last executing test programs: 10.144220697s ago: executing program 0 (id=1617): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000b, 0x11, r2, 0x0) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) openat$kvm(0xffffff9c, &(0x7f0000000040), 0x1a17f2, 0x1f01) r3 = eventfd2(0x0, 0x0) close(r3) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x88c80, 0x0) r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, r4, 0x2000004, 0x2011, r3, 0x0) r5 = eventfd2(0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000008000/0x3000)=nil, 0x930, 0x2000004, 0x2011, r5, 0x0) 9.517748439s ago: executing program 0 (id=1618): io_setup(0x8, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='net/mcfilter\x00') socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) sendmmsg$sock(r2, &(0x7f00000044c0), 0x4000000000001c0, 0x0) 7.350980494s ago: executing program 2 (id=1621): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="7800000000010104000000000000000002000000240001801400018008000100ac1e000108000200e00000010c0002800500010000000000240002800c000280050001000000000014000180080001000000000008000200e00000020800074000af3fe27e59a50000"], 0x78}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@gettaction={0x14, 0x5a, 0xc6b747b6bf1c6b95, 0x4000}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4800) bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) pipe(0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000140), 0x1, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000005c0)={0x1, @pix_mp={0x8de, 0x9, 0x36314752, 0x6, 0x3, [{0x1fb, 0x6}, {0xc00}, {0x7, 0x5de3}, {0x11, 0x9}, {0x9, 0x4000069a}, {0x7, 0x3}, {0x9, 0xa}, {0x4, 0x80000017}], 0x7b, 0x3, 0x7, 0x1, 0x4}}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r5 = socket$inet6(0xa, 0x805, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r6, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) getsockopt$bt_hci(r5, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_freezer_state(r8, &(0x7f00000000c0), 0x2, 0x0) r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r9, &(0x7f0000000180), 0x12) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x7, 0x1000, &(0x7f0000000240)=""/4096}, 0x94) socket$kcm(0x2, 0xa, 0x2) 7.350030974s ago: executing program 3 (id=1622): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) 6.955559238s ago: executing program 3 (id=1623): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10000, &(0x7f0000000080)={[{@quota}, {@delalloc}, {@acl}, {@journal_dev={'journal_dev', 0x3d, 0x11}}, {@usrjquota}, {@bsdgroups}]}, 0x1, 0x50a, &(0x7f0000001f40)="$eJzs3M9vVNUeAPDvnXZoC49HH49HQh/vvQLP2JjYQkFh4QYTExeaGHEhy6YdSGUAQ7sQ0siQGFyTuDcujTtN3OrSuPIPwIULE0NClA1gYjLmztw7nc6PzrTW1rafTzJwzp17z7nfuefMnHtP7w1g1xpP/0ki/hYR9yPiQD27coXx+n9PHi3NPn20NBuVavXCz0ltvcdpPpNvty/LTBQiCh8kLQXWLdy8dWWmXC7diEotP7V49d2phZu3np+/OnO5dLl0bfrcuTOnT519cfqFFWVHxHDPoDrUl8b1eOz960ePvHrx3uuzg62FNcfRVb7VL5Weq0b+2XbxTHN5O8D+pnTSHtftTd0Z+jacNcNi2v+XyscvbvUOAZumWq1Wh7q/Xam2utO2BNi2ktjqPQC2Rv5Dn57/5q/6kuJmDD+23MPz9ROgx4+WqrdjcPZJI/7BKGTrFFvOb1OrjJnWZDwi3q78+nH6itWuQ/ywQRUCALve1+ezYWASLeO/QhxuWu/v2RzKaET8IyIORsQ/I+JQRPwrYsW6KyQR1VXqP9S6oFH/F9ksQuHBemPrRzr+eymb28pfWb35KqMDWW5/RD5gLp3MPpOJKA5dmi+XTnUpf0+P+pvHf+krrT8fC2b78WCwZbA5N7M4s75o2z28EzE22Bp/MpgeuHwaJ4mIIxExtoZyR5vS8899erSRaTmt6B1/TbXDlN6GzJ9VP4l4tn78K9GIf2TFJGLSPD9ZaJufnBqOcunkVNoKTnbcyW+/u/tGt/p7xv/lj62bvHL2qwt/PPBMevz3NrX/yOdvl+MfTSKSxnztQkR1YG113P3+w1q54yfa31tv+9+TvFVL5/3rvZnFxRunIvYkr7Uvn17eNs/n66fxT5zo3P8PZtukn8S/IyJtxP+JiP9GDOT7fiwijkdEh9Aavnn5/+90e6/P9v+nSeOf6/j9l2TtoHb8l+fr+0zk5adLBq4cu/90rPPEfRb/gdWP/5laaiJb0vn7L1nxFdHvnm7ARwgAAAB/eYWo/e1/YbKRLhQmJ+vXgA7F3kL5+sLi/yLi2lz9HoHRKBYuzZdL+QW50Sgm+fXP0ab8dEv+dHbd+KOBkVp+cvZ6eW6rg4ddbl+tzydt/T/10xqv8wLb0A66Dw1Yo179//C9TdoRYNP5/Yfdq6n/d3uyRcVfysDO5Pcfdq9O/f92fLbqvQu+M2D7q+rLsKut3v97P28T2L4G481Gunbbc8e7bYGdqPvvvzMD2MF63yQ/tOZ7/5cT1aHObw1HhycGDK+rip6JkQ51bUkiHVltYIHFiOhv5ZH1VJEPAbs/4aGwtgKHov2tgVhtq6TzcxwiotJ1q/RT6bk/lw/32/hLN5Kn9Qdl9ggwfybKRjebz5f7abHPw90l8Vu/zc/5PgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsKP8HgAA//87jdA6") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) quotactl$Q_QUOTAON(0xffffffff80000202, 0x0, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 6.915980629s ago: executing program 0 (id=1625): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket(0x400000000010, 0x3, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9968fe8", 0x60}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec489820505cea6045a9939974c6f2ee3815378dc0a620982383e84178b017ba52b", 0xc3}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c617c69458d721eb85d0e5372751cd23cc88571f540aa75255a73b8c9cdc2e75edf622add4302f913d9", 0xb2}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{&(0x7f0000001300)="e24fc801dffdf37981a92f7f4005844301258a0ec141f1ec014bd9d03d1db52a75dfb8e04daddc3fac31adda350235262d9e1b8e20d406b97372033032d7623ff84bbf544a91c12eb644b323e9653fd76852c025e718cc91d9e9e274a7ed2dc15d8efec8d11a7983cdc8f3c39dbf764fc28873b760c435743929653c359ee706dcf2658403b25fbf3382f179562dc64883887ead6a916ef430ee4f67e21a3f01a3a35627bfb2f6ba204da0280c9f2fb5443879616a431884af82606286c4760a9ef4aa264e0000137f28dbe594332062120a76b565165987eef46c1d523f0fba98cd51f14537e313952f76574e3137aa1b41ae8e16f4087ddbaa7de98ca609a1b01b64ab10613204e4d18f376138fe7735ffb2fa09843922ce5a365e1e84286f09c432e0f521be13182256dcf534e03efb1735e55a8dce53e32ac669207d21e3b79414a8e61204f7c4173f2381e4c5e6cce12f6bae60d5bff199d5da50e40f87efbcec332173caba740a1b12c915bccf04940399b9a72a7dca4b8c7d46a2c444f6c7e30cf1f811a4a31cabb9b512a949105e2aa4081a3d613ad9ae4cf209d684e4b27c204bc5a395da552b8638df42d4c3522b64eaf11c988fce5634757ed41b39c338aea3ed2171e86fd34cde22dc3519edd2108641f3c3d4ca2016524b8f7d67e80ef5474d0a4a157eca9e5c0c5fcd7f459f64e91effe3bbcdcf9aba5704952cf0b82b1b0d4533a9c7ddc914bc7dfd8eea591be5806408191e3cca1cd6101f575b7c7206cd219b9f379fc3d03c3c867e5c36a8fcc75e86988a1897876b5a3bb2b3e102a742ebaeb50e08096c1990fa8d8755c187f86213f3cfc322f7997da73594e30f68a1da5768201916dfd52711ad79caae751260cc054dda58307f4031aebc75514795e6d7ae7725c27f7bc8f1e2115603e1f8b18517a74ddd901752a194cfb37535c949f4a5eefc98b231e03fd7a5d7643817567c7fbdcad37365a1a063c11bfd7e6474e9608391f3f3ebcd97a3ad7a9873d8615a9a4dac09ebc528b9277f71d5c2e6012645c643764319941206e6957987b5423b3864e6acb89c0e0371d66c5e16dfd920305cf5dc39ea0d48cea652236f3492f5b60a2a648e8ac61bf13811a81be593e430f504d0fe3d38222acd10e188605410900c55f203e0f6d553cf4e7cdfdfdbf4b60ee166c8be15757c6042f7f7b0c0c75932f795b075ba4116f1336622bafc47e58206255af610b3a7e88fed94a1c4a8b29e7e379b084431d5e059c0d0342678ef5b2ad08d10be3b48e4a1d0de16e8ca0175e1453fa15f8086f7b93d15e5f0769d56cbcec255fd1e82c43a61d50b893a8e7bc84c7cc1b9cffbc4d8f8d703d1ca879acf93e82f35a534665bd5a5a9e13e35ed00d796b830c45f87ba6c90857d05774506611c940e391752237af000473cfff41236801a9e78c48206e03e2a4b1c9164eb1f8cfb71d1559d3b5650327868ef87906b5a0e05470b0655f51090a57a65895608866ac0e008c44898ea0fa968ae510b561b8ebb9f0a38c2572f93aa6a8f5aaab1ff62ad761af234379adfc397c186a99bbecd534266358c5e053de4698e37fb0c512d72492c6f0d18e686c21665224d23fb6b15670e235a96bab63d63df51624f73d78fc38e0c8956882ebbbe0207f3b13be74b70ef29e64912cac49dd90a7f4d5fd09bec08dcb8413578f9e4456079c3673ffd33b366d4a203af63f25ba792a722a4d36749c6724e0b37cfd71761f3ff122861e362aab7a26a8c8090b65ab080535fa912d5b58a9b65410b94acc42396796e35a308cac7594439f4ed2afc8cc4676159751d9ce63ff894a7cad95b375f852d9bd493719ab9bac41cd9ec817b835628a6a9f4869fc9ce72ea3fc7119341ceaf23e85f7a990b7eeb35ef2ef2c84f6fafa0c186a0b2490c72cfe2ce7607634e0d651e4c87514a177300f4f3b762e386cc1522e9b859fb9297329a73b89b8a97184864823d1829fe7a6bf30c69f24b61338e3f341e05e3f70ec6cd6f3544652f69ade293dc896836632271cde36ebb6f515dc8d13121def9d2911ed0d19f2fc31a12b1de3b43dbfb32c0df664c85d4b978f3a41b43546844c8581590dade2db066d5a948a386438232b0be334232800fd164aac8047a96b85356820597a0ef21b2df300a8ef2a08155b7a8eb7793e5ec768db868432c9d65cd748369f24909862131553af695be43c95f2e65a9ef1f8fbad3d03bee4640639c0351c6ed58113b86ec0530aff32f4e4b786285ce72afd6dce83b3a82f58a0bc62735e3402848690d2865438c81f174588e6046ba95935ec0dfbbbb87dda17d8fdcf07b8322bdf18b1421293ead6a8b38119724c9c122f457f85129cbd50338a7e3194418c00ed91cd39878f7753477a17856281ae743c8dcdfc7d5c7142348f9fae4f7767f2c89c394c3fd5d8f261bde3b2055ccddf05c36643e21ec542a62be492501b470813fcedf01c876da0e1e822c3867f32951053f2963b5d1f90e713df0b2c526f36e685b4153d4ae4e8c607df1308c84e500c0bd9fe80dc3cf28187a39fd09643afb25eaa9411f3ce6304dc8bfd02afc9a6bad59887a1cad44a1f613a0779059a90248f09e357af291b1cce42cb9ac766dac70e599c1bbba4a58715adf2426a865eb1e0b80f10602db39c400b45131700490a9c38345022acc79851c2368bc7d191bc1f995722c564198669a68c971f60779e6983508a7c8077cdc7677d9a8b70b8fd1183f57cbc2d653ef6e96110c0c6730be7add59392b4082a6478447cc307d35512dfb2c4e27122b9749eeed9b5a5906f99ee57d7b565822bd4d78aed8f1567409a59ae77b3a1552a5cdb1558ff3ffd2b4cd0e141fce5ad11de5509c6dac5858bbb222bc403e3a307294afbe9633e162bfc5231284f58d475ef19cc1012cb4a81bd26e7e24509ecb5bd859a04a8e39f373188fc58573a52bf8a5de50aa082a4ad28202d01da2f0c7d3a6d1d3b9c3dab9d3ad9a663af4894904236632514d668e5f5016a350ae5accae2902cb9cba8d5262abc4e934329f410739831d447b798bb1da19bd3c98e90f43e54b8911ab9da8d594c9d0617396a53469ec2eb6ca0843ffd39e65b79bf856c755d8fda71b66e16cba537adac14de21a16a379513555d13ee6e021e6bb1cb5db35a7cb0162c3dbf631e8b6b42cc98fba74396971be184b910dbf0fbc29c0e45acfe59c789a134bcc01f7c3b2513d4ef988e7f66e5002d9ee8766870b9502d173953b78b654f020349b7af7845462822a6c78a63416606a265389216f141ca8269a11f18edf1d11de7f11906b787a0189a4fe5a55bb0f78c25319583b5f81c4ad25dd4544d35a2f8afce5b8a117b16104c45997f9ad31421414006f158881e9c7f553f3b7364e274bff39236720d67346e8270b2fd6b5b33c0cece3251b62ec09c709ad1adee626e43a54356b803adf23e45ddbe2bbade69974ca43c3f2246389612398a5247678299995592002f369b0a779ffa60d0785edecab597cb6fa11e2ce68d5e956c5fe95c12ce24cb334a2d1fe9e63491b7d85d58ba4150df6c42f29223eaa607837fee3c71667d7c4a69d5bd2a88e548429e4630c59c38689a52cbc9099f303d680c053cce1a0b24c17a918f7dd08a9348a414e30c8c91e9680facb185914018e1c5a090cd00578c837d9f69e49eae3e45326b679678cca81ca20cf3bfa8e4e548dc446d168382695319ea9fdc14bf29c2b15e2acb925f7db4723f6b382efcbdb10f00837278564a2d0e0da63b755206bdf69faba7e5d7406ec324ca089729a68ca29cbccd17256cb465b91e718b3b64429b8a8e70a72d85b470d85f4b8169ebc74809334db04384c3c2887f09374e60cb3d5c93f3ce5077bcea293b37215ba345f6a30b1d6e08c1cf7024b65ecac5063e177d9af7f687a35c377871d87b00fe7c453199e5c0588a49bf9981651f57468bb37d1812cce02cf1a6df234cf50aabb65959fb7863384d46cbf43600aeb2858a8bea733eec75bcf02f2dfc0c2df6b6c0f807236e67cf6e7253a6f0582cad219daad67c91b8c2f38ad91a9db3bc284f6301f28ad3d1ade08cfc4a8b63268de502d7b4cad5973ce2867a534e576789fe2bd60b15da33d7a5a5e728f6e5ab7052c4636439258979a804bf67aec5546343d7cbee90b4be9d5ef0775d64bfade2daae18d7de4240dd1d88ff3816f2d5c871174b3b48e9fab898abd4cd2df8cb1c3cfff889594a3f08cb935031edbe34aab3433ffd50263a406deef158bbabfa2ec70e79c761d95fcfbef0800c95413068b3789c6b12de5ebe9b414e65ce4f86a6bbccd5ec8e4e220f8ad07255abbaef719ebe1e5d066db4dd1f639cb156c34755eb14053824a1003e97ee54e8dab35f441ee563d80d3163a7b8f71d4f17e240cfae9f2e50c164cf373bb174f5dadafe2430a17be757e30f251d5d60863526a8f46addb932c8170c4a383348c5441aa353e5f1181482d4d0cc0e5d2809c11ee1fac29230c907926c2d3fa55298ae9835c46218650421497d060d15a4194c4d7382a886333375098156a9f0fd6b1d0d94933bb6f285fe51d4aa3037739f143ba20f9b326565f6db49787d1aeb30055ce588dd3c008c0bc1a08935c991067d63003b68b9e2db95360d8aaf2103bb5142c590bb799b268488febc7414b9ae8e108ca4ab4f031adbb9fbe4631c29adb14fb9726df3c6192a3e81b6c34d68e15ee309503ccc1ab240d4ce3c9a099cd7f8782eea9bd1c7005582b9c1fe08030b47958865723652fed003c90703e07f9f1782e33f3bf3d0b83691cd5970fb4af65afa2244bff41e93fa24c33c26c43c93c33a2144aac437a4ab2b4f498104278ec5f2cd38de61eb8b436f5a9dbc3d8b2405ff0598cbcaa964377f61daaf935c42e0db4567520cfee195da1c6090d62031dd0865b2f5aa88be1746a761e3a64b78de338b8996136bbd6b859eb730aa8ab1f68bb5a02b713d8b303ab2ef1e5433d225b0dd485d40a049a1953b488df5314fdbc1c654132498838043c35c7b168e786b0f35a04ec4417968c5561c45735cc09163e8fdbbe67a4c04d672948037e957968c6bf672668d1f6369475d4a238f46af939dbca37cc96ae88b152c1b8b524883e296e5e915a928e9a54268c28e14a85c87fe3bde0e9175dd2eb2645852464ddeae29aefc01d05ef668914829f340f6b14a7bc0f2ce4114f1bef1e2afc37583670a900c58affc6c55bb69e737e5fd02322536ec1e4249f8cca7171394d97c930656beb437ea1b7ac8f6b69d8c1499371deeff7608dde446d4a50f29ce015c655885fcc090aeed40d52390ef952c6b9f937197718aae27fe924c419d1468b45bc0e88688425c3a451dac67f29460fce27a5b753f60b244c1832e9b485e321e8d8d4f547eda56680d9d01aa6d4d7881ab760f926157315a3fcb4d7f9653b91270fc43637420215c71274e4effaf6b67fea48c05393272e288e103e28d26eb39fcb9afdef67686485e90e605b45d2f36a39b4973426f843c2db1e861c67d7c2ca2b8e92ca98ad1297d3fd913258081fff78d981097a2c22b0a9d881f649582e49fd9baaaa89d0d7091f9cfeb8bec3c9b7dfb85e53bee2fb051ff0f7d57ef4af134a7ca9ab91271411a0c95be1af414689425f985faa808a2520c96403788d71af4314023af7a2761ee7ba7e135edfaa51f9f89caa784d853886c147d11f3ccab318250aa65d366396b5dfcda0dda9f8cca5ad6815252ebc061c47f871785e0b3edbdcfb2d74c6fa3eaabaf9f3", 0x1000}, {&(0x7f0000000ac0)="3eb85e3024a2953147f5444738e1388e15fef01893884c2eeb5c559f4a030ee6b08fca1e38ee56dac9cbbea3d6d43e34d9daf81d45289d2bc841e2c4c7072582b15ce7ff3e22b0f19d8a2643280daeb9791b2d0f9b216a0fda4f30804b739da3cce1691d6d88ff52d3e43b26d935d69e99673e98e92fe2fd18e63d4d5699814d9843367774e155678592d0eec07073e851f50827bde418748aa0741684fe603e34dcc960678c7b3e71e48befa166d4a5247325fa881fc7857a8caadde6a2ac9cdcc4ead01267dbb4c639d6d8a80f9637e0c2a3f9623478134b943d5fba4f7e0ceed66c93cc8b", 0xe6}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede48830ca6ea5cd18ff95c871d91454240f370e0c8e2629e58605c4b29017a160709ec76547c92a21d0ec5589e228922b105d0b8b29256620c44d2118334025dedd46db5194f22b349264de22068d3d4db627db4fa827907e5bc02b69c36e94f8149f12116f75", 0xd2}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff91566b7f1725f39f9376b9bd08ff4733feb589ca70432b1fed0632fa8a295da47135911f", 0x38}], 0x4, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}, @txtime={{0x18, 0x1, 0x3d, 0x9d}}], 0x90}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, &(0x7f0000000f00)=[{&(0x7f0000000e00)="abc662f2a7dc713d226b612e712df36db5547daf508fb74a679224eba0fe5f05c53081ff6ebac83c264c6deeec6d4546fe7d00337f488ecee46577d71b39e24cdef94f16295eb7c6012b802872041cfe8c0cd3e0dc1df76772f74d964ff31e481f3c5b96de5d57b25b5e6da0643aa88c693acfefe376af4bc577a451f8000a542b421fbfdeda", 0x86}, {&(0x7f0000000ec0)="6e20cbe6a4a132117801a95e6fd3ec5771da8352900bb19979b10fe02dd6f981361f62316da7b3f7abc9fbae1ea2ab5eea4b2ec5", 0x34}], 0x2, &(0x7f0000000f40)=[@timestamping={{0x14, 0x1, 0x25, 0x7}}], 0x18}}, {{&(0x7f0000000f80)=@can, 0x80, &(0x7f00000010c0)=[{0x0}, {&(0x7f0000001080)="746db052af41b2750b2361b7bde26b61", 0x10}], 0x2, &(0x7f0000001180)=[@timestamping={{0x14, 0x1, 0x25, 0x92}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @mark={{0x14, 0x1, 0x24, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x10000}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}], 0x90}}, {{&(0x7f0000001240)=@in={0x2, 0x4e21, @remote}, 0x80, &(0x7f0000001100)=[{0x0}, {&(0x7f00000023c0)="8a8648be4c0f4e1cba8b1840619b9a0923cbf9c9e8a72617e2e504549abe818ced0c93477f15975b6b27fd195a3a4401a378a1e5a709e9f341a8797020aab580ac75b83133bec3d80165bf352ecc7504f9962251f1a561761625a5a45301d2a88a2be2aeab736f41076e8646a5cff93e5b8fa1ef1430850968d743e3c547f8bbc45b04d88a8bb63ced695e762ad7b9", 0x8f}, {&(0x7f0000002480)="b5ab91163db3105215e366eb45664eb92ee14d8deb8cdfac670763e8882a6a6071042aaadc599c6f2232e1b6ea1db7c3e1b6748ff9527e3783f0007c9732084afa53b5f37f201a173b301cbfaa0c37ae7b866fc6285623c35b2071998f277f88a12fa1", 0x63}, {&(0x7f0000002500)="5aa9d040d6305795a3115a8a0bb4e7a5c3fc05e2c40575e5d7c818ab6793f3fede473ea54b4b6d5d29db4f46680c135b90008b4307a794fa9fd2c0a6d72a9f8a894cf52bf63e2ae96390cd0b3b08ff524984bf724eeace9bc6e9caebbe045ec695487633a2de1f2545ab0c2d74525d1f588287e966201492b03dab0326afab06d75a0f0b15d5f05d0f1b28f5fa5920a0d71394fbf1698230518b2e942b3499af46ce1a7c9b9f19068d7a306f6d08ce5d938524164854ad3322b0f7b3", 0xbc}], 0x4}}], 0x5, 0x20000044) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f406", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) 6.496130484s ago: executing program 0 (id=1626): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x24040804}, 0x4008000) r1 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0) write$cgroup_int(r5, &(0x7f0000000000)=0x922, 0x12) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x70, 0x0, 0x9, 0x305, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x4}}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @remote}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}]}, 0x70}}, 0x0) socket$igmp(0x2, 0x3, 0x2) ioctl$SNDCTL_SYNTH_INFO(r5, 0xc08c5102, &(0x7f0000000840)={"b30ab7af0277d7e2de35ec2548bd108b751ebaab0d5281885e41e5fe4353", 0x0, 0x3, 0x1, 0x5a, 0x2, 0x101, 0xcd, 0x9, [0x9, 0x1, 0xc5b, 0x1, 0x8, 0x3, 0x7, 0x80000001, 0x0, 0x7, 0x8, 0x100, 0x3, 0x7, 0x0, 0x9, 0x81, 0x4, 0x5]}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="58010000", @ANYRES16=r8, @ANYBLOB="01002cbd7000fcdbdf2501000000060006004e2300000800050001000000200108801c011380f400098070000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a0000001400020000000000000000000000ffff0a010102050003000200000028000080060001000a00000014000200fe8000000000000000000000000000bb050003000200000034000080060001000200000008000200ac1414bb05000300020000000600010002000000080002000a01010005000300020000001c000080060001000223000008000200ac1414aa0500030003000000040000800400008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392214000200776731"], 0x158}, 0x1, 0x0, 0x0, 0x44001}, 0x4c020) ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f00000006c0)=""/224) 6.154534346s ago: executing program 3 (id=1627): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000380)={0x1, 0x0, [{0x4, 0x89, &(0x7f0000001500)=""/137}]}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f00000006c0)=""/192, 0x0, 0x80e3001}) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f00000000c0)=0x1) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)={@my=0x1}) socket$vsock_stream(0x28, 0x1, 0x0) setitimer(0x1, 0x0, 0x0) getitimer(0x1, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x10000, 0x6) sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="00042dbd7000fd30ef789a1bab89bbeb31646c37d59f669087fd09700d7b69fe"], 0x14}, 0x1, 0x0, 0x0, 0x2000}, 0x4001) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40186f40, &(0x7f0000000440)=0x1f) syz_usb_connect$uac1(0x4, 0xa8, 0x0, 0x0) 5.539364807s ago: executing program 0 (id=1629): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x10000000005) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x400000000001, 0x0, 0x1, 0x0) r1 = getpid() r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f000001a400)=""/102384, 0x18ff0) r5 = openat(0xffffffffffffff9c, 0x0, 0x4, 0x80) io_setup(0x30, 0x0) openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101002) sched_setaffinity(r3, 0x8, &(0x7f00000000c0)=0x6ea) openat$ppp(0xffffffffffffff9c, 0x0, 0x1, 0x0) io_setup(0x81, &(0x7f0000001440)=0x0) r7 = socket(0xa, 0x3, 0x87) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000540)={'dummy0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x2f}, 0x40, r8}) io_submit(r6, 0x1, &(0x7f00000003c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x3, r7, &(0x7f0000000200)="c76024b0f3aba594101d6bcd948d29f514743fc9ba023deea4005e9c52592f6359b822968317a6e1a5793dc6acd44d16854f4828d364dae806bcdbd7ae6db0331a2277625b", 0x45, 0xfffffffffffffff7, 0x0, 0x0, r5}]) 5.526322307s ago: executing program 1 (id=1630): socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000340)={0x14, 0x0, 0xffffffffffffffff, 0x70bd2a, 0x25dfdbf8, {0x3, 0x0, 0x14}}, 0x14}, 0x1, 0x0, 0x0, 0x4005c}, 0x400c084) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0) write$cgroup_int(r4, &(0x7f0000000000)=0x922, 0x12) socket$igmp(0x2, 0x3, 0x2) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x22cb00, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 5.515466988s ago: executing program 2 (id=1631): bpf$TOKEN_CREATE(0x24, 0x0, 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) fanotify_init(0x200, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x3, @loopback, 0x3}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000140)='nv', 0xffe8) shutdown(r3, 0x1) 4.366109628s ago: executing program 2 (id=1632): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xa02, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x2800, 0x2800, 0x6, 0x2, 0xba2, 0x2800, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}}) 3.254974827s ago: executing program 1 (id=1633): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {}, {0x8, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3ab}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1003d1, 0x3, 0x20000000, 0x2, 0x6}, 0x64}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0xc804}, 0x2) close(r1) socket$unix(0x1, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="af75355d1696"}) r4 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x4) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r4, &(0x7f0000000280)={&(0x7f0000000740)=@xdp={0x2c, 0x0, r6, 0x42}, 0x80, &(0x7f0000000cc0)=[{&(0x7f00000002c0)="27030200dc0f24000e00003c000c00000000ff840000000200000003125ce882cbf490d908f1523f000000002d9c2740e260a09c6911cda856d5141bffc6", 0x3e}], 0x1}, 0x8bb3a321ef809a) 3.14477644s ago: executing program 0 (id=1634): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0x5, &(0x7f0000000140)={0x8, 0x13e9}, 0x0) pipe(0x0) fsopen(&(0x7f0000000100)='xfs\x00', 0x0) mount$overlay(0x0, 0x0, 0x0, 0x860004, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f000001aa40)=""/102392, 0x18ff8) socket(0x2, 0x80805, 0x0) syz_open_dev$I2C(0x0, 0x1, 0x402) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x6, @remote, 0xfffffffc}}, 0x0, 0x0, 0x6, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8) ioctl$VIDIOC_DECODER_CMD(0xffffffffffffffff, 0xc0485660, &(0x7f0000000200)={0x2, 0x1, @raw_data=[0x80000001, 0x6, 0x7, 0x2, 0xffff2820, 0x100, 0x9, 0x5, 0x0, 0x2, 0x5, 0x101, 0x100, 0x1, 0x401, 0xc33a]}) sendto$inet6(r2, 0x0, 0x0, 0x20004002, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) close_range(r3, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_CROP(r4, 0xc038563c, &(0x7f0000000180)={0x0, 0x0, {0xdb47, 0xe8eb, 0x4, 0xfffffff9}}) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0) timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=0x0) timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r6 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r6, 0xc) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r7, 0x0, 0x1) 3.030518634s ago: executing program 2 (id=1635): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket(0x400000000010, 0x3, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9968fe8", 0x60}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec489820505cea6045a9939974c6f2ee3815378dc0a620982383e84178b017ba52b", 0xc3}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c617c69458d721eb85d0e5372751cd23cc88571f540aa75255a73b8c9cdc2e75edf622add4302f913d9", 0xb2}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{&(0x7f0000001300)="e24fc801dffdf37981a92f7f4005844301258a0ec141f1ec014bd9d03d1db52a75dfb8e04daddc3fac31adda350235262d9e1b8e20d406b97372033032d7623ff84bbf544a91c12eb644b323e9653fd76852c025e718cc91d9e9e274a7ed2dc15d8efec8d11a7983cdc8f3c39dbf764fc28873b760c435743929653c359ee706dcf2658403b25fbf3382f179562dc64883887ead6a916ef430ee4f67e21a3f01a3a35627bfb2f6ba204da0280c9f2fb5443879616a431884af82606286c4760a9ef4aa264e0000137f28dbe594332062120a76b565165987eef46c1d523f0fba98cd51f14537e313952f76574e3137aa1b41ae8e16f4087ddbaa7de98ca609a1b01b64ab10613204e4d18f376138fe7735ffb2fa09843922ce5a365e1e84286f09c432e0f521be13182256dcf534e03efb1735e55a8dce53e32ac669207d21e3b79414a8e61204f7c4173f2381e4c5e6cce12f6bae60d5bff199d5da50e40f87efbcec332173caba740a1b12c915bccf04940399b9a72a7dca4b8c7d46a2c444f6c7e30cf1f811a4a31cabb9b512a949105e2aa4081a3d613ad9ae4cf209d684e4b27c204bc5a395da552b8638df42d4c3522b64eaf11c988fce5634757ed41b39c338aea3ed2171e86fd34cde22dc3519edd2108641f3c3d4ca2016524b8f7d67e80ef5474d0a4a157eca9e5c0c5fcd7f459f64e91effe3bbcdcf9aba5704952cf0b82b1b0d4533a9c7ddc914bc7dfd8eea591be5806408191e3cca1cd6101f575b7c7206cd219b9f379fc3d03c3c867e5c36a8fcc75e86988a1897876b5a3bb2b3e102a742ebaeb50e08096c1990fa8d8755c187f86213f3cfc322f7997da73594e30f68a1da5768201916dfd52711ad79caae751260cc054dda58307f4031aebc75514795e6d7ae7725c27f7bc8f1e2115603e1f8b18517a74ddd901752a194cfb37535c949f4a5eefc98b231e03fd7a5d7643817567c7fbdcad37365a1a063c11bfd7e6474e9608391f3f3ebcd97a3ad7a9873d8615a9a4dac09ebc528b9277f71d5c2e6012645c643764319941206e6957987b5423b3864e6acb89c0e0371d66c5e16dfd920305cf5dc39ea0d48cea652236f3492f5b60a2a648e8ac61bf13811a81be593e430f504d0fe3d38222acd10e188605410900c55f203e0f6d553cf4e7cdfdfdbf4b60ee166c8be15757c6042f7f7b0c0c75932f795b075ba4116f1336622bafc47e58206255af610b3a7e88fed94a1c4a8b29e7e379b084431d5e059c0d0342678ef5b2ad08d10be3b48e4a1d0de16e8ca0175e1453fa15f8086f7b93d15e5f0769d56cbcec255fd1e82c43a61d50b893a8e7bc84c7cc1b9cffbc4d8f8d703d1ca879acf93e82f35a534665bd5a5a9e13e35ed00d796b830c45f87ba6c90857d05774506611c940e391752237af000473cfff41236801a9e78c48206e03e2a4b1c9164eb1f8cfb71d1559d3b5650327868ef87906b5a0e05470b0655f51090a57a65895608866ac0e008c44898ea0fa968ae510b561b8ebb9f0a38c2572f93aa6a8f5aaab1ff62ad761af234379adfc397c186a99bbecd534266358c5e053de4698e37fb0c512d72492c6f0d18e686c21665224d23fb6b15670e235a96bab63d63df51624f73d78fc38e0c8956882ebbbe0207f3b13be74b70ef29e64912cac49dd90a7f4d5fd09bec08dcb8413578f9e4456079c3673ffd33b366d4a203af63f25ba792a722a4d36749c6724e0b37cfd71761f3ff122861e362aab7a26a8c8090b65ab080535fa912d5b58a9b65410b94acc42396796e35a308cac7594439f4ed2afc8cc4676159751d9ce63ff894a7cad95b375f852d9bd493719ab9bac41cd9ec817b835628a6a9f4869fc9ce72ea3fc7119341ceaf23e85f7a990b7eeb35ef2ef2c84f6fafa0c186a0b2490c72cfe2ce7607634e0d651e4c87514a177300f4f3b762e386cc1522e9b859fb9297329a73b89b8a97184864823d1829fe7a6bf30c69f24b61338e3f341e05e3f70ec6cd6f3544652f69ade293dc896836632271cde36ebb6f515dc8d13121def9d2911ed0d19f2fc31a12b1de3b43dbfb32c0df664c85d4b978f3a41b43546844c8581590dade2db066d5a948a386438232b0be334232800fd164aac8047a96b85356820597a0ef21b2df300a8ef2a08155b7a8eb7793e5ec768db868432c9d65cd748369f24909862131553af695be43c95f2e65a9ef1f8fbad3d03bee4640639c0351c6ed58113b86ec0530aff32f4e4b786285ce72afd6dce83b3a82f58a0bc62735e3402848690d2865438c81f174588e6046ba95935ec0dfbbbb87dda17d8fdcf07b8322bdf18b1421293ead6a8b38119724c9c122f457f85129cbd50338a7e3194418c00ed91cd39878f7753477a17856281ae743c8dcdfc7d5c7142348f9fae4f7767f2c89c394c3fd5d8f261bde3b2055ccddf05c36643e21ec542a62be492501b470813fcedf01c876da0e1e822c3867f32951053f2963b5d1f90e713df0b2c526f36e685b4153d4ae4e8c607df1308c84e500c0bd9fe80dc3cf28187a39fd09643afb25eaa9411f3ce6304dc8bfd02afc9a6bad59887a1cad44a1f613a0779059a90248f09e357af291b1cce42cb9ac766dac70e599c1bbba4a58715adf2426a865eb1e0b80f10602db39c400b45131700490a9c38345022acc79851c2368bc7d191bc1f995722c564198669a68c971f60779e6983508a7c8077cdc7677d9a8b70b8fd1183f57cbc2d653ef6e96110c0c6730be7add59392b4082a6478447cc307d35512dfb2c4e27122b9749eeed9b5a5906f99ee57d7b565822bd4d78aed8f1567409a59ae77b3a1552a5cdb1558ff3ffd2b4cd0e141fce5ad11de5509c6dac5858bbb222bc403e3a307294afbe9633e162bfc5231284f58d475ef19cc1012cb4a81bd26e7e24509ecb5bd859a04a8e39f373188fc58573a52bf8a5de50aa082a4ad28202d01da2f0c7d3a6d1d3b9c3dab9d3ad9a663af4894904236632514d668e5f5016a350ae5accae2902cb9cba8d5262abc4e934329f410739831d447b798bb1da19bd3c98e90f43e54b8911ab9da8d594c9d0617396a53469ec2eb6ca0843ffd39e65b79bf856c755d8fda71b66e16cba537adac14de21a16a379513555d13ee6e021e6bb1cb5db35a7cb0162c3dbf631e8b6b42cc98fba74396971be184b910dbf0fbc29c0e45acfe59c789a134bcc01f7c3b2513d4ef988e7f66e5002d9ee8766870b9502d173953b78b654f020349b7af7845462822a6c78a63416606a265389216f141ca8269a11f18edf1d11de7f11906b787a0189a4fe5a55bb0f78c25319583b5f81c4ad25dd4544d35a2f8afce5b8a117b16104c45997f9ad31421414006f158881e9c7f553f3b7364e274bff39236720d67346e8270b2fd6b5b33c0cece3251b62ec09c709ad1adee626e43a54356b803adf23e45ddbe2bbade69974ca43c3f2246389612398a5247678299995592002f369b0a779ffa60d0785edecab597cb6fa11e2ce68d5e956c5fe95c12ce24cb334a2d1fe9e63491b7d85d58ba4150df6c42f29223eaa607837fee3c71667d7c4a69d5bd2a88e548429e4630c59c38689a52cbc9099f303d680c053cce1a0b24c17a918f7dd08a9348a414e30c8c91e9680facb185914018e1c5a090cd00578c837d9f69e49eae3e45326b679678cca81ca20cf3bfa8e4e548dc446d168382695319ea9fdc14bf29c2b15e2acb925f7db4723f6b382efcbdb10f00837278564a2d0e0da63b755206bdf69faba7e5d7406ec324ca089729a68ca29cbccd17256cb465b91e718b3b64429b8a8e70a72d85b470d85f4b8169ebc74809334db04384c3c2887f09374e60cb3d5c93f3ce5077bcea293b37215ba345f6a30b1d6e08c1cf7024b65ecac5063e177d9af7f687a35c377871d87b00fe7c453199e5c0588a49bf9981651f57468bb37d1812cce02cf1a6df234cf50aabb65959fb7863384d46cbf43600aeb2858a8bea733eec75bcf02f2dfc0c2df6b6c0f807236e67cf6e7253a6f0582cad219daad67c91b8c2f38ad91a9db3bc284f6301f28ad3d1ade08cfc4a8b63268de502d7b4cad5973ce2867a534e576789fe2bd60b15da33d7a5a5e728f6e5ab7052c4636439258979a804bf67aec5546343d7cbee90b4be9d5ef0775d64bfade2daae18d7de4240dd1d88ff3816f2d5c871174b3b48e9fab898abd4cd2df8cb1c3cfff889594a3f08cb935031edbe34aab3433ffd50263a406deef158bbabfa2ec70e79c761d95fcfbef0800c95413068b3789c6b12de5ebe9b414e65ce4f86a6bbccd5ec8e4e220f8ad07255abbaef719ebe1e5d066db4dd1f639cb156c34755eb14053824a1003e97ee54e8dab35f441ee563d80d3163a7b8f71d4f17e240cfae9f2e50c164cf373bb174f5dadafe2430a17be757e30f251d5d60863526a8f46addb932c8170c4a383348c5441aa353e5f1181482d4d0cc0e5d2809c11ee1fac29230c907926c2d3fa55298ae9835c46218650421497d060d15a4194c4d7382a886333375098156a9f0fd6b1d0d94933bb6f285fe51d4aa3037739f143ba20f9b326565f6db49787d1aeb30055ce588dd3c008c0bc1a08935c991067d63003b68b9e2db95360d8aaf2103bb5142c590bb799b268488febc7414b9ae8e108ca4ab4f031adbb9fbe4631c29adb14fb9726df3c6192a3e81b6c34d68e15ee309503ccc1ab240d4ce3c9a099cd7f8782eea9bd1c7005582b9c1fe08030b47958865723652fed003c90703e07f9f1782e33f3bf3d0b83691cd5970fb4af65afa2244bff41e93fa24c33c26c43c93c33a2144aac437a4ab2b4f498104278ec5f2cd38de61eb8b436f5a9dbc3d8b2405ff0598cbcaa964377f61daaf935c42e0db4567520cfee195da1c6090d62031dd0865b2f5aa88be1746a761e3a64b78de338b8996136bbd6b859eb730aa8ab1f68bb5a02b713d8b303ab2ef1e5433d225b0dd485d40a049a1953b488df5314fdbc1c654132498838043c35c7b168e786b0f35a04ec4417968c5561c45735cc09163e8fdbbe67a4c04d672948037e957968c6bf672668d1f6369475d4a238f46af939dbca37cc96ae88b152c1b8b524883e296e5e915a928e9a54268c28e14a85c87fe3bde0e9175dd2eb2645852464ddeae29aefc01d05ef668914829f340f6b14a7bc0f2ce4114f1bef1e2afc37583670a900c58affc6c55bb69e737e5fd02322536ec1e4249f8cca7171394d97c930656beb437ea1b7ac8f6b69d8c1499371deeff7608dde446d4a50f29ce015c655885fcc090aeed40d52390ef952c6b9f937197718aae27fe924c419d1468b45bc0e88688425c3a451dac67f29460fce27a5b753f60b244c1832e9b485e321e8d8d4f547eda56680d9d01aa6d4d7881ab760f926157315a3fcb4d7f9653b91270fc43637420215c71274e4effaf6b67fea48c05393272e288e103e28d26eb39fcb9afdef67686485e90e605b45d2f36a39b4973426f843c2db1e861c67d7c2ca2b8e92ca98ad1297d3fd913258081fff78d981097a2c22b0a9d881f649582e49fd9baaaa89d0d7091f9cfeb8bec3c9b7dfb85e53bee2fb051ff0f7d57ef4af134a7ca9ab91271411a0c95be1af414689425f985faa808a2520c96403788d71af4314023af7a2761ee7ba7e135edfaa51f9f89caa784d853886c147d11f3ccab318250aa65d366396b5dfcda0dda9f8cca5ad6815252ebc061c47f871785e0b3edbdcfb2d74c6fa3eaabaf9f3", 0x1000}, {&(0x7f0000000ac0)="3eb85e3024a2953147f5444738e1388e15fef01893884c2eeb5c559f4a030ee6b08fca1e38ee56dac9cbbea3d6d43e34d9daf81d45289d2bc841e2c4c7072582b15ce7ff3e22b0f19d8a2643280daeb9791b2d0f9b216a0fda4f30804b739da3cce1691d6d88ff52d3e43b26d935d69e99673e98e92fe2fd18e63d4d5699814d9843367774e155678592d0eec07073e851f50827bde418748aa0741684fe603e34dcc960678c7b3e71e48befa166d4a5247325fa881fc7857a8caadde6a2ac9cdcc4ead01267dbb4c639d6d8a80f9637e0c2a3f9623478134b943d5fba4f7e0ceed66c93cc8b", 0xe6}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede48830ca6ea5cd18ff95c871d91454240f370e0c8e2629e58605c4b29017a160709ec76547c92a21d0ec5589e228922b105d0b8b29256620c44d2118334025dedd46db5194f22b349264de22068d3d4db627db4fa827907e5bc02b69c36e94f8149f12116f75", 0xd2}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff91566b7f1725f39f9376b9bd08ff4733feb589ca70432b1fed0632fa8a295da47135911f", 0x38}], 0x4, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}, @txtime={{0x18, 0x1, 0x3d, 0x9d}}], 0x90}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, &(0x7f0000000f00)=[{&(0x7f0000000e00)="abc662f2a7dc713d226b612e712df36db5547daf508fb74a679224eba0fe5f05c53081ff6ebac83c264c6deeec6d4546fe7d00337f488ecee46577d71b39e24cdef94f16295eb7c6012b802872041cfe8c0cd3e0dc1df76772f74d964ff31e481f3c5b96de5d57b25b5e6da0643aa88c693acfefe376af4bc577a451f8000a542b421fbfdeda", 0x86}, {&(0x7f0000000ec0)="6e20cbe6a4a132117801a95e6fd3ec5771da8352900bb19979b10fe02dd6f981361f62316da7b3f7abc9fbae1ea2ab5eea4b2ec5", 0x34}], 0x2, &(0x7f0000000f40)=[@timestamping={{0x14, 0x1, 0x25, 0x7}}], 0x18}}, {{&(0x7f0000000f80)=@can, 0x80, &(0x7f00000010c0)=[{0x0}, {&(0x7f0000001080)="746db052af41b2750b2361b7bde26b61", 0x10}], 0x2, &(0x7f0000001180)=[@timestamping={{0x14, 0x1, 0x25, 0x92}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @mark={{0x14, 0x1, 0x24, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x10000}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}], 0x90}}, {{&(0x7f0000001240)=@in={0x2, 0x4e21, @remote}, 0x80, &(0x7f0000001100)=[{0x0}, {&(0x7f00000023c0)="8a8648be4c0f4e1cba8b1840619b9a0923cbf9c9e8a72617e2e504549abe818ced0c93477f15975b6b27fd195a3a4401a378a1e5a709e9f341a8797020aab580ac75b83133bec3d80165bf352ecc7504f9962251f1a561761625a5a45301d2a88a2be2aeab736f41076e8646a5cff93e5b8fa1ef1430850968d743e3c547f8bbc45b04d88a8bb63ced695e762ad7b9", 0x8f}, {&(0x7f0000002480)="b5ab91163db3105215e366eb45664eb92ee14d8deb8cdfac670763e8882a6a6071042aaadc599c6f2232e1b6ea1db7c3e1b6748ff9527e3783f0007c9732084afa53b5f37f201a173b301cbfaa0c37ae7b866fc6285623c35b2071998f277f88a12fa1", 0x63}, {&(0x7f0000002500)="5aa9d040d6305795a3115a8a0bb4e7a5c3fc05e2c40575e5d7c818ab6793f3fede473ea54b4b6d5d29db4f46680c135b90008b4307a794fa9fd2c0a6d72a9f8a894cf52bf63e2ae96390cd0b3b08ff524984bf724eeace9bc6e9caebbe045ec695487633a2de1f2545ab0c2d74525d1f588287e966201492b03dab0326afab06d75a0f0b15d5f05d0f1b28f5fa5920a0d71394fbf1698230518b2e942b3499af46ce1a7c9b9f19068d7a306f6d08ce5d938524164854ad3322b0f7b3", 0xbc}], 0x4}}], 0x5, 0x20000044) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f40600", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) 2.818608692s ago: executing program 3 (id=1636): timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21}, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) syz_read_part_table(0x1045, &(0x7f0000000000)="$eJzsz82pwkAUBeAzeXkTLdB6jAubsQUrc+MIk4HYgIjwfYv5uQcO3PBV91aSlGQZg/8kz9b1+Z5cSjKP97o3HLar9vMvy3F6q18fW1Wr4z/X63QeYcnp9sHVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBnvAIAAP//1yMU+g==") recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) setrlimit(0x1, &(0x7f0000001080)={0x4d76, 0xc644}) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[], 0x50}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f00000006c0)=ANY=[@ANYBLOB="180900000000000000000000030000001ca100000000000085100000fcffffff"], &(0x7f0000000080)='syzkaller\x00', 0xb, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94) 2.608204739s ago: executing program 2 (id=1637): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x24040804}, 0x4008000) r1 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0) write$cgroup_int(r5, &(0x7f0000000000)=0x922, 0x12) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r6, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x70, 0x0, 0x9, 0x305, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x4}}, @NFCTH_TUPLE={0x3c, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @remote}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}]}, 0x70}}, 0x0) socket$igmp(0x2, 0x3, 0x2) ioctl$SNDCTL_SYNTH_INFO(r5, 0xc08c5102, &(0x7f0000000840)={"b30ab7af0277d7e2de35ec2548bd108b751ebaab0d5281885e41e5fe4353", 0x0, 0x3, 0x1, 0x5a, 0x2, 0x101, 0xcd, 0x9, [0x9, 0x1, 0xc5b, 0x1, 0x8, 0x3, 0x7, 0x80000001, 0x0, 0x7, 0x8, 0x100, 0x3, 0x7, 0x0, 0x9, 0x81, 0x4, 0x5]}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="58010000", @ANYRES16=r8, @ANYBLOB="01002cbd7000fcdbdf2501000000060006004e2300000800050001000000200108801c011380f400098070000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a0000001400020000000000000000000000ffff0a010102050003000200000028000080060001000a00000014000200fe8000000000000000000000000000bb050003000200000034000080060001000200000008000200ac1414bb05000300020000000600010002000000080002000a01010005000300020000001c000080060001000223000008000200ac1414aa0500030003000000040000800400008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392214000200776731"], 0x158}, 0x1, 0x0, 0x0, 0x44001}, 0x4c020) ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f00000006c0)=""/224) 2.373556887s ago: executing program 1 (id=1638): rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') symlink(&(0x7f000000a900)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81800) renameat2(r0, &(0x7f0000001280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r0, &(0x7f00000013c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1105013, 0x0, 0x4, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181341, 0x84) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 2.231793052s ago: executing program 1 (id=1639): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="7800000000010104000000000000000002000000240001801400018008000100ac1e000108000200e00000010c0002800500010000000000240002800c000280050001000000000014000180080001000000000008000200e00000020800074000af3fe27e59a50000"], 0x78}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@gettaction={0x14, 0x5a, 0xc6b747b6bf1c6b95, 0x4000}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4800) bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) pipe(0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10) bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0) r4 = syz_open_dev$vim2m(&(0x7f0000000140), 0x1, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000005c0)={0x1, @pix_mp={0x8de, 0x9, 0x36314752, 0x6, 0x3, [{0x1fb, 0x6}, {0xc00}, {0x7, 0x5de3}, {0x11, 0x9}, {0x9, 0x4000069a}, {0x7, 0x3}, {0x9, 0xa}, {0x4, 0x80000017}], 0x7b, 0x3, 0x7, 0x1, 0x4}}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r5 = socket$inet6(0xa, 0x805, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r6, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r6, 0x84, 0x7a, &(0x7f0000000340)={r7, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84) getsockopt$bt_hci(r5, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_freezer_state(r8, &(0x7f00000000c0), 0x2, 0x0) r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r9, &(0x7f0000000180), 0x12) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x7, 0x1000, &(0x7f0000000240)=""/4096}, 0x94) socket$kcm(0x2, 0xa, 0x2) 2.00016466s ago: executing program 3 (id=1640): syz_open_procfs(0xffffffffffffffff, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b8, 0x0, 0x12, 0x60d, 0x1d8, 0x202, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private1, @ipv4={'\x00', '\xff\xff', @empty}, [0x0, 0xff], [], 'ip_vti0\x00', 'macsec0\x00', {0xff}}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x74, 0x2}}, @common=@icmp6={{0x28}, {0xd, "ea9c", 0x1}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xff, 0x0, 0xffffff00, 0xff000000], [0xff, 0xff000000, 0x0, 0xff], 'ipvlan1\x00', 'erspan0\x00', {}, {0xff}, 0x2b, 0x5, 0x6, 0x33}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x5, 0x8001, 0xf53, 'syz0\x00', 'syz1\x00', {0xffffffffffffff7f}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418) 1.689497031s ago: executing program 1 (id=1641): socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000340)={0x14, 0x0, 0xffffffffffffffff, 0x70bd2a, 0x25dfdbf8, {0x3, 0x0, 0x14}}, 0x14}, 0x1, 0x0, 0x0, 0x4005c}, 0x400c084) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0) write$cgroup_int(r4, &(0x7f0000000000)=0x922, 0x12) socket$igmp(0x2, 0x3, 0x2) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x22cb00, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 1.586373164s ago: executing program 2 (id=1642): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x10000000005) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x400000000001, 0x0, 0x1, 0x0) r1 = getpid() r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f000001a400)=""/102384, 0x18ff0) r5 = openat(0xffffffffffffff9c, 0x0, 0x4, 0x80) io_setup(0x30, 0x0) openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101002) sched_setaffinity(r3, 0x8, &(0x7f00000000c0)=0x6ea) openat$ppp(0xffffffffffffff9c, 0x0, 0x1, 0x0) io_setup(0x81, &(0x7f0000001440)=0x0) r7 = socket(0xa, 0x3, 0x87) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000540)={'dummy0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x2f}, 0x40, r8}) io_submit(r6, 0x2, &(0x7f00000003c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x3, r7, &(0x7f0000000200)="c76024b0f3aba594101d6bcd948d29f514743fc9ba023deea4005e9c52592f6359b822968317a6e1a5793dc6acd44d16854f4828d364dae806bcdbd7ae6db0331a2277625b", 0x45, 0xfffffffffffffff7, 0x0, 0x0, r5}, 0x0]) 1.585649364s ago: executing program 3 (id=1643): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc778000) syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2) 0s ago: executing program 1 (id=1644): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000380)={0x1, 0x0, [{0x4, 0x89, &(0x7f0000001500)=""/137}]}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f00000006c0)=""/192, 0x0, 0x80e3001}) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f00000000c0)=0x1) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)={@my=0x1}) socket$vsock_stream(0x28, 0x1, 0x0) setitimer(0x1, 0x0, 0x0) getitimer(0x1, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x10000, 0x6) sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="00042dbd7000fd30ef789a1bab89bbeb31646c37d59f669087fd09700d7b69fe"], 0x14}, 0x1, 0x0, 0x0, 0x2000}, 0x4001) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40186f40, &(0x7f0000000440)=0x1f) syz_usb_connect$uac1(0x4, 0xa8, 0x0, 0x0) kernel console output (not intermixed with test programs): timestamps until 2038-01-19 (0x7fffffff) [ 524.510313][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 524.637580][ T8793] loop1: detected capacity change from 0 to 4096 [ 524.689748][ T8798] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 526.773063][ T8813] loop0: detected capacity change from 0 to 4096 [ 527.297075][ T8822] loop2: detected capacity change from 0 to 2048 [ 527.352412][ T8822] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 527.365185][ T8822] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 527.752443][ T8830] syz_tun: entered allmulticast mode [ 527.784920][ T8829] syz_tun: left allmulticast mode [ 529.106464][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.108692][ T8836] loop0: detected capacity change from 0 to 4096 [ 530.172884][ T8850] loop0: detected capacity change from 0 to 2048 [ 532.132886][ T8850] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 532.152018][ T8850] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 532.312377][ T8848] overlayfs: missing 'lowerdir' [ 532.396713][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 532.619643][ T8859] loop3: detected capacity change from 0 to 4096 [ 532.670739][ T8864] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 536.076398][ T8886] loop2: detected capacity change from 0 to 2048 [ 538.099211][ T8886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 538.144840][ T8895] loop0: detected capacity change from 0 to 128 [ 538.153608][ T8886] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 538.189073][ T8884] overlayfs: missing 'lowerdir' [ 538.306921][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 538.881252][ T8904] ubi: mtd0 is already attached to ubi31 [ 539.876614][ T8900] loop1: detected capacity change from 0 to 32768 [ 539.933854][ T8900] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 540.115955][ T6472] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 540.121956][ T8911] loop0: detected capacity change from 0 to 2048 [ 540.206734][ T8911] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 541.064911][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 541.074604][ T8921] loop3: detected capacity change from 0 to 4096 [ 541.519281][ T8924] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 541.712486][ T8925] loop1: detected capacity change from 0 to 2048 [ 544.062293][ T8925] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 544.252355][ T8925] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 544.376034][ T8923] overlayfs: missing 'lowerdir' [ 544.428447][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 545.004200][ T8946] loop0: detected capacity change from 0 to 2048 [ 547.203929][ T8946] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 547.280036][ T8946] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 547.630057][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.777203][ T8948] loop1: detected capacity change from 0 to 32768 [ 547.865432][ T8948] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 547.923830][ T8956] loop0: detected capacity change from 0 to 2048 [ 547.991500][ T8948] XFS (loop1): Ending clean mount [ 548.005257][ T8956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 548.236207][ T5769] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 548.820185][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.217198][ T8975] ubi: mtd0 is already attached to ubi31 [ 550.063389][ T8980] loop1: detected capacity change from 0 to 2048 [ 550.726517][ T8980] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 550.739028][ T8980] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 550.863131][ T8980] overlayfs: missing 'lowerdir' [ 551.075641][ T8977] loop2: detected capacity change from 0 to 4096 [ 551.108721][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 551.147450][ T8984] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 553.710953][ T8992] loop0: detected capacity change from 0 to 32768 [ 553.797351][ T8992] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 554.073058][ T6472] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 554.251202][ T9004] loop0: detected capacity change from 0 to 1024 [ 554.313559][ T9005] loop3: detected capacity change from 0 to 2048 [ 554.461529][ T9005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 554.520394][ T49] hfsplus: b-tree write err: -5, ino 25 [ 554.544911][ T49] hfsplus: b-tree write err: -5, ino 4 [ 554.573702][ T49] hfsplus: b-tree write err: -5, ino 2 [ 555.921407][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 556.182957][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.0.845'. [ 556.628707][ T9014] loop1: detected capacity change from 0 to 2048 [ 558.534114][ T9014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 558.546739][ T9014] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 558.720990][ T9014] overlayfs: missing 'lowerdir' [ 559.166774][ T9032] ubi: mtd0 is already attached to ubi31 [ 559.390742][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.870062][ T9041] netlink: 128 bytes leftover after parsing attributes in process `syz.1.853'. [ 559.889986][ T9043] loop0: detected capacity change from 0 to 8 [ 559.901950][ T9041] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 559.926510][ T9043] netlink: 'syz.0.854': attribute type 10 has an invalid length. [ 559.963113][ T9044] netlink: 'syz.0.854': attribute type 10 has an invalid length. [ 560.011973][ T9044] team0: Port device dummy0 removed [ 560.054044][ T9044] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 560.399319][ T9048] loop0: detected capacity change from 0 to 4096 [ 560.496842][ T9050] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 561.352222][ T9053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.857'. [ 561.785052][ T9061] loop2: detected capacity change from 0 to 2048 [ 563.226750][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.250076][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.842010][ T9061] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 564.872694][ T9061] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 565.104162][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 565.491021][ T9083] syz.0.861: attempt to access beyond end of device [ 565.491021][ T9083] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 565.508787][ T9083] netlink: 'syz.0.861': attribute type 2 has an invalid length. [ 565.517098][ T9083] netlink: 'syz.0.861': attribute type 1 has an invalid length. [ 565.525156][ T9083] netlink: 'syz.0.861': attribute type 1 has an invalid length. [ 566.188855][ T9084] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 566.197877][ T9084] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 566.206648][ T9084] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 566.215454][ T9084] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 566.506708][ T9084] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 566.516093][ T9084] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 566.525268][ T9084] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 566.534436][ T9084] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 567.606014][ T9088] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 567.615049][ T9088] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 567.624139][ T9088] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 567.633220][ T9088] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 569.061810][ T9088] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 569.071084][ T9088] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 569.081438][ T9088] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 569.090469][ T9088] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 569.220353][ T9092] netlink: 48 bytes leftover after parsing attributes in process `syz.0.865'. [ 569.241646][ T9094] netlink: 48 bytes leftover after parsing attributes in process `syz.0.865'. [ 569.253754][ T9102] netlink: 8 bytes leftover after parsing attributes in process `syz.2.866'. [ 569.427265][ T9104] loop2: detected capacity change from 0 to 4096 [ 569.563322][ T9108] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 569.596101][ T9107] ubi: mtd0 is already attached to ubi31 [ 570.699532][ T9116] loop0: detected capacity change from 0 to 2048 [ 570.995064][ T9116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 571.007770][ T9116] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 571.109787][ T9116] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 571.119124][ T9116] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 571.336593][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.520915][ T9128] loop0: detected capacity change from 0 to 8 [ 571.542504][ T9128] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 571.581966][ T6472] udevd[6472]: incorrect cramfs checksum on /dev/loop0 [ 571.603383][ T9128] cramfs: bad data blocksize 4294934200 [ 571.611057][ T9128] cramfs: bad data blocksize 4294934200 [ 571.619315][ T28] audit: type=1800 audit(1775109660.566:42): pid=9128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.874" name="file1" dev="loop0" ino=33092 res=0 errno=0 [ 572.323595][ T9131] loop0: detected capacity change from 0 to 512 [ 572.446770][ T9133] netlink: 8 bytes leftover after parsing attributes in process `syz.2.877'. [ 572.474104][ T9131] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.876: corrupted in-inode xattr: invalid size in ea xattr [ 572.520385][ T9131] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.876: couldn't read orphan inode 15 (err -117) [ 572.587771][ T9131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 572.601946][ T9137] loop1: detected capacity change from 0 to 8 [ 572.660244][ T9131] EXT4-fs (loop0): shut down requested (1) [ 572.678220][ T9131] fuse: Bad value for 'fd' [ 573.001883][ T9137] netlink: 'syz.1.878': attribute type 10 has an invalid length. [ 573.946168][ T9142] netlink: 'syz.1.878': attribute type 10 has an invalid length. [ 573.996495][ T9142] team0: Port device dummy0 removed [ 574.086310][ T9142] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 574.129519][ T9140] netlink: 48 bytes leftover after parsing attributes in process `syz.2.879'. [ 574.139635][ T9146] netlink: 48 bytes leftover after parsing attributes in process `syz.2.879'. [ 574.198199][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.529661][ T9157] syz.3.881: attempt to access beyond end of device [ 574.529661][ T9157] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 574.546848][ T9157] netlink: 'syz.3.881': attribute type 2 has an invalid length. [ 574.555010][ T9157] netlink: 'syz.3.881': attribute type 1 has an invalid length. [ 574.636116][ T9158] loop3: detected capacity change from 0 to 128 [ 575.442016][ T9166] loop0: detected capacity change from 0 to 2048 [ 577.410208][ T9166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 577.563579][ T9166] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 577.789441][ T9161] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 577.798566][ T9161] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 577.808814][ T9179] ubi: mtd0 is already attached to ubi31 [ 577.923382][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.573172][ T9188] loop1: detected capacity change from 0 to 512 [ 578.603785][ T9188] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.891: corrupted in-inode xattr: invalid size in ea xattr [ 578.631799][ T9188] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.891: couldn't read orphan inode 15 (err -117) [ 578.671209][ T9188] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 578.780829][ T9188] EXT4-fs (loop1): shut down requested (1) [ 579.614108][ T9196] syz.0.893: attempt to access beyond end of device [ 579.614108][ T9196] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 579.630394][ T9196] netlink: 'syz.0.893': attribute type 2 has an invalid length. [ 579.638280][ T9196] netlink: 'syz.0.893': attribute type 1 has an invalid length. [ 579.671625][ T9196] loop0: detected capacity change from 0 to 128 [ 581.137228][ T9205] netlink: 48 bytes leftover after parsing attributes in process `syz.0.894'. [ 581.149837][ T9205] netlink: 48 bytes leftover after parsing attributes in process `syz.0.894'. [ 581.251437][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.803229][ T9212] loop3: detected capacity change from 0 to 16 [ 584.009068][ T9212] erofs: (device loop3): mounted with root inode @ nid 36. [ 584.544325][ T9218] loop0: detected capacity change from 0 to 2048 [ 584.980859][ T9218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 584.994288][ T9218] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 585.041977][ T9218] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 585.051147][ T9218] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 585.354058][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.023474][ T9233] syz.2.902: attempt to access beyond end of device [ 586.023474][ T9233] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 586.039706][ T9233] netlink: 'syz.2.902': attribute type 2 has an invalid length. [ 586.047759][ T9233] netlink: 'syz.2.902': attribute type 1 has an invalid length. [ 586.074242][ T9233] loop2: detected capacity change from 0 to 128 [ 587.131063][ T9236] ubi: mtd0 is already attached to ubi31 [ 587.280496][ T9238] loop2: detected capacity change from 0 to 512 [ 587.361823][ T9238] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.904: corrupted in-inode xattr: invalid size in ea xattr [ 587.458184][ T9238] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.904: couldn't read orphan inode 15 (err -117) [ 587.536247][ T9238] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 587.648269][ T9238] EXT4-fs (loop2): shut down requested (1) [ 587.690132][ T9238] fuse: Unknown parameter '00000000000000000000' [ 588.121915][ T9245] netlink: 48 bytes leftover after parsing attributes in process `syz.3.906'. [ 588.133429][ T9245] netlink: 48 bytes leftover after parsing attributes in process `syz.3.906'. [ 591.900349][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.985929][ T9258] loop3: detected capacity change from 0 to 8 [ 592.070229][ T6472] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 592.070695][ T9258] netlink: 'syz.3.910': attribute type 10 has an invalid length. [ 592.331892][ T9262] loop2: detected capacity change from 0 to 2048 [ 594.192541][ T9262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 594.213963][ T9262] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 594.467517][ T9261] overlayfs: missing 'lowerdir' [ 594.480404][ T9273] loop0: detected capacity change from 0 to 8 [ 594.493239][ T9273] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 594.530262][ T6472] udevd[6472]: incorrect cramfs checksum on /dev/loop0 [ 594.543022][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.686512][ T9274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.913'. [ 595.253342][ T9279] netlink: 'syz.2.915': attribute type 4 has an invalid length. [ 595.261966][ T9279] netlink: 152 bytes leftover after parsing attributes in process `syz.2.915'. [ 595.490351][ T9279] .`: renamed from bond0 (while UP) [ 595.851739][ T9269] loop3: detected capacity change from 0 to 32768 [ 595.880098][ T9269] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.912 (9269) [ 595.966411][ T9269] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 596.112718][ T9269] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 596.454946][ T9269] BTRFS info (device loop3): force zlib compression, level 3 [ 596.914879][ T9269] BTRFS info (device loop3): force clearing of disk cache [ 596.922448][ T9269] BTRFS info (device loop3): use zlib compression, level 3 [ 596.984704][ T9269] BTRFS info (device loop3): allowing degraded mounts [ 597.035003][ T9269] BTRFS info (device loop3): turning on sync discard [ 597.041765][ T9269] BTRFS info (device loop3): using free space tree [ 597.168248][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 597.187282][ T9295] netlink: 48 bytes leftover after parsing attributes in process `syz.2.918'. [ 597.208008][ T9295] netlink: 48 bytes leftover after parsing attributes in process `syz.2.918'. [ 599.111157][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 599.111841][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 599.195289][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 599.206927][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 599.219579][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 599.238906][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 599.290777][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 599.375045][ T9269] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 599.437671][ T9269] BTRFS error (device loop3): open_ctree failed: -12 [ 599.678297][ T6472] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by udevd (6472) [ 599.782858][ T9310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.919'. [ 599.969015][ T9312] loop2: detected capacity change from 0 to 512 [ 600.072062][ T9312] EXT4-fs (loop2): 1 truncate cleaned up [ 600.128722][ T9312] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 600.268975][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 600.731035][ T9327] loop2: detected capacity change from 0 to 2048 [ 600.936476][ T9327] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 600.949282][ T9327] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 601.020476][ T9327] overlayfs: missing 'lowerdir' [ 601.426241][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.049116][ T9319] loop0: detected capacity change from 0 to 32768 [ 602.773821][ T9343] netlink: 48 bytes leftover after parsing attributes in process `syz.3.928'. [ 602.786048][ T9343] netlink: 48 bytes leftover after parsing attributes in process `syz.3.928'. [ 602.899975][ T9319] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 604.649804][ T9319] XFS (loop0): Ending clean mount [ 604.769567][ T5768] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 605.467994][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.2.929'. [ 605.727635][ T9363] ubi: mtd0 is already attached to ubi31 [ 606.117858][ T9368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.933'. [ 606.323180][ T9371] loop0: detected capacity change from 0 to 2048 [ 606.773901][ T9371] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 606.786875][ T9371] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 606.871522][ T9371] overlayfs: missing 'lowerdir' [ 607.176404][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 607.359386][ T9376] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.368646][ T9376] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.377483][ T9376] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.386276][ T9376] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.397532][ T9376] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.407099][ T9376] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.417512][ T9376] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.426904][ T9376] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.522695][ T9377] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.531899][ T9377] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.541689][ T9377] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.550862][ T9377] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.575161][ T9377] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.584135][ T9377] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.593247][ T9377] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.602352][ T9377] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 607.850447][ T9384] loop0: detected capacity change from 0 to 512 [ 607.877036][ T9384] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.937: corrupted in-inode xattr: invalid size in ea xattr [ 607.901306][ T9384] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.937: couldn't read orphan inode 15 (err -117) [ 607.972110][ T9384] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 607.995443][ T9388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.938'. [ 608.004761][ T9388] netlink: 24 bytes leftover after parsing attributes in process `syz.2.938'. [ 608.016469][ T9388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.938'. [ 608.026581][ T9388] netlink: 24 bytes leftover after parsing attributes in process `syz.2.938'. [ 608.555946][ T9384] EXT4-fs (loop0): shut down requested (1) [ 608.920517][ T9384] fuse: Unknown parameter '00000000000000000000' [ 610.844276][ T9397] netlink: 48 bytes leftover after parsing attributes in process `syz.3.939'. [ 610.857098][ T9397] netlink: 48 bytes leftover after parsing attributes in process `syz.3.939'. [ 614.107075][ T9412] loop3: detected capacity change from 0 to 2048 [ 614.173287][ T9412] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 614.379127][ T9418] loop1: detected capacity change from 0 to 2048 [ 615.660688][ T9417] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 616.535004][ T9418] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 616.547991][ T9418] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 616.617759][ T9418] overlayfs: missing 'workdir' [ 616.806831][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.965210][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.066099][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.235736][ T9427] netlink: 4 bytes leftover after parsing attributes in process `syz.3.945'. [ 617.616764][ T9438] ubi: mtd0 is already attached to ubi31 [ 617.879416][ T9439] loop3: detected capacity change from 0 to 4096 [ 617.922420][ T9439] NILFS (loop3): invalid segment: Checksum error in segment payload [ 617.948065][ T9439] NILFS (loop3): trying rollback from an earlier position [ 618.035871][ T9439] NILFS (loop3): recovery complete [ 618.049762][ T9440] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 618.212807][ T9443] netlink: 8 bytes leftover after parsing attributes in process `syz.2.949'. [ 618.222133][ T9443] netlink: 24 bytes leftover after parsing attributes in process `syz.2.949'. [ 618.234405][ T9443] netlink: 8 bytes leftover after parsing attributes in process `syz.2.949'. [ 618.243373][ T9443] netlink: 24 bytes leftover after parsing attributes in process `syz.2.949'. [ 621.909840][ T9460] loop2: detected capacity change from 0 to 64 [ 622.836998][ T9464] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 622.845976][ T9464] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 622.855185][ T9464] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 622.864089][ T9464] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 622.898193][ T9464] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 622.907246][ T9464] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 622.916527][ T9464] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 622.926216][ T9464] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 623.031313][ T9465] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 623.040297][ T9465] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 623.049331][ T9465] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 623.058095][ T9465] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 623.172680][ T9465] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 623.184579][ T9465] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 623.193917][ T9465] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 623.203087][ T9465] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 623.420760][ T9454] loop1: detected capacity change from 0 to 32768 [ 623.458460][ T9454] [ 623.458460][ T9454] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.458460][ T9454] [ 623.547577][ T6110] [ 623.547577][ T6110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.547577][ T6110] [ 623.595609][ T6110] [ 623.595609][ T6110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.595609][ T6110] [ 623.620159][ T9454] [ 623.620159][ T9454] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.620159][ T9454] [ 623.653284][ T113] [ 623.653284][ T113] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.653284][ T113] [ 623.683741][ T9454] [ 623.683741][ T9454] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.683741][ T9454] [ 623.769997][ T5769] [ 623.769997][ T5769] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.769997][ T5769] [ 623.791765][ T5769] [ 623.791765][ T5769] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 623.791765][ T5769] [ 624.395296][ T9475] netlink: 28 bytes leftover after parsing attributes in process `syz.1.958'. [ 624.404359][ T9475] netlink: 20 bytes leftover after parsing attributes in process `syz.1.958'. [ 624.646707][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.653625][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.666300][ T9474] ubi: mtd0 is already attached to ubi31 [ 625.748568][ T9485] loop0: detected capacity change from 0 to 8 [ 625.910551][ T6472] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 625.920465][ T9485] netlink: 'syz.0.962': attribute type 10 has an invalid length. [ 626.490712][ T9490] netlink: 8 bytes leftover after parsing attributes in process `syz.1.964'. [ 626.500128][ T9490] netlink: 24 bytes leftover after parsing attributes in process `syz.1.964'. [ 626.512423][ T9490] netlink: 8 bytes leftover after parsing attributes in process `syz.1.964'. [ 626.521606][ T9490] netlink: 24 bytes leftover after parsing attributes in process `syz.1.964'. [ 629.010203][ T9503] loop3: detected capacity change from 0 to 64 [ 629.108431][ T9505] syz.0.966: attempt to access beyond end of device [ 629.108431][ T9505] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 629.125747][ T9505] netlink: 'syz.0.966': attribute type 2 has an invalid length. [ 629.133520][ T9505] netlink: 'syz.0.966': attribute type 1 has an invalid length. [ 629.141685][ T9505] netlink: 'syz.0.966': attribute type 1 has an invalid length. [ 630.642725][ T9512] netlink: 28 bytes leftover after parsing attributes in process `syz.3.969'. [ 630.665030][ T9512] netlink: 20 bytes leftover after parsing attributes in process `syz.3.969'. [ 631.282435][ T9517] ubi: mtd0 is already attached to ubi31 [ 632.867547][ T9529] loop2: detected capacity change from 0 to 8 [ 633.118569][ T6472] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 633.125269][ T9528] netlink: 'syz.2.974': attribute type 10 has an invalid length. [ 633.221651][ T9533] syz.3.975: attempt to access beyond end of device [ 633.221651][ T9533] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 633.237907][ T9533] netlink: 'syz.3.975': attribute type 2 has an invalid length. [ 633.245806][ T9533] netlink: 'syz.3.975': attribute type 1 has an invalid length. [ 633.253619][ T9533] netlink: 'syz.3.975': attribute type 1 has an invalid length. [ 634.140365][ T9537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.976'. [ 634.149560][ T9537] netlink: 24 bytes leftover after parsing attributes in process `syz.3.976'. [ 634.161886][ T9537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.976'. [ 634.170911][ T9537] netlink: 24 bytes leftover after parsing attributes in process `syz.3.976'. [ 635.528702][ T9541] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 635.537499][ T9541] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 635.546398][ T9541] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 635.555400][ T9541] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 635.965838][ T9541] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 635.974969][ T9541] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 635.984340][ T9541] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 635.993336][ T9541] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 637.219243][ T9540] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.228327][ T9540] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.237116][ T9540] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.245869][ T9540] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 637.268534][ T9546] netlink: 28 bytes leftover after parsing attributes in process `syz.1.979'. [ 637.277760][ T9546] netlink: 20 bytes leftover after parsing attributes in process `syz.1.979'. [ 637.368937][ T9540] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 637.379205][ T9540] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 637.388345][ T9540] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 637.397429][ T9540] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 637.428267][ T9550] loop0: detected capacity change from 0 to 64 [ 640.923321][ T9570] loop1: detected capacity change from 0 to 4096 [ 642.240547][ T9576] loop2: detected capacity change from 0 to 2048 [ 642.284084][ T9576] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 642.944592][ T9579] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 643.116867][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.541553][ T9592] netlink: 8 bytes leftover after parsing attributes in process `syz.2.988'. [ 643.550700][ T9592] netlink: 24 bytes leftover after parsing attributes in process `syz.2.988'. [ 643.567489][ T9592] netlink: 8 bytes leftover after parsing attributes in process `syz.2.988'. [ 643.577086][ T9592] netlink: 24 bytes leftover after parsing attributes in process `syz.2.988'. [ 645.669255][ T9590] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.678374][ T9590] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.687203][ T9590] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.696088][ T9590] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.711729][ T9590] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 645.720993][ T9590] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 645.730178][ T9590] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 645.739442][ T9590] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 645.823227][ T9595] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.832432][ T9595] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.841601][ T9595] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.850747][ T9595] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 645.877771][ T9595] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 645.887313][ T9595] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 645.896551][ T9595] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 645.905915][ T9595] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 646.416521][ T9599] loop2: detected capacity change from 0 to 64 [ 647.375723][ T9602] netlink: 20 bytes leftover after parsing attributes in process `syz.3.992'. [ 648.336048][ T9610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.994'. [ 648.826975][ T9619] loop1: detected capacity change from 0 to 2048 [ 648.936599][ T9619] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 648.949453][ T9619] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 649.013959][ T9619] overlayfs: missing 'lowerdir' [ 649.463927][ T9618] loop3: detected capacity change from 0 to 2048 [ 649.528298][ T9625] netlink: 8 bytes leftover after parsing attributes in process `syz.0.998'. [ 649.537795][ T9625] netlink: 24 bytes leftover after parsing attributes in process `syz.0.998'. [ 649.549996][ T9625] netlink: 8 bytes leftover after parsing attributes in process `syz.0.998'. [ 649.559966][ T9625] netlink: 24 bytes leftover after parsing attributes in process `syz.0.998'. [ 649.891369][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.953852][ T9618] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 652.722634][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.771127][ T9637] loop3: detected capacity change from 0 to 64 [ 654.406657][ T9638] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 654.416373][ T9638] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 654.426027][ T9638] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 654.435177][ T9638] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 654.451037][ T9638] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 654.460269][ T9638] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 654.469627][ T9638] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 654.478920][ T9638] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 655.634306][ T9639] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 655.644559][ T9639] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 655.653307][ T9639] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 655.662286][ T9639] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 655.676352][ T9639] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 655.686977][ T9639] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 655.696462][ T9639] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 655.705932][ T9639] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.035424][ T9653] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1005'. [ 656.036200][ T9651] loop2: detected capacity change from 0 to 4096 [ 656.927631][ T9660] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1007'. [ 657.255530][ T9667] loop1: detected capacity change from 0 to 2048 [ 657.336165][ T9667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 658.087432][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 658.638996][ T9677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1010'. [ 658.648191][ T9677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1010'. [ 658.660453][ T9677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1010'. [ 658.669521][ T9677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1010'. [ 661.147691][ T9684] loop3: detected capacity change from 0 to 64 [ 663.196505][ T9693] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1014'. [ 663.637326][ T9698] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.646214][ T9698] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.655072][ T9698] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.664268][ T9698] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.682941][ T9698] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.692721][ T9698] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.701706][ T9698] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.711025][ T9698] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.771163][ T9700] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.780069][ T9700] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.789303][ T9700] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.798369][ T9700] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 663.817726][ T9700] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.826852][ T9700] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.836817][ T9700] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.846571][ T9700] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 663.938205][ T9706] loop0: detected capacity change from 0 to 4096 [ 663.987714][ T9708] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 665.725090][ T9722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1021'. [ 665.734318][ T9722] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1021'. [ 665.752283][ T9722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1021'. [ 665.761945][ T9722] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1021'. [ 668.413933][ T9729] loop0: detected capacity change from 0 to 64 [ 670.245866][ T9739] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1024'. [ 670.582864][ T9743] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1027'. [ 670.620275][ T9743] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1027'. [ 670.811754][ T9745] loop1: detected capacity change from 0 to 4096 [ 672.996875][ T9764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1032'. [ 673.006632][ T9764] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1032'. [ 673.019116][ T9764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1032'. [ 673.028334][ T9764] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1032'. [ 675.466533][ T9770] loop0: detected capacity change from 0 to 64 [ 677.122814][ T9778] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1035'. [ 677.262240][ T9783] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1037'. [ 677.286275][ T9783] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1037'. [ 678.582073][ T9794] loop1: detected capacity change from 0 to 4096 [ 680.207595][ T9803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1043'. [ 680.218056][ T9803] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1043'. [ 680.230811][ T9803] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1043'. [ 680.240404][ T9803] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1043'. [ 682.647148][ T9810] loop3: detected capacity change from 0 to 64 [ 683.678218][ T9808] loop1: detected capacity change from 0 to 8192 [ 685.137733][ T9808] loop1: p4 < > [ 685.350406][ T9823] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1047'. [ 685.570482][ T9825] loop0: detected capacity change from 0 to 4096 [ 686.081765][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.088615][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.231331][ T9835] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.240294][ T9835] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.249460][ T9835] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.258449][ T9835] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.275022][ T9835] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 687.284625][ T9835] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 687.293673][ T9835] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 687.303740][ T9835] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 687.483952][ T9836] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.493464][ T9836] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.503158][ T9836] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.512328][ T9836] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 687.539662][ T9840] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1048'. [ 687.641080][ T9836] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 687.650897][ T9836] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 687.660015][ T9836] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 687.669345][ T9836] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 688.714316][ T9852] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1054'. [ 688.724094][ T9852] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1054'. [ 688.737188][ T9852] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1054'. [ 688.747258][ T9852] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1054'. [ 690.738626][ T9851] loop2: detected capacity change from 0 to 64 [ 693.410808][ T9872] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1061'. [ 693.928171][ T9879] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1062'. [ 694.050928][ T9873] loop2: detected capacity change from 0 to 8192 [ 694.161082][ T9873] loop2: p4 < > [ 694.330696][ T9884] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1058'. [ 694.398358][ T9885] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.407796][ T9885] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.416660][ T9885] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.425508][ T9885] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.459912][ T9885] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 694.469273][ T9885] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 694.479282][ T9885] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 694.488269][ T9885] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 694.584106][ T9886] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.593402][ T9886] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.602428][ T9886] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.611788][ T9886] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 694.628929][ T9886] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 694.638371][ T9886] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 694.647908][ T9886] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 694.658252][ T9886] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 696.886899][ T9901] loop1: detected capacity change from 0 to 64 [ 697.954578][ T9905] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1069'. [ 697.963874][ T9905] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1069'. [ 697.976628][ T9905] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1069'. [ 697.985830][ T9905] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1069'. [ 700.190349][ T9909] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1070'. [ 701.238075][ T9914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1071'. [ 701.757409][ T9921] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1073'. [ 702.386985][ T9928] syz.1.1074: attempt to access beyond end of device [ 702.386985][ T9928] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 702.418279][ T9928] netlink: 'syz.1.1074': attribute type 2 has an invalid length. [ 702.426519][ T9928] netlink: 'syz.1.1074': attribute type 1 has an invalid length. [ 702.569184][ T9929] loop1: detected capacity change from 0 to 128 [ 703.730582][ T9934] loop0: detected capacity change from 0 to 64 [ 704.692921][ T9935] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 704.702513][ T9935] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 704.711643][ T9935] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 704.720485][ T9935] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 704.732031][ T9935] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 704.741111][ T9935] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 704.750048][ T9935] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 704.759123][ T9935] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 705.426514][ T9938] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 705.437385][ T9938] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 705.446637][ T9938] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 705.455809][ T9938] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 705.554196][ T9938] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 705.563692][ T9938] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 705.573259][ T9938] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 705.582580][ T9938] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 707.371377][ T9948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1079'. [ 707.380810][ T9948] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1079'. [ 707.390452][ T9950] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1079'. [ 707.399668][ T9950] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1079'. [ 708.243987][ T9957] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1080'. [ 708.472594][ T9959] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1082'. [ 708.558994][ T9962] loop1: detected capacity change from 0 to 512 [ 708.596034][ T9962] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.1081: corrupted in-inode xattr: invalid size in ea xattr [ 708.628762][ T9962] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1081: couldn't read orphan inode 15 (err -117) [ 708.709733][ T9962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 708.851158][ T9966] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1083'. [ 708.883979][ T9962] EXT4-fs (loop1): shut down requested (1) [ 709.301956][ T9970] syz.0.1084: attempt to access beyond end of device [ 709.301956][ T9970] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 709.319338][ T9970] netlink: 'syz.0.1084': attribute type 2 has an invalid length. [ 709.327687][ T9970] netlink: 'syz.0.1084': attribute type 1 has an invalid length. [ 709.373826][ T9970] loop0: detected capacity change from 0 to 128 [ 711.209648][ T9978] loop0: detected capacity change from 0 to 64 [ 712.390497][ T9984] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1089'. [ 713.736876][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 715.071709][ T9995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1092'. [ 715.081442][ T9995] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1092'. [ 715.096052][ T9995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1092'. [ 715.105385][ T9995] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1092'. [ 716.484123][ T9999] loop2: detected capacity change from 0 to 8192 [ 716.544086][ T9999] loop2: p4 < > [ 718.249721][T10003] loop1: detected capacity change from 0 to 2048 [ 718.376021][T10003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 718.688515][T10006] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 719.568244][ T9776] udevd[9776]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 720.387769][T10017] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1093'. [ 720.487450][T10021] loop2: detected capacity change from 0 to 64 [ 721.524744][T10026] loop2: detected capacity change from 0 to 512 [ 722.330891][T10026] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.1100: corrupted in-inode xattr: invalid size in ea xattr [ 722.895946][T10026] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.1100: couldn't read orphan inode 15 (err -117) [ 722.910598][T10026] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 723.034556][T10026] EXT4-fs (loop2): shut down requested (1) [ 723.253040][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.472496][T10035] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1102'. [ 723.841702][T10038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1103'. [ 723.852315][T10038] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1103'. [ 723.867837][T10038] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1103'. [ 723.877407][T10038] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1103'. [ 725.519745][T10042] loop3: detected capacity change from 0 to 8192 [ 725.579275][T10042] loop3: p4 < > [ 728.083734][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 731.760821][ T9776] udevd[9776]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 731.785082][T10065] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1111'. [ 732.203800][T10068] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1113'. [ 732.213244][T10068] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1113'. [ 732.225715][T10068] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1113'. [ 732.235106][T10068] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1113'. [ 736.146398][T10078] loop0: detected capacity change from 0 to 512 [ 736.265027][T10078] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.1115: corrupted in-inode xattr: invalid size in ea xattr [ 736.293897][T10078] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.1115: couldn't read orphan inode 15 (err -117) [ 736.313630][T10078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 736.365517][T10078] EXT4-fs (loop0): shut down requested (1) [ 736.622405][T10083] loop2: detected capacity change from 0 to 8192 [ 736.683855][T10083] loop2: p4 < > [ 737.452736][T10091] loop2: detected capacity change from 0 to 64 [ 737.570803][T10080] udevd[10080]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 738.584222][T10098] syz.3.1114: attempt to access beyond end of device [ 738.584222][T10098] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 738.670301][T10099] loop3: detected capacity change from 0 to 128 [ 741.146329][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 741.319538][T10112] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1123'. [ 741.390366][T10115] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1121'. [ 742.704275][T10124] loop1: detected capacity change from 0 to 64 [ 742.980459][T10122] loop0: detected capacity change from 0 to 8192 [ 743.296871][T10122] loop0: p4 < > [ 744.155035][T10130] syz.1.1128: attempt to access beyond end of device [ 744.155035][T10130] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 744.238002][T10131] loop1: detected capacity change from 0 to 128 [ 744.683562][T10133] loop0: detected capacity change from 0 to 512 [ 744.793632][T10080] udevd[10080]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 744.914777][T10133] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.1130: corrupted in-inode xattr: invalid size in ea xattr [ 744.949734][T10133] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.1130: couldn't read orphan inode 15 (err -117) [ 745.037138][T10133] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 745.580814][T10133] EXT4-fs (loop0): shut down requested (1) [ 745.627437][T10141] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1124'. [ 745.636676][T10141] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1124'. [ 745.649034][T10141] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1124'. [ 745.658996][T10141] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1124'. [ 747.573295][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.599921][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.515701][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 748.832470][T10152] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1134'. [ 748.852134][T10153] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1133'. [ 749.336539][T10161] loop0: detected capacity change from 0 to 64 [ 754.358319][T10184] loop0: detected capacity change from 0 to 512 [ 754.385392][T10184] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.1141: corrupted in-inode xattr: invalid size in ea xattr [ 754.462902][T10184] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.1141: couldn't read orphan inode 15 (err -117) [ 754.525926][T10184] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 754.617405][T10189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1142'. [ 754.627069][T10189] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1142'. [ 754.640121][T10189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1142'. [ 754.653510][T10189] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1142'. [ 754.785144][T10184] EXT4-fs (loop0): shut down requested (1) [ 758.254961][T10208] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1139'. [ 758.970502][T10206] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 758.979334][T10206] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 758.988278][T10206] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 758.997066][T10206] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 761.284696][T10206] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 761.293667][T10206] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 761.303225][T10206] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 761.313345][T10206] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 761.356104][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 761.486948][T10219] loop2: detected capacity change from 0 to 64 [ 761.503420][T10222] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1144'. [ 761.588218][T10209] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 761.598071][T10209] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 761.607573][T10209] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 761.616640][T10209] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 762.283966][T10209] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 762.293383][T10209] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 762.302677][T10209] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 762.312125][T10209] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 762.365662][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1145'. [ 764.444895][T10243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1151'. [ 764.454550][T10243] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1151'. [ 764.470079][T10243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1151'. [ 764.479589][T10243] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1151'. [ 766.683631][T10246] loop3: detected capacity change from 0 to 512 [ 766.754131][T10246] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.1152: corrupted in-inode xattr: invalid size in ea xattr [ 766.774577][T10246] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1152: couldn't read orphan inode 15 (err -117) [ 766.797545][T10246] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 766.894609][T10246] EXT4-fs (loop3): shut down requested (1) [ 767.582751][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 767.754225][T10260] loop3: detected capacity change from 0 to 64 [ 768.128100][T10265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1154'. [ 770.725794][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1156'. [ 773.240524][T10286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1162'. [ 773.250108][T10286] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1162'. [ 773.262729][T10286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1162'. [ 773.271908][T10286] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1162'. [ 773.437887][ T787] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 773.736913][ T787] usb 1-1: Using ep0 maxpacket: 16 [ 773.806592][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 773.891319][ T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 774.007466][ T787] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 774.216950][ T787] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 774.367732][ T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 774.619079][ T787] usb 1-1: config 0 descriptor?? [ 776.140799][T10292] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1164'. [ 777.294063][ T787] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max [ 777.317985][T10294] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1159'. [ 777.422411][ T787] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max [ 777.433704][ T787] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max [ 777.456807][ T787] microsoft 0003:045E:07DA.0001: No inputs registered, leaving [ 777.505842][ T787] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 777.557306][ T787] microsoft 0003:045E:07DA.0001: no inputs found [ 777.588950][ T787] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway [ 777.620184][T10299] loop3: detected capacity change from 0 to 64 [ 777.762339][ T787] usb 1-1: USB disconnect, device number 2 [ 780.130993][T10300] fido_id[10300]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 780.131523][T10309] loop1: detected capacity change from 0 to 2048 [ 780.291588][T10309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 780.499183][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 781.487226][T10326] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1173'. [ 782.209235][T10324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1174'. [ 782.222028][T10324] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1174'. [ 782.236896][T10324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1174'. [ 782.246448][T10324] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1174'. [ 784.136238][T10330] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1175'. [ 784.308297][T10332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1169'. [ 785.817670][T10341] loop2: detected capacity change from 0 to 512 [ 785.911095][T10344] loop1: detected capacity change from 0 to 512 [ 785.944436][T10341] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.1178: corrupted in-inode xattr: invalid size in ea xattr [ 786.048277][T10344] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 786.058166][T10341] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.1178: couldn't read orphan inode 15 (err -117) [ 786.060803][T10341] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 786.344821][T10341] EXT4-fs (loop2): shut down requested (1) [ 786.360731][T10344] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.1180: iget: bad i_size value: 38620345925642 [ 786.691334][T10344] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1180: couldn't read orphan inode 15 (err -117) [ 786.719672][T10344] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 787.081893][T10350] loop0: detected capacity change from 0 to 8192 [ 787.141255][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 787.180529][T10350] loop0: p4 < > [ 787.249445][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 787.577258][T10357] loop2: detected capacity change from 0 to 2048 [ 787.716955][T10357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 787.753221][T10364] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1185'. [ 787.912944][T10366] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1184'. [ 787.923454][T10366] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1184'. [ 787.939607][T10366] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1184'. [ 787.951369][T10366] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1184'. [ 790.260506][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.427884][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 790.547145][T10371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1186'. [ 790.565603][T10372] loop3: detected capacity change from 0 to 64 [ 793.728553][T10389] netlink: 'syz.0.1191': attribute type 4 has an invalid length. [ 793.737384][T10389] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1191'. [ 793.793935][T10389] .`: renamed from bond0 (while UP) [ 794.381477][T10395] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1193'. [ 795.740905][T10400] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1195'. [ 795.831844][T10404] loop2: detected capacity change from 0 to 64 [ 795.852780][T10402] loop3: detected capacity change from 0 to 2048 [ 795.925904][T10402] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 796.188593][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 797.462513][T10415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1199'. [ 797.473913][T10415] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1199'. [ 797.487402][T10415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1199'. [ 797.496773][T10415] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1199'. [ 798.240627][T10420] loop1: detected capacity change from 0 to 512 [ 798.718653][T10420] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.1190: corrupted in-inode xattr: invalid size in ea xattr [ 799.017274][T10420] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1190: couldn't read orphan inode 15 (err -117) [ 799.340892][T10420] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 800.102694][T10420] EXT4-fs (loop1): shut down requested (1) [ 801.748794][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.172865][T10431] netlink: 'syz.2.1203': attribute type 4 has an invalid length. [ 802.184276][T10431] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1203'. [ 802.809792][T10435] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1205'. [ 802.841097][T10434] loop1: detected capacity change from 0 to 256 [ 802.910383][T10434] exfat: Deprecated parameter 'utf8' [ 802.924588][T10434] exfat: Deprecated parameter 'utf8' [ 802.944016][T10434] exfat: Deprecated parameter 'utf8' [ 802.962412][T10437] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1206'. [ 802.985952][T10434] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d) [ 803.121463][T10439] loop3: detected capacity change from 0 to 64 [ 803.452623][T10444] kernel profiling enabled (shift: 9) [ 803.463096][T10442] loop2: detected capacity change from 0 to 2048 [ 803.524280][T10442] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 805.363443][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 805.573026][T10459] loop3: detected capacity change from 0 to 512 [ 805.746299][T10467] netlink: 'syz.0.1214': attribute type 4 has an invalid length. [ 805.754958][T10467] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1214'. [ 805.780161][T10459] EXT4-fs error (device loop3): ext4_iget_extra_inode:4732: inode #15: comm syz.3.1212: corrupted in-inode xattr: invalid size in ea xattr [ 805.870591][T10459] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1212: couldn't read orphan inode 15 (err -117) [ 805.883704][T10465] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1215'. [ 806.061599][T10459] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 806.617123][T10459] EXT4-fs (loop3): shut down requested (1) [ 806.862949][T10473] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1216'. [ 807.393016][T10477] loop0: detected capacity change from 0 to 64 [ 807.427328][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 807.801092][T10488] syz.1.1219: attempt to access beyond end of device [ 807.801092][T10488] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 808.976413][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.986856][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.334782][T10502] netlink: 'syz.0.1225': attribute type 4 has an invalid length. [ 809.345305][T10502] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1225'. [ 810.170913][T10506] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1226'. [ 810.215701][T10508] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1227'. [ 810.392642][T10493] loop2: detected capacity change from 0 to 32768 [ 810.580009][T10510] loop0: detected capacity change from 0 to 512 [ 810.625989][T10512] loop1: detected capacity change from 0 to 64 [ 810.656478][T10510] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.1228: corrupted in-inode xattr: invalid size in ea xattr [ 810.704051][T10510] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.1228: couldn't read orphan inode 15 (err -117) [ 810.785326][T10510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 810.862028][T10510] EXT4-fs (loop0): shut down requested (1) [ 811.249228][T10520] loop1: detected capacity change from 0 to 4096 [ 811.317842][T10520] EXT4-fs: inline encryption not supported [ 811.449478][T10520] EXT4-fs (loop1): Test dummy encryption mode enabled [ 811.628160][T10520] EXT4-fs (loop1): stripe (4) is not aligned with cluster size (16), stripe is disabled [ 812.063757][T10520] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 812.112273][T10532] syz.3.1233: attempt to access beyond end of device [ 812.112273][T10532] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 812.515924][T10520] System zones: 0-5 [ 812.559176][T10520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 814.626669][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 814.710531][T10540] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1237'. [ 814.919802][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 815.405180][T10544] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1236'. [ 817.115014][T10563] syz.3.1243: attempt to access beyond end of device [ 817.115014][T10563] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 818.469322][T10567] loop0: detected capacity change from 0 to 512 [ 818.543545][T10567] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.1244: corrupted in-inode xattr: invalid size in ea xattr [ 818.609853][T10567] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.1244: couldn't read orphan inode 15 (err -117) [ 818.703495][T10567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 818.916898][T10567] EXT4-fs (loop0): shut down requested (1) [ 820.096535][T10582] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1249'. [ 820.158382][T10585] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1250'. [ 820.854567][T10594] mmap: syz.3.1251 (10594) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 821.783555][T10593] syz.3.1251 (10593) used greatest stack depth: 17384 bytes left [ 824.730161][T10620] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1259'. [ 825.034804][T10622] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1260'. [ 825.108453][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 825.485521][T10630] overlayfs: failed to clone upperpath [ 825.819616][T10636] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 825.829094][T10636] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 825.840473][T10636] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 825.853110][T10636] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 825.888244][T10636] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 825.899382][T10636] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 825.908924][T10636] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 825.918274][T10636] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 828.751569][T10637] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 828.761151][T10637] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 828.771237][T10637] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 828.781413][T10637] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 828.810219][T10644] loop3: detected capacity change from 0 to 512 [ 828.831027][T10644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 828.831882][T10646] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1269'. [ 828.908071][T10644] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.1268: iget: bad i_size value: 38620345925642 [ 828.914898][T10637] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 828.932253][T10637] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 828.942000][T10637] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 828.951786][T10637] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 828.965494][T10644] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1268: couldn't read orphan inode 15 (err -117) [ 828.994293][T10644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 829.120606][T10651] loop1: detected capacity change from 0 to 512 [ 829.143652][T10651] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.1270: corrupted in-inode xattr: invalid size in ea xattr [ 829.167682][T10651] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1270: couldn't read orphan inode 15 (err -117) [ 829.188394][T10651] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 829.228198][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 829.333930][T10651] EXT4-fs (loop1): shut down requested (1) [ 829.401074][T10654] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1271'. [ 830.583322][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 831.625625][T10680] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1280'. [ 831.753429][T10682] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1281'. [ 832.219452][T10691] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 832.228709][T10691] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 832.237993][T10691] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 832.247239][T10691] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 832.440490][T10691] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 832.450192][T10691] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 832.459544][T10691] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 832.469010][T10691] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 833.326407][T10692] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 833.336384][T10692] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 833.345462][T10692] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 833.354848][T10692] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 833.801789][T10692] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 833.811729][T10692] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 833.823853][T10692] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 833.836666][T10692] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 836.955107][T10705] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1289'. [ 836.973817][T10707] loop2: detected capacity change from 0 to 512 [ 836.992410][T10707] EXT4-fs: Ignoring removed orlov option [ 837.049642][T10707] EXT4-fs (loop2): Test dummy encryption mode enabled [ 837.094432][T10707] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 837.141456][T10711] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1292'. [ 837.164563][T10707] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 837.268390][T10707] EXT4-fs (loop2): 1 truncate cleaned up [ 837.278286][T10707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 837.630719][T10726] loop0: detected capacity change from 0 to 512 [ 837.757438][T10707] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 837.861422][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 838.064093][T10740] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1301'. [ 838.174754][T10744] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 838.183894][T10744] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 838.193729][T10744] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 838.204066][T10744] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 838.344882][T10744] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 838.354237][T10744] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 838.363397][T10744] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 838.372425][T10744] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 838.872125][T10745] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 838.881195][T10745] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 838.890333][T10745] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 838.899402][T10745] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 839.153415][T10745] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 839.163048][T10745] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 839.172395][T10745] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 839.181603][T10745] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 839.637609][T10746] input: syz1 as /devices/virtual/input/input6 [ 842.371970][T10767] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1306'. [ 842.451075][T10771] loop3: detected capacity change from 0 to 512 [ 842.626318][T10296] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 844.026565][T10787] loop1: detected capacity change from 0 to 128 [ 844.961245][T10785] loop2: detected capacity change from 0 to 1024 [ 845.005020][T10785] EXT4-fs: Ignoring removed nomblk_io_submit option [ 845.749458][T10785] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 846.328186][ T6069] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 846.565512][ T6069] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 846.613280][ T6069] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 846.675683][ T6069] usb 2-1: New USB device found, idVendor=04b4, idProduct=de64, bcdDevice= 0.00 [ 846.736153][ T6069] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 846.765355][ T6069] usb 2-1: config 0 descriptor?? [ 846.799804][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 847.086346][T10805] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1319'. [ 847.259534][ T6069] cypress 0003:04B4:DE64.0002: hidraw0: USB HID vff.ff Device [HID 04b4:de64] on usb-dummy_hcd.1-1/input0 [ 848.289749][T10391] usb 2-1: USB disconnect, device number 5 [ 848.389776][T10815] loop3: detected capacity change from 0 to 128 [ 848.427838][T10809] fido_id[10809]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 848.456065][T10815] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 848.591022][T10815] ext4 filesystem being mounted at /333/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 849.477054][T10822] overlayfs: failed to clone upperpath [ 849.477680][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 849.926436][T10831] loop2: detected capacity change from 0 to 128 [ 850.447007][T10835] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1328'. [ 850.484819][T10834] loop3: detected capacity change from 0 to 1024 [ 850.580316][T10834] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000c01c, mo2=0002] [ 850.590033][T10834] System zones: 0-1, 3-36 [ 850.603134][T10834] EXT4-fs error (device loop3): ext4_orphan_get:1424: comm syz.3.1324: bad orphan inode 134217728 [ 850.651529][T10834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 850.785110][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 850.957358][T10847] loop3: detected capacity change from 0 to 8 [ 851.904591][ T6069] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 852.584023][ T6069] usb 1-1: config 2 has an invalid interface number: 77 but max is 0 [ 852.622017][T10867] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 852.676810][ T6069] usb 1-1: config 2 has no interface number 0 [ 852.793184][ T6069] usb 1-1: config 2 interface 77 altsetting 13 has an invalid endpoint with address 0x0, skipping [ 852.930440][T10870] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1341'. [ 852.973045][ T6069] usb 1-1: config 2 interface 77 altsetting 13 bulk endpoint 0x82 has invalid maxpacket 253 [ 853.043420][T10871] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1340'. [ 853.346453][ T6069] usb 1-1: config 2 interface 77 has no altsetting 0 [ 853.467883][ T6069] usb 1-1: New USB device found, idVendor=0403, idProduct=e0f7, bcdDevice=4a.ae [ 853.483067][ T6069] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 853.492384][ T6069] usb 1-1: Product: syz [ 853.500700][ T6069] usb 1-1: Manufacturer: syz [ 853.505627][ T6069] usb 1-1: SerialNumber: syz [ 853.520551][T10843] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 853.569085][T10876] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 853.591713][T10874] loop1: detected capacity change from 0 to 8 [ 853.878033][ T6069] ftdi_sio 1-1:2.77: FTDI USB Serial Device converter detected [ 854.184694][ T6069] ftdi_sio ttyUSB0: unknown device type: 0x4aae [ 854.223011][ T6069] usb 1-1: USB disconnect, device number 3 [ 854.868640][ T6069] ftdi_sio 1-1:2.77: device disconnected [ 854.982619][T10885] loop1: detected capacity change from 0 to 8192 [ 855.030566][T10885] loop1: p4 < > [ 855.896072][T10898] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1350'. [ 856.261449][ T78] tipc: Subscription rejected, illegal request [ 857.368040][T10903] loop2: detected capacity change from 0 to 8 [ 857.466717][T10296] I/O error, dev loop1, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 857.719837][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 857.749790][T10907] loop2: detected capacity change from 0 to 4096 [ 857.825707][T10909] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1352'. [ 857.862402][T10907] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 858.697861][T10907] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 859.095740][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 859.958458][T10937] loop1: detected capacity change from 0 to 8 [ 860.060125][T10296] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 861.446020][T10945] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1366'. [ 861.574667][T10943] loop1: detected capacity change from 0 to 4096 [ 861.683496][T10943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 861.904471][T10943] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 861.932560][T10943] EXT4-fs (loop1): Online resizing not supported with bigalloc [ 862.309030][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 863.231209][T10959] x_tables: duplicate underflow at hook 3 [ 863.768163][T10964] loop1: detected capacity change from 0 to 128 [ 863.831018][T10964] EXT4-fs (loop1): Test dummy encryption mode enabled [ 863.890542][T10964] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 863.908647][T10964] ext4 filesystem being mounted at /340/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 864.290924][T10973] loop0: detected capacity change from 0 to 8 [ 864.550633][ T5769] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 865.654013][T10982] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1377'. [ 867.190710][T11001] loop1: detected capacity change from 0 to 2048 [ 867.294951][T11006] loop3: detected capacity change from 0 to 8 [ 867.346521][T11001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 868.126250][T11012] netlink: 'syz.2.1383': attribute type 4 has an invalid length. [ 868.140471][T11012] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1383'. [ 868.321395][T10213] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 869.229626][T11016] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 869.239009][T11016] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 869.249735][T11016] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 869.259604][T11016] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 870.401952][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 871.384170][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.484919][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 871.644963][T11016] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 871.655076][T11016] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 871.666589][T11016] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 871.676828][T11016] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 871.747702][T11025] syz.3.1387: attempt to access beyond end of device [ 871.747702][T11025] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 871.764156][T11025] netlink: 'syz.3.1387': attribute type 2 has an invalid length. [ 871.772162][T11025] netlink: 'syz.3.1387': attribute type 1 has an invalid length. [ 871.780403][T11025] netlink: 'syz.3.1387': attribute type 1 has an invalid length. [ 872.458246][T11018] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 872.467253][T11018] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 872.473169][T11031] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1388'. [ 872.476856][T11018] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 872.495579][T11018] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 872.519442][T11018] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 872.529836][T11018] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 872.539499][T11018] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 872.548674][T11018] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 874.798097][T11054] loop2: detected capacity change from 0 to 8 [ 875.244914][T10213] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 875.379795][T11061] netlink: 'syz.0.1397': attribute type 4 has an invalid length. [ 875.389905][T11061] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1397'. [ 875.733880][T11067] syz.1.1398: attempt to access beyond end of device [ 875.733880][T11067] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 875.750530][T11067] netlink: 'syz.1.1398': attribute type 2 has an invalid length. [ 875.758626][T11067] netlink: 'syz.1.1398': attribute type 1 has an invalid length. [ 875.766653][T11067] netlink: 'syz.1.1398': attribute type 1 has an invalid length. [ 876.668872][T11070] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1400'. [ 876.804651][T11076] loop3: detected capacity change from 0 to 512 [ 876.991842][T11076] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 877.080130][T11076] EXT4-fs (loop3): orphan cleanup on readonly fs [ 877.373088][T11076] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:512: comm syz.3.1401: Block bitmap for bg 0 marked uninitialized [ 877.804651][T11076] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 877.855960][T11076] EXT4-fs (loop3): 1 orphan inode deleted [ 877.867164][T11076] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 877.972941][T11088] xt_hashlimit: size too large, truncated to 1048576 [ 878.529361][T11083] loop1: detected capacity change from 0 to 32768 [ 879.579263][T11101] syz.1.1407: attempt to access beyond end of device [ 879.579263][T11101] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 879.594989][T11101] netlink: 'syz.1.1407': attribute type 2 has an invalid length. [ 879.602861][T11101] netlink: 'syz.1.1407': attribute type 1 has an invalid length. [ 879.610904][T11101] netlink: 'syz.1.1407': attribute type 1 has an invalid length. [ 879.899509][T11103] loop2: detected capacity change from 0 to 8 [ 879.964821][T10213] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 880.411201][T11110] netlink: 'syz.1.1410': attribute type 4 has an invalid length. [ 880.419745][T11110] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1410'. [ 880.519940][T11110] .`: renamed from bond0 (while UP) [ 881.169426][T11116] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1412'. [ 881.511893][T11076] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 883.056579][T11130] loop2: detected capacity change from 0 to 8 [ 883.946836][T10296] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 884.254561][T11137] overlayfs: missing 'lowerdir' [ 884.566622][T11142] netlink: 'syz.1.1418': attribute type 2 has an invalid length. [ 884.575662][T11142] netlink: 'syz.1.1418': attribute type 1 has an invalid length. [ 884.584519][T11142] netlink: 'syz.1.1418': attribute type 1 has an invalid length. [ 885.029539][T11129] loop3: detected capacity change from 0 to 32768 [ 885.283323][T11140] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 885.303314][T11147] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1421'. [ 885.314981][T11140] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 885.339910][T11140] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 885.350303][T11140] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 885.366889][T11140] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 885.373147][T11140] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 885.383637][T11141] syz.1.1418: attempt to access beyond end of device [ 885.383637][T11141] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 885.767453][T11159] loop1: detected capacity change from 0 to 512 [ 885.829529][T11159] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 886.788649][T11159] EXT4-fs (loop1): orphan cleanup on readonly fs [ 886.859496][T11159] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:512: comm syz.1.1423: Block bitmap for bg 0 marked uninitialized [ 886.913571][T11172] loop2: detected capacity change from 0 to 8 [ 886.918100][T11159] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 886.954519][ T5771] Bluetooth: hci1: command 0x0406 tx timeout [ 887.128417][T11159] EXT4-fs (loop1): 1 orphan inode deleted [ 887.185881][T11159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 887.205730][T11175] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1428'. [ 887.364503][ T5771] Bluetooth: hci2: command 0x0406 tx timeout [ 888.552345][ T5771] Bluetooth: hci3: command 0x0406 tx timeout [ 889.049709][ T5771] Bluetooth: hci1: command 0x0406 tx timeout [ 889.433109][T11159] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 889.442628][ T5771] Bluetooth: hci2: command 0x0406 tx timeout [ 889.521526][T11189] syz.0.1432: attempt to access beyond end of device [ 889.521526][T11189] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 889.537317][T11189] netlink: 'syz.0.1432': attribute type 2 has an invalid length. [ 889.545198][T11189] netlink: 'syz.0.1432': attribute type 1 has an invalid length. [ 889.553667][T11189] netlink: 'syz.0.1432': attribute type 1 has an invalid length. [ 890.384816][T11195] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1434'. [ 890.634432][ T5771] Bluetooth: hci3: command 0x0406 tx timeout [ 891.478952][T11204] loop0: detected capacity change from 0 to 8 [ 891.664458][T11210] loop0: detected capacity change from 0 to 256 [ 891.854142][T11210] syz.0.1439: attempt to access beyond end of device [ 891.854142][T11210] loop0: rw=2049, sector=256, nr_sectors = 288 limit=256 [ 891.945135][T11210] syz.0.1439: attempt to access beyond end of device [ 891.945135][T11210] loop0: rw=2049, sector=608, nr_sectors = 224 limit=256 [ 892.045952][T11213] netlink: 'syz.1.1440': attribute type 72 has an invalid length. [ 892.845494][T11218] overlayfs: missing 'lowerdir' [ 892.863874][T11207] loop3: detected capacity change from 0 to 32768 [ 893.108105][T11222] loop2: detected capacity change from 0 to 4096 [ 893.196950][T11226] syz.1.1443: attempt to access beyond end of device [ 893.196950][T11226] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 893.212775][T11226] netlink: 'syz.1.1443': attribute type 2 has an invalid length. [ 893.220748][T11226] netlink: 'syz.1.1443': attribute type 1 has an invalid length. [ 893.228867][T11226] netlink: 'syz.1.1443': attribute type 1 has an invalid length. [ 893.332194][T11222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 894.077987][T11232] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1446'. [ 894.101483][T11222] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 894.771003][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 895.126216][ T6069] IPVS: starting estimator thread 0... [ 895.176181][T11248] loop2: detected capacity change from 0 to 8 [ 895.224601][T11243] IPVS: using max 19 ests per chain, 45600 per kthread [ 895.235196][T11244] netlink: 'syz.0.1449': attribute type 72 has an invalid length. [ 895.484435][ T5757] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 895.931749][ T5757] usb 4-1: config 0 has no interfaces? [ 896.005287][ T5757] usb 4-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b [ 896.081138][T11254] loop0: detected capacity change from 0 to 2048 [ 896.134679][ T5757] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 896.170946][T11254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 896.176802][ T5757] usb 4-1: config 0 descriptor?? [ 896.263900][T11259] overlayfs: missing 'lowerdir' [ 896.871927][T10391] usb 4-1: USB disconnect, device number 5 [ 897.041157][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 899.569475][T11264] loop2: detected capacity change from 0 to 32768 [ 900.041816][T11278] loop1: detected capacity change from 0 to 8192 [ 900.125655][T11278] loop1: p4 < > [ 900.785766][T11282] netlink: 'syz.2.1460': attribute type 72 has an invalid length. [ 901.350386][T11286] overlayfs: missing 'lowerdir' [ 903.412399][T11294] loop3: detected capacity change from 0 to 2048 [ 903.416567][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 903.619158][T11294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 905.396270][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 905.481670][T11313] netlink: 'syz.2.1468': attribute type 4 has an invalid length. [ 905.490118][T11313] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1468'. [ 906.157425][T11315] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1470'. [ 906.571383][T11322] loop3: detected capacity change from 0 to 8192 [ 906.792933][T11322] loop3: p4 < > [ 907.439404][T11328] overlayfs: missing 'lowerdir' [ 907.691844][T11330] syz.1.1471: attempt to access beyond end of device [ 907.691844][T11330] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 908.697083][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 910.035275][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 910.410109][T11347] tipc: Failed to remove unknown binding: 66,0,0/0:1656031548/1656031549 [ 910.422821][T11347] tipc: Failed to remove unknown binding: 66,0,0/0:1656031548/1656031549 [ 910.724764][ T6069] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 910.984460][ T6069] usb 4-1: Using ep0 maxpacket: 16 [ 911.040061][ T6069] usb 4-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 25 [ 911.053761][ T6069] usb 4-1: config 0 interface 0 has no altsetting 0 [ 911.061199][ T6069] usb 4-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00 [ 911.070852][ T6069] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 911.096218][ T6069] usb 4-1: config 0 descriptor?? [ 911.777440][ T6069] bigben 0003:146B:0902.0003: unexpected rdesc, please submit for review [ 911.798668][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.809060][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.819798][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.829348][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.843924][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.857466][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.952781][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.968713][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 911.986145][T11356] netlink: 'syz.2.1480': attribute type 4 has an invalid length. [ 911.998809][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.004478][T11356] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1480'. [ 912.021773][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.030162][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.037472][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.044733][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.053606][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.060960][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.072992][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.080281][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.081029][T11359] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1481'. [ 912.100514][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.135077][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.158562][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.194600][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.229592][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x7 [ 912.254474][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.277194][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.290407][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.295495][T11361] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 912.300746][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.313539][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.324771][T11361] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 912.334997][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.344533][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.358438][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.366247][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.373251][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.385572][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.392930][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.400795][ T6069] bigben 0003:146B:0902.0003: unknown main item tag 0x0 [ 912.423209][ T6069] bigben 0003:146B:0902.0003: hidraw0: USB HID v0.08 Device [HID 146b:0902] on usb-dummy_hcd.3-1/input0 [ 912.464562][ T6069] bigben 0003:146B:0902.0003: not enough fields in HID_OUTPUT_REPORT 0 [ 912.493023][ T6069] bigben 0003:146B:0902.0003: no output report found [ 912.561820][ T6069] usb 4-1: USB disconnect, device number 6 [ 915.056610][T11364] fido_id[11364]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 915.424548][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 915.639860][T11383] netlink: 'syz.0.1490': attribute type 4 has an invalid length. [ 915.648320][T11383] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1490'. [ 915.677883][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 916.212583][ T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 916.222885][ T9] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 916.246361][ T9] usb 2-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice= 0.40 [ 916.256564][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 916.283788][ T9] usb 2-1: Product: syz [ 916.298592][ T9] usb 2-1: Manufacturer: syz [ 916.303275][ T9] usb 2-1: SerialNumber: syz [ 916.365247][ T9] snd-ua101 2-1:1.1: invalid bNumEndpoints [ 916.406373][ T9] snd-ua101 2-1:1.0: invalid num_altsetting [ 916.485223][T11386] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.1491'. [ 916.556690][T11392] syz.3.1487: attempt to access beyond end of device [ 916.556690][T11392] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 916.566443][T11391] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 916.598337][T11391] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 916.729885][ T9] usb 2-1: USB disconnect, device number 6 [ 918.640410][T11411] loop1: detected capacity change from 0 to 256 [ 918.648742][T11411] exfat: Deprecated parameter 'utf8' [ 918.666621][T11411] exfat: Deprecated parameter 'utf8' [ 918.685263][T11411] exfat: Deprecated parameter 'utf8' [ 918.861033][T11411] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d) [ 919.630807][T11420] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 919.663666][T11420] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 921.961546][T11436] syz.2.1507: attempt to access beyond end of device [ 921.961546][T11436] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 922.156831][T11438] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1506'. [ 924.013330][T11449] overlayfs: missing 'lowerdir' [ 924.089649][T11451] loop1: detected capacity change from 0 to 256 [ 924.147971][T11451] exfat: Deprecated parameter 'utf8' [ 924.153554][T11451] exfat: Deprecated parameter 'utf8' [ 924.178462][T11451] exfat: Deprecated parameter 'utf8' [ 924.232690][T11451] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x0afbdf60, utbl_chksum : 0xe619d30d) [ 924.880205][T11462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1517'. [ 926.565049][T11475] overlayfs: missing 'lowerdir' [ 928.078366][T11491] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1527'. [ 929.666868][T11490] netlink: 'syz.2.1528': attribute type 4 has an invalid length. [ 929.681648][T11490] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1528'. [ 930.940718][T11500] syz.3.1526: attempt to access beyond end of device [ 930.940718][T11500] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 931.155200][T11504] loop2: detected capacity change from 0 to 4096 [ 931.159921][T11506] overlayfs: missing 'lowerdir' [ 931.192964][T11504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 931.466929][T11504] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 931.885640][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.892914][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.256237][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 932.507870][T11497] loop1: detected capacity change from 0 to 32768 [ 933.694346][T11526] netlink: 'syz.2.1539': attribute type 4 has an invalid length. [ 933.856443][T11526] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1539'. [ 934.589796][T11532] overlayfs: missing 'workdir' [ 936.752059][T11548] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 938.167454][ T787] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 938.606637][T11556] loop2: detected capacity change from 0 to 32768 [ 939.042078][ T787] usb 2-1: device descriptor read/64, error -71 [ 939.315652][ T787] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 939.484534][ T787] usb 2-1: device descriptor read/64, error -71 [ 939.696933][ T787] usb usb2-port1: attempt power cycle [ 940.191413][T11572] netlink: 'syz.3.1552': attribute type 4 has an invalid length. [ 940.199809][T11572] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1552'. [ 940.239160][T11572] .`: renamed from bond0 (while UP) [ 940.244535][ T787] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 940.299853][ T787] usb 2-1: device descriptor read/8, error -71 [ 940.584651][ T787] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 940.695462][ T787] usb 2-1: device descriptor read/8, error -71 [ 940.828315][ T787] usb usb2-port1: unable to enumerate USB device [ 941.071660][T11577] overlayfs: missing 'workdir' [ 943.302233][T11590] loop2: detected capacity change from 0 to 32768 [ 944.081879][T11602] loop3: detected capacity change from 0 to 512 [ 944.175988][T11602] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 944.271126][T11605] netlink: 'syz.1.1565': attribute type 4 has an invalid length. [ 944.279733][T11605] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1565'. [ 944.799539][T11602] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.1563: iget: bad i_size value: 38620345925642 [ 944.904745][T11602] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1563: couldn't read orphan inode 15 (err -117) [ 945.129146][T11602] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 945.305082][ T5757] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 945.401637][T11613] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 946.141583][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 946.225081][ T5757] usb 3-1: device descriptor read/64, error -71 [ 946.784654][ T5757] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 947.125356][T11617] loop0: detected capacity change from 0 to 8192 [ 947.137799][ T5757] usb 3-1: device descriptor read/64, error -71 [ 947.210152][T11617] loop0: p4 < > [ 947.310238][ T5757] usb usb3-port1: attempt power cycle [ 947.774566][ T5757] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 947.816368][ T5757] usb 3-1: device descriptor read/8, error -71 [ 948.154914][ T5757] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 948.247991][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 948.423823][ T5757] usb 3-1: device not accepting address 5, error -71 [ 948.424121][ T5757] usb usb3-port1: unable to enumerate USB device [ 948.467651][T11641] netlink: 'syz.2.1574': attribute type 4 has an invalid length. [ 948.467695][T11641] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1574'. [ 948.958785][T11632] loop0: detected capacity change from 0 to 32768 [ 949.708962][T11650] loop3: detected capacity change from 0 to 512 [ 949.937098][T11650] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 950.091470][T11650] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.1576: iget: bad i_size value: 38620345925642 [ 950.134632][T11650] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1576: couldn't read orphan inode 15 (err -117) [ 950.175531][T11650] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 950.346856][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 950.505891][ T5757] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 950.704782][ T5757] usb 2-1: Using ep0 maxpacket: 32 [ 950.712890][ T5757] usb 2-1: config 0 has an invalid interface number: 119 but max is 0 [ 950.722014][T10391] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 950.731104][ T5757] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 950.742838][ T5757] usb 2-1: config 0 has no interface number 0 [ 950.819234][ T5757] usb 2-1: config 0 interface 119 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 950.873633][ T5757] usb 2-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 950.899169][T10391] usb 4-1: device descriptor read/64, error -71 [ 950.905750][ T5757] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 950.914070][ T5757] usb 2-1: Product: syz [ 950.945967][ T5757] usb 2-1: Manufacturer: syz [ 950.956984][ T5757] usb 2-1: SerialNumber: syz [ 950.977270][ T5757] usb 2-1: config 0 descriptor?? [ 951.015396][ T5757] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.119/input/input7 [ 951.397743][T10391] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 951.400914][ T6069] usb 2-1: USB disconnect, device number 11 [ 951.507990][T11675] loop0: detected capacity change from 0 to 8192 [ 951.545538][T11675] loop0: p4 < > [ 951.584437][T10391] usb 4-1: device descriptor read/64, error -71 [ 951.714742][T10391] usb usb4-port1: attempt power cycle [ 951.910713][T11679] netlink: 'syz.0.1585': attribute type 4 has an invalid length. [ 951.919019][T11679] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1585'. [ 952.093244][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 952.234933][T10391] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 953.204127][T10391] usb 4-1: device descriptor read/8, error -71 [ 953.594705][T10391] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 954.413684][T10391] usb 4-1: device descriptor read/8, error -71 [ 954.463679][T11694] loop3: detected capacity change from 0 to 512 [ 954.487690][T11694] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 954.554731][T10391] usb usb4-port1: unable to enumerate USB device [ 954.560304][T11694] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.1591: iget: bad i_size value: 38620345925642 [ 954.803057][T11694] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1591: couldn't read orphan inode 15 (err -117) [ 954.951497][T11694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 955.259217][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 955.711668][T11703] loop3: detected capacity change from 0 to 8192 [ 955.799152][T11703] loop3: p4 < > [ 955.850789][T11698] loop0: detected capacity change from 0 to 32768 [ 956.486176][ T5767] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 956.493915][T10296] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 956.521146][T10296] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 956.561620][T10296] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 956.675422][T10296] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 956.733103][T10296] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 956.785218][T10296] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 956.813666][T10296] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 956.853129][T10296] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 957.931242][T10296] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 957.951964][T11715] loop1: detected capacity change from 0 to 8 [ 957.985268][T10296] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 958.012729][T10296] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 958.025492][T11717] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1595'. [ 958.059867][T11715] netlink: 'syz.1.1598': attribute type 10 has an invalid length. [ 958.068107][T10213] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 958.808741][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 958.850143][T11721] netlink: 'syz.2.1599': attribute type 4 has an invalid length. [ 958.860584][T11721] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1599'. [ 959.002222][T11724] loop1: detected capacity change from 0 to 512 [ 959.023184][T11724] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 959.238134][T11724] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.1601: iget: bad i_size value: 38620345925642 [ 959.296453][T11724] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.1601: couldn't read orphan inode 15 (err -117) [ 959.391628][T11724] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 959.597858][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 960.283741][T11727] loop0: detected capacity change from 0 to 32768 [ 961.023050][T11737] loop2: detected capacity change from 0 to 8192 [ 961.135010][T11737] loop2: p4 < > [ 963.214585][T11749] loop0: detected capacity change from 0 to 8 [ 963.360623][T10213] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 963.375859][T11749] netlink: 'syz.0.1609': attribute type 10 has an invalid length. [ 963.672319][T11753] loop0: detected capacity change from 0 to 512 [ 963.734132][T11753] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 963.797161][T11753] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.1612: iget: bad i_size value: 38620345925642 [ 963.819012][T11753] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.1612: couldn't read orphan inode 15 (err -117) [ 963.887703][T11753] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 964.081999][ T5768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 965.052485][T11770] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1611'. [ 965.695372][T11759] loop1: detected capacity change from 0 to 32768 [ 967.377153][T11784] loop1: detected capacity change from 0 to 8 [ 967.446364][T11784] netlink: 'syz.1.1620': attribute type 10 has an invalid length. [ 967.712190][T11786] loop3: detected capacity change from 0 to 512 [ 967.784506][T11786] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 968.046427][T11786] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.1623: iget: bad i_size value: 38620345925642 [ 968.150474][T11789] loop1: detected capacity change from 0 to 8192 [ 968.161296][T11786] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.1623: couldn't read orphan inode 15 (err -117) [ 968.197735][T11786] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 968.211925][T11796] syz.0.1626: attempt to access beyond end of device [ 968.211925][T11796] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 968.213365][T11789] loop1: p4 < > [ 968.226551][T11796] netlink: 'syz.0.1626': attribute type 2 has an invalid length. [ 968.237447][T11796] netlink: 'syz.0.1626': attribute type 1 has an invalid length. [ 968.245571][T11796] netlink: 'syz.0.1626': attribute type 1 has an invalid length. [ 968.384461][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 968.843270][T11801] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1621'. [ 968.889156][T11799] ubi: mtd0 is already attached to ubi31 [ 968.951549][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 969.843191][T11814] syz.1.1630: attempt to access beyond end of device [ 969.843191][T11814] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 971.522300][T11820] syzkaller0: entered promiscuous mode [ 971.554906][T11820] 0: reclassify loop, rule prio 0, protocol 800 [ 972.053782][T11828] syz.2.1637: attempt to access beyond end of device [ 972.053782][T11828] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 972.069445][T11828] netlink: 'syz.2.1637': attribute type 2 has an invalid length. [ 972.078076][T11828] netlink: 'syz.2.1637': attribute type 1 has an invalid length. [ 972.086166][T11828] netlink: 'syz.2.1637': attribute type 1 has an invalid length. [ 972.127408][T11824] loop3: detected capacity change from 0 to 8192 [ 972.177204][T11824] loop3: p4 < > [ 972.420430][T11832] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1639'. [ 972.649183][T10296] udevd[10296]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 972.834661][T11834] x_tables: ip6_tables: icmp6 match: only valid for protocol 58 [ 973.469276][T11841] syz.1.1641: attempt to access beyond end of device [ 973.469276][T11841] md34: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 974.555591][T11849] ================================================================== [ 974.564594][T11849] BUG: KASAN: slab-use-after-free in dvb_device_open+0xca/0x370 [ 974.572860][T11849] Read of size 8 at addr ffff888141666218 by task syz.3.1643/11849 [ 974.581228][T11849] [ 974.583720][T11849] CPU: 0 PID: 11849 Comm: syz.3.1643 Not tainted syzkaller #0 [ 974.591345][T11849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 974.602391][T11849] Call Trace: [ 974.605699][T11849] [ 974.608640][T11849] dump_stack_lvl+0x18c/0x250 [ 974.613482][T11849] ? __lock_acquire+0x7d40/0x7d40 [ 974.618722][T11849] ? show_regs_print_info+0x20/0x20 [ 974.624012][T11849] ? load_image+0x400/0x400 [ 974.628645][T11849] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 974.634896][T11849] ? __virt_addr_valid+0x18c/0x540 [ 974.640708][T11849] ? __virt_addr_valid+0x469/0x540 [ 974.646713][T11849] print_report+0xa8/0x210 [ 974.651422][T11849] ? dvb_device_open+0xca/0x370 [ 974.656387][T11849] kasan_report+0x117/0x150 [ 974.661296][T11849] ? chrdev_open+0x3e3/0x6a0 [ 974.666482][T11849] ? dvb_device_open+0xca/0x370 [ 974.671461][T11849] dvb_device_open+0xca/0x370 [ 974.676273][T11849] ? do_raw_spin_unlock+0x121/0x230 [ 974.681609][T11849] chrdev_open+0x5cc/0x6a0 [ 974.686082][T11849] ? cd_forget+0x160/0x160 [ 974.690708][T11849] ? fsnotify_perm+0x3ed/0x5e0 [ 974.696141][T11849] ? cd_forget+0x160/0x160 [ 974.700761][T11849] do_dentry_open+0x8c6/0x1500 [ 974.705655][T11849] path_openat+0x27f1/0x3230 [ 974.710414][T11849] ? do_sys_openat2+0xda/0x1d0 [ 974.715336][T11849] ? verify_lock_unused+0x140/0x140 [ 974.720735][T11849] ? do_filp_open+0x430/0x430 [ 974.725465][T11849] ? __virt_addr_valid+0x18c/0x540 [ 974.730686][T11849] do_filp_open+0x1f5/0x430 [ 974.735293][T11849] ? vfs_tmpfile+0x490/0x490 [ 974.739993][T11849] ? _raw_spin_unlock+0x28/0x40 [ 974.744853][T11849] ? alloc_fd+0x58f/0x630 [ 974.749286][T11849] do_sys_openat2+0x134/0x1d0 [ 974.754245][T11849] ? do_sys_open+0xe0/0xe0 [ 974.759213][T11849] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 974.765237][T11849] ? lock_chain_count+0x20/0x20 [ 974.770109][T11849] ? lock_chain_count+0x20/0x20 [ 974.774974][T11849] __x64_sys_openat+0x139/0x160 [ 974.779934][T11849] do_syscall_64+0x55/0xa0 [ 974.784546][T11849] ? clear_bhb_loop+0x40/0x90 [ 974.789705][T11849] ? clear_bhb_loop+0x40/0x90 [ 974.794857][T11849] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 974.801261][T11849] RIP: 0033:0x7fd13435d04e [ 974.805695][T11849] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 974.827076][T11849] RSP: 002b:00007fd1352acb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 974.835819][T11849] RAX: ffffffffffffffda RBX: 00007fd1352ad6c0 RCX: 00007fd13435d04e [ 974.844340][T11849] RDX: 0000000000000002 RSI: 00007fd1352acc00 RDI: ffffffffffffff9c [ 974.852875][T11849] RBP: 00007fd1352acc00 R08: 0000000000000000 R09: 0000000000000000 [ 974.861067][T11849] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd [ 974.869334][T11849] R13: 00007fd134616038 R14: 00007fd134615fa0 R15: 00007ffebfe526f8 [ 974.877654][T11849] [ 974.880779][T11849] [ 974.883108][T11849] Allocated by task 1: [ 974.887455][T11849] kasan_set_track+0x4e/0x70 [ 974.892610][T11849] __kasan_kmalloc+0x8f/0xa0 [ 974.897322][T11849] dvb_register_device+0x2fd/0x2210 [ 974.903053][T11849] dvb_register_frontend+0x649/0x930 [ 974.908907][T11849] vidtv_bridge_probe+0x9ab/0xf80 [ 974.914335][T11849] platform_probe+0x13b/0x1c0 [ 974.919094][T11849] really_probe+0x25b/0xb20 [ 974.923717][T11849] __driver_probe_device+0x18c/0x330 [ 974.929036][T11849] driver_probe_device+0x4f/0x420 [ 974.934246][T11849] __driver_attach+0x44e/0x6e0 [ 974.939431][T11849] bus_for_each_dev+0x235/0x2b0 [ 974.944480][T11849] bus_add_driver+0x340/0x630 [ 974.949275][T11849] driver_register+0x23a/0x310 [ 974.954161][T11849] vidtv_bridge_init+0x3d/0x70 [ 974.959092][T11849] do_one_initcall+0x242/0x790 [ 974.963906][T11849] do_initcall_level+0x137/0x1f0 [ 974.968958][T11849] do_initcalls+0x69/0xd0 [ 974.973377][T11849] kernel_init_freeable+0x3ed/0x580 [ 974.978669][T11849] kernel_init+0x1d/0x1c0 [ 974.983162][T11849] ret_from_fork+0x48/0x80 [ 974.987676][T11849] ret_from_fork_asm+0x11/0x20 [ 974.993258][T11849] [ 974.995682][T11849] Freed by task 11686: [ 974.999774][T11849] kasan_set_track+0x4e/0x70 [ 975.004648][T11849] kasan_save_free_info+0x2e/0x50 [ 975.010234][T11849] ____kasan_slab_free+0x126/0x1e0 [ 975.015442][T11849] slab_free_freelist_hook+0x130/0x1a0 [ 975.021191][T11849] __kmem_cache_free+0xba/0x1e0 [ 975.026265][T11849] dvb_device_open+0x2ee/0x370 [ 975.031065][T11849] chrdev_open+0x5cc/0x6a0 [ 975.035688][T11849] do_dentry_open+0x8c6/0x1500 [ 975.040509][T11849] path_openat+0x27f1/0x3230 [ 975.045651][T11849] do_filp_open+0x1f5/0x430 [ 975.050188][T11849] do_sys_openat2+0x134/0x1d0 [ 975.055176][T11849] __x64_sys_openat+0x139/0x160 [ 975.060146][T11849] do_syscall_64+0x55/0xa0 [ 975.064604][T11849] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 975.070802][T11849] [ 975.073147][T11849] The buggy address belongs to the object at ffff888141666200 [ 975.073147][T11849] which belongs to the cache kmalloc-256 of size 256 [ 975.087832][T11849] The buggy address is located 24 bytes inside of [ 975.087832][T11849] freed 256-byte region [ffff888141666200, ffff888141666300) [ 975.101661][T11849] [ 975.104014][T11849] The buggy address belongs to the physical page: [ 975.110515][T11849] page:ffffea0005059980 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888141666200 pfn:0x141666 [ 975.122508][T11849] head:ffffea0005059980 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 975.131448][T11849] flags: 0x57ff00000000840(slab|head|node=1|zone=2|lastcpupid=0x7ff) [ 975.139828][T11849] page_type: 0xffffffff() [ 975.144376][T11849] raw: 057ff00000000840 ffff888017c41b40 ffffea0000bd3480 0000000000000006 [ 975.152979][T11849] raw: ffff888141666200 000000008010000f 00000001ffffffff 0000000000000000 [ 975.161579][T11849] page dumped because: kasan: bad access detected [ 975.168010][T11849] page_owner tracks the page as allocated [ 975.173729][T11849] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 13818068880, free_ts 0 [ 975.194163][T11849] post_alloc_hook+0x1c1/0x200 [ 975.198997][T11849] get_page_from_freelist+0x1951/0x19e0 [ 975.204670][T11849] __alloc_pages+0x1f0/0x460 [ 975.209275][T11849] alloc_page_interleave+0x24/0x1e0 [ 975.214568][T11849] alloc_slab_page+0x5d/0x160 [ 975.219336][T11849] new_slab+0x87/0x2d0 [ 975.223433][T11849] ___slab_alloc+0xc5d/0x12f0 [ 975.228182][T11849] __kmem_cache_alloc_node+0x19e/0x250 [ 975.233759][T11849] kmalloc_trace+0x2a/0xe0 [ 975.238196][T11849] bus_add_driver+0x162/0x630 [ 975.243670][T11849] driver_register+0x23a/0x310 [ 975.248552][T11849] vidtv_bridge_init+0x3d/0x70 [ 975.253503][T11849] do_one_initcall+0x242/0x790 [ 975.258362][T11849] do_initcall_level+0x137/0x1f0 [ 975.263402][T11849] do_initcalls+0x69/0xd0 [ 975.268170][T11849] kernel_init_freeable+0x3ed/0x580 [ 975.273653][T11849] page_owner free stack trace missing [ 975.279034][T11849] [ 975.281367][T11849] Memory state around the buggy address: [ 975.287005][T11849] ffff888141666100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 975.295107][T11849] ffff888141666180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 975.303293][T11849] >ffff888141666200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 975.311474][T11849] ^ [ 975.316443][T11849] ffff888141666280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 975.324812][T11849] ffff888141666300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 975.333144][T11849] ================================================================== [ 975.351507][T11849] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 975.358894][T11849] CPU: 1 PID: 11849 Comm: syz.3.1643 Not tainted syzkaller #0 [ 975.366684][T11849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 975.377049][T11849] Call Trace: [ 975.380443][T11849] [ 975.383427][T11849] dump_stack_lvl+0x18c/0x250 [ 975.388241][T11849] ? show_regs_print_info+0x20/0x20 [ 975.393844][T11849] ? load_image+0x400/0x400 [ 975.398395][T11849] panic+0x2dc/0x730 [ 975.402342][T11849] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 975.408748][T11849] ? bpf_jit_dump+0xd0/0xd0 [ 975.413799][T11849] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 975.419879][T11849] ? _raw_spin_unlock+0x40/0x40 [ 975.425210][T11849] ? dvb_device_open+0xca/0x370 [ 975.430071][T11849] check_panic_on_warn+0x84/0xa0 [ 975.435363][T11849] ? dvb_device_open+0xca/0x370 [ 975.440249][T11849] end_report+0x6f/0x130 [ 975.444772][T11849] kasan_report+0x128/0x150 [ 975.449602][T11849] ? chrdev_open+0x3e3/0x6a0 [ 975.454409][T11849] ? dvb_device_open+0xca/0x370 [ 975.459301][T11849] dvb_device_open+0xca/0x370 [ 975.464080][T11849] ? do_raw_spin_unlock+0x121/0x230 [ 975.469557][T11849] chrdev_open+0x5cc/0x6a0 [ 975.473985][T11849] ? cd_forget+0x160/0x160 [ 975.478410][T11849] ? fsnotify_perm+0x3ed/0x5e0 [ 975.483274][T11849] ? cd_forget+0x160/0x160 [ 975.487695][T11849] do_dentry_open+0x8c6/0x1500 [ 975.492501][T11849] path_openat+0x27f1/0x3230 [ 975.497217][T11849] ? do_sys_openat2+0xda/0x1d0 [ 975.502346][T11849] ? verify_lock_unused+0x140/0x140 [ 975.507558][T11849] ? do_filp_open+0x430/0x430 [ 975.512364][T11849] ? __virt_addr_valid+0x18c/0x540 [ 975.517491][T11849] do_filp_open+0x1f5/0x430 [ 975.522001][T11849] ? vfs_tmpfile+0x490/0x490 [ 975.526620][T11849] ? _raw_spin_unlock+0x28/0x40 [ 975.531495][T11849] ? alloc_fd+0x58f/0x630 [ 975.536107][T11849] do_sys_openat2+0x134/0x1d0 [ 975.540891][T11849] ? do_sys_open+0xe0/0xe0 [ 975.547231][T11849] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 975.553612][T11849] ? lock_chain_count+0x20/0x20 [ 975.558661][T11849] ? lock_chain_count+0x20/0x20 [ 975.563616][T11849] __x64_sys_openat+0x139/0x160 [ 975.568555][T11849] do_syscall_64+0x55/0xa0 [ 975.572998][T11849] ? clear_bhb_loop+0x40/0x90 [ 975.577914][T11849] ? clear_bhb_loop+0x40/0x90 [ 975.582603][T11849] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 975.588948][T11849] RIP: 0033:0x7fd13435d04e [ 975.593456][T11849] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 975.613526][T11849] RSP: 002b:00007fd1352acb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 975.622049][T11849] RAX: ffffffffffffffda RBX: 00007fd1352ad6c0 RCX: 00007fd13435d04e [ 975.630157][T11849] RDX: 0000000000000002 RSI: 00007fd1352acc00 RDI: ffffffffffffff9c [ 975.639673][T11849] RBP: 00007fd1352acc00 R08: 0000000000000000 R09: 0000000000000000 [ 975.647793][T11849] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd [ 975.655879][T11849] R13: 00007fd134616038 R14: 00007fd134615fa0 R15: 00007ffebfe526f8 [ 975.664257][T11849] [ 975.667981][T11849] Kernel Offset: disabled [ 975.672495][T11849] Rebooting in 86400 seconds..