last executing test programs: 16.838693347s ago: executing program 0 (id=989): sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(ecb-camellia-aesni,wp512-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) sendmsg$AUDIT_GET_FEATURE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x10, 0x3fb, 0x8, 0x70bd2b, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x10040001}, 0x801) socket$inet_mptcp(0x2, 0x1, 0x106) openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000300)='/proc/asound/card3/oss_mixer\x00', 0x101202, 0x0) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000000109022400010000000009040000010e01000009210000000122050009058103"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) ioctl(r4, 0x8b1b, &(0x7f0000000040)) ftruncate(0xffffffffffffffff, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, 0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x4) 11.108386491s ago: executing program 0 (id=995): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="b67cbbec5102eb1971bff5f530e2d88ec21f3fd29f17849707a2e95f59a7ed8ec2ec92c2cf182c3535350fba5635ac0cd22c5a37fdb88a9d42eb7161882e10052b3376348313e509ef530a2a3780cd44bb6d2779c16470ac93de14d5", @ANYRES64=r1, @ANYRESDEC=r0, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT=r0, @ANYRES32, @ANYRES8, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x9, 0x0, 0x3000000000, 0xf}, &(0x7f0000000240)=0x18) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)={0x1114, 0x33, 0x100, 0x70bd26, 0x25dfdbfd, "", [@nested={0xfa4, 0xfb, 0x0, 0x1, [@nested={0xf91, 0x13, 0x0, 0x1, [@generic="783cabcf3de8f3c211caac293bfba1f6c66248e2705bfdeaf3e518701e75b6870e949c9efe541264de467766dfe253da80bc4601fddfb29d68a356ca39cba5bb876bdee1d1f6640bb64e313f030da7715e4e5f282235c21405e318614f33083a4b615d83fbc2757362a21e81598dd1c94f416f7fe0291ee066acb78990917d93450dc091617b2b9b856b762e98782567c7ae32d25d68ac22ba4415ab4e9411b60459b5fe04a16c83cb50e70b539e77b39213d9c96b5f0eaa04346eb659528defaefebc201f6fd8a70ef275ffc1ccaf61d56015c4bb63039c3b5db172b76ef8c834ae9df36f8764c27785f4098f8bbe8190e92a2f53d0e17cbd0e3150c8839cfd779a96807dfb84d6d424978b1060dc0fe13a00d526681c018bd90b954e1dd4f36787f6cf693c4a428c8cc5a6c0c77a940f5911f6191babbb44ddb0874a2e573d9a4c41cc89134dc1498259ae3da6f5e2bb40631050a2b28b86f43fa397c8cb73698f2625d966e2695db75c2d719077e59f4278644ce09c0b5cd873f4ce68a6d88819c0caf1c3b58612897c74636701d99260c2ed0e29392f96e6b46a5d8e4797d49f7db2400f81bbdfe7fedab277d090a977eb6d3143e34ab570975d403d9d5975d8a1b373d0322e954d8921cca83c962e55959bb2b82ab789e617a67200d503f89c88d6e8f04deb2773349669e22cdc62f0d6037bc11334f3b7f3c203866d39f6f2f15215fa9a707960c2f6d5229ee00a879a842724c9f633dcb55114d5b4ae228f59001fdea972a1e2893ca0f1855a3918dda375af22d6531cf30c28f84ab3f45d7893f65a9ac09cca966c896c79172b1f8b8da2af3c82ad641eb3db53966e1f670fa1f94465c356331e7a9e39be91d6b2719780d650d54e75277ba22818857a3ce176b85f447a52d43e52d621422695ce1bbeaaa3611d296953b63f08238844704293e37334ef7dc826b87704ffa5e634c89fe70223869ef8484d0dbab21bf206fae62fa6b645ecd4f1f0ea1107ec9ae55882dd92b099da4cd71ab2493b81a3eee6f617dd53af22ff15b01e97689db12b6fe53f941207303d1e822a7b98303617efdaa4e844df85dac246617b3aff4cd0bb5db224a59fa4e7161c4862114cdec7a7b9f4ffcbd7e8a9dc761dc3368a0f37541463227ae5cf525441ab99b9ba09d70b4c2ad9719a5c48258398e77adb9d1f8dcc64d8d658cfcd1b5fef2669f1b2c19f0988268611a644f02f13b86377a9203c36091545f09d62c96c98732c2619cc81dbd4ca19dd62141ce8421dbc28de8b32fa91631b8957025c89812d5fdd72d79aa5d1f765aaa08317915d35ebdfc8a880923596ffbbe4bc6bbd81427869350d59a206c96c813efb25bade849f515e6b6a47c6ccb2131e60c8c05891ea8f065baf49459218c32257c13a82b423cee266dbf51f500ce996d76a723e662f3c3d2fddaff5c050f2ef2e17d0fafb0c42a82184201d8732fa4f1c370384fed4b0d8ee842f2de5523aed2e09e2c484f940a1736359711eb655bd00504e76f3c72f26970d3c05b00ea25803e8be24d7751baadfda870d3e0e64514f0b290a052071cd8f71a2c6ff4850b891c3f1818e0774794c46c62d511db9ee5b960404c866850602205b15b287e6d3279e6a5d1dce653ef770f68af6a16dfa552145e18dd0b185571f29542c24b753ee6ee5f5fb448afcfe643d540e7a120ebf36f2e4f3a30b46d8497ad69b5a55ee023709f640d44e1ba6a4da79579fbaf66676c8e2f60a1a8e3fe123a70b4604e75db29ee19bb8805e22195aeda6b0412c750e0043a53c673e24f9bf68544089b1bc8fe1763e0b157106cec5b21847eeea377c258bac16ff48a208b4c7d3cd1fcf410d22148beb6f95317061c1de7e2d87c448bc2c00069d2e886a7a37c4ced954d2b06ee6de91785a967d4dd117b83fdf7786133abd08ac3399ba7e6f521d933e14966ca444056c4289ec24c76b9eed38ceae0c5493dbe53c20063ac6f9290663cad2b4c73b5276bc5a17847e9098563928694a0316d7d73c4a439bd0fb91fdb520d9b92c5c686ed1122383012b84f4846f4d5e0c5fedf74c9c07ec64da1f2157feee49aa476a4d2b830f528f1c8bf8b7b76ecf7d2266ed1b9d8278a5923501cf134fb9e59f1ee9a5c1397387c2959e0743e634cc41782b57f8c7ea51525150c443066b352f84050fbfb72f55680f24461c791024efa74022caa8d58f1e9985e910f25aa92bfe756ab3eacf8079e7eb7f970165b3ff1bf1ca457ab5f4d9a1a08448ffca704fcee8030a7d8aca43ae64b0be45efd5151bcea83845720d210aa76ef748810e46ffb0cdb7bad706a24d6cb076171a6b79f5de5ac6b8190919a68b1b41b173914dd37d599f7a78587c4ee606b31949a88e6a790eca971c348d32f05a22e68d22793282b716d151d9de60e24cc049e3bf4cce36fe43b5ea824a7b3c854860ceed13d466439263353e81940e7ded03f31211cc714f4cdf240516025f1f5621cced4b88a4e48c940d6f46ff2f57f0583046b650a440c4ea8e9fab79e98d7529db2f11cc7529bb361cf8cb65600ffb36eb5fd93acbdd58398ecbb0befd277e267051f93dc3e7c6a5212c2ed990eb60d9d451b4458cb44cd691dac77ece483236e3006b7f7913e39f685ca41bcd1692494370acb70d0cfdc9e6de0bcd602040a0bc2de02a8cd477fef88b5410f5dfea1cd32d25464853d56c82abd3c11caebd992ca656e88a10ca2779f887472d5064fddd7397eb0205c419b23c2756a3b9b722ff273907c50f8b176834edcc1268e036214a2a25651c719541a4f7729ef7e32dee27c5b910bfea677c562138b30b3355b462c8f910874acc292f6787f8d94fa1cb2e648789cc67d05eb49d6d3c8788a024e3c523c4ee282764090044b44f30a9848daf2522b76448ecb9249ffe58dad4363b1d08181131a89af718ecbd5ffe44e032ca26664eecabc9aa57a875b5964ea492b7e759606a3f4ab36130a8a43a19be74709dea4eeebf5e53706685122e6603247996d672dacdf1bbadf5df111cfe7e72f5b2c6cdc32c1e4eed30147c9a51c5abd4214c577c4c8d1725daf906d145c6ff2c9ab0fc3da4edfb92be40b4af234c2bc147b2d08a801b539928cb754f2f6d2d4280ee0c834ee4f5eb8b0662ffa6f7154307b0fe55fe248a3f953a09b06244674adbf31dd7489be3f26423140ffe98671ca413d678047096fcad53f5bca7e602354553af02c225a67e4e8eabf298495a99de9653638405ebe78dc75e6d16c39e1547dadbc07a014369e39175991368d05be623656c4ecb3735612546b9a9c1490f834cab7567e61c8b2669aa62f156f2ff3b76b32e11b0e0acb6c7ccd6623bef1a5ccbe5f477ae90b3918899fc6b6075c514deaf387d5f09cd59f3fb3c0a9614f1eec092a8f7c6bd200e04da47085d58adc08f1f0651f7ce0cea5792a30aa2bee9970913fc9e79bcf0b5c55adfa6967a44b84ffcd3ce7fb47a610773eb9323b8ab3b5b9670f3ddc06e673e5ebe929f1ae4508decd56a2cefc34bab4703bbd3d83fcfdc27fc4e8a799a34742526848f6aae932ec98959f46ea50f12e0ad3ba4ef50a7b4defdf2fcf8dd2afdb8f29a1b7eed384b17c8b4ff4cfc220745cef2c083615eee226bccb8f2b7faf5a8948e60edc37a644b70011ff8b608da74a3873b2d8a6ba50dcce8a5ed6fe96c599c6d0b8a431f0b96789e974ea48400b94c2d1fbb7a8908de838cc64d4de93d506dfb450012df4af40d5980aed567e0b94281f8109ae7cb42f8253783a9ccb1cdd07245b31c0a00f13b42eedea9dd6d031f283a277f140f7ccacffc4e76829fede0479d59a542f873524651dbed995a00749e1b06182f073ebc3122ef1b007436d9eeb89d4f82ad366361ae8bb54e795b5c3d0594ccab1d5019f4b9191fd7c84598c866a8f98b2759738a65af53943b466aec83bb055e8f6c6e7755862de6c4c203fa67663702783f5f19459620a99f4de75fc85efedc44cf65adaaead7038406ebc507048b115c44209057f887f204a60ad9f6abc9b7983b930be5115cd91de9723bef58d29e421e123c7fa19ac3de2900827041d096ce0d589d45159c322ff3529687b89a10dd6c628977aedb1547ab6630995b48edba0a6f0e9ce99166dd7acdab5253f6bd4c3891c45d6ce4cf136a7791bc553769b57559215f79051388cff4761a3a63f6c73d8d7aafa8053e4f764f1c37b8b57128ecea00d7046c7532576bd413e01bf6df40bb1c3bf0480efbb1407003a98b1014552d2a1ecf99ba29c063ba96b3555cca24a211c2c604766a6b503a875040039f23f7ed46566519ee1aed0167c774555b623bee2bcfe83459af5527b312a19298e8323cd9b3fe5e075ee0867aadae8bc81939919d6d36834a87c1bf9e47d467395892aa09f12cfc172a2a9a44a43ff880219487798a206fbaca25172b3f00867d3f100f355ccb987bd0c41c015d791bae97c258ea4138a377fee51219e917893248391b7b2fa8d1bedc3ac71e5dd6ac382a0c8e0753f16bda800108d9dcbf9ccb192136b1cc555129afd8821b007543ff2d14f07003fe05cdd5fd133295c36bd44aca53c8fd91428fbd72951d4a97006636456baeac6c4d2f75d864e5aec7e738d865f2a0e5bdfadccc2486241fb38c024f981b08c8ad06bd48e99ee116c764d894f39e603949a4644ab2ed942d933876f16949c833f0bf1962b908087ff77b9318945edd47cf5c6b329e0dc403944fc9fc49e0c88f0177ba649ce61b4758ccdce20df2abbc45fec9e350286898d3fbc0ace3f75a5d8667438217ad564903ce64ee98e90ea770e431bec58c7d624278c5dc5955a555056be562308c7a003abdeb13456d43c245bcaa63c4ed17a4fb73cd53d890130322ad78c9b53073e7146ee8cc36f29f632c0e554dbcf161ab7a01badd56a0d84c8f337a2a3248c4ec96445158cb59060c352df81f6b85cccda5a0d737d44101a413d9edf5ed0bf16537520bd544e25540124ac7fc202bb8db6b141fca9cc25e85b4d064535de0dc5b8868025b71f8950ddc35d6b1bf04d8440c8ea2660fa3476578981bb467e9a54a9ebb2561f1414d34a922168537cde92375d6bb4e35cf4e2655cb0daca2a1b75013a9a5f72768b061492a381d1e339970a322f07ff3d0b9af33af6a191ed778a99b721eb89a294ebf76748230837f75cb9f5f31a0dcc4b9f6dcc99487e5799e1ff5db60f7193308a4b40dcac5e9aa3a288c03d724a5e2da794590446c236234eb0b34cc60fde282400039d7a263fad5b2df94907c54b07cc0d3e6d97a64e7306131f741caec8bfca4e40b033f4633a63d0845db13b0b59b3eb0ad2cde32856ee356d8e910524f71aa75d1b527bd0c69c7126f7d18644c3547acedcac805f9077778362d40004e8fb4d6de7f3dd679e1519f8896174be1fb9313a90bd3c5f2999cb0e1d96cbad7a1d9a708558d4984343d4b05f16acda0edba81d898efea1d7bb10baeaf2141d5b40b2131983132c6c16add15f83d122f305d67067321bc004960d47cb7e41e530a025498fa1d07b3040be112638801625d3e7e90d73b398bfe6d473278c5feba0b895347fc3395aa7c33", @typed={0x8, 0x122, 0x0, 0x0, @fd=r2}, @typed={0x8, 0x10, 0x0, 0x0, @u32=0x7}]}, @typed={0xc, 0x123, 0x0, 0x0, @u64}]}, @generic="d90a58cde601d565cdddcc6aa3fcc8c25583297245b4d7973d0df9b022c59bb26343d8fac6abbe023d9e0640355e0034d2aca4a49132b88c8660af242102d45a28332c4b796cc5268b9a5ec5b61042577e3e5ea90f21384e8c5852110520bfd976705ca7e25e8a5ac6dd7bdadeb451f164c86cdb89561b05f0b9e143b1917e3dd99ee920f46511a803ab9cf9dd2d6aaf8aee259d1476cd960ce44acbc6a970c4fdd6f99aeee46de8efec7151b1e4cc13cd723e9cfa7ba2f69b60189d7aff553101c449174d1e18b6c5b148275100a3f8bd0c4c96296c43028aa284f8f626392a21d31e5e06fe98065e0246d46b7fe927a881c18c044e5c139e", @typed={0x14, 0xbe, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0xa}}, @typed={0x8, 0x63, 0x0, 0x0, @uid}, @typed={0x8, 0x18, 0x0, 0x0, @u32=0x4}, @nested={0x3d, 0xee, 0x0, 0x1, [@typed={0x8, 0x39, 0x0, 0x0, @fd}, @typed={0x8, 0xc0, 0x0, 0x0, @ipv4=@empty}, @nested={0x4, 0x4f}, @generic="f01254c8a325874b7a364f60eb18eb3e374838d32bfdcf", @typed={0x8, 0x9e, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @generic="a5fa1bc096f7"]}]}, 0x1114}], 0x1, 0x0, 0x0, 0x10004800}, 0xc000) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = dup(r6) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={r4, 0x40}, &(0x7f00000002c0)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r9, 0x4) sendto$inet6(r3, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c) 10.635329479s ago: executing program 1 (id=998): epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) gettid() r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) lseek(r3, 0x8000000000000000, 0x4) 9.50948271s ago: executing program 1 (id=1000): openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000140), 0xfffffdef) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = getpid() ioprio_set$pid(0x1, r1, 0x4007) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) socketpair(0x1, 0x5, 0x0, 0x0) syz_open_procfs$userns(0xffffffffffffffff, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='./cgroup.net/cgroup.procs\x00', 0x0, 0x82) read$FUSE(0xffffffffffffffff, &(0x7f0000000540)={0x2020}, 0x2020) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f00000004c0)='./file1\x00', 0x100c081, &(0x7f0000000380)=ANY=[], 0x2, 0x81c, &(0x7f0000001540)="$eJzs3U9oHOfZAPBnFMmyZeIv5PvIZ4zjjO18YPM5ykpKlIoc0s1qJE8i7YrdVbEpITGxnBrLSUgIaUxp6kvSlpbSU49priGX3FoKLfTQ9lRoDr30EAjk0pKWFkpLKbjs7K61+rOSLctymv5+i/edfeedd953djzPzmrfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIqlMl0pjSczl1cUzaX+V6XptfpP53fp+tirZZL0RSetf7N0bB9tZB/9nZfZ9radjcbj96nDsbSV748r+++55/L8HB7rLb9Kg7Traf9ZQ74sk4hutRl06t7y89MptaMgu+vZPOhN7b3iRv19rPc9m1bxRy+fLs1maN2rp1ORk6eHTM410Jp/LGmcbzWw+rdSzcrNWT09UTqZjU1MTaTZ6trZYnZ0uz2XdzMceGi+VJtOnRheycr1Rqz781Gijcjqfm8urs0WZ8dLr0SrzWGtHfDpvps2sPJ+mFy4uL01s1dRWobFVOcOrdpzDD97zyWsf/+XiUmuH7FdJ0tkxx8fGxsfHJh+devSxUmlwvDS+OqO0RlwvEQMRrRK3Zaflztq/Qd5gZ49ZNyPi2n/tzMEbbtFAJ/7HXORRjcU4E2mkMVA8rzyGohLTUY9azLde/3Zozfx18f//Hv7jrzdbb2/870b5gyuzD0UR/4+0Xx3pF//XtWIHHoP9aq2+325Nb96r8UZciUtxLpZjOZbile2scc/aWm/HY7idDuxsrbORRTXyaEQt8piPcpGTdnLSmIrJmIxSPBunYyYakcZM5DEXWTTibDSiGVmxR1WiHlmUoxm1qEcaJ6ISJyONsZiKqZiINLIYjbNRi8WoxmxMR7mo5UJcLLb7xJp23ff15378wm8+eac1fb3Q2CYdSVof5vZ/FPHnTQqtC/c3Ef9bJQY6e/euxCR2yd6bfFd36MgNt+5aEf8H73QzAAAAgNsoKb59TyJiKO4vpmbyuezLd7pZAAAAwA4qftd8uJUMtabuj6R1/l/aoOSHEcO73jwAAABgByTFGLskIkbigfZUd7jURl8CAAAAAP+Gir//H2klIxFvFhnO/wEAAOBz5pv9rrH/8Z7iGrsj0VgYTn76p6jXh5KrC2ceTC6XW+XKl+9qL9dJvnS9xubMoeRAp5IimRy8sj+JiMFKdjjpXv3yn52xBJ8Wz4dWLkDY71r/yRYNiM0bULyK78TRdpmj59vp+e6c9lpGZvK5bLRSm3t8LOl8OdJ87cWLX42i+9+qzh9I4sLF5aXR519aPl+05WqrlquXO5eHT7pLRbQHVGzSlmvd0RT3b9zjoWIgRme9I+31lnr737ma7MDm/U961/lWHGuXOTbSTkdW939va51jo4+PRbl8YKCZnWm+dq2n951WjK30fLjb2+Qm3oW34ni7zPETx9vJBq0YX9WKF9e3Yrx3+9/YtrjhVrxz9M0zf/1FLckmtmrFxC22AuBOuVBc9WclCu0rotA/rrW1AtqauLuvu+TNHOUurHzK6C7fE+sGY110T7cT3d+KE+0yJ9qfJwYPbRBXShsc0V+++PIvO0f0R977wQ+fOfKrD9bE9ZtoxXtxsl2mk8S9P+8TY1t9/u6aqPpua4l3+663MTeevD48MZS0bz4UVx66ePncC0svLL04Pj4xWXqkVHp0PIaKjwqdpE9LRR6A/2xb3WPng69dL9rvLjzJI1ucVd97/ScFo/F8vBTLcT5OFaMNIuKBjWsd6fkZwqktzlpHeu7wcmqLc8uVsuNryw4fT6JP2YmeLfa/3y+Sv92mNwQAdsGxLeJwEve0L/vz+t2dJdaUuCtJTvWed38lIg71i7mtWH6yfePc7tlx9I/lvX7fSb+wGxsFAD7nsvqnyUjz7aRezxeeHZuaGis3T2dpvVZ5Oq3n07NZmlebWb1yulydzdKFeq1Zq3S/Op7OGmljcWGhVm+mM7V6ulBr5GeKO7+nnVu/N7L5crWZVxoLc1m5kaWVWrVZrjTT6bxRSRcWn5zLG6ezerFwYyGr5DN5pdzMa9W0UVusV7LRNG1kWU/BfDqrNvOZPBtK82q6UM/ny/WrETG3OJ+l01mjUs8XmrV2hd115dWZWn2+qHZ0fff/sNvbGwA+C15948qlc8vLS69sb+J3N1L4TvcRAFhNlAYAAAAAAAAAAAAAgM++9cP1Wrk3NRBwKLY9fPDV4WhN7Nvu4q2JZzo9uYVRjJtMDMYOV7j5xP+/3+7MTlS4vp6hbs7dW4373LfqPd3T2cS7tBF2cuK5J564tJKTDPZu3iffPHj6oyy6vdukno3/p2w01PXtAxF7fvS9ds4X+xROBne4px9GxDYWv5ZsUmZ3j0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCP+FQAA//+XX0rH") openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80801, 0x60) sched_setscheduler(0x0, 0x1, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCSETSW2(r2, 0x5408, &(0x7f0000000040)={0x2000, 0x0, 0x0, 0x0, 0x0, "23f50000adb4004408020e90d1beaa82dc1ecf", 0x3}) 9.50685496s ago: executing program 3 (id=1001): prlimit64(0x0, 0x7, &(0x7f0000000080)={0x1, 0x8}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) ioctl$KIOCSOUND(0xffffffffffffffff, 0x4b2f, 0x10000) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000600)={'pimreg0\x00', 0x10}) syz_emit_vhci(&(0x7f0000000880)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x2, 0x0, 0x406}}}, 0x7) fspick(0xffffffffffffffff, &(0x7f0000000a00)='./file0\x00', 0x1) pipe2$9p(&(0x7f0000001d00), 0x80000) 9.491053801s ago: executing program 0 (id=1002): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0) readv(r1, &(0x7f00000001c0), 0x0) 9.308370957s ago: executing program 0 (id=1003): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x22, &(0x7f0000000100)=0x1400200bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) r1 = getpid() r2 = syz_pidfd_open(r1, 0x0) setns(r2, 0x24020000) syz_clone(0xfdba2180, 0x0, 0x0, 0x0, 0x0, 0x0) 9.213700964s ago: executing program 1 (id=1004): sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(ecb-camellia-aesni,wp512-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) sendmsg$AUDIT_GET_FEATURE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x10, 0x3fb, 0x8, 0x70bd2b, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x10040001}, 0x801) socket$inet_mptcp(0x2, 0x1, 0x106) openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000300)='/proc/asound/card3/oss_mixer\x00', 0x101202, 0x0) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000000109022400010000000009040000010e01000009210000000122050009058103"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) ioctl(r4, 0x8b1b, &(0x7f0000000040)) ftruncate(0xffffffffffffffff, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, 0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x4) 8.801603017s ago: executing program 0 (id=1006): socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000020c0)=ANY=[], 0x48) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) getpriority(0x2, 0x0) 8.733594253s ago: executing program 3 (id=1007): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x804, &(0x7f0000000000), 0x1, 0x4ef, &(0x7f0000000b00)="$eJzs3c9vI1cdAPDvTOJNmqZNCpX4IaBLKSxotXbibaOqp3IBoaoSouLEIQ2JN4pix1HslCasRPZ/QKISJ/gTOCBxQNoTd25w47IckBZYLdogcTAae/KDbBx7s0lM7c9HGs28eeP5vrfWvOf9JvELYGRdj4i9iLgWER9GxEx+Psm3eLezZdc9eXR3ef/R3eUkWq0P/pG067Nzcew1mRfze05GxA++G/Hj5Om4jZ3d9aVqtbKVl0vN2mapsbN7a622tFpZrWyUywvzC3Nv336r3F9H0t6XvFb7zcPvrL33w9//7ssP/rj3rZ9mzZrO64734yJ1ul44jJMZj4j3LiPYAIzl/bk26IZwLtlj85mIeL39/M/EWPvd7M8pjzUA8CnQas1Ea+Z4GQAYdmk7B5akxTwXMB1pWix2cnivxlRarTeaN+/UtzdWOrmy2Sikd9aqlbk8VzgbhSQrz7ePj8rlE+XbEfFKRPx84oV2ubjcf54BALhYL56Y//810Zn/AYAhN9nrgsWraQcAcHV6zv8AwNAx/wPA6DH/A8DoMf8DwOgx/wPA6Mnn/7FBtwMAuBLff//9bGvt599/vfLRzvZ6/aNbK5XGerG2vVxcrm9tFlfr9dVqpbhcr/W6X7Ve35x/M7Y/LjUrjWapsbO7WKtvbzQX29/rvVgpXEmvAICzvPLa/T8nEbH3zgvtLY6t5WCuhuHWx7I5wJCS84fR5Vu4YXT5Pz7Qay3Prr8i/Mk5grV+do4XARftxhfk/2FUyf/D6JL/h9El/w+jq9VKuq35nx5eAgAMFTl+4Ep//g8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDYrq9JWkxXwt8OtK0WIx4KSJmo5DcWatW5iLi5Yj400RhIivPD7rRAMBzSv+W5Ot/3Zh5Y/pk7bXk3xPtfUT85Jcf/OLjpWZzaz47/8/D881P8vPlQbQfAOjlYJ4+mMcPPHl0d/lgu8r2PPx2Z3HRLO5+vnVqxmO8vZ+MQkRMPU7yckf2eWXsAuLvrUTE50/rf9LOjcx2Vj4tdFp0JIv90kXEv9dX/Jh6nP5P/LRd19ln/xaffYaYvdZ6hVFxPxt/3j3t+Uvjens/eerix5MnxoPzOhj/9p8a/9LD8W+sy/h3vd8Yb/7he13r7kV8cfy0+Mlh/KRL/Df6jP+XL33l9W51rV9F3IjT4x+PVWrWNkuNnd1ba7Wl1cpqZaNcXphfmHv79lvlUjtHXTrIVD/t7+/cfPms/k91iT/Zo/9fP7PXrYmDo1//58MfffWM+N/82unv/6tnxM8mpG+cGf/I0tRvuy7fncVf6fT/3rO+/zf7jP/gr7srfV4KAFyBxs7u+lK1Wtm60INCXPANjx0kl9RmB0N+kH0ef977fC5Pmf0fdOeyDwY9MgGX7eihH3RLAAAAAAAAAAAAAACAbi79z4nSQfcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAYfbfAAAA//9vwMkV") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) epoll_create1(0x80000) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x80000) ioctl$EVIOCGBITSND(r3, 0x80404532, &(0x7f0000000040)=""/65) 8.727051264s ago: executing program 2 (id=1008): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x5) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@ipv6_delrule={0x1c, 0x21, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) bpf$PROG_BIND_MAP(0x23, &(0x7f00000000c0)={0xffffffffffffffff, r4}, 0xc) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000000, &(0x7f0000000440)={[{@nolazytime}, {@orlov}, {@usrjquota}, {@usrjquota}, {@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ") r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) fcntl$dupfd(r5, 0x0, r5) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x7ffff000) 6.760985183s ago: executing program 3 (id=1009): openat(0xffffffffffffff9c, 0x0, 0x197343, 0x9c) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace(0x8, r0) r1 = syz_pidfd_open(r0, 0x0) process_mrelease(r1, 0x700000000000000) socket$inet_icmp_raw(0x2, 0x3, 0x1) 5.873601445s ago: executing program 0 (id=1010): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) landlock_create_ruleset(&(0x7f0000000140)={0x6000}, 0x18, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_procfs(0x0, &(0x7f0000005840)='net/snmp6\x00') lseek(r3, 0x1, 0x0) 4.690479141s ago: executing program 1 (id=1011): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r1 = socket(0x10, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="b67cbbec5102eb1971bff5f530e2d88ec21f3fd29f17849707a2e95f59a7ed8ec2ec92c2cf182c3535350fba5635ac0cd22c5a37fdb88a9d42eb7161882e10052b3376348313e509ef530a2a3780cd44bb6d2779c16470ac93de14d5", @ANYRES64=r1, @ANYRESDEC=r0, @ANYRESOCT, @ANYRESHEX, @ANYRESOCT=r0, @ANYRES32, @ANYRES8, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x9, 0x0, 0x3000000000, 0xf}, &(0x7f0000000240)=0x18) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000fc0)={0x1114, 0x33, 0x100, 0x70bd26, 0x25dfdbfd, "", [@nested={0xfa4, 0xfb, 0x0, 0x1, [@nested={0xf91, 0x13, 0x0, 0x1, [@generic="783cabcf3de8f3c211caac293bfba1f6c66248e2705bfdeaf3e518701e75b6870e949c9efe541264de467766dfe253da80bc4601fddfb29d68a356ca39cba5bb876bdee1d1f6640bb64e313f030da7715e4e5f282235c21405e318614f33083a4b615d83fbc2757362a21e81598dd1c94f416f7fe0291ee066acb78990917d93450dc091617b2b9b856b762e98782567c7ae32d25d68ac22ba4415ab4e9411b60459b5fe04a16c83cb50e70b539e77b39213d9c96b5f0eaa04346eb659528defaefebc201f6fd8a70ef275ffc1ccaf61d56015c4bb63039c3b5db172b76ef8c834ae9df36f8764c27785f4098f8bbe8190e92a2f53d0e17cbd0e3150c8839cfd779a96807dfb84d6d424978b1060dc0fe13a00d526681c018bd90b954e1dd4f36787f6cf693c4a428c8cc5a6c0c77a940f5911f6191babbb44ddb0874a2e573d9a4c41cc89134dc1498259ae3da6f5e2bb40631050a2b28b86f43fa397c8cb73698f2625d966e2695db75c2d719077e59f4278644ce09c0b5cd873f4ce68a6d88819c0caf1c3b58612897c74636701d99260c2ed0e29392f96e6b46a5d8e4797d49f7db2400f81bbdfe7fedab277d090a977eb6d3143e34ab570975d403d9d5975d8a1b373d0322e954d8921cca83c962e55959bb2b82ab789e617a67200d503f89c88d6e8f04deb2773349669e22cdc62f0d6037bc11334f3b7f3c203866d39f6f2f15215fa9a707960c2f6d5229ee00a879a842724c9f633dcb55114d5b4ae228f59001fdea972a1e2893ca0f1855a3918dda375af22d6531cf30c28f84ab3f45d7893f65a9ac09cca966c896c79172b1f8b8da2af3c82ad641eb3db53966e1f670fa1f94465c356331e7a9e39be91d6b2719780d650d54e75277ba22818857a3ce176b85f447a52d43e52d621422695ce1bbeaaa3611d296953b63f08238844704293e37334ef7dc826b87704ffa5e634c89fe70223869ef8484d0dbab21bf206fae62fa6b645ecd4f1f0ea1107ec9ae55882dd92b099da4cd71ab2493b81a3eee6f617dd53af22ff15b01e97689db12b6fe53f941207303d1e822a7b98303617efdaa4e844df85dac246617b3aff4cd0bb5db224a59fa4e7161c4862114cdec7a7b9f4ffcbd7e8a9dc761dc3368a0f37541463227ae5cf525441ab99b9ba09d70b4c2ad9719a5c48258398e77adb9d1f8dcc64d8d658cfcd1b5fef2669f1b2c19f0988268611a644f02f13b86377a9203c36091545f09d62c96c98732c2619cc81dbd4ca19dd62141ce8421dbc28de8b32fa91631b8957025c89812d5fdd72d79aa5d1f765aaa08317915d35ebdfc8a880923596ffbbe4bc6bbd81427869350d59a206c96c813efb25bade849f515e6b6a47c6ccb2131e60c8c05891ea8f065baf49459218c32257c13a82b423cee266dbf51f500ce996d76a723e662f3c3d2fddaff5c050f2ef2e17d0fafb0c42a82184201d8732fa4f1c370384fed4b0d8ee842f2de5523aed2e09e2c484f940a1736359711eb655bd00504e76f3c72f26970d3c05b00ea25803e8be24d7751baadfda870d3e0e64514f0b290a052071cd8f71a2c6ff4850b891c3f1818e0774794c46c62d511db9ee5b960404c866850602205b15b287e6d3279e6a5d1dce653ef770f68af6a16dfa552145e18dd0b185571f29542c24b753ee6ee5f5fb448afcfe643d540e7a120ebf36f2e4f3a30b46d8497ad69b5a55ee023709f640d44e1ba6a4da79579fbaf66676c8e2f60a1a8e3fe123a70b4604e75db29ee19bb8805e22195aeda6b0412c750e0043a53c673e24f9bf68544089b1bc8fe1763e0b157106cec5b21847eeea377c258bac16ff48a208b4c7d3cd1fcf410d22148beb6f95317061c1de7e2d87c448bc2c00069d2e886a7a37c4ced954d2b06ee6de91785a967d4dd117b83fdf7786133abd08ac3399ba7e6f521d933e14966ca444056c4289ec24c76b9eed38ceae0c5493dbe53c20063ac6f9290663cad2b4c73b5276bc5a17847e9098563928694a0316d7d73c4a439bd0fb91fdb520d9b92c5c686ed1122383012b84f4846f4d5e0c5fedf74c9c07ec64da1f2157feee49aa476a4d2b830f528f1c8bf8b7b76ecf7d2266ed1b9d8278a5923501cf134fb9e59f1ee9a5c1397387c2959e0743e634cc41782b57f8c7ea51525150c443066b352f84050fbfb72f55680f24461c791024efa74022caa8d58f1e9985e910f25aa92bfe756ab3eacf8079e7eb7f970165b3ff1bf1ca457ab5f4d9a1a08448ffca704fcee8030a7d8aca43ae64b0be45efd5151bcea83845720d210aa76ef748810e46ffb0cdb7bad706a24d6cb076171a6b79f5de5ac6b8190919a68b1b41b173914dd37d599f7a78587c4ee606b31949a88e6a790eca971c348d32f05a22e68d22793282b716d151d9de60e24cc049e3bf4cce36fe43b5ea824a7b3c854860ceed13d466439263353e81940e7ded03f31211cc714f4cdf240516025f1f5621cced4b88a4e48c940d6f46ff2f57f0583046b650a440c4ea8e9fab79e98d7529db2f11cc7529bb361cf8cb65600ffb36eb5fd93acbdd58398ecbb0befd277e267051f93dc3e7c6a5212c2ed990eb60d9d451b4458cb44cd691dac77ece483236e3006b7f7913e39f685ca41bcd1692494370acb70d0cfdc9e6de0bcd602040a0bc2de02a8cd477fef88b5410f5dfea1cd32d25464853d56c82abd3c11caebd992ca656e88a10ca2779f887472d5064fddd7397eb0205c419b23c2756a3b9b722ff273907c50f8b176834edcc1268e036214a2a25651c719541a4f7729ef7e32dee27c5b910bfea677c562138b30b3355b462c8f910874acc292f6787f8d94fa1cb2e648789cc67d05eb49d6d3c8788a024e3c523c4ee282764090044b44f30a9848daf2522b76448ecb9249ffe58dad4363b1d08181131a89af718ecbd5ffe44e032ca26664eecabc9aa57a875b5964ea492b7e759606a3f4ab36130a8a43a19be74709dea4eeebf5e53706685122e6603247996d672dacdf1bbadf5df111cfe7e72f5b2c6cdc32c1e4eed30147c9a51c5abd4214c577c4c8d1725daf906d145c6ff2c9ab0fc3da4edfb92be40b4af234c2bc147b2d08a801b539928cb754f2f6d2d4280ee0c834ee4f5eb8b0662ffa6f7154307b0fe55fe248a3f953a09b06244674adbf31dd7489be3f26423140ffe98671ca413d678047096fcad53f5bca7e602354553af02c225a67e4e8eabf298495a99de9653638405ebe78dc75e6d16c39e1547dadbc07a014369e39175991368d05be623656c4ecb3735612546b9a9c1490f834cab7567e61c8b2669aa62f156f2ff3b76b32e11b0e0acb6c7ccd6623bef1a5ccbe5f477ae90b3918899fc6b6075c514deaf387d5f09cd59f3fb3c0a9614f1eec092a8f7c6bd200e04da47085d58adc08f1f0651f7ce0cea5792a30aa2bee9970913fc9e79bcf0b5c55adfa6967a44b84ffcd3ce7fb47a610773eb9323b8ab3b5b9670f3ddc06e673e5ebe929f1ae4508decd56a2cefc34bab4703bbd3d83fcfdc27fc4e8a799a34742526848f6aae932ec98959f46ea50f12e0ad3ba4ef50a7b4defdf2fcf8dd2afdb8f29a1b7eed384b17c8b4ff4cfc220745cef2c083615eee226bccb8f2b7faf5a8948e60edc37a644b70011ff8b608da74a3873b2d8a6ba50dcce8a5ed6fe96c599c6d0b8a431f0b96789e974ea48400b94c2d1fbb7a8908de838cc64d4de93d506dfb450012df4af40d5980aed567e0b94281f8109ae7cb42f8253783a9ccb1cdd07245b31c0a00f13b42eedea9dd6d031f283a277f140f7ccacffc4e76829fede0479d59a542f873524651dbed995a00749e1b06182f073ebc3122ef1b007436d9eeb89d4f82ad366361ae8bb54e795b5c3d0594ccab1d5019f4b9191fd7c84598c866a8f98b2759738a65af53943b466aec83bb055e8f6c6e7755862de6c4c203fa67663702783f5f19459620a99f4de75fc85efedc44cf65adaaead7038406ebc507048b115c44209057f887f204a60ad9f6abc9b7983b930be5115cd91de9723bef58d29e421e123c7fa19ac3de2900827041d096ce0d589d45159c322ff3529687b89a10dd6c628977aedb1547ab6630995b48edba0a6f0e9ce99166dd7acdab5253f6bd4c3891c45d6ce4cf136a7791bc553769b57559215f79051388cff4761a3a63f6c73d8d7aafa8053e4f764f1c37b8b57128ecea00d7046c7532576bd413e01bf6df40bb1c3bf0480efbb1407003a98b1014552d2a1ecf99ba29c063ba96b3555cca24a211c2c604766a6b503a875040039f23f7ed46566519ee1aed0167c774555b623bee2bcfe83459af5527b312a19298e8323cd9b3fe5e075ee0867aadae8bc81939919d6d36834a87c1bf9e47d467395892aa09f12cfc172a2a9a44a43ff880219487798a206fbaca25172b3f00867d3f100f355ccb987bd0c41c015d791bae97c258ea4138a377fee51219e917893248391b7b2fa8d1bedc3ac71e5dd6ac382a0c8e0753f16bda800108d9dcbf9ccb192136b1cc555129afd8821b007543ff2d14f07003fe05cdd5fd133295c36bd44aca53c8fd91428fbd72951d4a97006636456baeac6c4d2f75d864e5aec7e738d865f2a0e5bdfadccc2486241fb38c024f981b08c8ad06bd48e99ee116c764d894f39e603949a4644ab2ed942d933876f16949c833f0bf1962b908087ff77b9318945edd47cf5c6b329e0dc403944fc9fc49e0c88f0177ba649ce61b4758ccdce20df2abbc45fec9e350286898d3fbc0ace3f75a5d8667438217ad564903ce64ee98e90ea770e431bec58c7d624278c5dc5955a555056be562308c7a003abdeb13456d43c245bcaa63c4ed17a4fb73cd53d890130322ad78c9b53073e7146ee8cc36f29f632c0e554dbcf161ab7a01badd56a0d84c8f337a2a3248c4ec96445158cb59060c352df81f6b85cccda5a0d737d44101a413d9edf5ed0bf16537520bd544e25540124ac7fc202bb8db6b141fca9cc25e85b4d064535de0dc5b8868025b71f8950ddc35d6b1bf04d8440c8ea2660fa3476578981bb467e9a54a9ebb2561f1414d34a922168537cde92375d6bb4e35cf4e2655cb0daca2a1b75013a9a5f72768b061492a381d1e339970a322f07ff3d0b9af33af6a191ed778a99b721eb89a294ebf76748230837f75cb9f5f31a0dcc4b9f6dcc99487e5799e1ff5db60f7193308a4b40dcac5e9aa3a288c03d724a5e2da794590446c236234eb0b34cc60fde282400039d7a263fad5b2df94907c54b07cc0d3e6d97a64e7306131f741caec8bfca4e40b033f4633a63d0845db13b0b59b3eb0ad2cde32856ee356d8e910524f71aa75d1b527bd0c69c7126f7d18644c3547acedcac805f9077778362d40004e8fb4d6de7f3dd679e1519f8896174be1fb9313a90bd3c5f2999cb0e1d96cbad7a1d9a708558d4984343d4b05f16acda0edba81d898efea1d7bb10baeaf2141d5b40b2131983132c6c16add15f83d122f305d67067321bc004960d47cb7e41e530a025498fa1d07b3040be112638801625d3e7e90d73b398bfe6d473278c5feba0b895347fc3395aa7c33", @typed={0x8, 0x122, 0x0, 0x0, @fd=r2}, @typed={0x8, 0x10, 0x0, 0x0, @u32=0x7}]}, @typed={0xc, 0x123, 0x0, 0x0, @u64}]}, @generic="d90a58cde601d565cdddcc6aa3fcc8c25583297245b4d7973d0df9b022c59bb26343d8fac6abbe023d9e0640355e0034d2aca4a49132b88c8660af242102d45a28332c4b796cc5268b9a5ec5b61042577e3e5ea90f21384e8c5852110520bfd976705ca7e25e8a5ac6dd7bdadeb451f164c86cdb89561b05f0b9e143b1917e3dd99ee920f46511a803ab9cf9dd2d6aaf8aee259d1476cd960ce44acbc6a970c4fdd6f99aeee46de8efec7151b1e4cc13cd723e9cfa7ba2f69b60189d7aff553101c449174d1e18b6c5b148275100a3f8bd0c4c96296c43028aa284f8f626392a21d31e5e06fe98065e0246d46b7fe927a881c18c044e5c139e", @typed={0x14, 0xbe, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0xa}}, @typed={0x8, 0x63, 0x0, 0x0, @uid}, @typed={0x8, 0x18, 0x0, 0x0, @u32=0x4}, @nested={0x3d, 0xee, 0x0, 0x1, [@typed={0x8, 0x39, 0x0, 0x0, @fd}, @typed={0x8, 0xc0, 0x0, 0x0, @ipv4=@empty}, @nested={0x4, 0x4f}, @generic="f01254c8a325874b7a364f60eb18eb3e374838d32bfdcf", @typed={0x8, 0x9e, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @generic="a5fa1bc096f7"]}]}, 0x1114}], 0x1, 0x0, 0x0, 0x10004800}, 0xc000) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = dup(r6) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000280)={r4, 0x40}, &(0x7f00000002c0)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r9, 0x4) sendto$inet6(r3, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c) 4.116646537s ago: executing program 2 (id=1012): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0) readv(r1, &(0x7f00000001c0), 0x0) 3.941603051s ago: executing program 3 (id=1013): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x5c}}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="440000000906010200120000000c0000000000000900020073797a310000000005000100070000001c0007800c00018008000140fffffffe0c00028008000140"], 0x44}, 0x1, 0x0, 0x0, 0x10008086}, 0x4000050) 3.845588299s ago: executing program 3 (id=1014): socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000200)={[{@discard}, {@umask={'umask', 0x3d, 0x1}}, {@dmask={'dmask', 0x3d, 0x3df5}}, {@allow_utime={'allow_utime', 0x3d, 0x7}}, {@namecase}, {@discard}, {@allow_utime={'allow_utime', 0x3d, 0x4}}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x1f000}}, {@errors_remount}]}, 0x1, 0x154e, &(0x7f0000001c00)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEmSJLklJE1yJCExhCQNSUguQxJDSC4Tk8b9fr8kJEmTJCG5Jev/THjUqc45/3+d9D/e3/Ps51vvt/a79trf++1vX1y+7jy4RqOaVRsQEfwheO4lCQBiAaA/AOQGgAAAysaVjQMMILvEpD+2Efbnuj/1Us+AXRK9zr9y/S9rfPxf3rj+lzeu/+WN63954/pf3rj+lzeuP2OXs4lTCsRtmFLgqv8Pl9jzu/DnjZkNAH6770d/6ff3v7L8dc//gZ///+3w+f9/SGap0Z+vKnVNF4CY/zSF63954/r/zwr+k5W4/pc3rv/lKvZST4D9DfDxfznI9rs9XP/LG9efscvZpX7+fKkXiPzNPoND2c8V5q/af8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7C9w0l+kAOBC+1LPizHGGGOMMcYYY38en+1Sz4AxxhhjjDHGGGP/fQgCJCgIIAayQSxkhxwgAOBKyAW5IQJXQRxcDXngGsgL+SA/FIB4KAiFQIMBCwQhFIYiEIVroShcB8WgOJSAkuCgFCTA9VAaboAycCOUhZugHNwM5aECVIRKcAtUhluhCtwGVeF2qAbVoQbUhDugFtwJteEuqAN3Q124B+rBvVAf7oMGcD80hAegETwIjeEhaAJNoRk0hxb/T/nPQnd4DnpAT0iCXtAbnoc+0Bf6wQvQH16EAfASDISXIRkGwWB4BYbAqzAUXoNhMBxGwOswEt6AUTAaxsBYSIFxMB7ehAnwFkxeBTAJJkMqTIGp8A5Mg+kwA96FmfAezILZMAfmQhq8D/NgPqTDB7AAPoQMWAiLYDEsgaWwDJbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANPoLt8DHsgJ2wCz6B3fDpz/IBkn6q57/KP/FP+V0QEFCgQIUKYzAGYzEWc2AOzIk5MRfmwghGMA7jMA/mwbyYF/NjfozHeCyEhdCgQULCwlgYoxjFolgUi2ExLIEl0KHDBEzA0ngDlsEyWBbLYjksh+WxAlbASlgJK2NlrIJVsCpWxWpYDWtgDbwD78BeWBtrYx2sg3Wx7oXHU9gAG2BDbIiNsBE2xsbYBJtgM2yGLbAFtsSW2ApbYRtsg22xLbbDdpiIidge22MH7IAdsSN2wk7YGTtjF+yKXTOfzQb4HD6HPbGa6IW9sTf2weRs/fAFfAFfxAH4Er6EL2MyDsLB+Aq+gq/iUDyOw3A4jsARWFm8gaNwNJIYiymYguNxPE7ACZg10bdxMqbiFJyKU3EaTsfp+C7OxPfwPZyNs3EupmEazsP5mI7puABPYAYuxEW4GJfgUlyCy3EFLsdVuBpX4Vpci+txPW7EjbgZN+NW3IofoQLAj3En7sRk3I27cQ/uwb24F/fhPszETNyP+/EAHsCDeBAP4SE8jEfwKB7BY3gMj+MJPIkn8TSexjP4dPyXDT8qvjIZRBYllIgRMSJWxIocIofIKXKKXCKXiIiIiBNxIo/II/KKvCK/yC/iRbwoJAoJI4wgEcYAgIiKqCgqiopiopgoIUoIJ5xIEAmitCgtyogyoqy4SZQTN4vyooJo7SqJSqKyaOOqiNtEVVFVVBPVRQ1RU9QUtUQtUVvUFnVEHVFX1BX1xL2ivuiF/fB+kVWZRmIQNhaDsYloKuT5X7CWYii2Eq1FG/GoGI7DsJ1o6RLFE6K9GIUdxD/EaHxKdBJjsbN4RnQRXUU38azoLlq5HqKnmIi9RG8xGfuIvqKfeEFMw+riXZyZvYZ4WSSLQWKweEXMxVfFUPGaGCaGixHidTFSvCFGidFijBgrUsQ4MV68KSaIt8RE8baYJCaLVDFFTBXviGliupgh3hUzxXtilpgt5oi5Ik28L+aJ+SJdfCAWiA9FhlgoFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2iY/EdvGx2CF2il3iE7FbfCr2iM/EXvG52Ce+EJniS7FffCUOiK/FQfGNOCS+FYfFEXFUfCeOie/FcXFCnBSnxGnxgzgjfhRnhRcgUQoppZKBjJHZZKzMLnPIK2ROGZz/dK+ScfJqmUdeI/PKfDK/LCDjZUFZSGpppJUkQ1lYFpFRea0sKq+TxWRxWUKWlE6Wkgnyella3iDLyBtlWXmTLCdvluVlBVlRVpK3yMryVgmRc9uoJqvLGrKmvEMmwZ2ytrxL1pF3y7ryHllP3ivry/tkA3m/bCgfkI3kg7KxfEg2kU1lM9lctpAPy5byEdlKtpZt5KOyrXxMtpOPy0T5hGwv/fmvyFOyk3xadpbPyC6yq+wmf5RnpZc9ZE8JvUD2ls/LPrKv7BcLAPJFOUC+JAfKl2WyHCQHy1fkEPmqHCpfk8PkcDlCvi5HyjfkKDlajpFjZYocJ8fLN+UE+ZacKN+Wk+RkmSqnyH6y/08jzZDy3+a/+Rv5A3/a+nq5QW6Um+RmuUVuldvkR3K73C53yB1yl9wld8vdco/cI/fKvXKf3CczZabcL/fLA/KAPCgPykPykDwsj8hT8jt5TH4vj8sT8oQ8JU/L0/LM+c8AFCqhpFIqUDEqm4pV2VUOdYXKqa5UuVRuFVFXqTh1tcqjrlF5VT6VXxVQ8aqgKqS0MsoqUqEqrIqoqLoWz39hVAlVUjlVSiWo6/9v8lVRdZ0qpor/Iv/C/JJ+Z34tVAvVUrVUrVQr1Ua1UW1VW9VOtVOJKlG1V+1VB9VBdVQdVSfVSXVWnVUX1UV1U91Ud9Vd9VA9VJJKUr3V86qP6qv6qRdUf/WiGqAGqIFqoEpWyWqwGqyGqCFqqBqqhqlhaoQaoUaqkWqUGqXGqDEqRaWo8Wq8mqAmqIlqopqkJqlUlaqmqqlqmpqmZqgZaqaaqWapWWqOmqPSVJqap+apdJWuFqgFKkMtVAvVYrVYLVVL1XK1XK1UK9VqtVqtVWtVhtqgNqhNapPaoraobWqb2q62qx1qh9qldqndarfao/aovWqv2qf2qUyVqfar/eqAOqAOqoPqkDqkDqvD6qg6qo6pY+q4Oq5OqpPqtDqtzqgz6qw6m3XZF4hABCpQQUwQE8QGsUGOIEeQM8gZ5ApyBZEgEsQFcUGe4Jogb5AvyB8UCOKDgkGhQAcmsIE4X/RocG1QNLguKBYUD0oEJQMXlAoSguuD0sENQZngxqBscFNQLrg5KB9UCCoGlYJbgsrBrUGV4LaganB7UC2oHtQIagZ3BLWCO4PawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZOgadAsaB60+IPjZx3yF8f3/ni+R1wP3VMn6V66t35e99F9dT/9gu6vX9QD9Et6oH5ZJ+tBerB+RQ/Rr+qh+jU9TA/XI/TreqR+Q4/So/UYPVan6HF6vH5TT9Bv6Yn6bT1JT9apeoqeqt/R0/R0PUO/q2fq9/QsPVvP0XN1mn5fz9Pzdbr+QC/QH+oMvVAv0ov1Er1UL9PL9Qq9Uq/Sq/UavVav0+v1Br1Rb9Kb9Ra9VW/TH+nt+mO9Q+/Uu/Qnerf+VO/Rn+m9+nO9T3+hM/WXer/+Sh/QX+uD+ht9SH+rD+sj+qj+Th/T3+vj+oQ+qU/p0/oHfUb/qM9qn3Vxn3V6N8ooE2NiTKyJNTlMDpPT5DS5TC4TMRETZ+JMHpPH5DV5TX6T38SbeFPIFDJZyJApbAqbqImaoqaoKWaKmRKmhHHGmQSTYEqb0qaMKWPKmrKmnClnypvypqKpaG4xt5hbza3mNnObud3cbqqb6qamqWlqmVqmtqlt6pg6pq6pa+qZeqa+qW8amAamoWloGplGprFpbJqYJqaZaWZamBampWlpWplW5sIPUzvTziSaRNPetDcdTAfT0XQ0nUwn09l0Nl1MF9PNdDPdTXfTw/QwSSbJ9Da9TR/Tx/Qz/Ux/098MMAPMQDPQJJtkM9gMNkPMEDPUDDXDzHAzIutC1bxhRpnRZowZa1JMihlvxpsJZoKZaCaaSWaSSTWpZqqZaqaZaWaGmWFmmplmlpll5pg5Js2kmXlmnkk36WaBWWAyTIZZZBaZJWaJWWaWmRVmhVllVpk1sMasM+vMBrPBbDKbzBazxWwz28x2s93sMDvMLrPL7Da7zR6zx+w1e80+s89kmkyz3+w3B8wBc9AcNIfMIXPYHDZHzVFzzBwzx81xc9KcNKdNvvPnS29ibXabw15hc9orbS6b2/5znN8WsPG2oC1ktc1r8/0iNtbaYra4LWFLWmdL2QR7/a/i8raCrWgr2VtsZXurrfKruJa909a2d9k69m5b097xi7iuvcfWsw/a+ogAtqltaJvbRvZB29g+ZJvYpraZbW7b2sdsO/u4TbRP2Pb2yV/F8+x8u8KutKvsarvD7rQn7Sl7wH5tT9sfbA/b0/a3L9oB9iU70L5sk+2gX8Uj7Ot2pH3DjrKj7Rg79lfxJDvZptopdqp9x06z038Vp9n37UybbmfZ2XaOnftTnDWndPuBXWA/tBk2gEV2sV1il9pldvmFufrcdq1dZ9fb7fZju8lutlvsVrvtwoWw3Wl32U/sbvup3W+/snvt53afPWgz7Zc/xVn7d9B+Yw/Zb+1he8Qetd/ZY/Z7dSE7a9+/sz/as9ZbICQgSYoCiqFsFEvZKQddQTnpSspFuSlCV1EcXU156BrKS/koPxWgeCpIhUiTIUtEIRWmIhSla+nC9EpQSXJUihLoeipNN1AZupHK0k1Ujm6m8lSBKlIluoUq061UhW6jqnQ7VaPqVINq0h1Ui+6k2nQX1aG7qS7dQ/XoXqpP91EDup8a0gPUiB6kxvQQNaGm1IyaUwt6mFrSI9SKWlMbepTa0mPUjh6nRHqC2tOT1IH+QR3pKepET1Nneoa6UFfqRs9Sd3qOelBPSqJe1Juepz7Ul/rRC9SfXqQB9BINpJcpmQbRYHqFhtCrNJReo2E0nEbQ6zSS3qBRNJrG0FhKoXE0nt6kCfQWTaS3aRJNplSaQlPpHZpG02kGvUsz6T2aRbNpDs2lNHqf5tF8SqcPaAF9SBm0kBbRYlpCS2kZLacVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRt9RNvpY9pBO2kXfUK76VPaQ5/RXvqc9tEXlElf0n76ig7Q13SQvvE96Vs6TEfoKH1Hx+h7Ok4n6CSdotP0A52hH+kseYIQQxHKUIVBGBNmC2PD7GGO8IowZ3hlmCvMHUbCq8K48OowT3hNmDfMF+YPC4TxYcGwUKhDE9qQwjAsHBYJo+G1YdHwurBYWDwsEZYMXVgqTAivD0uHN4RlwhvDsuFNYbnw5rB8WCF88O5K4S1h5fDWsEp4W1g1vD2sFlYPa4Q1wzvCWuGdYe3wrrBOeHdYJrwnrBfeG9YP7wsbhPeHDcMHwkbhg2Hj8KGwSdg0bBY2D1uED4ctw0fCVmHrsE34aNg2fCxsFz4eJoZPhO3DJ3/qv2f+7/cnhb3C3uHz4fOh93fJOdG50bTo+9F50fnR9OgH0QXRD6MZ0YXRRdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH1Ue9rZgOHTjjplAtcjMvmYl12l8Nd4XK6K10ul9tF3FUuzl3t8rhrXF6Xz+V3BVy8K+gKOe2Ms45c6Aq7Ii7qrnVF3XWumCvuSriSzrlSLsE1dy1cC9fSPeJaudaujXvUPeoec4+5x93j7gnX3j3pOrh/uI7uKdfJPe2eds+4Lq6r6+aedd3duFznjskk19v1dn1cH9fP9XP9XX83wA1wA91Al+yS3WA32A1xQ9xQN9QNc8PcCDfCjXQj3Sg3yo1xY1yKS3Hj3Xg3wU1wE91EN8lNcqku1U11U900N81Vnn5uK7PcLDfHzXFpLs3Nc1nXjOlugVvgMlyGW+QWuSVuiVvmlrkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+FznxvU7XZ73B631+11+9wXLtN96fa7r9wB97U76L5xh9y37rA74o6679wx97077k64k+6UO+1+cGfcj+6s8y4lMi4yPvJmZELkrcjEyNuRSZHJkdTIlMjUyDuRaZHpkRmRdyMzI+9FZkVmR+ZE5kbSIu9H5kXmR9IjH0QWRD6MZEQWRhZFFkeWRJZGvC+4KfSFfREf9df6ov46X8wX9yV8Se98KZ/gr/el/Q2+jL/Rl/U3+XL+Zl/eV/AV/UO+iW/qm/nmvoV/2Lf0j/hWvrVv4x/1bf1jvp1/3Cf6J3x7/6Tv4P/hO/qnfKefTtHP+C6+q+/mn/Xd/XO+h+/pk3wv39s/7/v4vr6ff8H39y/6Af4lP9C/7JP9ID/Yv+KH+Ff9UP+aH+aH+xExr/uRF26RYaxP8eP8eP+mn+Df8hP9236Sn+xT/RQ/1b/jp/npfoZ/18/07/lZfraf4+f6NP++n+fn+3T/gV/gP/QZfuGFh8p+mV/uV/iVfpVf7df4tX6dX+83+I1+k9/st/itfpv/yG/3H/sdfqff5T/xu/2nfo//zO/1n/t9/guf6b/0+/1X/oD/2h/03/hD/lt/2B/xR/13XsL3/rg/4U/6U/60/8Gf8T/6s/xv1hhjjDHG/iPjLjbFL3vOPTXr9Rs54mcr9waAKzcXyPx5f9YV5Zq859p9RXzbCAA80bPz/ReWatWSkpLOr5shISgyG+DCnwRliYGL8UJoA49BIrSG0r85/76i62n6N+NHbwLI8bOcWLgYXxz/MwBM+o3xH350xLxy4cm4fzH+bIBiRS7mZIeL8UJo89PzldZQ5nfmn6/l78wfz4+f/fMUgFY/y8kJF+OL80+AR+BJSPzFmowxxhhjjDHG2Dl9RcWOF+4/L/yNz9+6P49XF3OywcX4392fM8YYY4wxxhhj7NJ7qmu3xx9OTGzd8V81roTf6qryb7L+YKPxb26UG/+1hvcAF95RAPAHBwTIasi/ci82/iXbSj5/6Pxz15JTPoC/Ryn/jMYl/mFijDHGGGOM/ekuXvT/8n31T6+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhj77/kr/juxS72PjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2KX2fwIAAP//dxXwBg==") sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) socket(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) r3 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'syz_tun\x00'}) r4 = socket(0x200000000000011, 0x2, 0x0) setsockopt$packet_fanout(r4, 0x107, 0x12, 0x0, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000280)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x2, 0x1, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x1, "a483f184f0334b90f7455389810a695fc32c36677d0b0816", "89a1a2e06cb164e9140c6f4df2c09fa2b0d4fac08c4d603fb6907c2a6aabe251"}}}}}}, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c0000001a00010000000000000000000210000000020009001e000008", @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x404c800}, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[], 0x0) 3.82623783s ago: executing program 2 (id=1015): setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000000080)=[0xee00]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x9, 0xc) 2.421674294s ago: executing program 2 (id=1016): r0 = fsopen(&(0x7f0000000240)='tmpfs\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r4, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, 0x0, 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000080)='seclabel', &(0x7f00000000c0)='<', 0x1) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x2000006, &(0x7f0000000900)=ANY=[@ANYBLOB], 0x25, 0x35b, &(0x7f0000000200)="$eJzs3T9oXHUcAPDv9V1yabAmg1AUh9NNkNJEHHRKKBWKGbRy+G/xsKl/cmchhwdxyOUWpTgpLoJObh1cO4uDiE4OrlaQorjYrdDQJ/f/Xe5dew6JLf18hvbL9/f7vt/3PR55L+Hyy1ut2LowFxdv3LgeCwuFKK6dWYubhViOY5FEz17k+nQ+Pw8A3ONupmn8k/bcffbni4PIsx8A7l/d5/87J0aJ0vj443d6K7j80KH1BQAcnhm//38pN3vp0NoCAA7RxPP/ybHhAz/mLw4/EwAA3L9eef2NF9c3Is6XywsR9U+alWYlnh+Nr1+M96IWm3E6lmI/ovei0Htb6Pz7wrmNs6fL5VgeVjQrEfVWs9J7U1hPuvWlWImlzqR0qBsnnfqVcldE7LW660e90KzMxWJ//d8WYzNWYyke6dQUI1MfcW7j7Gq5f4BKfVDfimjHwqClTv+nYil+eTsuRS0uRKd21P/uSrl8Jt0Yq29eKXXnTXV7pg9MAAAAAAAAAAAAAAAAAAAAAABArlPloeXh/jdpvdX8+PzBCctj++NUesP9/YHavf2B0tJgd5/Lydj+QBP78zQrxTj2v545AAAAAAAAAAAAAAAAAAAA3DsaO/NRrdU2txs7H21lg1Ym88GP335/PAZDxX7p+8moKvrJseMMJmaOnMRwiXRYniZjc/pBEjGYvFe9cnXYcXZOaXgWE+WdoDQxVOj3VK3VTjzxx1d5Vbc7wV43k8TEZRkPCv31M0P1hzuJhYjYn1Y1PVi9y5xraZpOK9/9crIqChHF+M9tzBD8cP3dR59pnHy2m/muv+nDU08vvXrti2/+2qrWot27MrXa/HZjP53hyJ1eJ4eSzP1T6F/nQs6dkB+0R5n2dmOnmvz692uPffbTgclJ/v2TZjMfTlticFtmhuZ7QSFieXAR7tTqXM7Nnx+8eWtirdmDk1+vVa/u/v7nrFWZLxI26gAAAAAAAAAAAAAAAAAAgCOR+V3xWfzc+++5lw+3KwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4WqO//58J2hOZWYJbrZgcKm1uN6YufvxITxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAfYvwEAAP//ztdxiw==") ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0) sendfile(r5, r5, 0x0, 0x9) 2.34763194s ago: executing program 1 (id=1017): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r2, 0x0, 0x0, 0x8000c61) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x10) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0) 510.641359ms ago: executing program 3 (id=1018): open(&(0x7f0000000140)='./file1\x00', 0x60142, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) unlink(&(0x7f0000000100)='./file1\x00') syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x200000000000002f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 374.99558ms ago: executing program 1 (id=1019): connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(ecb-camellia-aesni,wp512-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) sendmsg$AUDIT_GET_FEATURE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x10, 0x3fb, 0x8, 0x70bd2b, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x10040001}, 0x801) socket$inet_mptcp(0x2, 0x1, 0x106) openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000300)='/proc/asound/card3/oss_mixer\x00', 0x101202, 0x0) syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000000109022400010000000009040000010e01000009210000000122050009058103"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) ioctl(r4, 0x8b1b, &(0x7f0000000040)) ftruncate(0xffffffffffffffff, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, 0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x0, 0x4) 272.303078ms ago: executing program 2 (id=1020): socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) bind$vsock_stream(r0, &(0x7f0000000000)={0x10}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r4, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 0s ago: executing program 2 (id=1021): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x5) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@ipv6_delrule={0x1c, 0x21, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) bpf$PROG_BIND_MAP(0x23, &(0x7f00000000c0)={0xffffffffffffffff, r4}, 0xc) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000000, &(0x7f0000000440)={[{@nolazytime}, {@orlov}, {@usrjquota}, {@usrjquota}, {@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ") r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) fcntl$dupfd(r5, 0x0, r5) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) sendfile(0xffffffffffffffff, r7, 0x0, 0x7ffff000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.195' (ED25519) to the list of known hosts. syzkaller login: [ 67.346396][ T5775] cgroup: Unknown subsys name 'net' [ 67.510090][ T5775] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 69.024681][ T5775] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 70.501941][ T5788] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 70.512466][ T5797] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 70.520260][ T5797] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 70.528224][ T5797] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 70.537149][ T5797] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 70.545609][ T5797] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 70.555700][ T5788] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 70.564215][ T5800] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 70.572360][ T5799] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 70.580198][ T5799] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 70.587628][ T5800] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 70.597444][ T5798] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 70.605660][ T5799] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 70.613413][ T5799] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 70.620735][ T5800] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 70.627824][ T5799] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 70.637013][ T5799] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 70.641252][ T5788] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 70.644728][ T5799] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 70.653510][ T5788] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 70.658822][ T5799] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 70.672778][ T5799] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 70.680195][ T5799] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.681626][ T5788] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 71.192976][ T5790] chnl_net:caif_netlink_parms(): no params data found [ 71.206917][ T5785] chnl_net:caif_netlink_parms(): no params data found [ 71.216562][ T5787] chnl_net:caif_netlink_parms(): no params data found [ 71.357506][ T5789] chnl_net:caif_netlink_parms(): no params data found [ 71.410821][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.418318][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.426253][ T5787] bridge_slave_0: entered allmulticast mode [ 71.434429][ T5787] bridge_slave_0: entered promiscuous mode [ 71.437884][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.444108][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.453756][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.453771][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.467227][ T5787] bridge_slave_1: entered allmulticast mode [ 71.474566][ T5787] bridge_slave_1: entered promiscuous mode [ 71.519306][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.526948][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.535180][ T5790] bridge_slave_0: entered allmulticast mode [ 71.541930][ T5790] bridge_slave_0: entered promiscuous mode [ 71.549858][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.557230][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.564424][ T5785] bridge_slave_0: entered allmulticast mode [ 71.571156][ T5785] bridge_slave_0: entered promiscuous mode [ 71.599874][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.607171][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.614368][ T5790] bridge_slave_1: entered allmulticast mode [ 71.621144][ T5790] bridge_slave_1: entered promiscuous mode [ 71.627928][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.635214][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.643263][ T5785] bridge_slave_1: entered allmulticast mode [ 71.649997][ T5785] bridge_slave_1: entered promiscuous mode [ 71.673471][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.719512][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.740829][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.751845][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.763702][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.807645][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.874312][ T5785] team0: Port device team_slave_0 added [ 71.880433][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.887853][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.895095][ T5789] bridge_slave_0: entered allmulticast mode [ 71.901880][ T5789] bridge_slave_0: entered promiscuous mode [ 71.913033][ T5787] team0: Port device team_slave_0 added [ 71.921311][ T5790] team0: Port device team_slave_0 added [ 71.929007][ T5785] team0: Port device team_slave_1 added [ 71.946053][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.953208][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.960317][ T5789] bridge_slave_1: entered allmulticast mode [ 71.967693][ T5789] bridge_slave_1: entered promiscuous mode [ 71.975689][ T5787] team0: Port device team_slave_1 added [ 71.994482][ T5790] team0: Port device team_slave_1 added [ 72.056870][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.064280][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.090321][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.103709][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.110665][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.138526][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.151502][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.163803][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.173402][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.180343][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.206650][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.252718][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.259674][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.286245][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.298153][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.305454][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.338159][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.350522][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.357771][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.383697][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.410820][ T5789] team0: Port device team_slave_0 added [ 72.420388][ T5789] team0: Port device team_slave_1 added [ 72.475965][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.483063][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.509168][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.522069][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.529089][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.555110][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.569886][ T5785] hsr_slave_0: entered promiscuous mode [ 72.576295][ T5785] hsr_slave_1: entered promiscuous mode [ 72.691352][ T5787] hsr_slave_0: entered promiscuous mode [ 72.698109][ T5787] hsr_slave_1: entered promiscuous mode [ 72.706064][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.714308][ T5787] Cannot create hsr debugfs directory [ 72.714701][ T50] Bluetooth: hci1: command tx timeout [ 72.719713][ T5788] Bluetooth: hci0: command tx timeout [ 72.726454][ T5799] Bluetooth: hci3: command tx timeout [ 72.731105][ T5788] Bluetooth: hci2: command tx timeout [ 72.754353][ T5790] hsr_slave_0: entered promiscuous mode [ 72.760773][ T5790] hsr_slave_1: entered promiscuous mode [ 72.767719][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.775421][ T5790] Cannot create hsr debugfs directory [ 72.805651][ T5789] hsr_slave_0: entered promiscuous mode [ 72.811929][ T5789] hsr_slave_1: entered promiscuous mode [ 72.818084][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.825853][ T5789] Cannot create hsr debugfs directory [ 73.143581][ T5785] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 73.157872][ T5785] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 73.167430][ T5785] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 73.179700][ T5785] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 73.243756][ T5790] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.254900][ T5790] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.276962][ T5790] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.302080][ T5790] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.346000][ T5789] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 73.383516][ T5789] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 73.393154][ T5789] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 73.410401][ T5789] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 73.469961][ T5787] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 73.481776][ T5787] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 73.493929][ T5787] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 73.520905][ T5787] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 73.554131][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.618524][ T5785] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.641066][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.657027][ T2931] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.664367][ T2931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.710338][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.717691][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.746119][ T5790] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.774354][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.781486][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.790494][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.797654][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.844422][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.900652][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.919633][ T5789] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.963830][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.970979][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.001867][ T2931] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.009090][ T2931] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.040104][ T5787] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.085687][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.092890][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.134450][ T1138] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.141586][ T1138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.259526][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 74.321976][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.360796][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.477282][ T5790] veth0_vlan: entered promiscuous mode [ 74.501716][ T5785] veth0_vlan: entered promiscuous mode [ 74.536437][ T5790] veth1_vlan: entered promiscuous mode [ 74.559650][ T5785] veth1_vlan: entered promiscuous mode [ 74.645138][ T5790] veth0_macvtap: entered promiscuous mode [ 74.661874][ T5790] veth1_macvtap: entered promiscuous mode [ 74.679802][ T5785] veth0_macvtap: entered promiscuous mode [ 74.689888][ T5785] veth1_macvtap: entered promiscuous mode [ 74.704680][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.725436][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.748351][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.760335][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.771417][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.784983][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.793010][ T5791] Bluetooth: hci3: command tx timeout [ 74.793216][ T50] Bluetooth: hci0: command tx timeout [ 74.798412][ T5791] Bluetooth: hci2: command tx timeout [ 74.809907][ T5788] Bluetooth: hci1: command tx timeout [ 74.821748][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.831431][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.842181][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.853605][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.865313][ T5790] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.874839][ T5790] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.884564][ T5790] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.893767][ T5790] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.911537][ T5785] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.920663][ T5785] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.929697][ T5785] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.939031][ T5785] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.083912][ T5789] veth0_vlan: entered promiscuous mode [ 75.092975][ T5787] veth0_vlan: entered promiscuous mode [ 75.140313][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.147680][ T5787] veth1_vlan: entered promiscuous mode [ 75.148584][ T3438] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.161902][ T3438] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.166259][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.183726][ T5789] veth1_vlan: entered promiscuous mode [ 75.265177][ T1126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.274330][ T1126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.300279][ T2931] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.310523][ T5789] veth0_macvtap: entered promiscuous mode [ 75.317955][ T2931] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.335604][ T5787] veth0_macvtap: entered promiscuous mode [ 75.348755][ T5789] veth1_macvtap: entered promiscuous mode [ 75.400513][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.411775][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.421711][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.433293][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.445031][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.455775][ T5787] veth1_macvtap: entered promiscuous mode [ 75.471840][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.493908][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.522868][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.542570][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.560972][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.611758][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.629068][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.639514][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.677124][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.692581][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.716792][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.741889][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.751585][ T5789] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.761492][ T5789] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.775336][ T5789] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.784162][ T5789] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.809452][ T5876] syz.2.5[5876]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 75.827405][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.843939][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.855188][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.869573][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.880691][ T5876] loop2: detected capacity change from 0 to 2048 [ 75.886448][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.902883][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.923095][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.934949][ T5787] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.943695][ T5787] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.953193][ T5787] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.961919][ T5787] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.114736][ T5876] Alternate GPT is invalid, using primary GPT. [ 76.135931][ T5876] loop2: p1 p2 p3 [ 76.168491][ T2931] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.189362][ T5158] Alternate GPT is invalid, using primary GPT. [ 76.192679][ T2931] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.222360][ T5158] loop2: p1 p2 p3 [ 76.300488][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.331866][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.356805][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 76.357061][ T5793] udevd[5793]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 76.381472][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 76.471085][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 76.490244][ T5801] udevd[5801]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 76.496951][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 76.514543][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.541493][ T28] audit: type=1326 audit(1755214606.452:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5887 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 76.563570][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.643167][ T28] audit: type=1326 audit(1755214606.452:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5887 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 76.667368][ T1126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.694495][ T1126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.756099][ T28] audit: type=1326 audit(1755214606.452:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5887 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 76.847739][ T28] audit: type=1326 audit(1755214606.452:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5887 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 76.882314][ T5788] Bluetooth: hci1: command tx timeout [ 76.887756][ T5788] Bluetooth: hci2: command tx timeout [ 76.893249][ T5788] Bluetooth: hci0: command tx timeout [ 76.898740][ T5791] Bluetooth: hci3: command tx timeout [ 76.949878][ T28] audit: type=1326 audit(1755214606.452:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5887 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 77.023334][ T28] audit: type=1326 audit(1755214606.452:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5887 comm="syz.2.8" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 77.551911][ T5901] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10'. [ 78.819923][ T5920] loop1: detected capacity change from 0 to 128 [ 78.865477][ T5920] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 78.909659][ T5920] ext4 filesystem being mounted at /2/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 78.952838][ T5791] Bluetooth: hci2: command tx timeout [ 78.953712][ T5788] Bluetooth: hci1: command tx timeout [ 78.958557][ T5799] Bluetooth: hci3: command tx timeout [ 78.964325][ T5788] Bluetooth: hci0: command tx timeout [ 79.025291][ T5925] loop0: detected capacity change from 0 to 512 [ 79.034067][ T5925] EXT4-fs: Ignoring removed orlov option [ 79.123222][ T5925] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 79.131729][ T5925] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 79.199556][ T5925] EXT4-fs (loop0): 1 orphan inode deleted [ 79.206619][ T5925] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.230648][ T5925] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.869292][ T5937] sched: RT throttling activated [ 80.978889][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.124950][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.153956][ T5953] loop1: detected capacity change from 0 to 16 [ 82.219614][ T5953] erofs: (device loop1): mounted with root inode @ nid 36. [ 82.276203][ T5953] syz.1.24: attempt to access beyond end of device [ 82.276203][ T5953] loop1: rw=0, sector=8, nr_sectors = 32 limit=16 [ 82.548736][ T5958] netlink: 24 bytes leftover after parsing attributes in process `syz.0.22'. [ 83.463653][ T5965] IPVS: set_ctl: invalid protocol: 51 10.1.1.0:20004 [ 83.518102][ T5965] netlink: 'syz.1.27': attribute type 4 has an invalid length. [ 83.618775][ T5971] netlink: 'syz.1.27': attribute type 4 has an invalid length. [ 84.421118][ T5984] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 84.873375][ T5994] Illegal XDP return value 4294967294 on prog (id 13) dev N/A, expect packet loss! [ 85.099957][ T5999] netlink: 32 bytes leftover after parsing attributes in process `syz.0.36'. [ 85.363206][ T6005] IPVS: set_ctl: invalid protocol: 51 10.1.1.0:20004 [ 85.383914][ T6005] netlink: 'syz.3.40': attribute type 4 has an invalid length. [ 85.447885][ T6006] netlink: 'syz.3.40': attribute type 4 has an invalid length. [ 85.708657][ T6010] loop3: detected capacity change from 0 to 256 [ 85.735877][ T6010] FAT-fs (loop3): Unrecognized mount option "18446744073709551615„Â&]yô"¶ò£ÏÊ%ìÐÖ„º×¢"Íáýu" or missing value [ 86.320100][ T6016] loop3: detected capacity change from 0 to 512 [ 86.332795][ T6016] EXT4-fs: Ignoring removed orlov option [ 86.427210][ T6016] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 86.499736][ T6016] EXT4-fs (loop3): 1 orphan inode deleted [ 86.511350][ T6016] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.528553][ T6016] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.208525][ T6024] netlink: 'syz.0.46': attribute type 9 has an invalid length. [ 87.255571][ T6024] netlink: 399 bytes leftover after parsing attributes in process `syz.0.46'. [ 87.672707][ T6032] IPVS: set_ctl: invalid protocol: 51 10.1.1.0:20004 [ 87.701004][ T6032] netlink: 'syz.0.49': attribute type 4 has an invalid length. [ 87.812458][ T6033] netlink: 'syz.0.49': attribute type 4 has an invalid length. [ 87.876869][ T23] cfg80211: failed to load regulatory.db [ 88.077575][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.324031][ T6040] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer. [ 88.373377][ T6043] netlink: 32 bytes leftover after parsing attributes in process `syz.3.53'. [ 88.882038][ T6048] loop3: detected capacity change from 0 to 256 [ 92.161495][ T6049] wg2: entered promiscuous mode [ 92.166544][ T6049] wg2: entered allmulticast mode [ 92.440164][ T6053] netlink: 'syz.1.56': attribute type 9 has an invalid length. [ 92.459685][ T6053] netlink: 399 bytes leftover after parsing attributes in process `syz.1.56'. [ 92.714211][ T6059] netlink: 'syz.0.59': attribute type 4 has an invalid length. [ 92.780477][ T6059] netlink: 'syz.0.59': attribute type 4 has an invalid length. [ 93.074390][ T6073] netlink: 'syz.1.66': attribute type 9 has an invalid length. [ 93.082072][ T6073] netlink: 399 bytes leftover after parsing attributes in process `syz.1.66'. [ 93.338041][ T6069] loop3: detected capacity change from 0 to 40427 [ 93.355314][ T6069] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 93.362140][ T6069] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 93.441322][ T6069] F2FS-fs (loop3): Found nat_bits in checkpoint [ 93.541660][ T6085] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 93.554638][ T6069] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 93.561897][ T6069] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 93.580500][ T6084] netlink: 'syz.2.71': attribute type 4 has an invalid length. [ 93.664900][ T6086] netlink: 'syz.2.71': attribute type 4 has an invalid length. [ 93.711947][ T5790] syz-executor: attempt to access beyond end of device [ 93.711947][ T5790] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 93.739062][ T5790] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 95.380260][ T6114] loop3: detected capacity change from 0 to 4096 [ 95.434795][ T6114] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.466137][ T6116] loop1: detected capacity change from 0 to 4096 [ 95.484582][ T6116] EXT4-fs: inline encryption not supported [ 95.507459][ T6116] EXT4-fs (loop1): Test dummy encryption mode enabled [ 95.591477][ T6116] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.679243][ T6122] netlink: 'syz.0.84': attribute type 4 has an invalid length. [ 95.930143][ T6116] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 96.019950][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.266079][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.945143][ T6156] netlink: 'syz.0.94': attribute type 4 has an invalid length. [ 97.997773][ T6152] loop3: detected capacity change from 0 to 512 [ 98.132066][ T6152] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.166612][ T6152] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.193757][ T6163] syz.0.97[6163] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.193898][ T6163] syz.0.97[6163] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 98.431078][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.472384][ T6177] overlayfs: missing 'lowerdir' [ 99.853561][ T6181] netlink: 'syz.1.104': attribute type 4 has an invalid length. [ 100.382407][ T6190] netlink: 80 bytes leftover after parsing attributes in process `syz.1.108'. [ 100.771306][ T6198] loop2: detected capacity change from 0 to 1024 [ 100.779543][ T6198] ======================================================= [ 100.779543][ T6198] WARNING: The mand mount option has been deprecated and [ 100.779543][ T6198] and is ignored by this kernel. Remove the mand [ 100.779543][ T6198] option from the mount to silence this warning. [ 100.779543][ T6198] ======================================================= [ 100.840686][ T6200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.112'. [ 100.882484][ T6198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.895268][ T6200] netlink: 24 bytes leftover after parsing attributes in process `syz.3.112'. [ 100.907170][ T6198] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.945386][ T6198] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 3: comm syz.2.113: lblock 3 mapped to illegal pblock 3 (length 13) [ 100.995912][ T6198] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117 [ 101.024679][ T6198] EXT4-fs (loop2): This should not happen!! Data will be lost [ 101.024679][ T6198] [ 101.055937][ T6211] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.113: lblock 3 mapped to illegal pblock 3 (length 1) [ 101.098906][ T6211] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.113: lblock 3 mapped to illegal pblock 3 (length 1) [ 101.123423][ T6197] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 4: comm syz.2.113: lblock 4 mapped to illegal pblock 4 (length 4) [ 101.148838][ T6211] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.113: lblock 3 mapped to illegal pblock 3 (length 1) [ 101.157476][ T6215] netlink: 80 bytes leftover after parsing attributes in process `syz.3.119'. [ 101.173015][ T6211] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.113: lblock 3 mapped to illegal pblock 3 (length 1) [ 101.173321][ T6197] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 4: comm syz.2.113: lblock 4 mapped to illegal pblock 4 (length 4) [ 101.192397][ T6211] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.113: lblock 3 mapped to illegal pblock 3 (length 1) [ 101.254258][ T6211] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.113: lblock 3 mapped to illegal pblock 3 (length 1) [ 101.274447][ T6197] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 4: comm syz.2.113: lblock 4 mapped to illegal pblock 4 (length 4) [ 101.680119][ T6228] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 101.703588][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.819898][ T6230] loop3: detected capacity change from 0 to 512 [ 101.853024][ T6230] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 101.894550][ T6230] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 101.909757][ T6230] EXT4-fs (loop3): 1 truncate cleaned up [ 101.922104][ T6230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.758598][ T6237] netlink: 80 bytes leftover after parsing attributes in process `syz.0.128'. [ 103.682109][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.891107][ T6260] fuse: Bad value for 'fd' [ 103.949045][ T6264] netlink: 80 bytes leftover after parsing attributes in process `syz.3.139'. [ 104.162604][ T6270] sctp: [Deprecated]: syz.0.140 (pid 6270) Use of int in maxseg socket option. [ 104.162604][ T6270] Use struct sctp_assoc_value instead [ 104.572430][ T6280] loop3: detected capacity change from 0 to 512 [ 106.041266][ T5791] Bluetooth: hci0: command 0x0c1a tx timeout [ 106.270648][ T6280] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 106.301390][ T6256] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 106.312668][ T6256] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 106.368527][ T6280] EXT4-fs (loop3): 1 truncate cleaned up [ 106.375636][ T6280] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.428284][ T6256] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 107.278755][ T6256] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 107.449871][ T6256] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 107.469466][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.493442][ T6256] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 107.501648][ T6256] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 107.525852][ T6256] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 107.558494][ T6256] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 107.570548][ T6256] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 107.578375][ T6256] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 107.589535][ T6256] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 107.678204][ T6288] netlink: 80 bytes leftover after parsing attributes in process `syz.1.150'. [ 107.829019][ T6293] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 108.197741][ T6307] loop3: detected capacity change from 0 to 4096 [ 108.222478][ T6309] netlink: 80 bytes leftover after parsing attributes in process `syz.0.159'. [ 108.237672][ T6307] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.556450][ T5791] Bluetooth: hci0: command 0x0c1a tx timeout [ 109.091504][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.594859][ T5791] Bluetooth: hci2: command 0x0c1a tx timeout [ 109.746614][ T5791] Bluetooth: hci1: command 0x0c1a tx timeout [ 109.768274][ T5791] Bluetooth: hci3: command 0x0c1a tx timeout [ 110.475473][ T6321] sctp: [Deprecated]: syz.2.161 (pid 6321) Use of int in maxseg socket option. [ 110.475473][ T6321] Use struct sctp_assoc_value instead [ 110.504809][ T6305] loop1: detected capacity change from 0 to 40427 [ 110.528692][ T6305] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff [ 110.808433][ T5791] Bluetooth: hci0: command 0x0c1a tx timeout [ 110.975525][ T6305] F2FS-fs (loop1): invalid crc value [ 111.692303][ T6305] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4) [ 111.859225][ T5791] Bluetooth: hci2: command 0x0c1a tx timeout [ 111.935057][ T5791] Bluetooth: hci1: command 0x0c1a tx timeout [ 112.021753][ T5791] Bluetooth: hci3: command 0x0c1a tx timeout [ 112.414032][ T6344] netlink: 80 bytes leftover after parsing attributes in process `syz.3.168'. [ 112.823741][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.823965][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.439996][ T6366] netlink: 80 bytes leftover after parsing attributes in process `syz.2.179'. [ 113.549769][ T5832] usb 4-1: new low-speed USB device number 2 using dummy_hcd [ 113.593523][ T6356] loop1: detected capacity change from 0 to 40427 [ 113.649683][ T6356] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 113.657463][ T6356] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 113.703291][ T6356] F2FS-fs (loop1): invalid crc value [ 113.735137][ T6356] F2FS-fs (loop1): Found nat_bits in checkpoint [ 113.780527][ T5832] usb 4-1: unable to get BOS descriptor or descriptor too short [ 113.800141][ T5832] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 113.818680][ T6356] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 113.820088][ T5832] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 8 [ 113.826438][ T6356] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 113.851026][ T5832] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 113.873370][ T5832] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 113.913155][ T5832] usb 4-1: string descriptor 0 read error: -22 [ 113.934813][ T5832] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 113.963009][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.002811][ T6358] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 114.015925][ T6358] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 114.023206][ T6358] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 114.102408][ T5791] Bluetooth: hci2: command 0x0c1a tx timeout [ 114.104783][ T5832] cdc_ether: probe of 4-1:1.0 failed with error -22 [ 114.188715][ T5791] Bluetooth: hci1: command 0x0c1a tx timeout [ 114.232258][ T5787] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 114.240174][ T5787] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 114.248931][ T5787] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 114.257624][ T5787] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 114.265638][ T5787] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 114.273561][ T5787] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 114.281733][ T5791] Bluetooth: hci3: command 0x0c1a tx timeout [ 114.287872][ T5787] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 114.330643][ T5832] usb 4-1: USB disconnect, device number 2 [ 115.159189][ T6397] sctp: [Deprecated]: syz.1.185 (pid 6397) Use of int in maxseg socket option. [ 115.159189][ T6397] Use struct sctp_assoc_value instead [ 115.218867][ T6399] netlink: 80 bytes leftover after parsing attributes in process `syz.3.188'. [ 115.545887][ T6403] loop3: detected capacity change from 0 to 512 [ 115.552751][ T6403] EXT4-fs: Ignoring removed orlov option [ 115.568173][ T6403] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 115.584835][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 115.605164][ T6403] EXT4-fs (loop3): 1 orphan inode deleted [ 115.611723][ T6403] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.637552][ T6403] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.640781][ T1126] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 115.804581][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 116.583159][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!! [ 116.679058][ T1126] EXT4-fs error (device loop3): ext4_release_dquot:6974: comm kworker/u4:7: Failed to release dquot type 1 [ 116.731362][ T6416] netlink: 'syz.0.193': attribute type 4 has an invalid length. [ 116.739473][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.748498][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.749721][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.757032][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.775376][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.808251][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 117.591747][ T6432] netlink: 80 bytes leftover after parsing attributes in process `syz.2.198'. [ 117.807522][ T6436] loop2: detected capacity change from 0 to 512 [ 117.890885][ T6436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.926818][ T6436] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.971919][ T6436] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #2: comm syz.2.202: corrupted inode contents [ 117.990222][ T6436] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #2: comm syz.2.202: mark_inode_dirty error [ 118.009695][ T6436] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #2: comm syz.2.202: corrupted inode contents [ 118.032319][ T6436] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.202: mark_inode_dirty error [ 118.088425][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.194383][ T6442] netlink: 'syz.2.203': attribute type 4 has an invalid length. [ 118.431033][ T6446] loop2: detected capacity change from 0 to 128 [ 118.564046][ T6446] syz.2.205: attempt to access beyond end of device [ 118.564046][ T6446] loop2: rw=2049, sector=145, nr_sectors = 89 limit=128 [ 118.723962][ T6446] syz.2.205: attempt to access beyond end of device [ 118.723962][ T6446] loop2: rw=2049, sector=241, nr_sectors = 800 limit=128 [ 118.768643][ T6456] sctp: [Deprecated]: syz.0.208 (pid 6456) Use of int in maxseg socket option. [ 118.768643][ T6456] Use struct sctp_assoc_value instead [ 118.939980][ T6446] syz.2.205: attempt to access beyond end of device [ 118.939980][ T6446] loop2: rw=524288, sector=241, nr_sectors = 256 limit=128 [ 118.983062][ T6460] netlink: 80 bytes leftover after parsing attributes in process `syz.3.210'. [ 118.997255][ T6446] syz.2.205: attempt to access beyond end of device [ 118.997255][ T6446] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 119.023289][ T6446] syz.2.205: attempt to access beyond end of device [ 119.023289][ T6446] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 119.044703][ T6446] syz.2.205: attempt to access beyond end of device [ 119.044703][ T6446] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 119.059337][ T6445] syz.2.205: attempt to access beyond end of device [ 119.059337][ T6445] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 119.073086][ T6446] syz.2.205: attempt to access beyond end of device [ 119.073086][ T6446] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 119.109420][ T6445] syz.2.205: attempt to access beyond end of device [ 119.109420][ T6445] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 119.147557][ T6446] syz.2.205: attempt to access beyond end of device [ 119.147557][ T6446] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 119.347541][ T6464] loop1: detected capacity change from 0 to 512 [ 119.354470][ T6464] EXT4-fs: Ignoring removed orlov option [ 119.369162][ T6464] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 119.377971][ T6463] netlink: 'syz.3.213': attribute type 4 has an invalid length. [ 119.405100][ T6464] EXT4-fs (loop1): 1 orphan inode deleted [ 119.412377][ T6464] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.433269][ T1138] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 119.443275][ T6464] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.474670][ T1138] EXT4-fs error (device loop1): ext4_release_dquot:6974: comm kworker/u4:8: Failed to release dquot type 1 [ 119.586428][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.664050][ T6493] netlink: 80 bytes leftover after parsing attributes in process `syz.2.221'. [ 122.306756][ T6514] sctp: [Deprecated]: syz.0.228 (pid 6514) Use of int in maxseg socket option. [ 122.306756][ T6514] Use struct sctp_assoc_value instead [ 122.634601][ T6545] loop1: detected capacity change from 0 to 512 [ 123.270105][ T6545] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 123.658163][ T6545] EXT4-fs (loop1): 1 truncate cleaned up [ 123.664604][ T6545] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.728010][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.600346][ T6603] loop3: detected capacity change from 0 to 512 [ 127.930472][ T6603] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 128.249605][ T6603] EXT4-fs (loop3): orphan cleanup on readonly fs [ 128.261301][ T6603] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.247: bg 0: block 248: padding at end of block bitmap is not set [ 128.278195][ T6603] Quota error (device loop3): write_blk: dquota write failed [ 128.285959][ T6603] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 128.295923][ T6603] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.247: Failed to acquire dquot type 1 [ 128.313966][ T6603] EXT4-fs (loop3): 1 truncate cleaned up [ 128.333061][ T6603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 128.895153][ T6605] sctp: [Deprecated]: syz.1.248 (pid 6605) Use of int in maxseg socket option. [ 128.895153][ T6605] Use struct sctp_assoc_value instead [ 128.944591][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.768804][ T6617] overlayfs: failed to clone lowerpath [ 130.115695][ T6618] overlayfs: failed to clone upperpath [ 130.501020][ T6616] cgroup: fork rejected by pids controller in /syz3 [ 131.029755][ T6617] netlink: 28 bytes leftover after parsing attributes in process `syz.0.250'. [ 133.863664][ T6680] netlink: 'syz.0.258': attribute type 3 has an invalid length. [ 134.178706][ T6678] loop3: detected capacity change from 0 to 256 [ 135.606078][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 135.633773][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 136.780205][ T6697] loop2: detected capacity change from 0 to 128 [ 137.006909][ T6696] bio_check_eod: 1124 callbacks suppressed [ 137.006926][ T6696] syz.2.265: attempt to access beyond end of device [ 137.006926][ T6696] loop2: rw=2049, sector=145, nr_sectors = 89 limit=128 [ 137.084207][ T6696] syz.2.265: attempt to access beyond end of device [ 137.084207][ T6696] loop2: rw=2049, sector=241, nr_sectors = 216 limit=128 [ 137.170927][ T6696] syz.2.265: attempt to access beyond end of device [ 137.170927][ T6696] loop2: rw=524288, sector=241, nr_sectors = 216 limit=128 [ 137.197666][ T6696] syz.2.265: attempt to access beyond end of device [ 137.197666][ T6696] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 137.235724][ T6696] syz.2.265: attempt to access beyond end of device [ 137.235724][ T6696] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 137.284801][ T6696] syz.2.265: attempt to access beyond end of device [ 137.284801][ T6696] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 137.304802][ T6696] syz.2.265: attempt to access beyond end of device [ 137.304802][ T6696] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 137.319291][ T6695] syz.2.265: attempt to access beyond end of device [ 137.319291][ T6695] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 137.338914][ T6696] syz.2.265: attempt to access beyond end of device [ 137.338914][ T6696] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 137.360873][ T6696] syz.2.265: attempt to access beyond end of device [ 137.360873][ T6696] loop2: rw=0, sector=241, nr_sectors = 8 limit=128 [ 137.385900][ T6696] Buffer I/O error on dev loop2, logical block 241, async page read [ 137.394335][ T6696] Buffer I/O error on dev loop2, logical block 242, async page read [ 137.407830][ T6696] Buffer I/O error on dev loop2, logical block 243, async page read [ 137.416126][ T6696] Buffer I/O error on dev loop2, logical block 244, async page read [ 137.429584][ T6696] Buffer I/O error on dev loop2, logical block 245, async page read [ 137.437845][ T6696] Buffer I/O error on dev loop2, logical block 246, async page read [ 137.451158][ T6696] Buffer I/O error on dev loop2, logical block 247, async page read [ 137.459382][ T6696] Buffer I/O error on dev loop2, logical block 248, async page read [ 137.481449][ T6696] Buffer I/O error on dev loop2, logical block 241, async page read [ 137.506547][ T6696] Buffer I/O error on dev loop2, logical block 242, async page read [ 137.702443][ T6716] loop1: detected capacity change from 0 to 512 [ 138.550115][ T6716] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 138.769027][ T6716] EXT4-fs (loop1): 1 truncate cleaned up [ 138.777427][ T6716] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.208097][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.156751][ T6745] loop2: detected capacity change from 0 to 128 [ 143.260035][ T6745] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 143.293545][ T6745] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 144.420059][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 144.627561][ T6755] netlink: 64 bytes leftover after parsing attributes in process `syz.0.283'. [ 144.842335][ T6757] loop3: detected capacity change from 0 to 512 [ 144.967276][ T6757] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 145.049045][ T6757] EXT4-fs (loop3): 1 truncate cleaned up [ 145.061135][ T6757] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.715276][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.820598][ T6773] netlink: 16 bytes leftover after parsing attributes in process `syz.1.286'. [ 148.496406][ T6773] netlink: 24 bytes leftover after parsing attributes in process `syz.1.286'. [ 148.521994][ T6773] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 149.069527][ T6773] bond1: entered allmulticast mode [ 149.079724][ T6789] loop2: detected capacity change from 0 to 256 [ 149.098006][ T6773] 8021q: adding VLAN 0 to HW filter on device bond1 [ 149.328478][ T6789] wg2: entered promiscuous mode [ 149.334898][ T785] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 149.348804][ T6789] wg2: entered allmulticast mode [ 149.392750][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.401795][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.409453][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.429572][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.440181][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.448655][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.459234][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.470145][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.483837][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.492981][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.503179][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.513685][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.525340][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.535294][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.546222][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.558504][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.567796][ T785] usb 2-1: config 0 has no interfaces? [ 149.592311][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.638518][ T785] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 149.648556][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.656117][ T785] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.664512][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.671967][ T785] usb 2-1: Product: syz [ 149.679659][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.688985][ T785] usb 2-1: Manufacturer: syz [ 149.696200][ T785] usb 2-1: SerialNumber: syz [ 149.713279][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.735937][ T785] usb 2-1: config 0 descriptor?? [ 149.744949][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.770870][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.778878][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.787962][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.795546][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.802987][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.810371][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.818188][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.825608][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.832984][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.861691][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 149.939192][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.006793][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.015050][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.056959][ T6792] netlink: 64 bytes leftover after parsing attributes in process `syz.2.292'. [ 150.074641][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.091717][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.156913][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.179872][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.202487][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.222067][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.246832][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.254811][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.287056][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.297965][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.325997][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.349723][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.374893][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.382878][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.418240][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.427536][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.448403][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.469926][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.480845][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.508273][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.536422][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.563370][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.588473][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.616702][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.641434][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.670633][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.678067][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.718255][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.753923][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.766625][ T27] usb 2-1: USB disconnect, device number 2 [ 150.795433][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.820066][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.827591][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.850103][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.866920][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.883012][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.901459][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.916972][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.938698][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.946205][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 150.970900][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.002031][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.009597][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.017532][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.025464][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.033069][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.042190][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.050927][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.059900][ T6794] loop2: detected capacity change from 0 to 40427 [ 151.061067][ T23] hid-generic 0000:0002:0000.0001: unknown main item tag 0x0 [ 151.088087][ T6794] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 151.106716][ T23] hid-generic 0000:0002:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz0 [ 151.109610][ T6794] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 151.152845][ T6794] F2FS-fs (loop2): invalid crc value [ 151.204837][ T6794] F2FS-fs (loop2): Found nat_bits in checkpoint [ 151.370358][ T6808] netlink: 'syz.0.298': attribute type 9 has an invalid length. [ 151.403449][ T6808] netlink: 399 bytes leftover after parsing attributes in process `syz.0.298'. [ 151.488151][ T6801] fido_id[6801]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 151.523964][ T6794] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 151.542530][ T6794] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 151.674984][ T6814] loop1: detected capacity change from 0 to 512 [ 151.735273][ T6814] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 151.895567][ T6814] EXT4-fs (loop1): 1 truncate cleaned up [ 151.909393][ T6814] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.654559][ T6822] netlink: 64 bytes leftover after parsing attributes in process `syz.0.301'. [ 153.186651][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.199021][ T6825] netlink: 16 bytes leftover after parsing attributes in process `syz.3.303'. [ 153.208848][ T6825] netlink: 24 bytes leftover after parsing attributes in process `syz.3.303'. [ 153.220657][ T6825] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 153.678550][ T6825] bond1: entered allmulticast mode [ 153.709873][ T6825] 8021q: adding VLAN 0 to HW filter on device bond1 [ 153.896063][ T5853] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 154.215396][ T5853] usb 4-1: config 0 has no interfaces? [ 154.385136][ T5853] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 154.394242][ T5853] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.412822][ T6846] netlink: 'syz.0.308': attribute type 9 has an invalid length. [ 154.466511][ T5853] usb 4-1: Product: syz [ 154.576312][ T6846] netlink: 399 bytes leftover after parsing attributes in process `syz.0.308'. [ 154.585981][ T5853] usb 4-1: Manufacturer: syz [ 154.645079][ T5853] usb 4-1: SerialNumber: syz [ 154.652562][ T5853] usb 4-1: config 0 descriptor?? [ 155.819729][ T6832] loop1: detected capacity change from 0 to 131072 [ 155.850107][ T6832] F2FS-fs (loop1): Test dummy encryption mode enabled [ 155.953841][ T6832] F2FS-fs (loop1): invalid crc value [ 155.975684][ T6832] F2FS-fs (loop1): Found nat_bits in checkpoint [ 156.104896][ T6832] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 156.166124][ T6859] netlink: 64 bytes leftover after parsing attributes in process `syz.2.312'. [ 156.240836][ T6863] xt_hashlimit: max too large, truncated to 1048576 [ 156.823841][ T786] usb 4-1: USB disconnect, device number 3 [ 157.240597][ T6871] netlink: 'syz.0.317': attribute type 9 has an invalid length. [ 157.248574][ T6871] netlink: 399 bytes leftover after parsing attributes in process `syz.0.317'. [ 158.211490][ T6879] loop3: detected capacity change from 0 to 256 [ 158.218755][ T6879] exfat: Unknown parameter 'fsmagic' [ 159.698761][ T6887] loop1: detected capacity change from 0 to 1024 [ 160.451488][ T6885] sctp: [Deprecated]: syz.0.320 (pid 6885) Use of int in maxseg socket option. [ 160.451488][ T6885] Use struct sctp_assoc_value instead [ 160.814551][ T6887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.496543][ T28] audit: type=1800 audit(1755214686.694:8): pid=6887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.315" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 161.547795][ T6889] loop3: detected capacity change from 0 to 512 [ 161.598770][ T6895] netlink: 64 bytes leftover after parsing attributes in process `syz.2.322'. [ 161.979429][ T6889] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 162.000315][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.029174][ T6889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.079906][ T6889] ext4 filesystem being mounted at /syzcgroup/unified/syz3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.271344][ T6889] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm syz.3.321: Invalid inode table block 0 in block_group 0 [ 162.347952][ T6889] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 162.389497][ T6889] EXT4-fs error (device loop3): ext4_setent:3695: inode #12: comm syz.3.321: mark_inode_dirty error [ 162.720053][ T6908] netlink: 'syz.3.326': attribute type 9 has an invalid length. [ 162.739208][ T6908] netlink: 399 bytes leftover after parsing attributes in process `syz.3.326'. [ 163.020268][ T6912] loop1: detected capacity change from 0 to 512 [ 163.027686][ T6912] EXT4-fs: Ignoring removed orlov option [ 163.036972][ T6912] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 163.177766][ T6912] EXT4-fs (loop1): 1 orphan inode deleted [ 163.186276][ T6912] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.203653][ T6912] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.939657][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.958061][ T6921] Zero length message leads to an empty skb [ 165.902512][ T6931] netlink: 44 bytes leftover after parsing attributes in process `syz.0.333'. [ 167.463201][ T6940] netlink: 16 bytes leftover after parsing attributes in process `syz.0.335'. [ 167.472230][ T6940] netlink: 24 bytes leftover after parsing attributes in process `syz.0.335'. [ 167.481433][ T6940] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 167.821301][ T6950] loop1: detected capacity change from 0 to 512 [ 167.828315][ T6950] EXT4-fs: Ignoring removed orlov option [ 167.939063][ T6950] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 167.983996][ T6940] bond1: entered allmulticast mode [ 168.025530][ T6940] 8021q: adding VLAN 0 to HW filter on device bond1 [ 168.061652][ T6953] sctp: [Deprecated]: syz.2.338 (pid 6953) Use of int in maxseg socket option. [ 168.061652][ T6953] Use struct sctp_assoc_value instead [ 168.247971][ T6950] EXT4-fs (loop1): 1 orphan inode deleted [ 168.254780][ T6950] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.272057][ T6950] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 168.560872][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.801843][ T1126] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm kworker/u4:7: Invalid inode table block 0 in block_group 0 [ 168.897516][ T6964] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.494939][ T6972] netlink: 44 bytes leftover after parsing attributes in process `syz.2.343'. [ 171.416144][ T6996] sctp: [Deprecated]: syz.1.352 (pid 6996) Use of int in maxseg socket option. [ 171.416144][ T6996] Use struct sctp_assoc_value instead [ 171.753113][ T7007] netlink: 44 bytes leftover after parsing attributes in process `syz.3.357'. [ 171.955880][ T7010] netlink: 'syz.3.358': attribute type 9 has an invalid length. [ 171.981475][ T7010] netlink: 399 bytes leftover after parsing attributes in process `syz.3.358'. [ 173.237293][ T7024] netlink: 40 bytes leftover after parsing attributes in process `syz.2.363'. [ 173.573690][ T7033] netlink: 44 bytes leftover after parsing attributes in process `syz.2.366'. [ 175.703048][ T7049] loop1: detected capacity change from 0 to 1024 [ 175.721906][ T7049] EXT4-fs: inline encryption not supported [ 175.734640][ T7049] EXT4-fs: Ignoring removed i_version option [ 175.774032][ T7049] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 175.850966][ T7049] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.901833][ T28] audit: type=1800 audit(1755214699.994:9): pid=7049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.371" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 175.994217][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.175446][ T7063] loop1: detected capacity change from 0 to 1024 [ 176.299033][ T7063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.337222][ T7073] netlink: 44 bytes leftover after parsing attributes in process `syz.0.378'. [ 177.467673][ T7075] netlink: 'syz.3.379': attribute type 4 has an invalid length. [ 177.928449][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.165679][ T7090] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 178.450169][ T7099] netlink: 'syz.1.389': attribute type 4 has an invalid length. [ 178.862801][ T7113] syzkaller0: entered promiscuous mode [ 178.870769][ T7113] syzkaller0: entered allmulticast mode [ 178.914753][ T7113] xt_CT: You must specify a L4 protocol and not use inversions on it [ 181.502687][ T7131] netlink: 96 bytes leftover after parsing attributes in process `syz.0.399'. [ 181.593359][ T7135] netlink: 'syz.3.401': attribute type 4 has an invalid length. [ 182.208970][ T7170] netlink: 'syz.2.413': attribute type 4 has an invalid length. [ 182.664046][ T7192] netlink: 16 bytes leftover after parsing attributes in process `syz.2.422'. [ 182.682649][ T7192] netlink: 24 bytes leftover after parsing attributes in process `syz.2.422'. [ 182.691866][ T7192] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 184.030219][ T7192] bond1: entered allmulticast mode [ 185.293903][ T7192] 8021q: adding VLAN 0 to HW filter on device bond1 [ 186.056183][ T7211] netlink: 'syz.0.426': attribute type 4 has an invalid length. [ 186.225551][ T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 187.093367][ T23] usb 3-1: device descriptor read/all, error -71 [ 188.243760][ T7242] netlink: 'syz.1.437': attribute type 4 has an invalid length. [ 188.697810][ T7253] fuse: Bad value for 'fd' [ 188.705632][ T7253] process 'syz.0.436' launched './file0' with NULL argv: empty string added [ 189.363551][ T7259] netlink: 16 bytes leftover after parsing attributes in process `syz.2.442'. [ 189.372717][ T7259] netlink: 24 bytes leftover after parsing attributes in process `syz.2.442'. [ 189.382410][ T7259] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 190.827088][ T7259] bond2: entered allmulticast mode [ 190.832684][ T7259] 8021q: adding VLAN 0 to HW filter on device bond2 [ 191.299463][ T7276] netlink: 'syz.3.448': attribute type 4 has an invalid length. [ 192.922178][ T7291] sctp: [Deprecated]: syz.1.451 (pid 7291) Use of int in maxseg socket option. [ 192.922178][ T7291] Use struct sctp_assoc_value instead [ 195.560302][ T7312] netlink: 'syz.3.459': attribute type 4 has an invalid length. [ 195.871947][ T7348] syz.3.464[7348] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.872070][ T7348] syz.3.464[7348] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 197.302688][ T7356] sctp: [Deprecated]: syz.2.466 (pid 7356) Use of int in maxseg socket option. [ 197.302688][ T7356] Use struct sctp_assoc_value instead [ 197.807248][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 197.821444][ T7368] netlink: 96 bytes leftover after parsing attributes in process `syz.3.471'. [ 197.922890][ T7370] netlink: 'syz.3.472': attribute type 4 has an invalid length. [ 198.026044][ T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 198.050076][ T9] usb 2-1: config 0 interface 0 has no altsetting 0 [ 198.067448][ T9] usb 2-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00 [ 198.087624][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.108908][ T9] usb 2-1: config 0 descriptor?? [ 198.644391][ T9] input: HID 054c:03d5 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:054C:03D5.0002/input/input5 [ 198.804821][ T9] sony 0003:054C:03D5.0002: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.1-1/input0 [ 198.869322][ T9] usb 2-1: USB disconnect, device number 3 [ 199.003490][ T7381] fido_id[7381]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 199.161613][ T7397] netlink: 28 bytes leftover after parsing attributes in process `syz.3.478'. [ 199.906095][ T7403] loop1: detected capacity change from 0 to 512 [ 199.934572][ T7403] EXT4-fs: Ignoring removed i_version option [ 199.961693][ T7403] EXT4-fs: Ignoring removed nobh option [ 200.025805][ T7403] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 200.050000][ T7404] loop2: detected capacity change from 0 to 512 [ 200.058508][ T7404] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 200.138857][ T7404] EXT4-fs (loop2): 1 truncate cleaned up [ 200.145743][ T7404] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 200.185053][ T7403] EXT4-fs (loop1): 1 truncate cleaned up [ 200.222494][ T7403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.960318][ T7410] netlink: 96 bytes leftover after parsing attributes in process `syz.1.479'. [ 201.694366][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.820884][ T7414] netlink: 'syz.1.481': attribute type 4 has an invalid length. [ 202.173213][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 202.184252][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.714443][ T7424] sctp: [Deprecated]: syz.1.483 (pid 7424) Use of int in maxseg socket option. [ 203.714443][ T7424] Use struct sctp_assoc_value instead [ 203.993853][ T7441] vti0: entered promiscuous mode [ 204.022098][ T7441] vti0: entered allmulticast mode [ 206.765295][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.924711][ T7464] loop2: detected capacity change from 0 to 128 [ 209.729677][ T7503] capability: warning: `syz.2.501' uses 32-bit capabilities (legacy support in use) [ 211.869220][ T7510] sctp: [Deprecated]: syz.0.506 (pid 7510) Use of int in maxseg socket option. [ 211.869220][ T7510] Use struct sctp_assoc_value instead [ 212.656867][ T7505] loop1: detected capacity change from 0 to 512 [ 213.056333][ T7505] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 214.244519][ T7505] EXT4-fs: error -4 creating inode table initialization thread [ 214.252766][ T7505] EXT4-fs (loop1): mount failed [ 222.249082][ T7572] sctp: [Deprecated]: syz.3.520 (pid 7572) Use of int in maxseg socket option. [ 222.249082][ T7572] Use struct sctp_assoc_value instead [ 222.558206][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.524'. [ 223.681406][ T7588] syz.2.525 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 229.904873][ T7649] sctp: [Deprecated]: syz.2.545 (pid 7649) Use of int in maxseg socket option. [ 229.904873][ T7649] Use struct sctp_assoc_value instead [ 235.672369][ T7702] netlink: 'syz.0.560': attribute type 7 has an invalid length. [ 235.680507][ T7702] netlink: 'syz.0.560': attribute type 8 has an invalid length. [ 236.796986][ T7721] sctp: [Deprecated]: syz.1.566 (pid 7721) Use of int in maxseg socket option. [ 236.796986][ T7721] Use struct sctp_assoc_value instead [ 237.478395][ T7729] warning: `syz.3.568' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 238.192482][ T7736] netlink: 12 bytes leftover after parsing attributes in process `syz.0.571'. [ 238.213034][ T7736] tipc: Started in network mode [ 238.217937][ T7736] tipc: Node identity 7, cluster identity 4711 [ 238.225409][ T7736] tipc: Node number set to 7 [ 240.464769][ T7765] sctp: [Deprecated]: syz.1.577 (pid 7765) Use of int in maxseg socket option. [ 240.464769][ T7765] Use struct sctp_assoc_value instead [ 244.235585][ T7789] loop1: detected capacity change from 0 to 512 [ 244.242878][ T7789] EXT4-fs: Ignoring removed orlov option [ 245.715786][ T7789] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 245.759592][ T7789] EXT4-fs (loop1): 1 orphan inode deleted [ 245.766114][ T7789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 245.779058][ T7789] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 246.712300][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.291438][ T7815] sctp: [Deprecated]: syz.3.590 (pid 7815) Use of int in maxseg socket option. [ 249.291438][ T7815] Use struct sctp_assoc_value instead [ 250.608531][ T7842] bridge_slave_0: left allmulticast mode [ 250.632555][ T7842] bridge_slave_0: left promiscuous mode [ 250.657974][ T7842] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.697147][ T7842] bridge_slave_1: left allmulticast mode [ 250.722324][ T7842] bridge_slave_1: left promiscuous mode [ 250.728568][ T7842] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.771871][ T7842] bond0: (slave bond_slave_0): Releasing backup interface [ 250.795316][ T7842] bond0: (slave bond_slave_1): Releasing backup interface [ 250.865860][ T7842] team0: Port device team_slave_0 removed [ 250.899779][ T7842] team0: Port device team_slave_1 removed [ 250.918116][ T7842] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 250.925550][ T7842] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 250.936898][ T7842] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 250.970828][ T7842] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 250.996819][ T7843] vlan0: entered promiscuous mode [ 251.035111][ T7843] team0: Port device vlan0 added [ 252.313964][ T7862] sctp: [Deprecated]: syz.3.605 (pid 7862) Use of int in maxseg socket option. [ 252.313964][ T7862] Use struct sctp_assoc_value instead [ 253.004047][ T7865] pim6reg: entered allmulticast mode [ 253.375610][ T785] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 253.549295][ T785] usb 3-1: device descriptor read/64, error -71 [ 253.928745][ T785] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 254.621885][ T785] usb 3-1: device descriptor read/64, error -71 [ 254.827278][ T785] usb usb3-port1: attempt power cycle [ 256.396621][ T785] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 257.470143][ T785] usb 3-1: device descriptor read/8, error -71 [ 257.511937][ T7861] pim6reg: left allmulticast mode [ 259.604237][ T7915] sctp: [Deprecated]: syz.2.618 (pid 7915) Use of int in maxseg socket option. [ 259.604237][ T7915] Use struct sctp_assoc_value instead [ 263.191936][ T7933] netlink: 'syz.0.625': attribute type 72 has an invalid length. [ 263.207335][ T7933] netlink: 64 bytes leftover after parsing attributes in process `syz.0.625'. [ 264.080903][ T7940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.627'. [ 264.121169][ T7940] team0: entered promiscuous mode [ 264.145135][ T7940] team_slave_0: entered promiscuous mode [ 264.162096][ T7940] team_slave_1: entered promiscuous mode [ 264.174420][ T7940] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 264.193131][ T7940] bridge0: port 3(macvlan2) entered blocking state [ 264.221106][ T7940] bridge0: port 3(macvlan2) entered disabled state [ 264.227884][ T7940] macvlan2: entered allmulticast mode [ 264.242686][ T7940] team0: entered allmulticast mode [ 264.253496][ T7940] team_slave_0: entered allmulticast mode [ 264.259255][ T7940] team_slave_1: entered allmulticast mode [ 264.311233][ T7940] macvlan2: entered promiscuous mode [ 264.319682][ T7940] bridge0: port 3(macvlan2) entered blocking state [ 264.326323][ T7940] bridge0: port 3(macvlan2) entered forwarding state [ 265.939255][ T7952] netlink: 16 bytes leftover after parsing attributes in process `syz.1.628'. [ 265.978359][ T7952] netlink: 24 bytes leftover after parsing attributes in process `syz.1.628'. [ 266.007650][ T7952] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 266.507251][ T785] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 267.703339][ T7952] bond2: entered allmulticast mode [ 267.710055][ T7952] 8021q: adding VLAN 0 to HW filter on device bond2 [ 267.720149][ T7945] tipc: Started in network mode [ 267.725384][ T7945] tipc: Node identity 7f000001, cluster identity 4711 [ 267.737297][ T7945] tipc: Enabling of bearer rejected, failed to enable media [ 268.737097][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 268.761404][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 268.942949][ T7974] sctp: [Deprecated]: syz.3.633 (pid 7974) Use of int in maxseg socket option. [ 268.942949][ T7974] Use struct sctp_assoc_value instead [ 269.940435][ T785] usb 2-1: device descriptor read/all, error -71 [ 270.032871][ T7989] bridge_slave_0: left allmulticast mode [ 270.038652][ T7989] bridge_slave_0: left promiscuous mode [ 270.048146][ T7989] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.070608][ T7989] bridge_slave_1: left allmulticast mode [ 270.085361][ T7989] bridge_slave_1: left promiscuous mode [ 270.091226][ T7989] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.119951][ T7989] bond0: (slave bond_slave_0): Releasing backup interface [ 270.156469][ T7989] bond0: (slave bond_slave_1): Releasing backup interface [ 270.232600][ T7989] team0: Port device team_slave_0 removed [ 270.284277][ T7989] team0: Port device team_slave_1 removed [ 270.312553][ T7989] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 270.327582][ T7989] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 270.354965][ T7989] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 270.398424][ T7989] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 270.844942][ T7995] netlink: 'syz.3.638': attribute type 7 has an invalid length. [ 270.853014][ T7995] netlink: 'syz.3.638': attribute type 8 has an invalid length. [ 271.830860][ T8004] loop1: detected capacity change from 0 to 512 [ 271.838338][ T8004] EXT4-fs: Ignoring removed orlov option [ 273.070374][ T8004] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 273.107667][ T8004] EXT4-fs (loop1): 1 orphan inode deleted [ 273.114648][ T8004] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 273.129511][ T8004] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.124763][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.815560][ T8025] sctp: [Deprecated]: syz.0.646 (pid 8025) Use of int in maxseg socket option. [ 275.815560][ T8025] Use struct sctp_assoc_value instead [ 276.210265][ T8030] netlink: 16 bytes leftover after parsing attributes in process `syz.3.647'. [ 276.242518][ T8030] netlink: 24 bytes leftover after parsing attributes in process `syz.3.647'. [ 276.290959][ T8030] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 276.517232][ T8030] bond2: entered allmulticast mode [ 276.584264][ T8030] 8021q: adding VLAN 0 to HW filter on device bond2 [ 277.864730][ T8043] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 277.872362][ T8043] IPv6: NLM_F_CREATE should be set when creating new route [ 279.565470][ T8059] Bluetooth: MGMT ver 1.22 [ 280.541556][ T28] audit: type=1326 audit(1755214796.577:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 280.623630][ T28] audit: type=1326 audit(1755214796.577:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 280.754182][ T28] audit: type=1326 audit(1755214796.605:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 281.664191][ T28] audit: type=1326 audit(1755214796.605:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8060 comm="syz.2.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bee38ebe9 code=0x7ffc0000 [ 281.772588][ T8070] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 281.967559][ T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 282.249313][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 282.260089][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 282.285316][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 282.295484][ T9] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 282.304804][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.335448][ T9] usb 2-1: config 0 descriptor?? [ 282.558044][ T8085] sctp: [Deprecated]: syz.2.660 (pid 8085) Use of int in maxseg socket option. [ 282.558044][ T8085] Use struct sctp_assoc_value instead [ 282.800669][ T9] gt683r_led 0003:1770:FF00.0003: unbalanced delimiter at end of report description [ 282.912758][ T9] gt683r_led 0003:1770:FF00.0003: hid parsing failed [ 282.937750][ T9] gt683r_led: probe of 0003:1770:FF00.0003 failed with error -22 [ 283.132713][ T9] usb 2-1: USB disconnect, device number 6 [ 284.398548][ T8100] syz.3.664 uses obsolete (PF_INET,SOCK_PACKET) [ 288.575821][ T8136] netlink: 16 bytes leftover after parsing attributes in process `syz.1.671'. [ 289.395094][ T8136] netlink: 24 bytes leftover after parsing attributes in process `syz.1.671'. [ 289.437890][ T8136] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 289.539933][ T8136] bond3: entered allmulticast mode [ 289.546440][ T8136] 8021q: adding VLAN 0 to HW filter on device bond3 [ 289.747824][ T8150] sctp: [Deprecated]: syz.0.675 (pid 8150) Use of int in maxseg socket option. [ 289.747824][ T8150] Use struct sctp_assoc_value instead [ 289.941299][ T8113] pim6reg: entered allmulticast mode [ 290.028207][ T5837] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 290.320735][ T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 290.517267][ T9] usb 3-1: device descriptor read/64, error -71 [ 290.543189][ T5837] usb 2-1: config 0 has no interfaces? [ 290.565488][ T5837] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 290.706636][ T5837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.746683][ T5837] usb 2-1: Product: syz [ 290.753697][ T5837] usb 2-1: Manufacturer: syz [ 290.765133][ T5837] usb 2-1: SerialNumber: syz [ 290.808825][ T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 290.820051][ T5837] usb 2-1: config 0 descriptor?? [ 291.038400][ T9] usb 3-1: device descriptor read/64, error -71 [ 291.208369][ T9] usb usb3-port1: attempt power cycle [ 293.842009][ T8166] netlink: 12 bytes leftover after parsing attributes in process `syz.0.679'. [ 294.408983][ T786] usb 2-1: USB disconnect, device number 7 [ 294.947864][ T8189] loop1: detected capacity change from 0 to 512 [ 294.959318][ T8189] EXT4-fs: Ignoring removed orlov option [ 295.071629][ T8189] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 295.146312][ T8189] EXT4-fs (loop1): 1 orphan inode deleted [ 295.158691][ T8189] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.186758][ T8189] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 296.304196][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.530806][ T8218] netlink: 16 bytes leftover after parsing attributes in process `syz.3.691'. [ 298.555075][ T8218] netlink: 24 bytes leftover after parsing attributes in process `syz.3.691'. [ 298.565325][ T8218] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 298.814550][ T8218] bond3: entered allmulticast mode [ 298.858888][ T8218] 8021q: adding VLAN 0 to HW filter on device bond3 [ 300.142025][ T8231] netlink: 28 bytes leftover after parsing attributes in process `syz.0.694'. [ 307.880551][ T8279] netlink: 28 bytes leftover after parsing attributes in process `syz.2.704'. [ 309.028989][ T8268] syz.3.700 (8268) used greatest stack depth: 17960 bytes left [ 309.156440][ T8291] loop1: detected capacity change from 0 to 512 [ 309.164892][ T8291] EXT4-fs: Ignoring removed orlov option [ 310.863365][ T8291] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 311.937803][ T8291] EXT4-fs (loop1): 1 orphan inode deleted [ 311.944312][ T8291] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.966886][ T8291] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 312.759880][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.912830][ T8301] netlink: 16 bytes leftover after parsing attributes in process `syz.0.709'. [ 312.932602][ T8301] netlink: 24 bytes leftover after parsing attributes in process `syz.0.709'. [ 313.130817][ T8301] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 313.882699][ T8302] ALSA: mixer_oss: invalid OSS volume '' [ 314.048780][ T8301] bond2: entered allmulticast mode [ 314.054169][ T8301] 8021q: adding VLAN 0 to HW filter on device bond2 [ 314.814440][ T8307] syzkaller1: entered promiscuous mode [ 314.844038][ T8307] syzkaller1: entered allmulticast mode [ 317.358384][ T5837] IPVS: starting estimator thread 0... [ 317.688634][ T8337] IPVS: using max 23 ests per chain, 55200 per kthread [ 320.174312][ T786] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 320.528285][ T786] usb 2-1: Using ep0 maxpacket: 8 [ 320.555150][ T786] usb 2-1: config index 0 descriptor too short (expected 30, got 18) [ 320.566367][ T786] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 320.621063][ T786] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.780723][ T786] usb 2-1: Product: syz [ 320.789686][ T786] usb 2-1: Manufacturer: syz [ 320.893385][ T786] usb 2-1: SerialNumber: syz [ 320.974477][ T786] usb 2-1: config 0 descriptor?? [ 321.038670][ T786] usb 2-1: can't set config #0, error -71 [ 321.116114][ T786] usb 2-1: USB disconnect, device number 8 [ 321.211171][ T8370] 9pnet_fd: Insufficient options for proto=fd [ 322.330080][ T8384] netlink: 36 bytes leftover after parsing attributes in process `syz.0.728'. [ 322.655072][ T8391] loop1: detected capacity change from 0 to 512 [ 322.662557][ T8391] EXT4-fs: Ignoring removed orlov option [ 323.780468][ T8391] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 323.877884][ T8391] EXT4-fs (loop1): 1 orphan inode deleted [ 323.884872][ T8391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 323.898120][ T8391] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.036476][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.668791][ T8417] netlink: 36 bytes leftover after parsing attributes in process `syz.1.739'. [ 335.359157][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 335.365931][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 335.618823][ T8577] netlink: 36 bytes leftover after parsing attributes in process `syz.2.802'. [ 336.516087][ T8588] 9pnet: Could not find request transport: fd0x0000000000000003 [ 336.795642][ T8607] netlink: 28 bytes leftover after parsing attributes in process `syz.1.815'. [ 337.007111][ T8609] netlink: 16 bytes leftover after parsing attributes in process `syz.3.813'. [ 337.721712][ T8609] netlink: 24 bytes leftover after parsing attributes in process `syz.3.813'. [ 337.730788][ T8609] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 337.805188][ T8609] bond4: entered allmulticast mode [ 337.812598][ T8609] 8021q: adding VLAN 0 to HW filter on device bond4 [ 338.663445][ T9] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 338.902793][ T9] usb 2-1: config 8 has an invalid interface number: 223 but max is 0 [ 338.922041][ T9] usb 2-1: config 8 has no interface number 0 [ 338.940987][ T9] usb 2-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 338.964016][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 338.985894][ T9] usb 2-1: Product: syz [ 339.017458][ T9] usb 2-1: Manufacturer: syz [ 339.025089][ T9] usb 2-1: SerialNumber: syz [ 339.098236][ T8630] 9pnet: Could not find request transport: fd0x0000000000000003 [ 339.304547][ T9] usb 2-1: USB disconnect, device number 9 [ 339.437784][ T8641] netlink: 28 bytes leftover after parsing attributes in process `syz.2.827'. [ 341.065888][ T8656] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 341.108436][ T8653] 9pnet: Could not find request transport: fd0x0000000000000003 [ 341.317751][ T8666] netlink: 28 bytes leftover after parsing attributes in process `syz.3.838'. [ 341.549086][ T785] IPVS: starting estimator thread 0... [ 341.826861][ T8674] IPVS: using max 19 ests per chain, 45600 per kthread [ 343.043759][ T8698] netlink: 28 bytes leftover after parsing attributes in process `syz.1.852'. [ 344.667606][ T8730] netlink: 28 bytes leftover after parsing attributes in process `syz.1.866'. [ 344.889929][ T8734] netlink: 36 bytes leftover after parsing attributes in process `syz.0.864'. [ 346.786012][ T8756] netlink: 28 bytes leftover after parsing attributes in process `syz.0.875'. [ 348.460146][ T8776] netlink: 36 bytes leftover after parsing attributes in process `syz.0.879'. [ 350.270044][ T8795] netlink: 28 bytes leftover after parsing attributes in process `syz.2.887'. [ 355.264676][ T8844] netlink: 28 bytes leftover after parsing attributes in process `syz.3.902'. [ 357.155683][ T9] IPVS: starting estimator thread 0... [ 357.385473][ T8866] IPVS: using max 23 ests per chain, 55200 per kthread [ 357.717935][ T8869] trusted_key: syz.2.911 sent an empty control message without MSG_MORE. [ 358.060127][ T8876] netlink: 28 bytes leftover after parsing attributes in process `syz.2.914'. [ 359.196777][ T8886] loop1: detected capacity change from 0 to 256 [ 360.715934][ T8151] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 361.184602][ T8901] netlink: 52 bytes leftover after parsing attributes in process `syz.0.925'. [ 361.313934][ T8905] netlink: 28 bytes leftover after parsing attributes in process `syz.3.926'. [ 363.154337][ T8930] loop1: detected capacity change from 0 to 512 [ 364.144582][ T8930] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 364.214490][ T8930] EXT4-fs (loop1): 1 truncate cleaned up [ 364.221686][ T8930] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.223003][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.249180][ T8938] netlink: 28 bytes leftover after parsing attributes in process `syz.2.936'. [ 366.148496][ T8947] netlink: 56 bytes leftover after parsing attributes in process `syz.0.939'. [ 366.351875][ T8951] loop1: detected capacity change from 0 to 128 [ 366.373088][ T8950] loop2: detected capacity change from 0 to 256 [ 366.423113][ T8951] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 366.469514][ T8950] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 366.512478][ T8951] ext4 filesystem being mounted at /245/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 366.557114][ T8950] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 366.593276][ T8950] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 366.626048][ T8950] UDF-fs: Scanning with blocksize 512 failed [ 366.639989][ T8950] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 366.696405][ T8950] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 366.731450][ T5787] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 368.799182][ T8977] netlink: 28 bytes leftover after parsing attributes in process `syz.0.949'. [ 370.414724][ T28] audit: type=1326 audit(1755214879.527:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.0.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f2b8ebe9 code=0x7ffc0000 [ 370.521063][ T28] audit: type=1326 audit(1755214879.555:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.0.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f2b8ebe9 code=0x7ffc0000 [ 370.615205][ T28] audit: type=1326 audit(1755214879.564:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.0.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f75f2b8ebe9 code=0x7ffc0000 [ 370.662787][ T28] audit: type=1326 audit(1755214879.564:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.0.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75f2b8ebe9 code=0x7ffc0000 [ 375.248791][ T9022] netlink: 36 bytes leftover after parsing attributes in process `syz.3.965'. [ 376.344399][ C0] Adjusting tsc more than 11% (6562186 vs 8464875) [ 377.008073][ T9050] netlink: 28 bytes leftover after parsing attributes in process `syz.0.973'. [ 377.185564][ T9048] loop1: detected capacity change from 0 to 2048 [ 377.881128][ T9048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 377.975815][ T9048] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm syz.1.969: bg 0: block 2: invalid block bitmap [ 378.269664][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.345689][ T9066] netlink: 36 bytes leftover after parsing attributes in process `syz.2.976'. [ 381.403809][ T9086] loop2: detected capacity change from 0 to 512 [ 381.418971][ T9086] EXT4-fs: Ignoring removed orlov option [ 383.433654][ T9086] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 383.907714][ T9086] EXT4-fs warning (device loop2): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop2. [ 384.035537][ T9093] netlink: 28 bytes leftover after parsing attributes in process `syz.0.983'. [ 385.009801][ T9100] loop2: detected capacity change from 0 to 2048 [ 385.111926][ T9100] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 386.427039][ T785] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 386.573443][ T9114] loop1: detected capacity change from 0 to 512 [ 386.580691][ T9114] EXT4-fs: Ignoring removed oldalloc option [ 386.588704][ T9114] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 386.620522][ T9114] EXT4-fs (loop1): 1 truncate cleaned up [ 386.635267][ T9114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.647914][ T785] usb 3-1: Using ep0 maxpacket: 16 [ 386.664211][ T785] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 386.674257][ T785] usb 3-1: config 1 has no interface number 1 [ 386.680396][ T785] usb 3-1: too many endpoints for config 1 interface 2 altsetting 4: 249, using maximum allowed: 30 [ 386.691697][ T785] usb 3-1: config 1 interface 2 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 249 [ 386.705604][ T785] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 386.717035][ T785] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 386.728194][ T785] usb 3-1: config 1 interface 2 has no altsetting 2 [ 386.745100][ T785] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 386.759248][ T785] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 386.767810][ T785] usb 3-1: Product: syz [ 386.772687][ T785] usb 3-1: Manufacturer: syz [ 386.777322][ T785] usb 3-1: SerialNumber: syz [ 386.829493][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.167347][ T9126] pim6reg1: entered promiscuous mode [ 388.173207][ T9126] pim6reg1: entered allmulticast mode [ 389.399848][ T785] usb 3-1: USB disconnect, device number 11 [ 391.310568][ T9140] netlink: 'syz.2.991': attribute type 29 has an invalid length. [ 392.265934][ T9146] sctp: [Deprecated]: syz.0.995 (pid 9146) Use of int in maxseg socket option. [ 392.265934][ T9146] Use struct sctp_assoc_value instead [ 392.555761][ T5791] Bluetooth: hci1: unexpected event for opcode 0x0401 [ 392.605058][ T28] audit: type=1326 audit(1755214899.525:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9155 comm="syz.3.993" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0341f8ebe9 code=0x0 [ 392.662748][ T9158] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 392.857131][ T9162] loop2: detected capacity change from 0 to 512 [ 393.855553][ T9171] loop1: detected capacity change from 0 to 764 [ 393.881210][ T9171] Symlink component flag not implemented [ 393.887260][ T9171] Symlink component flag not implemented (7) [ 394.426717][ T785] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 396.312228][ T9195] loop2: detected capacity change from 0 to 512 [ 396.320107][ T9195] EXT4-fs: Ignoring removed orlov option [ 396.665138][ T9195] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 396.771127][ T785] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 397.288454][ T785] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 397.312772][ T785] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 398.287636][ T5791] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 398.296212][ T5791] Bluetooth: hci3: Injecting HCI hardware error event [ 398.315755][ T5791] Bluetooth: hci3: hardware error 0x00 [ 398.364479][ T785] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.382304][ T9195] EXT4-fs (loop2): 1 orphan inode deleted [ 398.389287][ T9195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 398.403816][ T785] usb 2-1: config 0 descriptor?? [ 398.409872][ T9195] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 398.410134][ T2931] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 398.953339][ T785] usb 2-1: can't set config #0, error -71 [ 398.985092][ T2931] EXT4-fs error (device loop2): ext4_release_dquot:6974: comm kworker/u4:9: Failed to release dquot type 1 [ 399.102482][ T785] usb 2-1: USB disconnect, device number 10 [ 399.131123][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.224417][ T9207] sctp: [Deprecated]: syz.1.1011 (pid 9207) Use of int in maxseg socket option. [ 399.224417][ T9207] Use struct sctp_assoc_value instead [ 399.485996][ T5799] Bluetooth: hci0: command 0x0c1a tx timeout [ 399.699524][ T9213] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1014'. [ 400.529625][ T5791] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 402.395106][ T9222] loop2: detected capacity change from 0 to 256 [ 402.454096][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 402.480018][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 402.510856][ T9222] FAT-fs (loop2): Directory bread(block 64) failed [ 402.518395][ T9222] FAT-fs (loop2): Directory bread(block 65) failed [ 402.525339][ T9222] FAT-fs (loop2): Directory bread(block 66) failed [ 402.531942][ T9222] FAT-fs (loop2): Directory bread(block 67) failed [ 402.538583][ T9222] FAT-fs (loop2): Directory bread(block 68) failed [ 402.545112][ T9222] FAT-fs (loop2): Directory bread(block 69) failed [ 402.551753][ T9222] FAT-fs (loop2): Directory bread(block 70) failed [ 402.558266][ T9222] FAT-fs (loop2): Directory bread(block 71) failed [ 402.564941][ T9222] FAT-fs (loop2): Directory bread(block 72) failed [ 402.571440][ T9222] FAT-fs (loop2): Directory bread(block 73) failed [ 402.698162][ T9221] bio_check_eod: 358 callbacks suppressed [ 402.698176][ T9221] syz.2.1016: attempt to access beyond end of device [ 402.698176][ T9221] loop2: rw=524288, sector=1192, nr_sectors = 4 limit=256 [ 402.722584][ T9221] syz.2.1016: attempt to access beyond end of device [ 402.722584][ T9221] loop2: rw=0, sector=1192, nr_sectors = 4 limit=256 [ 402.738717][ T28] audit: type=1800 audit(1755214908.819:19): pid=9221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1016" name="file1" dev="loop2" ino=1048597 res=0 errno=0 [ 402.759607][ T9221] syz.2.1016: attempt to access beyond end of device [ 402.759607][ T9221] loop2: rw=0, sector=1192, nr_sectors = 4 limit=256 [ 403.379494][ T9] usb 2-1: new full-speed USB device number 11 using dummy_hcd [ 403.625768][ T9238] loop2: detected capacity change from 0 to 512 [ 403.633041][ T9238] EXT4-fs: Ignoring removed orlov option [ 404.951088][ T9238] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 405.292538][ C0] ------------[ cut here ]------------ [ 405.298564][ C0] WARNING: CPU: 0 PID: 9237 at net/mac80211/tx.c:5021 __ieee80211_beacon_get+0x1233/0x1600 [ 405.308616][ C0] Modules linked in: [ 405.312559][ C0] CPU: 0 PID: 9237 Comm: syz.2.1021 Not tainted 6.6.101-syzkaller #0 [ 405.320683][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 405.330849][ C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 405.337308][ C0] Code: 24 4c 89 e7 e8 4e 63 d5 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 09 3f 98 f7 0f 0b e9 f6 f7 ff ff e8 fd 3e 98 f7 <0f> 0b e9 48 fb ff ff e8 f1 3e 98 f7 48 c7 c7 80 fd 23 8e 4c 89 e6 [ 405.356946][ C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246 [ 405.363033][ C0] RAX: ffffffff89ed5693 RBX: ffffffff89ed4496 RCX: ffff888028c73c00 [ 405.371029][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 405.379013][ C0] RBP: 0000000000000000 R08: ffff888028c73c00 R09: 0000000000000003 [ 405.387010][ C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805dd363c0 [ 405.394982][ C0] R13: dffffc0000000000 R14: ffff88805dd368b0 R15: ffff88805d928c24 [ 405.402990][ C0] FS: 00007f4bef1566c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 405.411953][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 405.418549][ C0] CR2: 000000110c3a5ef3 CR3: 000000005849b000 CR4: 00000000003506f0 [ 405.426547][ C0] Call Trace: [ 405.429826][ C0] [ 405.432692][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 405.438250][ C0] ieee80211_beacon_get_tim+0xb8/0x560 [ 405.443737][ C0] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 405.450509][ C0] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 405.456080][ C0] __iterate_interfaces+0x243/0x500 [ 405.461273][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 405.467558][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 405.474827][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 405.481091][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 405.488157][ C0] mac80211_hwsim_beacon+0xbb/0x1b0 [ 405.493356][ C0] __hrtimer_run_queues+0x51e/0xc40 [ 405.498574][ C0] ? hw_scan_work+0xf40/0xf40 [ 405.503257][ C0] ? hrtimer_interrupt+0x9c0/0x9c0 [ 405.508387][ C0] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 405.514491][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 405.519637][ C0] handle_softirqs+0x280/0x820 [ 405.524489][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 405.529282][ C0] ? do_softirq+0x180/0x180 [ 405.533793][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 405.539011][ C0] __irq_exit_rcu+0xc7/0x190 [ 405.543598][ C0] ? irq_exit_rcu+0x20/0x20 [ 405.548097][ C0] irq_exit_rcu+0x9/0x20 [ 405.552352][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 405.557986][ C0] [ 405.560934][ C0] [ 405.563859][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 405.569840][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa9/0x110 [ 405.576372][ C0] Code: 74 05 e8 fa 37 15 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 22 b3 e4 f6 65 8b 05 23 f9 8c 75 85 c0 74 3c 48 c7 04 24 0e 36 [ 405.595993][ C0] RSP: 0018:ffffc9000467f560 EFLAGS: 00000206 [ 405.602054][ C0] RAX: a655f80352b67300 RBX: 0000000000000a06 RCX: a655f80352b67300 [ 405.610040][ C0] RDX: dffffc0000000000 RSI: ffffffff8aaaba40 RDI: 0000000000000001 [ 405.618051][ C0] RBP: ffffc9000467f5f0 R08: ffffffff90da35cf R09: 1ffffffff21b46b9 [ 405.626060][ C0] R10: dffffc0000000000 R11: fffffbfff21b46ba R12: dffffc0000000000 [ 405.634132][ C0] R13: 0000000000000000 R14: ffff888025e036c0 R15: 1ffff920008cfeac [ 405.642128][ C0] ? _raw_spin_unlock+0x40/0x40 [ 405.647011][ C0] ? __wake_up_common+0x2a4/0x4e0 [ 405.652074][ C0] __wake_up_sync_key+0x11f/0x190 [ 405.657106][ C0] ? __wake_up_locked_key_bookmark+0x20/0x20 [ 405.663129][ C0] ? sock_load_diag_module+0x140/0x140 [ 405.668600][ C0] __unix_dgram_recvmsg+0x49c/0xd60 [ 405.673822][ C0] ? unix_unhash+0x10/0x10 [ 405.678241][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 405.684424][ C0] ? mark_lock+0x94/0x320 [ 405.688751][ C0] ? unix_dgram_recvmsg+0xad/0xd0 [ 405.693804][ C0] ? unix_dgram_sendmsg+0x1720/0x1720 [ 405.699180][ C0] sock_recvmsg_nosec+0x82/0xd0 [ 405.704069][ C0] ____sys_recvmsg+0x49b/0x5b0 [ 405.708840][ C0] ? __sys_recvmsg_sock+0x50/0x50 [ 405.713893][ C0] ? import_iovec+0x73/0xa0 [ 405.718398][ C0] ___sys_recvmsg+0x1b6/0x510 [ 405.723087][ C0] ? __sys_recvmsg+0x270/0x270 [ 405.727881][ C0] ? __lock_acquire+0x7c80/0x7c80 [ 405.732907][ C0] ? __might_fault+0xc6/0x120 [ 405.737609][ C0] ? __might_fault+0xaa/0x120 [ 405.742288][ C0] do_recvmmsg+0x360/0x7d0 [ 405.746742][ C0] ? __sys_recvmmsg+0x280/0x280 [ 405.751606][ C0] ? __ia32_sys_get_robust_list+0x90/0x90 [ 405.757349][ C0] ? rcu_read_lock_sched_held+0x8a/0x100 [ 405.763004][ C0] __x64_sys_recvmmsg+0x191/0x240 [ 405.768051][ C0] ? do_recvmmsg+0x7d0/0x7d0 [ 405.772658][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 405.777878][ C0] do_syscall_64+0x55/0xb0 [ 405.782303][ C0] ? clear_bhb_loop+0x40/0x90 [ 405.786978][ C0] ? clear_bhb_loop+0x40/0x90 [ 405.791677][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 405.797579][ C0] RIP: 0033:0x7f4bee38ebe9 [ 405.802020][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.821665][ C0] RSP: 002b:00007f4bef156038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 405.830085][ C0] RAX: ffffffffffffffda RBX: 00007f4bee5b6090 RCX: 00007f4bee38ebe9 [ 405.838105][ C0] RDX: 03fffffffffffeda RSI: 00002000000000c0 RDI: 0000000000000004 [ 405.846089][ C0] RBP: 00007f4bee411e19 R08: 0000000000000000 R09: 0000000000000000 [ 405.854077][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 405.862042][ C0] R13: 00007f4bee5b6128 R14: 00007f4bee5b6090 R15: 00007ffc799fac18 [ 405.870040][ C0] [ 405.873058][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 405.880325][ C0] CPU: 0 PID: 9237 Comm: syz.2.1021 Not tainted 6.6.101-syzkaller #0 [ 405.888375][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 405.898513][ C0] Call Trace: [ 405.901784][ C0] [ 405.904618][ C0] dump_stack_lvl+0x16c/0x230 [ 405.909309][ C0] ? show_regs_print_info+0x20/0x20 [ 405.914497][ C0] ? load_image+0x3b0/0x3b0 [ 405.919092][ C0] panic+0x2c0/0x710 [ 405.922986][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 405.927500][ C0] __warn+0x2e0/0x470 [ 405.931491][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 405.937211][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 405.942933][ C0] report_bug+0x2be/0x4f0 [ 405.947258][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 405.952982][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 405.958713][ C0] ? __ieee80211_beacon_get+0x1235/0x1600 [ 405.964434][ C0] handle_bug+0xcf/0x120 [ 405.968672][ C0] exc_invalid_op+0x1a/0x50 [ 405.973168][ C0] asm_exc_invalid_op+0x1a/0x20 [ 405.978015][ C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 405.984339][ C0] Code: 24 4c 89 e7 e8 4e 63 d5 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 09 3f 98 f7 0f 0b e9 f6 f7 ff ff e8 fd 3e 98 f7 <0f> 0b e9 48 fb ff ff e8 f1 3e 98 f7 48 c7 c7 80 fd 23 8e 4c 89 e6 [ 406.003946][ C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246 [ 406.010009][ C0] RAX: ffffffff89ed5693 RBX: ffffffff89ed4496 RCX: ffff888028c73c00 [ 406.017977][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 406.025939][ C0] RBP: 0000000000000000 R08: ffff888028c73c00 R09: 0000000000000003 [ 406.033899][ C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805dd363c0 [ 406.041860][ C0] R13: dffffc0000000000 R14: ffff88805dd368b0 R15: ffff88805d928c24 [ 406.049824][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 406.055365][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 406.061086][ C0] ? __ieee80211_beacon_get+0x1233/0x1600 [ 406.066804][ C0] ? __ieee80211_beacon_get+0x36/0x1600 [ 406.072359][ C0] ieee80211_beacon_get_tim+0xb8/0x560 [ 406.077836][ C0] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 406.084616][ C0] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 406.090158][ C0] __iterate_interfaces+0x243/0x500 [ 406.095348][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 406.101596][ C0] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 406.108787][ C0] ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0 [ 406.115020][ C0] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 406.122033][ C0] mac80211_hwsim_beacon+0xbb/0x1b0 [ 406.127228][ C0] __hrtimer_run_queues+0x51e/0xc40 [ 406.132426][ C0] ? hw_scan_work+0xf40/0xf40 [ 406.137104][ C0] ? hrtimer_interrupt+0x9c0/0x9c0 [ 406.142210][ C0] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 406.148275][ C0] hrtimer_run_softirq+0x187/0x2b0 [ 406.153386][ C0] handle_softirqs+0x280/0x820 [ 406.158139][ C0] ? __irq_exit_rcu+0xc7/0x190 [ 406.162912][ C0] ? do_softirq+0x180/0x180 [ 406.167409][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 406.172608][ C0] __irq_exit_rcu+0xc7/0x190 [ 406.177189][ C0] ? irq_exit_rcu+0x20/0x20 [ 406.181704][ C0] irq_exit_rcu+0x9/0x20 [ 406.185949][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 406.191581][ C0] [ 406.194500][ C0] [ 406.197425][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 406.203409][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa9/0x110 [ 406.209909][ C0] Code: 74 05 e8 fa 37 15 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 22 b3 e4 f6 65 8b 05 23 f9 8c 75 85 c0 74 3c 48 c7 04 24 0e 36 [ 406.229506][ C0] RSP: 0018:ffffc9000467f560 EFLAGS: 00000206 [ 406.235564][ C0] RAX: a655f80352b67300 RBX: 0000000000000a06 RCX: a655f80352b67300 [ 406.243522][ C0] RDX: dffffc0000000000 RSI: ffffffff8aaaba40 RDI: 0000000000000001 [ 406.251480][ C0] RBP: ffffc9000467f5f0 R08: ffffffff90da35cf R09: 1ffffffff21b46b9 [ 406.259441][ C0] R10: dffffc0000000000 R11: fffffbfff21b46ba R12: dffffc0000000000 [ 406.267410][ C0] R13: 0000000000000000 R14: ffff888025e036c0 R15: 1ffff920008cfeac [ 406.275392][ C0] ? _raw_spin_unlock+0x40/0x40 [ 406.280240][ C0] ? __wake_up_common+0x2a4/0x4e0 [ 406.285274][ C0] __wake_up_sync_key+0x11f/0x190 [ 406.290298][ C0] ? __wake_up_locked_key_bookmark+0x20/0x20 [ 406.296276][ C0] ? sock_load_diag_module+0x140/0x140 [ 406.301734][ C0] __unix_dgram_recvmsg+0x49c/0xd60 [ 406.306937][ C0] ? unix_unhash+0x10/0x10 [ 406.311359][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 406.317517][ C0] ? mark_lock+0x94/0x320 [ 406.321842][ C0] ? unix_dgram_recvmsg+0xad/0xd0 [ 406.326859][ C0] ? unix_dgram_sendmsg+0x1720/0x1720 [ 406.332234][ C0] sock_recvmsg_nosec+0x82/0xd0 [ 406.337082][ C0] ____sys_recvmsg+0x49b/0x5b0 [ 406.341854][ C0] ? __sys_recvmsg_sock+0x50/0x50 [ 406.346889][ C0] ? import_iovec+0x73/0xa0 [ 406.351393][ C0] ___sys_recvmsg+0x1b6/0x510 [ 406.356069][ C0] ? __sys_recvmsg+0x270/0x270 [ 406.360836][ C0] ? __lock_acquire+0x7c80/0x7c80 [ 406.365857][ C0] ? __might_fault+0xc6/0x120 [ 406.370519][ C0] ? __might_fault+0xaa/0x120 [ 406.375183][ C0] do_recvmmsg+0x360/0x7d0 [ 406.379612][ C0] ? __sys_recvmmsg+0x280/0x280 [ 406.384459][ C0] ? __ia32_sys_get_robust_list+0x90/0x90 [ 406.390162][ C0] ? rcu_read_lock_sched_held+0x8a/0x100 [ 406.395792][ C0] __x64_sys_recvmmsg+0x191/0x240 [ 406.400809][ C0] ? do_recvmmsg+0x7d0/0x7d0 [ 406.405399][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 406.410597][ C0] do_syscall_64+0x55/0xb0 [ 406.415000][ C0] ? clear_bhb_loop+0x40/0x90 [ 406.419664][ C0] ? clear_bhb_loop+0x40/0x90 [ 406.424330][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 406.430224][ C0] RIP: 0033:0x7f4bee38ebe9 [ 406.434630][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 406.454220][ C0] RSP: 002b:00007f4bef156038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 406.462621][ C0] RAX: ffffffffffffffda RBX: 00007f4bee5b6090 RCX: 00007f4bee38ebe9 [ 406.470594][ C0] RDX: 03fffffffffffeda RSI: 00002000000000c0 RDI: 0000000000000004 [ 406.478555][ C0] RBP: 00007f4bee411e19 R08: 0000000000000000 R09: 0000000000000000 [ 406.486521][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 406.494495][ C0] R13: 00007f4bee5b6128 R14: 00007f4bee5b6090 R15: 00007ffc799fac18 [ 406.502469][ C0] [ 406.505804][ C0] Kernel Offset: disabled [ 406.510186][ C0] Rebooting in 86400 seconds..