 has 0 endpoint descriptors, different from the interface descriptor's value: 144 [ 717.198991][ T9609] usb 7-1: config 0 interface 0 has no altsetting 0 [ 717.334695][ T9609] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 717.344273][ T9609] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 717.353134][ T9609] usb 7-1: Product: syz [ 717.359761][ T9609] usb 7-1: Manufacturer: syz [ 717.372916][ T9609] usb 7-1: SerialNumber: syz [ 717.420185][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 717.435524][ T9609] usb 7-1: config 0 descriptor?? [ 717.448549][ T9] usb 9-1: config index 0 descriptor too short (expected 156, got 27) [ 717.478097][ T9609] ldusb 7-1:0.0: Interrupt in endpoint not found [ 717.485991][ T9] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 717.531524][ T9] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 717.571870][ T9] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0 [ 717.600449][ T9] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 717.642656][ T9] usb 9-1: config 0 interface 0 has no altsetting 0 [ 717.661192][ T9] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 717.670464][ T9] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 717.682287][ T9] usb 9-1: Product: syz [ 717.705280][ T9] usb 9-1: Manufacturer: syz [ 717.719595][ T9609] usb 7-1: USB disconnect, device number 2 [ 717.733735][ T9] usb 9-1: SerialNumber: syz [ 717.774854][ T9] usb 9-1: config 0 descriptor?? [ 717.973245][ T9] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 718.215274][ T9] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 718.238593][ T9] usb 9-1: USB disconnect, device number 4 [ 718.578869][ T9] ldusb 9-1:0.0: LD USB Device #0 now disconnected [ 720.834787][T11103] netlink: 56 bytes leftover after parsing attributes in process `syz.8.983'. [ 720.843796][T11103] netlink: 12 bytes leftover after parsing attributes in process `syz.8.983'. [ 720.852772][T11103] netlink: 31 bytes leftover after parsing attributes in process `syz.8.983'. [ 720.863231][T11103] netlink: 31 bytes leftover after parsing attributes in process `syz.8.983'. [ 721.311039][T11113] loop9: detected capacity change from 0 to 256 [ 721.575507][T11116] netlink: 56 bytes leftover after parsing attributes in process `syz.5.984'. [ 721.586034][T11116] netlink: 12 bytes leftover after parsing attributes in process `syz.5.984'. [ 721.596041][T11116] netlink: 31 bytes leftover after parsing attributes in process `syz.5.984'. [ 721.605047][T11116] netlink: 31 bytes leftover after parsing attributes in process `syz.5.984'. [ 723.109958][ T5644] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 724.907407][T11136] netlink: 4 bytes leftover after parsing attributes in process `syz.6.992'. [ 725.012221][ T5644] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 725.026596][ T5644] usb 6-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 725.048858][ T5644] usb 6-1: config 0 has no interface number 0 [ 725.068427][ T5644] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 725.088873][ T5644] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 725.118272][ T5644] usb 6-1: Product: syz [ 725.130038][ T5644] usb 6-1: Manufacturer: syz [ 725.391884][ T5644] usb 6-1: SerialNumber: syz [ 725.409676][ T5644] usb 6-1: config 0 descriptor?? [ 726.627362][ T5644] uvcvideo 6-1:0.64: Found UVC 0.00 device syz (046d:0823) [ 726.673282][ T5644] uvcvideo 6-1:0.64: No valid video chain found. [ 726.740539][ T5644] usb 6-1: USB disconnect, device number 20 [ 727.206536][T11160] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1000'. [ 727.217091][T11160] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1000'. [ 727.227435][T11160] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1000'. [ 727.236625][T11160] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1000'. [ 730.196338][T11180] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1005'. [ 730.205859][T11180] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1005'. [ 730.215079][T11180] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1005'. [ 730.224360][T11180] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1005'. [ 730.953010][T11183] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1006'. [ 731.078458][T11183] bridge0: port 2(bridge_slave_1) entered disabled state [ 731.091840][T11183] bridge0: port 1(bridge_slave_0) entered disabled state [ 731.174242][T11186] loop9: detected capacity change from 0 to 512 [ 731.219391][T11186] EXT4-fs (loop9): Test dummy encryption mode enabled [ 731.288512][T11186] EXT4-fs error (device loop9): ext4_iget_extra_inode:5127: inode #15: comm syz.9.1008: corrupted in-inode xattr: invalid ea_ino [ 731.391240][T11186] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 731.399825][ C0] EXT4-fs (loop9): error count since last fsck: 1 [ 731.418063][ C0] EXT4-fs (loop9): initial error at time 1779212737: ext4_iget_extra_inode:5127: inode 15 [ 731.428082][ C0] EXT4-fs (loop9): last error at time 1779212737: ext4_iget_extra_inode:5127: inode 15 [ 731.439422][T11186] EXT4-fs error (device loop9): ext4_orphan_get:1400: comm syz.9.1008: couldn't read orphan inode 15 (err -117) [ 731.472558][T11186] loop9: lost filesystem error report for type 5 error -117 [ 731.665096][T11186] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 731.853377][T11186] EXT4-fs error (device loop9): ext4_do_update_inode:5690: inode #13: comm syz.9.1008: corrupted inode contents [ 732.026306][T11198] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 732.129607][T11186] EXT4-fs error (device loop9): ext4_dirty_inode:6587: inode #13: comm syz.9.1008: mark_inode_dirty error [ 732.203501][T11186] EXT4-fs error (device loop9): ext4_free_branches:1020: inode #13: comm syz.9.1008: invalid indirect mapped block 234881024 (level 0) [ 732.252489][T11186] EXT4-fs error (device loop9): ext4_do_update_inode:5690: inode #13: comm syz.9.1008: corrupted inode contents [ 732.780670][T11208] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1014'. [ 732.789926][T11208] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1014'. [ 732.798982][T11208] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1014'. [ 732.808178][T11208] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1014'. [ 733.565840][T11186] EXT4-fs error (device loop9): ext4_truncate:4690: inode #13: comm syz.9.1008: mark_inode_dirty error [ 733.696077][T11186] EXT4-fs error (device loop9) in ext4_setattr:6120: Corrupt filesystem [ 733.816346][T11214] xt_bpf: check failed: parse error [ 733.963763][T10202] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 734.401594][T11223] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1020'. [ 734.410941][T11223] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1020'. [ 734.420248][T11223] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1020'. [ 734.429289][T11223] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1020'. [ 735.857041][T11235] loop6: detected capacity change from 0 to 4096 [ 736.235291][T11242] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 736.687981][T11252] loop7: detected capacity change from 0 to 16 [ 736.804850][T11252] erofs (device loop7): mounted with root inode @ nid 36. [ 737.520691][T11261] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1028'. [ 737.530070][T11261] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1028'. [ 740.681784][T11287] __nla_validate_parse: 2 callbacks suppressed [ 740.681836][T11287] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1035'. [ 740.697174][T11287] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1035'. [ 740.706330][T11287] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1035'. [ 740.715440][T11287] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1035'. [ 741.840698][T11301] loop5: detected capacity change from 0 to 764 [ 741.879248][T11301] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 742.782035][T11314] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1042'. [ 742.791214][T11314] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1042'. [ 742.800357][T11314] netlink: 31 bytes leftover after parsing attributes in process `syz.7.1042'. [ 742.809411][T11314] netlink: 31 bytes leftover after parsing attributes in process `syz.7.1042'. [ 743.855759][ T7033] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 744.892808][T11319] x_tables: ip6_tables: TCPMSS.0 target: invalid size 8 (kernel) != (user) 0 [ 745.808242][T11337] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1051'. [ 745.817684][T11337] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1051'. [ 745.826948][T11337] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1051'. [ 745.836303][T11337] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1051'. [ 746.632717][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 746.645365][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.048435][T11345] loop7: detected capacity change from 0 to 32768 [ 747.078281][T11345] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1054 (11345) [ 747.463772][T11345] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 747.474003][T11345] BTRFS info (device loop7): using sha256 checksum algorithm [ 747.771944][T11364] usb usb8: usbfs: process 11364 (syz.6.1059) did not claim interface 0 before use [ 748.066052][T11345] BTRFS info (device loop7): setting nodatasum [ 748.072332][T11345] BTRFS info (device loop7): enabling ssd optimizations [ 748.079287][T11345] BTRFS info (device loop7): turning on async discard [ 748.086143][T11345] BTRFS info (device loop7): enabling free space tree [ 748.760714][ T9203] Bluetooth: hci0: command 0x0406 tx timeout [ 748.873891][T11373] geneve2: entered promiscuous mode [ 749.565404][T11379] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1060'. [ 749.574695][T11379] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1060'. [ 749.583932][T11379] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1060'. [ 749.593368][T11379] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1060'. [ 752.184253][T11402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1067'. [ 752.355392][T11402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1067'. [ 753.096802][T10319] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 756.537125][T11411] Set syz1 is full, maxelem 65536 reached [ 756.857972][T11416] loop5: detected capacity change from 0 to 128 [ 756.984889][T11416] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 757.021023][T11416] ext4 filesystem being mounted at /284/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 757.372792][T11427] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1077'. [ 757.382042][T11427] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1077'. [ 757.391217][T11427] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1077'. [ 757.400302][T11427] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1077'. [ 758.485807][T11434] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1068'. [ 758.495166][T11434] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1068'. [ 758.504454][T11434] netlink: 31 bytes leftover after parsing attributes in process `syz.7.1068'. [ 758.513700][T11434] netlink: 31 bytes leftover after parsing attributes in process `syz.7.1068'. [ 758.944775][ T5650] Bluetooth: hci5: command 0x0406 tx timeout [ 759.252118][T11435] loop6: detected capacity change from 0 to 128 [ 759.482537][ T5627] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 759.702980][T11435] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 760.479447][T11435] ext4 filesystem being mounted at /30/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 760.545140][T11453] loop5: detected capacity change from 0 to 1024 [ 762.659418][ T5762] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 762.875384][T10388] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 762.890178][ T5762] usb 10-1: Using ep0 maxpacket: 8 [ 762.915943][ T5762] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 762.987038][ T5762] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 763.056421][ T5762] usb 10-1: New USB device found, idVendor=05ac, idProduct=029f, bcdDevice= 0.00 [ 763.093888][ T5762] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 763.162699][ T5762] usb 10-1: config 0 descriptor?? [ 763.934294][T11479] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1090'. [ 763.943519][T11479] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1090'. [ 763.952702][T11479] netlink: 31 bytes leftover after parsing attributes in process `syz.7.1090'. [ 763.961800][T11479] netlink: 31 bytes leftover after parsing attributes in process `syz.7.1090'. [ 766.284090][ T5762] usbhid 10-1:0.0: can't add hid device: -71 [ 766.336904][ T5762] usbhid 10-1:0.0: probe with driver usbhid failed with error -71 [ 766.407304][ T5762] usb 10-1: USB disconnect, device number 7 [ 766.728792][T11491] xt_hashlimit: size too large, truncated to 1048576 [ 767.020175][T11498] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1093'. [ 767.029385][T11498] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1093'. [ 767.038899][T11498] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1093'. [ 767.049318][T11498] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1093'. [ 769.332206][ T5650] Bluetooth: hci1: command 0x0406 tx timeout [ 771.500438][T11529] syzkaller0: entered promiscuous mode [ 771.520209][T11529] syzkaller0: entered allmulticast mode [ 774.210495][T11557] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1113'. [ 774.221698][T11557] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1113'. [ 774.233181][T11557] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1113'. [ 774.242339][T11557] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1113'. [ 780.358819][ T5650] Bluetooth: hci4: command 0x0406 tx timeout [ 781.298086][T11600] binder: 11599:11600 ioctl c0306201 0 returned -14 [ 784.540009][ T5762] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 785.875226][T11618] usb usb8: usbfs: process 11618 (syz.6.1136) did not claim interface 0 before use [ 785.890551][ T5762] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 785.966983][ T5762] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 786.531927][T11606] Set syz1 is full, maxelem 65536 reached [ 786.814628][ T5762] usb 6-1: config 0 has no interface number 0 [ 787.157688][T11627] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1137'. [ 787.167148][T11627] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1137'. [ 787.176468][T11627] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1137'. [ 787.186049][T11627] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1137'. [ 787.853994][ T5762] usb 6-1: string descriptor 0 read error: -71 [ 787.888750][ T5762] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 787.926184][ T5762] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 787.984538][ T5762] usb 6-1: config 0 descriptor?? [ 788.003884][ T5762] usb 6-1: can't set config #0, error -71 [ 788.048656][ T5762] usb 6-1: USB disconnect, device number 21 [ 788.087289][T11638] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1142'. [ 788.430270][T11641] loop5: detected capacity change from 0 to 256 [ 788.445891][T11641] exfat: Deprecated parameter 'utf8' [ 789.115645][T11641] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 789.661786][T11646] bridge_slave_0: default FDB implementation only supports local addresses [ 791.606636][T11672] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1154'. [ 791.615898][T11672] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1154'. [ 791.626149][T11672] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1154'. [ 791.636201][T11672] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1154'. [ 792.330893][ T5858] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 792.650156][T11676] usb usb8: usbfs: process 11676 (syz.6.1156) did not claim interface 0 before use [ 792.704557][ T5858] usb 10-1: Using ep0 maxpacket: 32 [ 793.765990][ T5858] usb 10-1: config index 0 descriptor too short (expected 156, got 27) [ 793.779003][ T5858] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 793.796201][ T5858] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 793.811854][ T5858] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 793.825933][ T5858] usb 10-1: config 0 interface 0 has no altsetting 0 [ 793.836893][ T5858] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 793.846162][ T5858] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 793.854873][ T5858] usb 10-1: Product: syz [ 793.859175][ T5858] usb 10-1: Manufacturer: syz [ 793.864402][ T5858] usb 10-1: SerialNumber: syz [ 793.875168][ T5858] usb 10-1: config 0 descriptor?? [ 793.884657][ T5858] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 794.372364][ T5858] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 797.133868][ T5762] usb 10-1: USB disconnect, device number 8 [ 797.230174][T11690] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1159'. [ 797.267758][ T5762] ldusb 10-1:0.0: LD USB Device #0 now disconnected [ 797.808778][T11684] Set syz1 is full, maxelem 65536 reached [ 798.401755][T11701] loop6: detected capacity change from 0 to 256 [ 798.416748][T11701] exfat: Deprecated parameter 'utf8' [ 798.463679][ T5762] IPVS: starting estimator thread 0... [ 798.862716][T11702] IPVS: using max 21 ests per chain, 50400 per kthread [ 798.969319][T11701] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 799.301153][ T5858] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 799.498751][ T5858] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 799.710363][ T5858] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 799.779445][T11718] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1167'. [ 799.788772][T11718] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1167'. [ 799.798180][T11718] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1167'. [ 799.807372][T11718] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1167'. [ 800.473482][ T5858] usb 6-1: config 0 has no interface number 0 [ 800.538836][ T5858] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 800.594352][ T5858] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 800.635976][ T5858] usb 6-1: Product: syz [ 800.654625][ T5858] usb 6-1: Manufacturer: syz [ 800.672232][ T5858] usb 6-1: SerialNumber: syz [ 800.704987][ T5858] usb 6-1: config 0 descriptor?? [ 800.744819][ T5858] uvcvideo 6-1:0.64: Found UVC 0.00 device syz (046d:0823) [ 800.772859][ T5858] uvcvideo 6-1:0.64: No valid video chain found. [ 802.055431][T11735] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1174'. [ 802.316059][ T10] usb 6-1: USB disconnect, device number 22 [ 807.107808][T11764] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1181'. [ 807.108156][T11763] loop6: detected capacity change from 0 to 256 [ 807.116875][T11764] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1181'. [ 807.116930][T11764] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1181'. [ 807.116956][T11764] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1181'. [ 807.124202][T11763] exfat: Deprecated parameter 'utf8' [ 807.227252][T11763] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 808.079186][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.095064][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 810.142866][T11780] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1187'. [ 811.198593][T11786] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1189'. [ 813.336897][T11820] loop9: detected capacity change from 0 to 256 [ 813.344773][T11820] exfat: Deprecated parameter 'utf8' [ 813.878742][T11820] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 815.712637][ T1124] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 816.807309][T11842] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1203'. [ 818.331646][T11852] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1204'. [ 822.489202][T11906] binder: 11905:11906 ioctl 4018620d 0 returned -22 [ 828.748546][T11961] binder: 11960:11961 ioctl 4018620d 0 returned -22 [ 829.209973][ T5762] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 829.354254][ T5858] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 829.540232][ T5858] usb 6-1: Using ep0 maxpacket: 32 [ 829.940951][ T5858] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 830.120736][ T5858] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 830.185597][ T5858] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 830.259254][ T5858] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 830.271043][ T5762] usb 7-1: Using ep0 maxpacket: 32 [ 830.286070][ T5762] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 830.304603][ T5762] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 830.356859][ T5858] usb 6-1: config 0 interface 0 has no altsetting 0 [ 830.357724][ T5762] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 830.388721][ T5762] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 830.400356][ T5858] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 830.427230][ T5762] usb 7-1: config 0 interface 0 has no altsetting 0 [ 830.443550][ T5762] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 830.456869][ T5858] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 830.462958][ T5762] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 830.489957][ T5762] usb 7-1: Product: syz [ 830.500106][ T5762] usb 7-1: Manufacturer: syz [ 830.510168][ T5762] usb 7-1: SerialNumber: syz [ 830.524734][ T5762] usb 7-1: config 0 descriptor?? [ 830.545544][ T5762] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 830.577500][ T5762] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 830.659942][ T10] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 830.723512][ T5858] usb 6-1: Product: syz [ 830.739851][ T5858] usb 6-1: Manufacturer: syz [ 830.749881][ T5858] usb 6-1: SerialNumber: syz [ 830.765051][ T5858] usb 6-1: config 0 descriptor?? [ 830.795797][ C0] ldusb 7-1:0.0: usb_submit_urb failed (-19) [ 830.804657][ T5776] usb 7-1: USB disconnect, device number 3 [ 830.823918][ T5858] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 830.832807][ T10] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 830.882109][ T10] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 830.937489][ T10] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 830.952551][ T5858] ldusb 6-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 830.953311][ T5776] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 830.979953][ T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 830.989645][ T10] usb 10-1: Product: syz [ 831.005549][ T10] usb 10-1: Manufacturer: syz [ 831.024209][ T10] usb 10-1: SerialNumber: syz [ 831.068129][ T5858] usb 6-1: USB disconnect, device number 23 [ 831.133248][ T5858] ldusb 6-1:0.0: LD USB Device #1 now disconnected [ 831.283133][T11987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 831.322318][T11987] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 831.365821][ T10] cdc_ether 10-1:1.0: probe with driver cdc_ether failed with error -22 [ 831.405448][ T10] usb 10-1: USB disconnect, device number 9 [ 832.069910][ T10] usb 10-1: new full-speed USB device number 10 using dummy_hcd [ 832.707733][ T10] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 832.742599][ T10] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 832.790143][ T10] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 832.838975][ T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 832.874617][ T10] usb 10-1: Product: syz [ 832.915857][ T10] usb 10-1: Manufacturer: syz [ 832.954732][ T10] usb 10-1: SerialNumber: syz [ 833.200668][T12015] binder: 12013:12015 ioctl 4018620d 0 returned -22 [ 833.242004][ T10] cdc_ether 10-1:1.0: probe with driver cdc_ether failed with error -22 [ 833.293104][ T10] usb 10-1: USB disconnect, device number 10 [ 834.415455][T12024] loop6: detected capacity change from 0 to 512 [ 834.532754][T12024] EXT4-fs error (device loop6): ext4_validate_block_bitmap:440: comm syz.6.1258: bg 0: block 393: padding at end of block bitmap is not set [ 834.555935][T12024] loop6: lost filesystem error report for type 5 error -117 [ 834.561693][ C0] EXT4-fs (loop6): error count since last fsck: 1 [ 834.575549][ C0] EXT4-fs (loop6): initial error at time 1779212840: ext4_validate_block_bitmap:440 [ 834.585015][ C0] EXT4-fs (loop6): last error at time 1779212840: ext4_validate_block_bitmap:440 [ 834.630589][T12024] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 834.642947][T12024] loop6: lost filesystem error report for type 5 error -117 [ 834.898708][T12024] EXT4-fs (loop6): 2 truncates cleaned up [ 835.316357][T12024] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 836.360157][T10388] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 838.138674][T12063] binder: BINDER_SET_CONTEXT_MGR already set [ 838.149448][T12063] binder: 12062:12063 ioctl 4018620d 200000004a80 returned -16 [ 838.239952][ T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 838.390173][ T24] usb 7-1: Using ep0 maxpacket: 32 [ 838.397672][ T24] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 838.406642][ T24] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 838.461924][ T24] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 838.524363][ T24] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 838.566116][ T24] usb 7-1: config 0 interface 0 has no altsetting 0 [ 838.595138][ T24] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 838.607949][ T24] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 838.629081][ T24] usb 7-1: Product: syz [ 838.638150][ T24] usb 7-1: Manufacturer: syz [ 838.645148][T12071] loop5: detected capacity change from 0 to 128 [ 838.652730][ T24] usb 7-1: SerialNumber: syz [ 838.669368][T12071] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 838.686606][T12071] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 838.701604][ T24] usb 7-1: config 0 descriptor?? [ 838.733020][ T24] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 839.032156][ T24] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 839.055315][ T24] usb 7-1: USB disconnect, device number 4 [ 840.209876][T12080] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1275'. [ 840.389736][ T24] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 840.562655][ T5900] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 843.199897][ T10] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 844.249885][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 844.361260][ T10] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 844.396574][ T10] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 844.470587][ T10] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 844.537631][ T10] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 844.622399][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 846.085022][T12134] netlink: 56 bytes leftover after parsing attributes in process `syz.8.1287'. [ 846.094379][T12134] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1287'. [ 846.105318][T12134] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1287'. [ 846.114619][T12134] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1287'. [ 846.627149][ T10] usb 7-1: string descriptor 0 read error: -71 [ 846.638541][ T10] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 846.670142][ T10] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 846.701622][ T10] usb 7-1: config 0 descriptor?? [ 846.779207][ T10] usb 7-1: can't set config #0, error -71 [ 846.832597][ T10] usb 7-1: USB disconnect, device number 5 [ 847.096184][T12145] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1293'. [ 847.496043][ T24] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 848.326312][T12158] binder: BINDER_SET_CONTEXT_MGR already set [ 848.349452][T12158] binder: 12157:12158 ioctl 4018620d 200000004a80 returned -16 [ 848.712432][ T24] usb 10-1: device not accepting address 11, error -71 [ 852.029879][T12188] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1305'. [ 852.040005][T12188] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1305'. [ 852.049980][T12188] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1305'. [ 852.058997][T12188] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1305'. [ 853.240062][ T9609] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 853.429939][ T9609] usb 10-1: Using ep0 maxpacket: 32 [ 853.472608][ T9609] usb 10-1: config index 0 descriptor too short (expected 156, got 27) [ 853.507787][ T9609] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 853.543334][ T9609] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 853.584075][ T9609] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 853.623661][ T9609] usb 10-1: config 0 interface 0 has no altsetting 0 [ 853.641911][ T9609] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 853.659736][ T9609] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 853.693425][ T9609] usb 10-1: Product: syz [ 853.703193][ T9609] usb 10-1: Manufacturer: syz [ 853.717891][ T9609] usb 10-1: SerialNumber: syz [ 853.739568][ T9609] usb 10-1: config 0 descriptor?? [ 853.760277][ T9609] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 853.789688][ T9609] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 854.110295][T12190] ldusb 10-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 854.118219][ T5762] usb 10-1: USB disconnect, device number 13 [ 854.124501][ C0] ldusb 10-1:0.0: usb_submit_urb failed (-19) [ 854.183765][T12214] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1307'. [ 854.200926][ T5762] ldusb 10-1:0.0: LD USB Device #0 now disconnected [ 856.385630][T12241] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1318'. [ 856.394964][T12241] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1318'. [ 856.404410][T12241] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1318'. [ 856.413547][T12241] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1318'. [ 864.199556][T12307] binder: 12304:12307 ioctl c0306201 0 returned -14 [ 866.517206][T12334] loop7: detected capacity change from 0 to 128 [ 866.549035][T12334] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 866.596137][T12334] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 867.659237][ T1002] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 868.051345][ T9609] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 868.220798][ T9609] usb 6-1: Using ep0 maxpacket: 32 [ 868.257066][ T9609] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 868.284449][ T9609] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 868.323845][ T9609] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 868.366011][ T9609] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 868.406133][ T9609] usb 6-1: config 0 interface 0 has no altsetting 0 [ 868.435182][ T9609] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 868.469444][ T9609] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 868.501062][ T9609] usb 6-1: Product: syz [ 868.514399][ T9609] usb 6-1: Manufacturer: syz [ 868.530939][ T9609] usb 6-1: SerialNumber: syz [ 868.567396][ T9609] usb 6-1: config 0 descriptor?? [ 868.605135][ T9609] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 868.655822][ T9609] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 868.963706][ T9609] usb 6-1: USB disconnect, device number 24 [ 868.969735][ C0] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 868.976065][T12341] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 869.028279][ T9609] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 869.836359][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 869.843079][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 872.591448][ T5776] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 872.946304][ T5776] usb 6-1: Using ep0 maxpacket: 32 [ 873.604303][ T5776] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 873.637628][ T5776] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 873.679273][ T5776] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 873.726475][ T5776] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 873.785526][ T5776] usb 6-1: config 0 interface 0 has no altsetting 0 [ 873.817398][ T5776] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 873.878154][ T5776] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 873.915806][ T5776] usb 6-1: Product: syz [ 873.924712][ T5776] usb 6-1: Manufacturer: syz [ 873.939874][ T5776] usb 6-1: SerialNumber: syz [ 873.975359][ T5776] usb 6-1: config 0 descriptor?? [ 874.038577][ T5776] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 874.084359][ T5776] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 874.239898][ T5858] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 874.388415][T12383] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 874.397435][ T5776] usb 6-1: USB disconnect, device number 25 [ 874.403508][ C0] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 874.430331][ T5858] usb 7-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00 [ 874.440554][ T5776] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 874.482812][ T5858] usb 7-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 874.542649][ T5858] usb 7-1: Product: syz [ 874.556634][ T5858] usb 7-1: SerialNumber: syz [ 874.585208][ T5858] usb 7-1: config 0 descriptor?? [ 874.834217][ T5858] hso 7-1:0.0: Can't find BULK endpoints [ 875.047657][ T5858] usb 7-1: USB disconnect, device number 6 [ 877.893698][T12440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 878.315211][T12441] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1380'. [ 878.324351][T12441] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1380'. [ 878.333477][T12441] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1380'. [ 878.342600][T12441] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1380'. [ 878.808953][T12440] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 882.313824][T12491] binder: 12488:12491 ioctl c0306201 0 returned -14 [ 883.500351][T12502] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1397'. [ 883.509481][T12502] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1397'. [ 883.518911][T12502] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1397'. [ 883.528037][T12502] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1397'. [ 884.181858][ T5858] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 884.377977][ T5858] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 884.450902][ T5858] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 884.607542][ T5858] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 884.622600][ T5858] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 884.850072][ T5858] usb 7-1: Product: syz [ 884.857340][ T5858] usb 7-1: Manufacturer: syz [ 884.869910][ T5858] usb 7-1: SerialNumber: syz [ 886.000574][T12504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 886.053564][T12504] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 886.130243][ T5858] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22 [ 886.208712][ T5858] usb 7-1: USB disconnect, device number 7 [ 888.429920][ T5858] usb 7-1: new full-speed USB device number 8 using dummy_hcd [ 889.386312][ T5776] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 889.702647][ T5776] usb 10-1: config 0 has an invalid interface number: 64 but max is 0 [ 889.737028][ T5776] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 889.785862][ T5776] usb 10-1: config 0 has no interface number 0 [ 889.822905][ T5776] usb 10-1: too many endpoints for config 0 interface 64 altsetting 0: 48, using maximum allowed: 30 [ 889.861679][ T5776] usb 10-1: config 0 interface 64 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 889.914623][ T5776] usb 10-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 889.955149][ T5776] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 890.003798][ T5776] usb 10-1: Product: syz [ 890.034336][ T5776] usb 10-1: Manufacturer: syz [ 890.077759][ T5776] usb 10-1: SerialNumber: syz [ 890.524428][ T5776] usb 10-1: config 0 descriptor?? [ 890.762182][T12576] fuse: fd is not a fuse device [ 891.420359][ T5776] usb 10-1: USB disconnect, device number 14 [ 896.310618][ T5776] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 896.773800][ T5776] usb 6-1: config 0 has no interfaces? [ 896.911333][ T5776] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 897.005043][ T5776] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 897.130773][ T5776] usb 6-1: config 0 descriptor?? [ 898.430172][ T9609] usb 6-1: USB disconnect, device number 26 [ 899.838836][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 899.838878][ T30] audit: type=1326 audit(1779212905.747:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12651 comm="syz.9.1441" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7405f9ce59 code=0x0 [ 901.880182][T12672] loop7: detected capacity change from 0 to 1024 [ 901.966647][T12672] hfsplus: failed to load extents file [ 908.513080][T12727] loop6: detected capacity change from 0 to 2048 [ 908.743163][ T30] audit: type=1326 audit(1779212914.647:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12730 comm="syz.8.1460" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb40819ce59 code=0x0 [ 909.554055][T12736] loop7: detected capacity change from 0 to 32768 [ 909.625187][T12736] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1465 (12736) [ 909.647415][T12736] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 909.657707][T12736] BTRFS info (device loop7): using sha256 checksum algorithm [ 909.681949][T12727] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 909.794111][T12736] BTRFS info (device loop7): rebuilding free space tree [ 909.821647][T12727] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 909.840895][T12727] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 33 with max blocks 33 with error 28 [ 909.878417][T12736] BTRFS info (device loop7): enabling ssd optimizations [ 909.885505][T12736] BTRFS info (device loop7): using spread ssd allocation scheme [ 909.894986][T12736] BTRFS info (device loop7): enabling free space tree [ 909.901900][T12736] BTRFS info (device loop7): force clearing of disk cache [ 909.909048][T12736] BTRFS info (device loop7): enabling auto defrag [ 909.915624][T12736] BTRFS info (device loop7): max_inline set to 0 [ 909.923919][T12727] EXT4-fs (loop6): This should not happen!! Data will be lost [ 909.923919][T12727] [ 909.934296][T12727] EXT4-fs (loop6): Total free blocks count 0 [ 909.942547][T12727] EXT4-fs (loop6): Free/Dirty block details [ 909.960246][T12727] EXT4-fs (loop6): free_blocks=2415919504 [ 909.976905][T12727] EXT4-fs (loop6): dirty_blocks=64 [ 909.987104][T12727] EXT4-fs (loop6): Block reservation details [ 910.004427][T12727] EXT4-fs (loop6): i_reserved_data_blocks=4 [ 910.199926][ T5776] usb 10-1: new high-speed USB device number 15 using dummy_hcd [ 910.382603][ T5776] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 910.416729][ T5776] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 910.449907][ T5776] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 910.498738][ T5776] usb 10-1: config 0 descriptor?? [ 910.720502][T10319] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 910.790835][ T5776] usbhid 10-1:0.0: can't add hid device: -71 [ 910.803720][T12339] BTRFS info (device loop7): qgroup scan completed (inconsistency flag cleared) [ 910.826110][ T5776] usbhid 10-1:0.0: probe with driver usbhid failed with error -71 [ 910.907740][ T5776] usb 10-1: USB disconnect, device number 15 [ 912.061571][ T1002] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28 [ 912.168660][T10388] EXT4-fs warning (device loop6): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 912.261324][ T5776] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 912.430520][ T5776] usb 10-1: Using ep0 maxpacket: 16 [ 912.444197][ T5776] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 912.505035][ T5776] usb 10-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 912.547262][ T5776] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 912.622718][ T5776] usb 10-1: config 0 descriptor?? [ 913.631412][ T5776] usbhid 10-1:0.0: can't add hid device: -71 [ 913.649992][ T5776] usbhid 10-1:0.0: probe with driver usbhid failed with error -71 [ 913.938142][ T5776] usb 10-1: USB disconnect, device number 16 [ 914.622750][T12798] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1471'. [ 916.055472][ T30] audit: type=1326 audit(1779212921.967:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12814 comm="syz.8.1482" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb40819ce59 code=0x0 [ 923.886937][T12869] binder: 12866:12869 ioctl 4018620d 0 returned -22 [ 923.944149][T12855] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 923.990410][T12855] block device autoloading is deprecated and will be removed. [ 924.245612][ T9203] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 924.257885][ T9203] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 924.743929][ T30] audit: type=1326 audit(1779212930.647:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12885 comm="syz.9.1503" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7405f9ce59 code=0x0 [ 928.049758][T12923] binder: 12920:12923 ioctl 4018620d 0 returned -22 [ 929.738670][ T30] audit: type=1326 audit(1779212935.647:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12936 comm="syz.9.1516" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7405f9ce59 code=0x0 [ 930.961803][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 930.968391][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.117981][ T30] audit: type=1326 audit(1779212938.027:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12951 comm="syz.6.1523" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd5fe39ce59 code=0x0 [ 935.468029][T12989] binder: 12988:12989 ioctl c0306201 0 returned -14 [ 935.476290][T12989] binder_alloc: 12988: binder_alloc_buf size 1024 failed, no address space [ 936.289683][T12989] binder_alloc: allocated: 12280 (num: 1 largest: 12280), free: 8 (num: 1 largest: 8) [ 939.047754][T13027] loop5: detected capacity change from 0 to 2048 [ 939.117373][T13027] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 939.632314][ T5627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 940.333550][T13040] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1544'. [ 940.842384][T13053] loop5: detected capacity change from 0 to 512 [ 940.861158][T13053] ext4: Unknown parameter 'subj_type' [ 942.660144][T13075] loop6: detected capacity change from 0 to 1024 [ 943.600042][T13075] hfsplus: request for non-existent node 33423360 in B*Tree [ 943.623240][T13075] hfsplus: request for non-existent node 33423360 in B*Tree [ 943.926529][T13085] hfsplus: request for non-existent node 33423360 in B*Tree [ 943.954858][T13085] hfsplus: request for non-existent node 33423360 in B*Tree [ 944.664393][T13090] hfsplus: request for non-existent node 33423360 in B*Tree [ 944.703506][T13090] hfsplus: request for non-existent node 33423360 in B*Tree [ 944.740236][T13095] hfsplus: request for non-existent node 33423360 in B*Tree [ 944.765383][T13095] hfsplus: request for non-existent node 33423360 in B*Tree [ 945.026977][T13075] hfsplus: request for non-existent node 33423360 in B*Tree [ 945.035486][T13110] binder: 13087:13110 ioctl c0306201 0 returned -14 [ 945.036348][T13110] binder_alloc: 13087: binder_alloc_buf size 1024 failed, no address space [ 945.052800][T13110] binder_alloc: allocated: 12280 (num: 1 largest: 12280), free: 8 (num: 1 largest: 8) [ 945.727083][T13109] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1565'. [ 945.765811][T13075] hfsplus: request for non-existent node 33423360 in B*Tree [ 948.046217][T13148] loop9: detected capacity change from 0 to 1024 [ 948.056635][T13148] EXT4-fs: Ignoring removed mblk_io_submit option [ 948.118427][T13148] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 948.160640][T13148] EXT4-fs (loop9): shut down requested (0) [ 948.177101][ T9203] Bluetooth: Fragment is too long (len 14, expected 2) [ 948.839881][T13170] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1580'. [ 948.848977][T13170] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1580'. [ 948.858072][T13170] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1580'. [ 948.867400][T13170] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1580'. [ 949.683278][T10202] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 949.683436][T13174] loop7: detected capacity change from 0 to 256 [ 949.699646][T13174] exfat: Deprecated parameter 'utf8' [ 949.840344][T13174] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 950.677428][T13181] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1583'. [ 952.548383][T13204] loop9: detected capacity change from 0 to 32768 [ 952.556647][ T9203] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 952.556781][T13204] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1590 (13204) [ 952.585962][T13204] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 952.597411][T13204] BTRFS info (device loop9): using sha256 checksum algorithm [ 952.729026][T13204] BTRFS info (device loop9): setting nodatasum [ 952.735388][T13204] BTRFS info (device loop9): enabling ssd optimizations [ 952.742489][T13204] BTRFS info (device loop9): turning on async discard [ 952.749280][T13204] BTRFS info (device loop9): enabling free space tree [ 954.552274][T13241] netlink: 56 bytes leftover after parsing attributes in process `syz.8.1597'. [ 954.561377][T13241] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1597'. [ 954.570539][T13241] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1597'. [ 954.579583][T13241] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1597'. [ 955.276914][T13247] loop6: detected capacity change from 0 to 256 [ 955.284498][T13247] exfat: Deprecated parameter 'utf8' [ 955.316841][T13247] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 955.727949][T10202] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 961.876040][T13289] netlink: 56 bytes leftover after parsing attributes in process `syz.8.1614'. [ 961.885278][T13289] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1614'. [ 961.894375][T13289] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1614'. [ 961.903491][T13289] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1614'. [ 962.642399][T13290] loop9: detected capacity change from 0 to 16 [ 962.706612][T13292] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1616'. [ 962.717888][T13290] erofs (device loop9): mounted with root inode @ nid 36. [ 964.207175][T13308] loop9: detected capacity change from 0 to 256 [ 964.214555][T13308] exfat: Deprecated parameter 'utf8' [ 964.234663][T13308] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 965.871346][ T9609] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 966.166132][ T9609] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 966.267629][ T9609] usb 6-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 966.436958][ T9609] usb 6-1: config 0 has no interface number 0 [ 966.676408][ T9609] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 966.808598][ T9609] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 966.958741][ T9609] usb 6-1: Product: syz [ 967.019545][ T9609] usb 6-1: Manufacturer: syz [ 967.110794][ T9609] usb 6-1: SerialNumber: syz [ 967.418965][ T9609] usb 6-1: config 0 descriptor?? [ 967.919005][ T9609] uvcvideo 6-1:0.64: probe with driver uvcvideo failed with error -22 [ 967.942993][T13340] syz.8.1634 (13340) used greatest stack depth: 19416 bytes left [ 969.053334][T13356] vxcan1: entered promiscuous mode [ 969.073910][ T9609] usb 6-1: USB disconnect, device number 27 [ 969.442354][T13360] loop5: detected capacity change from 0 to 2048 [ 969.462305][T13360] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 969.608257][T13363] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1644'. [ 969.655708][T13366] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 970.612601][ T9203] Bluetooth: Unexpected continuation frame (len 16) [ 975.407325][T13410] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1660'. [ 976.770919][T13430] fuse: Bad value for 'fd' [ 976.778411][T13427] syzkaller0: entered promiscuous mode [ 976.806760][T13427] syzkaller0: entered allmulticast mode [ 976.885246][ T9203] Bluetooth: Unexpected continuation frame (len 16) [ 978.512899][T13457] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1676'. [ 978.705645][T13463] loop9: detected capacity change from 0 to 64 [ 978.852595][ T9203] Bluetooth: Unexpected continuation frame (len 16) [ 979.105968][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.147826][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.207470][T13477] hfs: request for non-existent node 131072 in B*Tree [ 979.236264][T13477] hfs: request for non-existent node 131072 in B*Tree [ 979.273868][T13478] hfs: request for non-existent node 131072 in B*Tree [ 979.286864][T13478] hfs: request for non-existent node 131072 in B*Tree [ 979.330487][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.349668][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.376208][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.383456][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.396292][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.408628][T13463] hfs: request for non-existent node 131072 in B*Tree [ 979.421659][ T30] audit: type=1326 audit(1779212985.317:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13480 comm="syz.1.1688" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f268ab9ce59 code=0x0 [ 979.457141][T13463] hfs: request for non-existent node 12 in B*Tree [ 979.469617][T13463] hfs: request for non-existent node 12 in B*Tree [ 979.488427][T13463] hfs: request for non-existent node 13 in B*Tree [ 979.499015][T13463] hfs: request for non-existent node 13 in B*Tree [ 979.552823][T13472] loop5: detected capacity change from 0 to 8192 [ 981.330769][ T10] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 981.742217][ T10] usb 6-1: config 0 has an invalid interface number: 64 but max is 0 [ 981.756925][ T10] usb 6-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 981.953406][T13513] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1695'. [ 981.992947][ T10] usb 6-1: config 0 has no interface number 0 [ 982.034845][ T10] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 982.102268][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.155463][ T10] usb 6-1: Product: syz [ 982.173831][ T10] usb 6-1: Manufacturer: syz [ 982.198099][ T10] usb 6-1: SerialNumber: syz [ 982.238024][ T9203] Bluetooth: Unexpected continuation frame (len 16) [ 982.251128][ T10] usb 6-1: config 0 descriptor?? [ 982.280844][ T10] uvcvideo 6-1:0.64: probe with driver uvcvideo failed with error -22 [ 982.434983][T13525] loop6: detected capacity change from 0 to 1024 [ 982.443719][T13525] EXT4-fs: Ignoring removed bh option [ 982.507699][T13525] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 982.735629][T10388] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 983.204743][T13537] loop7: detected capacity change from 0 to 256 [ 983.213934][T13537] exfat: Deprecated parameter 'utf8' [ 983.394124][T13537] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 984.171046][ T9] usb 6-1: USB disconnect, device number 28 [ 984.422734][T13544] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1705'. [ 984.431896][T13544] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1705'. [ 984.442494][T13544] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1705'. [ 984.451524][T13544] netlink: 31 bytes leftover after parsing attributes in process `syz.9.1705'. [ 984.735629][T13550] Set syz1 is full, maxelem 65536 reached [ 984.966680][ T9] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 985.384057][ T9] usb 6-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 985.451591][ T9] usb 6-1: config 0 interface 0 has no altsetting 0 [ 985.481798][ T9] usb 6-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00 [ 985.529448][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 985.592260][ T9] usb 6-1: config 0 descriptor?? [ 986.619598][T13565] loop9: detected capacity change from 0 to 32768 [ 986.710905][T13565] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1713 (13565) [ 986.739370][T13565] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 986.750016][T13565] BTRFS info (device loop9): using sha256 checksum algorithm [ 986.899053][ T9] zeroplus 0003:0C12:0005.0005: unknown main item tag 0x0 [ 986.913865][T13565] BTRFS info (device loop9): rebuilding free space tree [ 986.926623][ T9] zeroplus 0003:0C12:0005.0005: unknown main item tag 0x0 [ 986.945973][ T9] zeroplus 0003:0C12:0005.0005: unknown main item tag 0x0 [ 986.954814][ T9] zeroplus 0003:0C12:0005.0005: unknown main item tag 0x0 [ 986.962366][ T9] zeroplus 0003:0C12:0005.0005: unknown main item tag 0x0 [ 986.969562][ T9] zeroplus 0003:0C12:0005.0005: unknown main item tag 0x0 [ 986.978044][ T9] zeroplus 0003:0C12:0005.0005: unbalanced collection at end of report description [ 986.988595][ T9] zeroplus 0003:0C12:0005.0005: parse failed [ 986.995132][ T9] zeroplus 0003:0C12:0005.0005: probe with driver zeroplus failed with error -22 [ 987.010836][T13565] BTRFS info (device loop9): enabling ssd optimizations [ 987.017795][T13565] BTRFS info (device loop9): using spread ssd allocation scheme [ 987.025630][T13565] BTRFS info (device loop9): enabling free space tree [ 987.032461][T13565] BTRFS info (device loop9): force clearing of disk cache [ 987.039575][T13565] BTRFS info (device loop9): enabling auto defrag [ 987.046165][T13565] BTRFS info (device loop9): max_inline set to 0 [ 987.132131][T13558] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 987.166059][ T9] usb 6-1: USB disconnect, device number 29 [ 987.283199][T10202] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 987.288593][ T5901] BTRFS info (device loop9): qgroup scan completed (inconsistency flag cleared) [ 987.325452][T13591] geneve2: entered promiscuous mode [ 989.036857][T13603] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1722'. [ 989.045952][T13603] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1722'. [ 989.056415][T13603] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1722'. [ 989.065486][T13603] netlink: 31 bytes leftover after parsing attributes in process `syz.5.1722'. [ 989.645035][T13613] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1718'. [ 990.081811][T13619] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 990.379580][T13624] loop5: detected capacity change from 0 to 512 [ 990.615427][T13624] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.1728: bg 0: block 393: padding at end of block bitmap is not set [ 990.672891][T13624] loop5: lost filesystem error report for type 5 error -117 [ 990.681727][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 990.695569][ C1] EXT4-fs (loop5): initial error at time 1779212996: ext4_validate_block_bitmap:440 [ 990.705028][ C1] EXT4-fs (loop5): last error at time 1779212996: ext4_validate_block_bitmap:440 [ 990.723456][T13624] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 990.733352][T13624] loop5: lost filesystem error report for type 5 error -117 [ 990.743305][T13624] EXT4-fs (loop5): 2 truncates cleaned up [ 990.759091][T13624] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 991.363433][ T5627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 991.443837][T13642] tipc: Started in network mode [ 991.452139][T13642] tipc: Node identity 5616ea66900b, cluster identity 4711 [ 991.459652][T13642] tipc: Enabled bearer , priority 0 [ 991.465506][ T24] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 991.633911][ T24] usb 10-1: config 0 has no interfaces? [ 991.639884][ T24] usb 10-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 991.669451][ T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 991.672961][T13642] syzkaller0: entered promiscuous mode [ 991.717315][T13642] syzkaller0: entered allmulticast mode [ 991.743862][ T24] usb 10-1: config 0 descriptor?? [ 991.745450][T13642] tipc: Resetting bearer [ 991.991937][ T24] usb 10-1: USB disconnect, device number 17 [ 992.285529][T13659] loop5: detected capacity change from 0 to 256 [ 992.292940][T13659] exfat: Deprecated parameter 'utf8' [ 992.325197][T13657] IPVS: set_ctl: invalid protocol: 3 0.0.0.0:0 [ 992.331592][T13658] IPVS: set_ctl: invalid protocol: 30821 116.0.0.0:256 [ 992.384909][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 992.412755][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 992.574154][T13659] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 992.608411][ T9] tipc: Node number set to 3323849318 [ 992.908866][T13664] loop9: detected capacity change from 0 to 1024 [ 993.204339][T13639] tipc: Resetting bearer [ 994.375735][T13678] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1738'. [ 994.403968][T13678] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1738'. [ 994.428778][T13678] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1738'. [ 994.459141][T13678] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1738'. [ 1000.480934][T13639] tipc: Disabling bearer [ 1003.008244][T13788] geneve3: entered promiscuous mode [ 1003.365028][ C0] vxcan1: j1939_tp_rxtimer: 0xffff888055884800: rx timeout, send abort [ 1003.378154][ C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888055884800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 1003.937345][T13811] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1786'. [ 1004.983531][T13823] geneve2: entered promiscuous mode [ 1005.015068][T13828] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1794'. [ 1007.058749][ C1] vxcan1: j1939_tp_rxtimer: 0xffff88805f2e5800: rx timeout, send abort [ 1007.067600][ C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff88805f2e5800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 1007.400773][T13871] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1813'. [ 1007.409776][T13871] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1813'. [ 1007.418822][T13871] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1813'. [ 1007.427874][T13871] netlink: 31 bytes leftover after parsing attributes in process `syz.6.1813'. [ 1008.451774][T13880] loop9: detected capacity change from 0 to 256 [ 1008.459154][T13880] exfat: Deprecated parameter 'utf8' [ 1008.525136][T13880] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1011.072092][T13925] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1831'. [ 1011.081289][T13925] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1831'. [ 1011.090323][T13925] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1831'. [ 1011.099285][T13925] netlink: 31 bytes leftover after parsing attributes in process `syz.1.1831'. [ 1014.852472][T13965] loop9: detected capacity change from 0 to 64 [ 1015.013129][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1015.119440][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1015.178418][T13966] hfs: request for non-existent node 131072 in B*Tree [ 1015.220021][T13969] binder: 13968:13969 ioctl c0306201 0 returned -14 [ 1015.259119][T13966] hfs: request for non-existent node 131072 in B*Tree [ 1015.316826][T13967] hfs: request for non-existent node 131072 in B*Tree [ 1015.352773][T13967] hfs: request for non-existent node 131072 in B*Tree [ 1015.380333][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1015.401867][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1015.456864][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1015.484135][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1015.508669][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1015.547264][T13965] hfs: request for non-existent node 131072 in B*Tree [ 1016.374641][T13989] loop5: detected capacity change from 0 to 256 [ 1016.382056][T13989] exfat: Deprecated parameter 'utf8' [ 1016.890969][T13989] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1017.023300][T13992] netlink: 56 bytes leftover after parsing attributes in process `syz.8.1853'. [ 1017.032406][T13992] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1853'. [ 1017.041424][T13992] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1853'. [ 1017.050426][T13992] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1853'. [ 1017.244057][T14000] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1856'. [ 1019.937924][T14018] loop5: detected capacity change from 0 to 1024 [ 1021.741719][T14049] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1873'. [ 1021.936749][ T30] audit: type=1326 audit(1779213027.847:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.1871" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f268ab9ce59 code=0x0 [ 1021.961702][T14049] hsr_slave_1 (unregistering): left promiscuous mode [ 1022.888350][T14059] loop5: detected capacity change from 0 to 512 [ 1022.964249][T14059] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.1874: bg 0: block 393: padding at end of block bitmap is not set [ 1022.980426][T14059] loop5: lost filesystem error report for type 5 error -117 [ 1022.985195][T14059] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 1022.992663][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1022.992694][ C0] EXT4-fs (loop5): initial error at time 1779213028: ext4_validate_block_bitmap:440 [ 1022.992737][ C0] EXT4-fs (loop5): last error at time 1779213028: ext4_validate_block_bitmap:440 [ 1023.033744][T14059] loop5: lost filesystem error report for type 5 error -117 [ 1023.035186][T14059] EXT4-fs (loop5): 2 truncates cleaned up [ 1023.058150][T14059] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1023.126343][ T5627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1026.065908][T14096] cgroup: Unknown subsys name 'cpuset' [ 1026.777614][ T30] audit: type=1326 audit(1779213032.687:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14102 comm="syz.8.1890" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb40819ce59 code=0x0 [ 1027.689498][T14119] fuse: fd is not a fuse device [ 1028.121520][T14128] loop7: detected capacity change from 0 to 1024 [ 1028.590893][T14137] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1899'. [ 1029.695525][T14149] serio: Serial port ptm0 [ 1031.588252][T14161] syzkaller0: entered promiscuous mode [ 1031.617477][T14161] syzkaller0: entered allmulticast mode [ 1031.666807][T14167] fuse: fd is not a fuse device [ 1031.892041][ T30] audit: type=1326 audit(1779213037.807:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14170 comm="syz.1.1913" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f268ab9ce59 code=0x0 [ 1033.627386][T14199] loop5: detected capacity change from 0 to 256 [ 1033.647790][T14199] exfat: Deprecated parameter 'utf8' [ 1034.339652][T14199] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1034.910998][T14209] fuse: fd is not a fuse device [ 1041.341090][T14289] loop9: detected capacity change from 0 to 256 [ 1041.348459][T14289] exfat: Deprecated parameter 'utf8' [ 1041.388939][T14289] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1044.607049][T14327] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1967'. [ 1044.710896][T14332] loop7: detected capacity change from 0 to 128 [ 1045.414055][T14332] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1045.531454][T14339] loop9: detected capacity change from 0 to 256 [ 1045.546189][T14339] exfat: Deprecated parameter 'utf8' [ 1045.848598][T14339] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1046.658571][ T5650] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1046.675734][ T5650] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1046.684446][ T5650] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1046.695095][ T5650] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1046.705740][ T5650] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1047.270875][T14332] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1048.807843][ T5650] Bluetooth: hci6: command tx timeout [ 1049.237012][T14275] vxcan1: entered promiscuous mode [ 1049.256306][T14354] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 1049.269196][T14354] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 1049.278815][T14354] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1050.860152][ T5650] Bluetooth: hci6: command tx timeout [ 1051.458593][T14404] loop9: detected capacity change from 0 to 128 [ 1051.482528][T14404] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1051.545284][T14404] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1052.940023][ T5650] Bluetooth: hci6: command tx timeout [ 1053.834386][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 1053.869013][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.434130][T14437] 9pnet_virtio: no channels available for device syz [ 1054.709989][T14444] netlink: 56 bytes leftover after parsing attributes in process `syz.8.1996'. [ 1054.719096][T14444] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1996'. [ 1054.728201][T14444] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1996'. [ 1054.737260][T14444] netlink: 31 bytes leftover after parsing attributes in process `syz.8.1996'. [ 1055.079976][ T5650] Bluetooth: hci6: command tx timeout [ 1056.435899][T14345] bridge0: port 1(bridge_slave_0) entered blocking state [ 1056.456639][T14345] bridge0: port 1(bridge_slave_0) entered disabled state [ 1056.492250][T14345] bridge_slave_0: entered allmulticast mode [ 1056.543891][T14345] bridge_slave_0: entered promiscuous mode [ 1056.602417][T14345] bridge0: port 2(bridge_slave_1) entered blocking state [ 1056.636534][T14345] bridge0: port 2(bridge_slave_1) entered disabled state [ 1056.665959][T14345] bridge_slave_1: entered allmulticast mode [ 1056.697054][T14345] bridge_slave_1: entered promiscuous mode [ 1056.865482][T14345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1056.897734][T14345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1057.021962][T14345] team0: Port device team_slave_0 added [ 1057.061748][T14345] team0: Port device team_slave_1 added [ 1057.161565][T14345] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1057.180152][T14345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1057.234260][T14345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1057.271451][T14345] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1057.294128][T14345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1057.359925][T14345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1057.448600][ T135] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1057.480869][T14345] hsr_slave_0: entered promiscuous mode [ 1057.498451][T14345] hsr_slave_1: entered promiscuous mode [ 1057.533493][T14345] debugfs: 'hsr0' already exists in 'hsr' [ 1057.561815][T14345] Cannot create hsr debugfs directory [ 1057.703694][T14484] loop9: detected capacity change from 0 to 64 [ 1057.815824][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1057.841945][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1057.872621][T14487] hfs: request for non-existent node 131072 in B*Tree [ 1057.899323][T14487] hfs: request for non-existent node 131072 in B*Tree [ 1057.946697][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1057.970301][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1057.995913][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1058.012188][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1058.042975][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1058.061715][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1058.063482][T14490] bridge0: port 2(bridge_slave_1) entered blocking state [ 1058.075775][T14490] bridge0: port 2(bridge_slave_1) entered listening state [ 1058.083307][T14490] bridge0: port 1(bridge_slave_0) entered blocking state [ 1058.090534][T14490] bridge0: port 1(bridge_slave_0) entered listening state [ 1058.091027][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1058.121266][T14484] hfs: request for non-existent node 131072 in B*Tree [ 1060.031364][T14514] loop9: detected capacity change from 0 to 1024 [ 1062.852252][T14565] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2035'. [ 1062.957286][T14578] netlink: 56 bytes leftover after parsing attributes in process `syz.9.2037'. [ 1062.966535][T14578] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2037'. [ 1062.975702][T14578] netlink: 31 bytes leftover after parsing attributes in process `syz.9.2037'. [ 1062.985570][T14578] netlink: 31 bytes leftover after parsing attributes in process `syz.9.2037'. [ 1063.676110][T14585] 9pnet_virtio: no channels available for device syz [ 1063.832956][T14587] loop9: detected capacity change from 0 to 1024 [ 1066.857557][T14345] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1066.899775][T14345] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1066.936500][T14345] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1066.981226][T14345] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1067.016195][T14345] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1067.298860][T14345] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1067.362360][T14656] ªªªªªª: renamed from vlan0 (while UP) [ 1067.373272][T14345] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1067.421338][T14345] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1067.778147][T14345] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1067.875910][T14345] 8021q: adding VLAN 0 to HW filter on device team0 [ 1067.951297][ T7033] bridge0: port 1(bridge_slave_0) entered blocking state [ 1067.958566][ T7033] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1068.012956][ T7033] bridge0: port 2(bridge_slave_1) entered blocking state [ 1068.020181][ T7033] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1068.103825][T14675] netlink: 7 bytes leftover after parsing attributes in process `syz.9.2065'. [ 1068.533600][T14692] 9pnet_virtio: no channels available for device syz [ 1068.648038][T14695] vxcan1: entered promiscuous mode [ 1068.901988][T14706] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2074'. [ 1070.429675][T14735] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2076'. [ 1071.397495][T14345] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1073.761061][T14345] veth0_vlan: entered promiscuous mode [ 1073.803451][T14345] veth1_vlan: entered promiscuous mode [ 1073.923153][T14345] veth0_macvtap: entered promiscuous mode [ 1073.949739][T14345] veth1_macvtap: entered promiscuous mode [ 1074.043029][T14345] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1074.093759][T14345] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1074.145977][ T135] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1074.178776][ T135] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1074.210200][ T135] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1074.233952][ T135] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1074.513692][T14789] geneve2: entered promiscuous mode [ 1075.994836][ T1002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1076.032802][ T1002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1076.178371][ T1124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1076.213894][ T1124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1078.311590][T14854] loop4: detected capacity change from 0 to 1024 [ 1078.718170][T14849] dvmrp12: entered allmulticast mode [ 1078.729468][T14849] dvmrp12: left allmulticast mode [ 1079.408772][T14874] 9pnet_virtio: no channels available for device syz [ 1080.724869][T14891] loop5: detected capacity change from 0 to 512 [ 1080.805226][T14891] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.2113: bg 0: block 393: padding at end of block bitmap is not set [ 1080.935814][T14891] loop5: lost filesystem error report for type 5 error -117 [ 1080.939912][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 1080.953835][ C0] EXT4-fs (loop5): initial error at time 1779213086: ext4_validate_block_bitmap:440 [ 1080.963361][ C0] EXT4-fs (loop5): last error at time 1779213086: ext4_validate_block_bitmap:440 [ 1080.970115][T14891] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 1081.018439][T14891] loop5: lost filesystem error report for type 5 error -117 [ 1081.029687][T14891] EXT4-fs (loop5): 2 truncates cleaned up [ 1081.087727][T14891] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1081.283607][ T5627] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1081.318920][T14905] loop4: detected capacity change from 0 to 128 [ 1081.371655][T14905] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1081.414345][T14905] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1081.417426][ T36] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1082.481484][T14914] geneve2: entered promiscuous mode [ 1082.514162][T14803] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1083.509767][ T36] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1084.122409][T14926] loop4: detected capacity change from 0 to 1024 [ 1085.939113][ T24] IPVS: starting estimator thread 0... [ 1086.070282][T14977] IPVS: using max 23 ests per chain, 55200 per kthread [ 1086.089933][ T30] audit: type=1326 audit(1779213091.867:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14969 comm="syz.4.2133" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcdfb79ce59 code=0x0 [ 1086.930027][T14984] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2136'. [ 1087.231463][ T36] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1088.384126][ C0] bridge0: port 1(bridge_slave_0) entered learning state [ 1088.393523][ C0] bridge0: port 2(bridge_slave_1) entered learning state [ 1093.458043][T15051] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2152'. [ 1093.968062][T15057] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 1094.030957][T15056] iommufd_mock iommufd_mock0: Adding to iommu group 1 [ 1095.729167][ T36] bridge_slave_1: left allmulticast mode [ 1095.756038][ T36] bridge_slave_1: left promiscuous mode [ 1095.790294][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 1095.916042][ T36] bridge_slave_0: left allmulticast mode [ 1095.948939][ T36] bridge_slave_0: left promiscuous mode [ 1095.980746][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 1100.136997][T15119] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1100.162921][T15119] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1100.175980][T15119] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1100.192887][T15119] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1100.203192][T15119] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1100.566546][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1100.678521][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1100.834562][ T36] bond0 (unregistering): Released all slaves [ 1100.989521][ T36] tipc: Left network mode [ 1101.441258][T15136] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2172'. [ 1102.943447][T15150] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2174'. [ 1102.972996][ T5650] Bluetooth: hci4: command tx timeout [ 1105.714619][T15119] Bluetooth: hci4: command tx timeout [ 1107.572126][T15172] sch_tbf: burst 18 is lower than device lo mtu (65550) ! [ 1107.740271][T15119] Bluetooth: hci4: command tx timeout [ 1108.238743][ T36] hsr_slave_0: left promiscuous mode [ 1108.269714][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1108.300093][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1108.403320][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1108.419211][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1108.545457][ T36] veth1_macvtap: left promiscuous mode [ 1108.566050][ T36] veth0_macvtap: left promiscuous mode [ 1108.573313][ T36] veth1_vlan: left promiscuous mode [ 1108.579640][ T36] veth0_vlan: left promiscuous mode [ 1109.820592][T15119] Bluetooth: hci4: command tx timeout [ 1109.853955][ T36] team0 (unregistering): Port device team_slave_1 removed [ 1109.904415][ T36] team0 (unregistering): Port device team_slave_0 removed [ 1110.294048][T15207] bridge0: port 2(bridge_slave_1) entered disabled state [ 1110.936089][T15219] syzkaller0: entered promiscuous mode [ 1110.968655][T15219] syzkaller0: entered allmulticast mode [ 1111.307659][T15223] vxcan1: entered promiscuous mode [ 1111.372732][ T36] IPVS: stop unused estimator thread 0... [ 1114.586163][T15230] loop4: detected capacity change from 0 to 2048 [ 1114.790609][T15230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1115.374724][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.383770][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 1115.445406][T14345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1116.243691][T15118] bridge0: port 1(bridge_slave_0) entered blocking state [ 1116.287514][T15118] bridge0: port 1(bridge_slave_0) entered disabled state [ 1116.384544][T15118] bridge_slave_0: entered allmulticast mode [ 1116.454251][T15118] bridge_slave_0: entered promiscuous mode [ 1116.523868][T15118] bridge0: port 2(bridge_slave_1) entered blocking state [ 1116.584188][T15118] bridge0: port 2(bridge_slave_1) entered disabled state [ 1116.639317][T15118] bridge_slave_1: entered allmulticast mode [ 1116.685129][T15118] bridge_slave_1: entered promiscuous mode [ 1116.989564][T15118] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1117.088530][T15118] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1117.386485][T15118] team0: Port device team_slave_0 added [ 1117.438885][T15118] team0: Port device team_slave_1 added [ 1117.699491][T15118] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1117.733444][T15118] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1117.874635][T15118] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1117.966555][T15118] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1118.025280][T15118] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1118.184126][T15118] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1118.264594][ T5286] 8021q: adding VLAN 0 to HW filter on device eth1 [ 1118.461315][ C0] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1118.468619][ C0] bridge0: topology change detected, propagating [ 1118.478655][ C0] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1118.485925][ C0] bridge0: topology change detected, propagating [ 1118.517966][T15278] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1118.981043][T15278] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1119.021346][T15278] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1119.994260][ T7033] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1120.028282][T15278] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1120.064791][T15278] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1120.258979][T15292] binder_alloc: 15291: binder_alloc_buf, no vma [ 1120.335473][T15278] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1120.374134][T15278] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1120.542035][T15119] Bluetooth: hci2: command 0x0c1a tx timeout [ 1120.580769][T15278] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1120.600654][T15295] loop7: detected capacity change from 0 to 128 [ 1120.609927][T15295] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1120.612909][T15278] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1120.628099][T15295] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1121.051500][T15119] Bluetooth: hci0: command 0x0406 tx timeout [ 1121.514744][T15278] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1121.823980][T15278] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1121.856762][T15278] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1121.900135][T11892] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1121.951830][T15278] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1122.062838][T15119] Bluetooth: hci5: command 0x0406 tx timeout [ 1122.125170][T15302] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2217'. [ 1122.184051][ T7033] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1122.380738][T15119] Bluetooth: hci1: command 0x0406 tx timeout [ 1122.406082][T15118] hsr_slave_0: entered promiscuous mode [ 1122.446406][T15308] IPVS: set_ctl: invalid protocol: 198 255.255.255.255:20003 [ 1122.456463][T15118] hsr_slave_1: entered promiscuous mode [ 1122.527590][T15118] debugfs: 'hsr0' already exists in 'hsr' [ 1122.585674][T15118] Cannot create hsr debugfs directory [ 1122.620409][T15119] Bluetooth: hci6: command 0x0c1a tx timeout [ 1122.797925][T15311] loop9: detected capacity change from 0 to 512 [ 1123.004984][T15311] EXT4-fs error (device loop9): ext4_validate_block_bitmap:440: comm syz.9.2219: bg 0: block 393: padding at end of block bitmap is not set [ 1123.100243][T15119] Bluetooth: hci0: command 0x0406 tx timeout [ 1123.111761][T15311] loop9: lost filesystem error report for type 5 error -117 [ 1123.119968][ C1] EXT4-fs (loop9): error count since last fsck: 1 [ 1123.130220][T15311] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 1123.136150][ C1] EXT4-fs (loop9): initial error at time 1779213129: ext4_validate_block_bitmap:440 [ 1123.155330][ C1] EXT4-fs (loop9): last error at time 1779213129: ext4_validate_block_bitmap:440 [ 1123.342590][T15311] loop9: lost filesystem error report for type 5 error -117 [ 1123.343408][T15311] EXT4-fs (loop9): 2 truncates cleaned up [ 1123.436820][T15311] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1123.900460][T15119] Bluetooth: hci4: command 0x0c1a tx timeout [ 1124.153209][T15119] Bluetooth: hci5: command 0x0406 tx timeout [ 1124.192506][ T7033] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1124.436525][T10202] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1124.460262][T15119] Bluetooth: hci1: command 0x0406 tx timeout [ 1124.705233][T15119] Bluetooth: hci6: command 0x0c1a tx timeout [ 1125.247593][T15343] loop9: detected capacity change from 0 to 64 [ 1125.641567][T15343] hfs: request for non-existent node 131072 in B*Tree [ 1125.714584][T15343] hfs: request for non-existent node 131072 in B*Tree [ 1125.777575][T15347] hfs: request for non-existent node 131072 in B*Tree [ 1125.807974][T15347] hfs: request for non-existent node 131072 in B*Tree [ 1125.885513][T15349] hfs: request for non-existent node 131072 in B*Tree [ 1125.906709][T15349] hfs: request for non-existent node 131072 in B*Tree [ 1125.975480][T15343] hfs: request for non-existent node 131072 in B*Tree [ 1125.994074][T15119] Bluetooth: hci4: command 0x0c1a tx timeout [ 1126.036699][T15343] hfs: request for non-existent node 131072 in B*Tree [ 1126.098349][T15347] hfs: request for non-existent node 131072 in B*Tree [ 1126.113553][T15347] hfs: request for non-existent node 131072 in B*Tree [ 1126.185909][T15349] hfs: request for non-existent node 131072 in B*Tree [ 1126.209265][T15349] hfs: request for non-existent node 131072 in B*Tree [ 1126.451924][T15354] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1126.462396][T15354] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1126.498977][T15354] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1126.516345][T15354] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1126.525002][T15354] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1126.533642][T15354] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1127.191201][ T30] audit: type=1326 audit(1779213133.107:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15365 comm="syz.8.2234" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb40819ce59 code=0x0 [ 1127.692861][T15372] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2235'. [ 1128.157579][ T5286] 8021q: adding VLAN 0 to HW filter on device eth2 [ 1128.460266][T15119] Bluetooth: hci2: command 0x0c1a tx timeout [ 1128.540455][T15119] Bluetooth: hci4: command 0x0c1a tx timeout [ 1128.547708][T15386] Bluetooth: hci1: command 0x0406 tx timeout [ 1128.548024][ T5650] Bluetooth: hci6: command 0x0c1a tx timeout [ 1128.560721][T15386] Bluetooth: hci5: command 0x0406 tx timeout [ 1128.560782][T15386] Bluetooth: hci0: command 0x0406 tx timeout [ 1130.443507][ T7033] team0: Port device ip6gre2 removed [ 1131.235644][ T7033] bond0 (unregistering): Released all slaves [ 1133.127629][T15393] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 1133.138283][T15393] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 1133.149153][T15393] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1134.661060][T15395] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1135.554152][T15429] lo speed is unknown, defaulting to 1000 [ 1135.579051][T15429] lo speed is unknown, defaulting to 1000 [ 1135.795464][ T7033] hsr_slave_0: left promiscuous mode [ 1135.822912][ T7033] hsr_slave_1: left promiscuous mode [ 1135.868122][ T7033] veth1_macvtap: left promiscuous mode [ 1135.886302][ T7033] veth0_macvtap: left promiscuous mode [ 1136.255742][T15395] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1136.713627][ T5650] Bluetooth: hci2: command 0x0c1a tx timeout [ 1137.197398][T15429] lo speed is unknown, defaulting to 1000 [ 1137.226017][T15429] smbdirect: ib_dev[syz2]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 1137.282813][T15429] smbdirect: ib_dev[syz2]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 1137.337861][T15429] smbdirect: ib_dev[syz2]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 1137.414501][T15429] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 1137.521737][T15429] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 1137.591672][T15395] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1137.624636][T15118] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1137.691482][T15118] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1137.699709][T15118] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1137.821535][T15395] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1137.844869][T15118] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1137.863646][T15395] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1137.871819][T15395] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1137.872956][T15429] lo speed is unknown, defaulting to 1000 [ 1138.037297][ T7033] IPVS: stop unused estimator thread 0... [ 1138.129879][T15118] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1138.301783][ T5650] Bluetooth: hci0: command 0x0406 tx timeout [ 1138.358050][T15118] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1138.402720][T15429] lo speed is unknown, defaulting to 1000 [ 1138.417766][ T5286] 8021q: adding VLAN 0 to HW filter on device eth3 [ 1138.451571][T15118] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1138.509614][T15118] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1138.595279][T15429] lo speed is unknown, defaulting to 1000 [ 1138.706284][T15429] lo speed is unknown, defaulting to 1000 [ 1138.795785][ T30] audit: type=1326 audit(1779213144.707:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15450 comm="syz.9.2250" exe="/root/ci-upstream-kasan-badwrites-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7405f9ce59 code=0x0 [ 1139.566440][T15429] lo speed is unknown, defaulting to 1000 [ 1139.662416][ T5650] Bluetooth: hci5: command 0x0406 tx timeout [ 1139.682051][T15429] lo speed is unknown, defaulting to 1000 [ 1139.912549][ T5650] Bluetooth: hci4: command 0x0c1a tx timeout [ 1139.912557][T15387] Bluetooth: hci6: command 0x0c1a tx timeout [ 1139.912649][T15119] Bluetooth: hci1: command 0x0406 tx timeout [ 1141.158670][T15473] bridge_slave_0: left allmulticast mode [ 1141.185752][T15473] bridge_slave_0: left promiscuous mode [ 1141.202189][T15473] bridge0: port 1(bridge_slave_0) entered disabled state [ 1141.381781][T15473] bridge_slave_1: left allmulticast mode [ 1141.398508][T15473] bridge_slave_1: left promiscuous mode [ 1141.416172][T15473] bridge0: port 2(bridge_slave_1) entered disabled state [ 1141.459752][T15473] bond0: (slave bond_slave_0): Releasing backup interface [ 1141.528962][T15473] bond0: (slave bond_slave_1): Releasing backup interface [ 1141.576131][T15473] team0: Port device team_slave_0 removed [ 1141.622164][T15473] team0: Port device team_slave_1 removed [ 1141.641967][T15473] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1141.657431][T15473] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1141.685235][T15473] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1141.714869][T15473] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1141.752457][T15473] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 1141.855216][T15475] team0: Mode changed to "random" [ 1141.917187][ T24] lo speed is unknown, defaulting to 1000 [ 1141.947927][T15118] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1142.612591][T15118] 8021q: adding VLAN 0 to HW filter on device team0 [ 1142.715702][ T5906] bridge0: port 1(bridge_slave_0) entered blocking state [ 1142.722951][ T5906] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1143.136814][ T7033] bridge0: port 2(bridge_slave_1) entered blocking state [ 1143.145294][ T7033] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1143.379511][ T5286] 8021q: adding VLAN 0 to HW filter on device eth4 [ 1249.159824][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1249.166856][ C0] rcu: 1-...!: (1 GPs behind) idle=89fc/1/0x4000000000000000 softirq=90102/90103 fqs=2 [ 1249.178654][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5357/2:b..l [ 1249.186600][ C0] rcu: (detected by 0, t=10502 jiffies, g=100825, q=369 ncpus=2) [ 1249.194411][ C0] Sending NMI from CPU 0 to CPUs 1: [ 1249.194450][ C1] NMI backtrace for cpu 1 [ 1249.194470][ C1] CPU: 1 UID: 0 PID: 15530 Comm: dhcpcd-run-hook Not tainted syzkaller #0 PREEMPT(full) [ 1249.194509][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1249.194529][ C1] RIP: 0010:__hrtimer_run_queues+0x3ca/0xa00 [ 1249.194586][ C1] Code: 14 00 41 83 fd 07 0f 87 c8 04 00 00 e8 7f 2e 14 00 4c 89 e8 be 08 00 00 00 48 c1 e8 06 48 8d 3c c5 50 06 d8 90 e8 76 ff 80 00 <4c> 0f a3 2d ce a6 e3 0e 41 0f 92 c5 31 ff 44 89 ee e8 a0 28 14 00 [ 1249.194618][ C1] RSP: 0000:ffffc90000a08e88 EFLAGS: 00000046 [ 1249.194649][ C1] RAX: 0000000000000001 RBX: ffffffff899af010 RCX: ffffffff81f45f7a [ 1249.194670][ C1] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffff90d80650 [ 1249.194691][ C1] RBP: ffff8880b8528600 R08: 0000000000000000 R09: fffffbfff21b00ca [ 1249.194711][ C1] R10: ffffffff90d80657 R11: 0000000000000001 R12: ffff8880780d8300 [ 1249.194733][ C1] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff8880b8528650 [ 1249.194756][ C1] FS: 0000000000000000(0000) GS:ffff88812446d000(0000) knlGS:0000000000000000 [ 1249.194785][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1249.194806][ C1] CR2: 00007fbdafc36040 CR3: 00000000559bd000 CR4: 0000000000350ef0 [ 1249.194827][ C1] Call Trace: [ 1249.194838][ C1] [ 1249.194861][ C1] hrtimer_interrupt+0x3e5/0x940 [ 1249.194926][ C1] __sysvec_apic_timer_interrupt+0x10b/0x460 [ 1249.194975][ C1] sysvec_apic_timer_interrupt+0x9e/0xc0 [ 1249.195030][ C1] [ 1249.195040][ C1] [ 1249.195051][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1249.195089][ C1] RIP: 0010:lock_release+0x19e/0x310 [ 1249.195130][ C1] Code: ff 65 0f c1 05 db 02 27 12 83 f8 01 0f 85 28 01 00 00 9c 58 f6 c4 02 0f 85 13 01 00 00 41 f7 c6 00 02 00 00 0f 85 c0 00 00 00 <48> 8b 44 24 10 65 48 2b 05 2d bb 26 12 0f 85 4e 01 00 00 48 83 c4 [ 1249.195163][ C1] RSP: 0000:ffffc90003c6f8c0 EFLAGS: 00000206 [ 1249.195187][ C1] RAX: 0000000000000046 RBX: ffffffff8e7e5560 RCX: ffffc90003c6f8cc [ 1249.195209][ C1] RDX: 0000000000000005 RSI: ffffffff8defb9db RDI: ffffffff8c1c4200 [ 1249.195230][ C1] RBP: ffffffff82816fd9 R08: 0000000000000001 R09: 0000000000000000 [ 1249.195250][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888060055c40 [ 1249.195271][ C1] R13: 0000000000000001 R14: 0000000000000206 R15: 0000000000000006 [ 1249.195294][ C1] ? page_table_check_set+0x179/0x920 [ 1249.195358][ C1] page_table_check_set+0x17e/0x920 [ 1249.195410][ C1] __page_table_check_ptes_set+0x27a/0x4e0 [ 1249.195462][ C1] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 1249.195516][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.195560][ C1] set_pte_range+0x99b/0xbd0 [ 1249.195620][ C1] filemap_map_pages+0x7d8/0x2140 [ 1249.195672][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.195716][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.195763][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 1249.195814][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 1249.195856][ C1] do_fault+0x985/0x1750 [ 1249.195913][ C1] __handle_mm_fault+0x187d/0x2a00 [ 1249.195956][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.195995][ C1] ? reacquire_held_locks+0xce/0x1e0 [ 1249.196037][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 1249.196077][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.196119][ C1] ? lock_vma_under_rcu+0x17c/0x590 [ 1249.196163][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.196211][ C1] handle_mm_fault+0x36d/0xa20 [ 1249.196254][ C1] do_user_addr_fault+0x5a3/0x12f0 [ 1249.196306][ C1] exc_page_fault+0x6f/0xd0 [ 1249.196359][ C1] asm_exc_page_fault+0x26/0x30 [ 1249.196391][ C1] RIP: 0033:0x7fbdafc49289 [ 1249.196416][ C1] Code: ff 49 8b 45 10 48 8b a5 b8 fe ff ff 48 85 c0 0f 84 0b 09 00 00 49 8b 75 00 48 8d 14 30 49 89 55 10 48 85 d2 0f 84 f6 08 00 00 <48> 8b 02 49 8d 4d 40 bf ff ff ff 6f 41 ba 29 00 00 70 48 85 c0 75 [ 1249.196448][ C1] RSP: 002b:00007ffe820b01c0 EFLAGS: 00010202 [ 1249.196472][ C1] RAX: 00000000000c0040 RBX: 0000000000000004 RCX: 00007fbdafc37918 [ 1249.196493][ C1] RDX: 00007fbdafc36040 RSI: 00007fbdafb76000 RDI: 00007fbdafc378d8 [ 1249.196515][ C1] RBP: 00007ffe820b0310 R08: 00007fbdafc37263 R09: 0000000000000003 [ 1249.196536][ C1] R10: 0000000000000812 R11: 00007ffe820b03f8 R12: 00007ffe820b00a0 [ 1249.196556][ C1] R13: 00007fbdafc380c0 R14: 00007ffe820b03b0 R15: 00007fbdafc37918 [ 1249.196591][ C1] [ 1249.197441][ C0] task:kworker/1:3 state:R running task stack:21608 pid:5357 tgid:5357 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 1249.633660][ C0] Workqueue: mld mld_ifc_work [ 1249.638372][ C0] Call Trace: [ 1249.641650][ C0] [ 1249.644586][ C0] __schedule+0x1295/0x67a0 [ 1249.649141][ C0] ? __pfx_br_dev_xmit+0x10/0x10 [ 1249.654114][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.659782][ C0] ? __pfx___schedule+0x10/0x10 [ 1249.664664][ C0] ? netdev_pick_tx+0x614/0xe50 [ 1249.669544][ C0] ? validate_xmit_xfrm+0x44f/0x1360 [ 1249.674859][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.680518][ C0] ? preempt_schedule_thunk+0x16/0x30 [ 1249.685929][ C0] preempt_schedule_common+0x42/0xc0 [ 1249.691259][ C0] preempt_schedule_thunk+0x16/0x30 [ 1249.696513][ C0] ? __dev_queue_xmit+0x9ef/0x4950 [ 1249.701660][ C0] __local_bh_enable_ip+0xff/0x120 [ 1249.706799][ C0] ? __dev_queue_xmit+0x9ef/0x4950 [ 1249.711946][ C0] __dev_queue_xmit+0xa04/0x4950 [ 1249.716928][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.722582][ C0] ? ip6mr_fib_lookup+0x133/0x1a0 [ 1249.727649][ C0] ? __pfx___dev_queue_xmit+0x10/0x10 [ 1249.733060][ C0] ? __entry_text_end+0x1020b5/0x1020b9 [ 1249.738630][ C0] ? __lock_acquire+0x4a5/0x2630 [ 1249.743594][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.749247][ C0] ? __lock_acquire+0x4a5/0x2630 [ 1249.754210][ C0] ? irqentry_exit+0x24d/0x7e0 [ 1249.758989][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.764649][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 1249.769885][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.775540][ C0] ? irqentry_exit+0x24d/0x7e0 [ 1249.780315][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.785977][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.791633][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.797293][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.802956][ C0] ip6_finish_output2+0xfd4/0x1ce0 [ 1249.808099][ C0] __ip6_finish_output+0x357/0xdf0 [ 1249.813256][ C0] ip6_output+0x2aa/0xa60 [ 1249.817604][ C0] ? __pfx_ip6_output+0x10/0x10 [ 1249.822470][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.828145][ C0] ? __pfx_ip6_finish_output+0x10/0x10 [ 1249.833619][ C0] ? NF_HOOK.constprop.0+0x277/0x5a0 [ 1249.838922][ C0] ? NF_HOOK.constprop.0+0x277/0x5a0 [ 1249.844224][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.849884][ C0] ? __pfx_ip6_output+0x10/0x10 [ 1249.854751][ C0] NF_HOOK.constprop.0+0x115/0x5a0 [ 1249.859884][ C0] ? __pfx_NF_HOOK.constprop.0+0x10/0x10 [ 1249.865536][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.871196][ C0] ? __local_bh_enable_ip+0x9e/0x120 [ 1249.876528][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.882191][ C0] mld_sendpack+0x8f7/0xec0 [ 1249.886727][ C0] ? __pfx_mld_sendpack+0x10/0x10 [ 1249.891794][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.897459][ C0] mld_ifc_work+0x75a/0xc10 [ 1249.901997][ C0] process_one_work+0xa0e/0x1980 [ 1249.906980][ C0] ? __pfx_process_one_work+0x10/0x10 [ 1249.912376][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.918047][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.923717][ C0] worker_thread+0x5ef/0xe50 [ 1249.928350][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1249.933493][ C0] ? kthread+0x13a/0x450 [ 1249.937778][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1249.942915][ C0] kthread+0x370/0x450 [ 1249.947009][ C0] ? __pfx_kthread+0x10/0x10 [ 1249.951624][ C0] ret_from_fork+0x72b/0xd50 [ 1249.956243][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 1249.961381][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1249.967040][ C0] ? __switch_to+0x800/0x1100 [ 1249.971751][ C0] ? __switch_to_asm+0x39/0x70 [ 1249.976548][ C0] ? __pfx_kthread+0x10/0x10 [ 1249.981164][ C0] ret_from_fork_asm+0x1a/0x30 [ 1249.985980][ C0] [ 1249.989002][ C0] rcu: rcu_preempt kthread starved for 10498 jiffies! g100825 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 1250.000300][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1250.010279][ C0] rcu: RCU grace-period kthread stack dump: [ 1250.016166][ C0] task:rcu_preempt state:R running task stack:27992 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 1250.029733][ C0] Call Trace: [ 1250.033012][ C0] [ 1250.035950][ C0] __schedule+0x1295/0x67a0 [ 1250.040494][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.046178][ C0] ? __pfx___schedule+0x10/0x10 [ 1250.051059][ C0] ? find_held_lock+0x2b/0x80 [ 1250.055777][ C0] ? schedule+0x2bf/0x390 [ 1250.060141][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.065810][ C0] schedule+0xdd/0x390 [ 1250.069920][ C0] schedule_timeout+0x127/0x280 [ 1250.074807][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 1250.080207][ C0] ? __pfx_process_timeout+0x10/0x10 [ 1250.085538][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.091193][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1250.097034][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.102689][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 1250.108180][ C0] rcu_gp_fqs_loop+0x1a9/0x900 [ 1250.112965][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.118623][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 1250.123931][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.129590][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 1250.134555][ C0] ? __pfx_rcu_gp_cleanup+0x10/0x10 [ 1250.139776][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1250.145626][ C0] rcu_gp_kthread+0x179/0x230 [ 1250.150323][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1250.155542][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1250.161394][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.167062][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.172730][ C0] ? __kthread_parkme+0x18c/0x230 [ 1250.177805][ C0] ? kthread+0x13a/0x450 [ 1250.182063][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1250.187290][ C0] kthread+0x370/0x450 [ 1250.191381][ C0] ? __pfx_kthread+0x10/0x10 [ 1250.195994][ C0] ret_from_fork+0x72b/0xd50 [ 1250.200610][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 1250.205748][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.211408][ C0] ? __switch_to+0x800/0x1100 [ 1250.216119][ C0] ? __switch_to_asm+0x39/0x70 [ 1250.220915][ C0] ? __pfx_kthread+0x10/0x10 [ 1250.225527][ C0] ret_from_fork_asm+0x1a/0x30 [ 1250.230343][ C0] [ 1250.233364][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 1250.239685][ C0] CPU: 0 UID: 0 PID: 15528 Comm: modprobe Not tainted syzkaller #0 PREEMPT(full) [ 1250.248894][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1250.258954][ C0] RIP: 0010:smp_call_function_many_cond+0x5ad/0x1700 [ 1250.265659][ C0] Code: 29 83 0c 00 f3 90 41 0f b6 45 00 41 38 c4 7c 08 84 c0 0f 85 63 0f 00 00 8b 45 08 31 ff 83 e0 01 41 89 c6 89 c6 e8 b3 7d 0c 00 <45> 85 f6 75 d0 e8 f9 82 0c 00 e8 f4 82 0c 00 83 c3 01 bf 07 00 00 [ 1250.285289][ C0] RSP: 0018:ffffc900044478a8 EFLAGS: 00000293 [ 1250.291376][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81fc0add [ 1250.299354][ C0] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88807afd8000 [ 1250.307330][ C0] RBP: ffff8880b8541080 R08: 0000000000000005 R09: 0000000000000000 [ 1250.315312][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003 [ 1250.323293][ C0] R13: ffffed10170a8211 R14: 0000000000000001 R15: ffff8880b843c700 [ 1250.331282][ C0] FS: 0000000000000000(0000) GS:ffff88812436d000(0000) knlGS:0000000000000000 [ 1250.340224][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1250.346817][ C0] CR2: 00007efd885f2e9c CR3: 000000000e596000 CR4: 0000000000350ef0 [ 1250.354801][ C0] Call Trace: [ 1250.358083][ C0] [ 1250.361028][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 1250.366257][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.371916][ C0] ? free_pgd_range+0x2a0/0x10d0 [ 1250.376891][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 1250.383254][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.388911][ C0] ? rcu_is_watching+0x12/0xc0 [ 1250.393709][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 1250.398929][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 1250.404068][ C0] flush_tlb_mm_range+0x45f/0x16f0 [ 1250.409216][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 1250.414359][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.420020][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 1250.425598][ C0] tlb_finish_mmu+0x3fe/0x810 [ 1250.430300][ C0] exit_mmap+0x454/0xa10 [ 1250.434562][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 1250.439338][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.444991][ C0] ? trace_contention_end+0x122/0x170 [ 1250.450397][ C0] ? uprobe_clear_state+0x5f/0x260 [ 1250.455533][ C0] ? uprobe_clear_state+0x5f/0x260 [ 1250.460665][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.466332][ C0] ? __lock_acquire+0x4a5/0x2630 [ 1250.471309][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.476967][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 1250.482636][ C0] __mmput+0x12a/0x410 [ 1250.486735][ C0] mmput+0x67/0x80 [ 1250.490483][ C0] do_exit+0x8b2/0x2af0 [ 1250.494657][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.500314][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.505971][ C0] ? __pfx_do_exit+0x10/0x10 [ 1250.510572][ C0] ? do_group_exit+0x1bd/0x2a0 [ 1250.515350][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.521005][ C0] ? rcu_is_watching+0x12/0xc0 [ 1250.525799][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1250.531462][ C0] do_group_exit+0xd5/0x2a0 [ 1250.535985][ C0] __x64_sys_exit_group+0x3e/0x50 [ 1250.541024][ C0] x64_sys_call+0x102c/0x1530 [ 1250.545730][ C0] do_syscall_64+0x10b/0xf80 [ 1250.550343][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1250.556255][ C0] RIP: 0033:0x7efd887516c5 [ 1250.560678][ C0] Code: Unable to access opcode bytes at 0x7efd8875169b. [ 1250.567694][ C0] RSP: 002b:00007ffc8e56cde8 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 [ 1250.576125][ C0] RAX: ffffffffffffffda RBX: 00007efd88852fe8 RCX: 00007efd887516c5 [ 1250.584115][ C0] RDX: 00000000000000e7 RSI: ffffffffffffff88 RDI: 0000000000000001 [ 1250.592098][ C0] RBP: 0000000000000001 R08: 00007ffc8e56cd78 R09: 0000000000000000 [ 1250.600083][ C0] R10: 00007ffc8e56cc10 R11: 0000000000000206 R12: 0000000000000000 [ 1250.608066][ C0] R13: 0000000000000001 R14: 00007efd88851680 R15: 00007efd88853000 [ 1250.616085][ C0] [ 1387.917257][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [modprobe:15528] [ 1387.917292][ C0] Modules linked in: [ 1387.917309][ C0] irq event stamp: 889920 [ 1387.917321][ C0] hardirqs last enabled at (889919): [] irqentry_exit+0x24d/0x7e0 [ 1387.917367][ C0] hardirqs last disabled at (889920): [] sysvec_apic_timer_interrupt+0xe/0xc0 [ 1387.917432][ C0] softirqs last enabled at (889918): [] __irq_exit_rcu+0x162/0x210 [ 1387.917491][ C0] softirqs last disabled at (889833): [] __irq_exit_rcu+0x162/0x210 [ 1387.917559][ C0] CPU: 0 UID: 0 PID: 15528 Comm: modprobe Not tainted syzkaller #0 PREEMPT(full) [ 1387.917601][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1387.917622][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xb/0x70 [ 1387.917664][ C0] Code: 60 00 be 03 00 00 00 5b e9 12 d5 ef 02 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 8b 05 45 a2 02 12 <48> 8b 34 24 65 48 8b 15 21 a2 02 12 a9 00 01 ff 00 74 1b f6 c4 01 [ 1387.917699][ C0] RSP: 0018:ffffc900044478a0 EFLAGS: 00000202 [ 1387.917726][ C0] RAX: 0000000000000002 RBX: 0000000000000001 RCX: ffffffff81fc0add [ 1387.917749][ C0] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88807afd8000 [ 1387.917772][ C0] RBP: ffff8880b8541080 R08: 0000000000000005 R09: 0000000000000000 [ 1387.917794][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003 [ 1387.917816][ C0] R13: ffffed10170a8211 R14: 0000000000000001 R15: ffff8880b843c700 [ 1387.917843][ C0] FS: 0000000000000000(0000) GS:ffff88812436d000(0000) knlGS:0000000000000000 [ 1387.917873][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1387.917897][ C0] CR2: 00007efd885f2e9c CR3: 000000000e596000 CR4: 0000000000350ef0 [ 1387.917921][ C0] Call Trace: [ 1387.917931][ C0] [ 1387.917943][ C0] smp_call_function_many_cond+0x587/0x1700 [ 1387.917991][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 1387.918041][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.918086][ C0] ? free_pgd_range+0x2a0/0x10d0 [ 1387.918140][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 1387.918196][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.918239][ C0] ? rcu_is_watching+0x12/0xc0 [ 1387.918295][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 1387.918339][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 1387.918384][ C0] flush_tlb_mm_range+0x45f/0x16f0 [ 1387.918434][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 1387.918492][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.918545][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 1387.918598][ C0] tlb_finish_mmu+0x3fe/0x810 [ 1387.918644][ C0] exit_mmap+0x454/0xa10 [ 1387.918681][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 1387.918713][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.918757][ C0] ? trace_contention_end+0x122/0x170 [ 1387.918812][ C0] ? uprobe_clear_state+0x5f/0x260 [ 1387.918859][ C0] ? uprobe_clear_state+0x5f/0x260 [ 1387.918903][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.918960][ C0] ? __lock_acquire+0x4a5/0x2630 [ 1387.919021][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.919065][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 1387.919121][ C0] __mmput+0x12a/0x410 [ 1387.919173][ C0] mmput+0x67/0x80 [ 1387.919223][ C0] do_exit+0x8b2/0x2af0 [ 1387.919260][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.919303][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.919350][ C0] ? __pfx_do_exit+0x10/0x10 [ 1387.919381][ C0] ? do_group_exit+0x1bd/0x2a0 [ 1387.919417][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.919461][ C0] ? rcu_is_watching+0x12/0xc0 [ 1387.919516][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1387.919568][ C0] do_group_exit+0xd5/0x2a0 [ 1387.919608][ C0] __x64_sys_exit_group+0x3e/0x50 [ 1387.919645][ C0] x64_sys_call+0x102c/0x1530 [ 1387.919694][ C0] do_syscall_64+0x10b/0xf80 [ 1387.919734][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1387.919771][ C0] RIP: 0033:0x7efd887516c5 [ 1387.919798][ C0] Code: Unable to access opcode bytes at 0x7efd8875169b. [ 1387.919815][ C0] RSP: 002b:00007ffc8e56cde8 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 [ 1387.919847][ C0] RAX: ffffffffffffffda RBX: 00007efd88852fe8 RCX: 00007efd887516c5 [ 1387.919871][ C0] RDX: 00000000000000e7 RSI: ffffffffffffff88 RDI: 0000000000000001 [ 1387.919894][ C0] RBP: 0000000000000001 R08: 00007ffc8e56cd78 R09: 0000000000000000 [ 1387.919917][ C0] R10: 00007ffc8e56cc10 R11: 0000000000000206 R12: 0000000000000000 [ 1387.919939][ C0] R13: 0000000000000001 R14: 00007efd88851680 R15: 00007efd88853000 [ 1387.919986][ C0] [ 1387.919999][ C0] Sending NMI from CPU 0 to CPUs 1: [ 1388.362057][ C1] NMI backtrace for cpu 1 [ 1388.362081][ C1] CPU: 1 UID: 0 PID: 15530 Comm: dhcpcd-run-hook Not tainted syzkaller #0 PREEMPT(full) [ 1388.362119][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1388.362139][ C1] RIP: 0010:check_preemption_disabled+0x1a/0xe0 [ 1388.362184][ C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 55 53 48 83 ec 08 65 8b 1d 15 68 81 08 65 f7 05 06 68 81 08 ff ff ff 7f <74> 0f 48 83 c4 08 89 d8 5b 5d 41 5c e9 d0 78 86 f5 9c 58 f6 c4 02 [ 1388.362217][ C1] RSP: 0000:ffffc90000a08cd0 EFLAGS: 00000006 [ 1388.362242][ C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 0000000000000000 [ 1388.362262][ C1] RDX: 0000000000000000 RSI: ffffffff8c1c4180 RDI: ffffffff8c1c41c0 [ 1388.362284][ C1] RBP: ffffffff9b35bea8 R08: 0000000000000001 R09: 0000000000000000 [ 1388.362304][ C1] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000 [ 1388.362324][ C1] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000 [ 1388.362348][ C1] FS: 0000000000000000(0000) GS:ffff88812446d000(0000) knlGS:0000000000000000 [ 1388.362377][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1388.362398][ C1] CR2: 00007fbdafc36040 CR3: 00000000559bd000 CR4: 0000000000350ef0 [ 1388.362419][ C1] Call Trace: [ 1388.362432][ C1] [ 1388.362448][ C1] rcu_is_watching+0x12/0xc0 [ 1388.362500][ C1] lock_acquire+0x2f9/0x370 [ 1388.362538][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.362579][ C1] ? do_raw_spin_unlock+0x145/0x1e0 [ 1388.362627][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.362671][ C1] _raw_spin_lock_irqsave+0x3a/0x60 [ 1388.362719][ C1] ? debug_object_deactivate+0x135/0x3b0 [ 1388.362774][ C1] debug_object_deactivate+0x135/0x3b0 [ 1388.362829][ C1] ? __pfx_debug_object_deactivate+0x10/0x10 [ 1388.362887][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.362927][ C1] ? timerqueue_linked_add+0x260/0x430 [ 1388.362966][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.363016][ C1] __hrtimer_run_queues+0x2f0/0xa00 [ 1388.363077][ C1] hrtimer_interrupt+0x3e5/0x940 [ 1388.363141][ C1] __sysvec_apic_timer_interrupt+0x10b/0x460 [ 1388.363189][ C1] sysvec_apic_timer_interrupt+0x9e/0xc0 [ 1388.363241][ C1] [ 1388.363251][ C1] [ 1388.363263][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1388.363299][ C1] RIP: 0010:lock_release+0x19e/0x310 [ 1388.363339][ C1] Code: ff 65 0f c1 05 db 02 27 12 83 f8 01 0f 85 28 01 00 00 9c 58 f6 c4 02 0f 85 13 01 00 00 41 f7 c6 00 02 00 00 0f 85 c0 00 00 00 <48> 8b 44 24 10 65 48 2b 05 2d bb 26 12 0f 85 4e 01 00 00 48 83 c4 [ 1388.363371][ C1] RSP: 0000:ffffc90003c6f8c0 EFLAGS: 00000206 [ 1388.363395][ C1] RAX: 0000000000000046 RBX: ffffffff8e7e5560 RCX: ffffc90003c6f8cc [ 1388.363417][ C1] RDX: 0000000000000005 RSI: ffffffff8defb9db RDI: ffffffff8c1c4200 [ 1388.363437][ C1] RBP: ffffffff82816fd9 R08: 0000000000000001 R09: 0000000000000000 [ 1388.363457][ C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888060055c40 [ 1388.363478][ C1] R13: 0000000000000001 R14: 0000000000000206 R15: 0000000000000006 [ 1388.363500][ C1] ? page_table_check_set+0x179/0x920 [ 1388.363564][ C1] page_table_check_set+0x17e/0x920 [ 1388.363616][ C1] __page_table_check_ptes_set+0x27a/0x4e0 [ 1388.363668][ C1] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 1388.363722][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.363766][ C1] set_pte_range+0x99b/0xbd0 [ 1388.363826][ C1] filemap_map_pages+0x7d8/0x2140 [ 1388.363875][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.363917][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.363964][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 1388.364023][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 1388.364065][ C1] do_fault+0x985/0x1750 [ 1388.364122][ C1] __handle_mm_fault+0x187d/0x2a00 [ 1388.364165][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.364204][ C1] ? reacquire_held_locks+0xce/0x1e0 [ 1388.364246][ C1] ? __pfx___handle_mm_fault+0x10/0x10 [ 1388.364285][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.364327][ C1] ? lock_vma_under_rcu+0x17c/0x590 [ 1388.364372][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.364420][ C1] handle_mm_fault+0x36d/0xa20 [ 1388.364462][ C1] do_user_addr_fault+0x5a3/0x12f0 [ 1388.364515][ C1] exc_page_fault+0x6f/0xd0 [ 1388.364568][ C1] asm_exc_page_fault+0x26/0x30 [ 1388.364599][ C1] RIP: 0033:0x7fbdafc49289 [ 1388.364625][ C1] Code: ff 49 8b 45 10 48 8b a5 b8 fe ff ff 48 85 c0 0f 84 0b 09 00 00 49 8b 75 00 48 8d 14 30 49 89 55 10 48 85 d2 0f 84 f6 08 00 00 <48> 8b 02 49 8d 4d 40 bf ff ff ff 6f 41 ba 29 00 00 70 48 85 c0 75 [ 1388.364657][ C1] RSP: 002b:00007ffe820b01c0 EFLAGS: 00010202 [ 1388.364681][ C1] RAX: 00000000000c0040 RBX: 0000000000000004 RCX: 00007fbdafc37918 [ 1388.364702][ C1] RDX: 00007fbdafc36040 RSI: 00007fbdafb76000 RDI: 00007fbdafc378d8 [ 1388.364724][ C1] RBP: 00007ffe820b0310 R08: 00007fbdafc37263 R09: 0000000000000003 [ 1388.364744][ C1] R10: 0000000000000812 R11: 00007ffe820b03f8 R12: 00007ffe820b00a0 [ 1388.364765][ C1] R13: 00007fbdafc380c0 R14: 00007ffe820b03b0 R15: 00007fbdafc37918 [ 1388.364801][ C1] [ 1388.852086][ C0] Kernel panic - not syncing: softlockup: hung tasks [ 1388.858768][ C0] CPU: 0 UID: 0 PID: 15528 Comm: modprobe Tainted: G L syzkaller #0 PREEMPT(full) [ 1388.869561][ C0] Tainted: [L]=SOFTLOCKUP [ 1388.873888][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1388.883949][ C0] Call Trace: [ 1388.887227][ C0] [ 1388.890071][ C0] dump_stack_lvl+0x100/0x190 [ 1388.894772][ C0] vpanic+0x552/0x970 [ 1388.898771][ C0] ? __pfx_vpanic+0x10/0x10 [ 1388.903287][ C0] ? __entry_text_end+0x1020b5/0x1020b9 [ 1388.908858][ C0] ? do_raw_spin_unlock+0x145/0x1e0 [ 1388.914094][ C0] panic+0xd1/0xe0 [ 1388.917837][ C0] ? __pfx_panic+0x10/0x10 [ 1388.922274][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.927935][ C0] ? __pfx_printk_trigger_flush+0x10/0x10 [ 1388.933700][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1388.939355][ C0] ? wq_watchdog_touch+0xec/0x1a0 [ 1388.944399][ C0] ? watchdog_timer_fn.cold+0x5/0x25 [ 1388.949704][ C0] ? watchdog_timer_fn+0x702/0x7a0 [ 1388.954842][ C0] watchdog_timer_fn.cold+0x16/0x25 [ 1388.960063][ C0] ? __pfx_watchdog_timer_fn+0x10/0x10 [ 1388.965548][ C0] __hrtimer_run_queues+0x142/0xa00 [ 1388.970798][ C0] hrtimer_interrupt+0x3e5/0x940 [ 1388.975790][ C0] __sysvec_apic_timer_interrupt+0x10b/0x460 [ 1388.981801][ C0] sysvec_apic_timer_interrupt+0x9e/0xc0 [ 1388.987470][ C0] [ 1388.990418][ C0] [ 1388.993366][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1388.999377][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xb/0x70 [ 1389.005470][ C0] Code: 60 00 be 03 00 00 00 5b e9 12 d5 ef 02 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 8b 05 45 a2 02 12 <48> 8b 34 24 65 48 8b 15 21 a2 02 12 a9 00 01 ff 00 74 1b f6 c4 01 [ 1389.025099][ C0] RSP: 0018:ffffc900044478a0 EFLAGS: 00000202 [ 1389.031188][ C0] RAX: 0000000000000002 RBX: 0000000000000001 RCX: ffffffff81fc0add [ 1389.039165][ C0] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88807afd8000 [ 1389.047139][ C0] RBP: ffff8880b8541080 R08: 0000000000000005 R09: 0000000000000000 [ 1389.055115][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000003 [ 1389.063094][ C0] R13: ffffed10170a8211 R14: 0000000000000001 R15: ffff8880b843c700 [ 1389.071087][ C0] ? smp_call_function_many_cond+0x5ad/0x1700 [ 1389.077190][ C0] smp_call_function_many_cond+0x587/0x1700 [ 1389.083111][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 1389.088345][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.093999][ C0] ? free_pgd_range+0x2a0/0x10d0 [ 1389.098971][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 1389.105333][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.110989][ C0] ? rcu_is_watching+0x12/0xc0 [ 1389.115785][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 1389.121006][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 1389.126140][ C0] flush_tlb_mm_range+0x45f/0x16f0 [ 1389.131279][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 1389.136424][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.142077][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 1389.147656][ C0] tlb_finish_mmu+0x3fe/0x810 [ 1389.152356][ C0] exit_mmap+0x454/0xa10 [ 1389.156612][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 1389.161472][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.167124][ C0] ? trace_contention_end+0x122/0x170 [ 1389.172528][ C0] ? uprobe_clear_state+0x5f/0x260 [ 1389.177667][ C0] ? uprobe_clear_state+0x5f/0x260 [ 1389.182810][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.188482][ C0] ? __lock_acquire+0x4a5/0x2630 [ 1389.193459][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.199113][ C0] ? arch_uprobe_clear_state+0x107/0x150 [ 1389.204780][ C0] __mmput+0x12a/0x410 [ 1389.208882][ C0] mmput+0x67/0x80 [ 1389.212642][ C0] do_exit+0x8b2/0x2af0 [ 1389.216817][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.222473][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.228126][ C0] ? __pfx_do_exit+0x10/0x10 [ 1389.232724][ C0] ? do_group_exit+0x1bd/0x2a0 [ 1389.237499][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.243152][ C0] ? rcu_is_watching+0x12/0xc0 [ 1389.247943][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1389.253609][ C0] do_group_exit+0xd5/0x2a0 [ 1389.258131][ C0] __x64_sys_exit_group+0x3e/0x50 [ 1389.263168][ C0] x64_sys_call+0x102c/0x1530 [ 1389.267871][ C0] do_syscall_64+0x10b/0xf80 [ 1389.272482][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1389.278388][ C0] RIP: 0033:0x7efd887516c5 [ 1389.282806][ C0] Code: Unable to access opcode bytes at 0x7efd8875169b. [ 1389.289821][ C0] RSP: 002b:00007ffc8e56cde8 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 [ 1389.298248][ C0] RAX: ffffffffffffffda RBX: 00007efd88852fe8 RCX: 00007efd887516c5 [ 1389.306223][ C0] RDX: 00000000000000e7 RSI: ffffffffffffff88 RDI: 0000000000000001 [ 1389.314198][ C0] RBP: 0000000000000001 R08: 00007ffc8e56cd78 R09: 0000000000000000 [ 1389.322172][ C0] R10: 00007ffc8e56cc10 R11: 0000000000000206 R12: 0000000000000000 [ 1389.330145][ C0] R13: 0000000000000001 R14: 00007efd88851680 R15: 00007efd88853000 [ 1389.338145][ C0] [ 1390.511153][ C0] Shutting down cpus with NMI [ 1390.516233][ C0] Kernel Offset: disabled [ 1390.520555][ C0] Rebooting in 86400 seconds..