last executing test programs: 15.769451245s ago: executing program 4 (id=1402): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x48) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x103) r4 = socket(0x10, 0x3, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003c0007010000000000000000010000000400fc800c00018008000600ffff0000"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002a80)=ANY=[], 0x6c}}, 0x20) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a140000001100"], 0x64}}, 0x0) syz_emit_ethernet(0x22, &(0x7f0000000000)={@local, @random="429e82211cf8", @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x0, 0x14, 0x67, 0x0, 0x2, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x25}}}}}}, 0x0) r7 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_qrtr_TIOCOUTQ(r7, 0x5411, 0x0) 14.367280503s ago: executing program 4 (id=1405): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=@newpolicy={0x154, 0x13, 0x831, 0x70bd28, 0x25dfdbfd, {{@in=@rand_addr=0x64010102, @in=@rand_addr=0x64010100, 0x4e23, 0x0, 0x4e24, 0x9, 0xa, 0x20, 0x20, 0x3c}, {0x8000000000, 0xfffffffffffffffb, 0x800, 0x8000, 0x4, 0x4, 0x6b06, 0x1000}, {0x9, 0xff6, 0x46, 0xfffffffffffffffb}, 0xfffffffa, 0x0, 0x0, 0x1, 0x3, 0x2}, [@migrate={0x9c, 0x11, [{@in=@rand_addr=0x64010101, @in=@private=0xa010100, @in=@broadcast, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x6c, 0x4, 0x0, 0x3504, 0x2, 0x2}, {@in6=@private2, @in6=@remote, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@local, 0xff, 0x5, 0x0, 0x3500, 0x2, 0xa}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x8c0}, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_io_uring_setup(0x207, &(0x7f0000000340)={0x0, 0x3444, 0x52f, 0x2, 0xa3}, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, 0x0) userfaultfd(0x801) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101, 0x100}}) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x100) r5 = fcntl$getown(r4, 0x9) r6 = syz_open_procfs(r5, 0x0) lseek(r6, 0x331, 0x0) io_setup(0x3, &(0x7f0000000200)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x2}) 14.163165946s ago: executing program 3 (id=1407): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x3, 0x0, 0xd410, 0xf69aa1672a50ebb1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_UDP_ZERO_CSUM6_RX={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x10) 13.396252176s ago: executing program 3 (id=1408): getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(r3) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x6800, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x4}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc}]}}}]}, 0x9c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) 12.506056077s ago: executing program 4 (id=1410): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2) getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x2000000, {0x0, 0x0, 0x0, r3, {0xfff1}, {0xfff3}, {0xffff}}}, 0x24}}, 0x880) 11.826240866s ago: executing program 4 (id=1412): io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xfdcf, 0x2, 0x2}) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600"}) syz_open_pts(r0, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x480) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x7, 0xab}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 11.366674702s ago: executing program 4 (id=1414): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1}, 0x4) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x17, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r1, @ANYBLOB="0000000000000000c30000000001000095"], &(0x7f0000000180)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair(0x1e, 0x5, 0x0, &(0x7f0000000000)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r5, 0x3516, 0xe0ff, 0x0, 0x0, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @vbi={0xa9, 0x6, 0xfffffffa, 0x59455247, [0x4, 0x9], [0x5, 0x1000], 0x13a}}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4}) 8.965326973s ago: executing program 1 (id=1421): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = syz_io_uring_setup(0x235, &(0x7f0000000500)={0x0, 0x4533, 0x10100, 0x0, 0x24c, 0x0, r3}, &(0x7f00000001c0)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1}) io_uring_enter(r4, 0x234f, 0xb1e6, 0x1, 0x0, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r7, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r7, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)={0x1c, r0, 0x801, 0x0, 0x25dfdbfd, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) 7.66199291s ago: executing program 1 (id=1427): openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0) r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000200)={0x59, 0xa, 0x0, "3205c5460400000000000000022c1e04f4bf40070700000200"}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r5, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000}) close_range(r6, 0xffffffffffffffff, 0x0) 6.869920301s ago: executing program 3 (id=1428): r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) r1 = syz_open_procfs(0x0, &(0x7f00000005c0)='net/raw6\x00') read$FUSE(r1, &(0x7f0000000a40)={0x2020}, 0x2020) r2 = socket$caif_stream(0x25, 0x1, 0x0) setsockopt$CAIFSO_LINK_SELECT(r2, 0x116, 0x7f, 0x0, 0x15) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000340)={r1, r2, 0x400, 0x8f, &(0x7f00000001c0)="9cd0f67da9d097dc2af90838825e44b72f25a384df0a10f4ceb5d15c3c398e7a621c57a56ff9eecc95c193f38e4d5d43e20633a9cad56516dcd0658442510ee27f1d42b096436e1b08d976bab1f100281c1011d0ae72bed3829ccd6e2464b3e7838ebd96b5177f165721b324b84a54abc8b23d87fad9d96beccb9863cd05305d65f04471c1cefc7a69dd5714943901", 0x8, 0xfe, 0x20, 0xd, 0x81, 0x0, 0x5, 'syz0\x00'}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000001000000000052322f4b0c00000000000000000012aa59d1888d275b14b7888d12bf70c512270930cba3f71fc6db5fa4338fca073ff752658d5f3cd8091f8f39567b6021c7ae8120e7dec5128e6b9f71f41e527dd0d5c693dec1adf110715364436940df012b02d32c90ae63b4c41a351c40f3e0b9858067529149a89e507061fbf0e96a69cf4073ef71143fc302b7fbcdaf092d0497e6a353499d666ea701cf7a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x111, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r4, &(0x7f0000000180)={0xf, 0x8, 0xfa00, {r5, 0x4}}, 0x10) 6.644812054s ago: executing program 2 (id=1429): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x3292e291) 6.597871594s ago: executing program 3 (id=1430): r0 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, 0x0, &(0x7f0000000200)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4], 0xeeee0000, 0x8340}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f00000002c0)={0x0, 0x1000000, 0x0}) socket$netlink(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="6400000002060108000000000000000000faffffffffffffff617368706f72742c6e657400000000050001000700000005000500020000000900020073797a300000000005000400000000001400078008000840000000d3080006400000008000"], 0x64}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0) r6 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121) r7 = dup(r6) write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c) syz_emit_ethernet(0x134, &(0x7f00000008c0)={@local, @local, @val={@void, {0x8100, 0x7, 0x0, 0x2}}, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0xfa, 0x0, 0x0, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], "3ed114fd348a6ae9bc2204e97595f90add99a57e8d8a57d4be5bdd649373bca5f3d7127b615faa1f74ef4ee64ee5a1d4b75a1a09557a2166dccae1d158e6d97a3dace11ffe8b8aa8efb20aef5c2c186b077d68e0332203833e0f4505de1797b9c5c714ef3b9385e0780c286808191f08920c05530f3cbf0604c351831b2ae675bc3e946dcfff970f07dcfd453f4669591506233f7a0ab4354f1f354357ffd39a671e2cc54c8b9b254dfe0ce2d0510234e8fa2503f79395761a545b6ef08b6a8bfbc27d5471c214aa54d36c5206d0058198f91d814546230a577839fbe13e3c54f8c4242c8399d4e4505b5f77b17b71a1f9e4d9e5e0d23e1edea1"}}}}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x19}) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_tables_targets\x00') preadv(r8, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/66, 0x42}], 0x1, 0x85, 0xa) io_uring_enter(0xffffffffffffffff, 0x2ded, 0x3fff, 0x0, 0x0, 0x0) userfaultfd(0x80801) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}]}, @IFLA_ALT_IFNAME={0x14, 0x35, 'wg1\x00'}]}, 0x50}}, 0x44040) syz_open_dev$vbi(0x0, 0x1, 0x2) 6.345432127s ago: executing program 2 (id=1431): r0 = io_uring_setup(0x4332, &(0x7f0000000780)={0x0, 0x986d, 0x1000, 0xfffffffc}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x1403, 0x1, 0x70bd27, 0x25dfdbfc}, 0x3f}, 0x1, 0x0, 0x0, 0x4000000}, 0x840) close_range(r0, 0xffffffffffffffff, 0x0) 6.14051903s ago: executing program 2 (id=1432): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000000)="07000000010080", 0x7) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x0, 0xfffffffd}, 0xc) r3 = openat$vicodec0(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) kcmp(r1, r1, 0x0, r2, r3) lsetxattr$trusted_overlay_upper(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100), &(0x7f0000000400)=ANY=[@ANYBLOB="00fbb801f8bfbed3fcfb92b7503e913b12c10990d5776eb276c66cae0bd9a9107ef0227fffcdf0cc1667facadf5425c9ae8593d027d2a9e1cc5c19064a13e60a75b317d06c2c350c07dfcf9a2bce98c1cf7923f6ea3085c42e34e1c805a4904b93e764dca720c01393297fceabf429dfaf3ede12ed48ac276d8413d2e18026014cff91846d6f0233703378cd9d3d8d3a56913c0235e85ecd0ac7322e59bb8d320880"], 0xb8, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r4) sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[], 0x140}}, 0x0) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0) syz_usb_connect$hid(0x3, 0x0, 0x0, 0x0) ioctl$VIDIOC_QUERYBUF(r3, 0xc04c5609, 0x0) r6 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x7d, &(0x7f0000000000)=@sack_info={r7, 0xff, 0x10000}, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRES8=r7, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYRES64=0x0, @ANYRES32], 0x48) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000300)={r7, @in6={{0xa, 0x4e21, 0x4, @ipv4={'\x00', '\xff\xff', @empty}, 0xa9}}, [0x9, 0x2, 0x3, 0x3, 0x7ff, 0x0, 0x3, 0x6, 0x5, 0x2, 0xba, 0x2, 0xd, 0x7fffffffffffffff, 0x3]}, &(0x7f0000000280)=0xfc) ioctl$SNAPSHOT_CREATE_IMAGE(r5, 0x40043311, 0x0) 5.902081633s ago: executing program 1 (id=1434): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2) getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x2000000, {0x0, 0x0, 0x0, r3, {0xfff1}, {0xfff3}, {0xffff}}}, 0x24}}, 0x880) 5.620911467s ago: executing program 1 (id=1435): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0xfffffffd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0xa4}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) connect$unix(r3, &(0x7f00000003c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e) preadv(0xffffffffffffffff, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000600)=""/125, 0x7d}, {&(0x7f0000000680)=""/234, 0xea}, {&(0x7f0000000900)=""/207, 0xcf}, {&(0x7f0000000880)=""/111, 0x6f}], 0x5, 0x0, 0x20000006) fsopen(&(0x7f0000000280)='cifs\x00', 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) syz_emit_ethernet(0x46, &(0x7f0000000140)=ANY=[@ANYBLOB="fffeffffffffbbbbbbbb00019078ac1e8001ac1414aa05009078e00000024515000603670003f4290004ac1414bb7f00000111b4dce01fa17d639a07"], 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000080)='environ\x00') read$qrtrtun(r5, &(0x7f00000004c0)=""/57, 0x39) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000e5ca0000bc09080000000000b60a0100000000000f000000000000001801000020756c2500000000002020207b9af8ff000000002d9100000000000037010000f8ffffffb702f420535d000008000090a54f02000000000015000000060000003f93000000000000b5030000000000008500000076000000b7000000000000009500000000000000aab97c7a4fd5ba79"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000340)=r6, 0x4) r7 = socket$inet_tcp(0x2, 0x1, 0x0) r8 = fsopen(&(0x7f0000000480)='incremental-fs\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0) close_range(r7, 0xffffffffffffffff, 0x0) 5.244601042s ago: executing program 2 (id=1436): io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xfdcf, 0x2, 0x2}) r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600"}) syz_open_pts(r0, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x480) prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x7, 0xab}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 5.016505574s ago: executing program 3 (id=1437): syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) setuid(0xee00) 4.431226932s ago: executing program 4 (id=1438): setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) bind$tipc(0xffffffffffffffff, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000080)={0x42, 0x80000009, 0x2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) setrlimit(0x0, 0x0) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0xffffffffffffffff, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe04}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r6}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 4.381174673s ago: executing program 0 (id=1439): r0 = socket$inet(0xa, 0x801, 0x84) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) gettid() timer_settime(0x0, 0x0, &(0x7f0000001a40)={{0x77359400}, {0x0, 0x989680}}, 0x0) r2 = socket(0x1d, 0x2, 0x6) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x109942, 0x0) ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000580)) ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f00000001c0)={0x0, 0x0}) ioctl$PPPIOCSACTIVE(r3, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x3}]}) close(r3) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00'}) sendmmsg$sock(r2, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{&(0x7f00000005c0)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-twofish-3way\x00'}, 0x80, &(0x7f0000002ac0)=[{0x0}, {&(0x7f0000001840)="a75f6584122148fbf66ce76cd55332ee28f6da2271130c9e4e21d2b313ea5706791d7da97a5f6d1392491ea00d7d029fadb56f4bf82a60102e47c6edbc7c968bd8e704a806828fb262b535930a5f1135754dd55c", 0x54}, {&(0x7f0000001900)="bdadc583fcfbb2aa1fbb4d2345e4e8ddcb66c7d4c52ff3db1576dd8177a564842466d6daca5e4b118e3cf86f1210cec770df3f6b4016efae07ddbd6b80428d1f443c0798b463511221c6de6e4a29136c0f1c9f071903484033d6e8f43914bfc10e417d951bba001d9478", 0x6a}, {&(0x7f0000001980)="84fe75cb876df3c26bd8de01a72cd4b16b7863bc64ccaa8145749c538e000d56368f4938cb820a8551ae7b9d655563ee4045ce3e3d5e1511aacbbac91ecbd8e5c0e87d1ed108b928d5a9bb309312d6bb73e3fd7b0a300de72b53db478d3c9f9e2c33a66fc0ebec5c696c8ac5fcc7562a141e7c0ada2be37243ee509595d0a1e8bc661f1d2957c9d4d610b17f06d6331da3b190c95804110a3432ce46790abb0543cf5ed31131b741cc5ea76d64f4c2c577350374bca7b905677389b26c8c972b", 0xc0}, {&(0x7f0000001ac0)="384f89cc386272b7622cabc1636b4eb5809b9e3517e45a6bea32d076e4681cd248b513b217474d02580002de55f089159d82f858a7e38831a13d3e8f281b52d24f0666754f91f3b72aceb09a01773dcda3fbe5c32e636e26e86e30f2add23f47914f600982f568d344378b04c1bdf880b79a801fcbf5ac3070efdf93139857b724260384b35a1307df079a90748c1f4e0230f350b51f42912805e745c4e369be20ec1d3dab354c268f5b7894a51849b14fea1f59ffefb28b2bd37acaf6d8ca8dc702048bf4a08bb53e5111662dc0a36bc723abe77c368c46458a66e86993f087ed7a931efdd7eb3bd41e880d5d1000ddd8e31c04139cd5b8c0b70236c44b5fcc61ec37d50ad19d67d7ee627c6b9b19850a48a57689441b9ced3a61cbdbb0d9e301e6740793a933a1028f6a3e34922da0cf4367bdd2d29571473ce9e0aabcb75ddbcd76d36e1ec009a847a1c3b48ff22c9dae5277048c8962c93a9d770ae0b6a90db9ea94ca0b20d9a62bfb4f37e9d9d7fbf4a1732b49d4d61e6d4bf713de5c0099bbe3c052a2dea06985afa0a15516ecd3df2721192b60a2611b505a157302ead57023b6bb8dfd443854da98b03d472622ec979f8220d2a0b49069cfca3461827cd2f5a5aaae6a50f08036690b3ba609cb26181536bf5a54d4092af727153ec13ccfddd3bd25f2bcd95761215b4c906c911e877b4a51b332c910bd273990b76f9dc4cf796d7f279ab5880e2d4be2c869a78dcfaa19f92132fda7904b39d2ba37ae6212794d9af59ba3c36e7f6e8d41a23b06f87e3cc678791b0d4b708103f001b201faa889307a02d53bffae58dfbf2b1983867c3be1a7737535decd66e8f32a7c277b8ada7643ec8f74fb00e259953745acee027824760b0c77a1e0b853bb218c0ea7b8ba794b2cd7204ca1e89df4f98392148ba4dad380dda815d7bcf42865f3395576b20ce28a7111b551d25340a5e5bb33521929b3e6b26846876bef84d87683f61994eaf317d83f942b8cc3b4191cfcf1c19b56dedb3fd0144a0163f3cb30ceabcb6f49c63a5c6e9a9e83466440f2301f92f3ffb61ac2c09c2605c50ab059af5b33b19777428e41a463408342075abc1dce69200a526d2f5304051670906cab18c44aa4af5f840f0ebe0cdc3d825b5a4a8eb0d9e13a250aabd7125f142f1dcf24f65627014c98a31aa88181e0c9e4ce050e455fe93abad872c4fab7ac21175158914dd9497e61d8b14a69806efd72219e05cef5133027f040d7b1bb3c971eb9b482abacc5799b76b5d572e5f48b64f4cb798b50ea9369c100f65e9ffacfc6f96682a964e47bc77f6bc967ae21c61345b059033c6facc50e88c03189fc4e5fd04ffd5d3a035911aeb87e7044c780cc17f7216368c111852337a809e8c34ed500bd446379f64861ee70b5a0184fc6aa58efc4f7d0ec2856acc9b011853139b016e6db1ff144ef6f9c594d634ceb2d9cf04fdd5384372bd2f7106e98a205bed94f61c87dd470fbd3a4985e3fab1f3bb684c14f83a5f98369ae0635d34a9e7a52382d07b3a295ba92862c0623a2cba64da54b6f47095acb5d56cb543938f17d8db348738e6cf99ec2c905bda6c32153afe7fb718b6f0b4726f224ea1d23b71d5f849aeb9fc491b7f49570ae64f35e789d1638f0482426e086e6e737d963e7a68c5f9d55aa0552c0cf697059d61dca14534d76a16451d75ab1a54cd1b25ad89ded8ecf8bd04629ff21c00f6a1ac7c141fa4dd2c822d4450fd1b38e70d12c66538f73d0b29aae959932d1c51f46fde246e0e98b611f36f9d4f076c62caac97d43ffffcfa2d1da5b5d390cfe9c03522b17f4e4680004d2d7f657b623c43de82462b1920ae3c8479b0f6b67229d314dbc22bbcb10fc1f5cafafcbe7ef9ac13376500a615030984ae055f1044c8a7c378b90ab72ca21076abd577b2eac31cc2e532556a9d9fc06be4ce80d01ba0bd87b3f4c3aab82b19399bf67ce15ce0bd417538dfec8ab46163ace8f5634b030c75ba61277aa134ac580feb6c29f6c820d79237c48c20c8e174a71bf84a18f68b9ba2ccb75926de2b4933f0d98412d6b11823fe266abdfc47aadd0393262f0b65221574bbf8b949e81e47750f06297c126565edffbaed07e74e84de18686880156c6b7cb475bed5b028542ff5a33c823bf40cda940466b34c503b2c1535c3f2ddacb8f9188b059d2df4087206cc2cd3025ffa08ae744e2c53a082ce8a5103493090469f179a8b46d4c8a582033a3102c85f59c9122780f747616a4109e3c9d8fb211f921a8f926470184723602bbb45e0fad713ca6924de9124b592df4d57c107eb85cef15a6862d803eea1ee01e7053addd3a199c9c73ff850494920c66740eb6f3520912bf172feb0fbd383e5c6a847b65d5f84aa5b1c6ed5b3b903deea69025d9207021933153987115ce154ff6c9a1aa38ba7ebd06fc4fae3202d69effd42e33d5eeca621d6a3386f4f62c574d0dda093eb7d05a773462129b6be56010fcb585cffcf5339f19a29bc9d3c86dbe62643d6c442ae5b0976054461168cb8c9e418a5520f6b7e8cf869d5e6366a02ef187b3697d20583b2918083fa9e07c2de7f7e6419ad8ba0c04998017fd9b348006c06f58f865495a4f1ce1238af1f8c2562a683b7d7aadd92fab70ea9586646847583054f820779cf7225ce2ac430157b7b03ac466200f9251bce942b1e3179ab9f9a21a0d821f894f741c4d558603bba2a069fff5e4ac99925b35b4607afb0136412d435c6b62f0af7acc64af3c8be6e6bc06f6816a14c6b931abb3b7bfea2072bf78fe771afb8f3812e45a23d0d05bce45e0f67265016e9a950f150118a4a9d3eb81c0d4b675a833a402164b2bdc871568801cb561e3a53db561c85e0b52e21e75d80117be02c2b763145a4e7557d6771d9108e1d798c8652aa061de5396369d21816cbbccd57b637d56d791c657568013dfff2809b4f7bc0e90592f0b783e533e56c53d49a83981ede7619e842435d7cc773aa05352a55cd45ee07ebdba1c8297f8117cc4e6e29f335d313df2c6924312e8c2dda97a497c38aa7c4e6e10317db751c5acaa02d4cd59e8d2e7c218aba3bd629494b5378cd5d9cd3c81f8962f41983cfb226df4210fa80045529d178ab4473a4eec5691aaf234ed03676bf0e9f6932d439d13b8fed8048bd8a78d3bfb9f2b1b68141da0281076fc033a41402309ab7ff9920fd801f49e2aa222688cb260c73d8bd393cea59443623a54a89561027b3e79665b13aa9298f1f2064db1e208f8954922aaf0565b2879e26f9e6b217721554b879fde9418135da2387d526a64d0f66f371eea40aeea724d04e81464308a5197cf8280e859cea9fc3e8f1c74f4d90d52bb71e9c1dc1cb6bb290b4287991439bc658504e906b11b6f49494a595d0ced190733acb6683d91c198dd20b819f67c65e235e4a4628477535dcb9cf72863f9ec9d67b7076e4e71e56d1c431e6b12155bf9de1086a8b7fd582e79bbed59a9d3ba76cf4623cc7f9396ccb7055ee3e49c336f63f389cc4e16994668c2a89a31579464aca609bac2473dbcbf27f5f4424629ea33a6f09d2cc352893dfce3c373ab74de3fa86b5d29538b1c1d69c2f38e0b9af735847d1f60a81176e08f7b1d0971bfe47b21ccdb3e4ba8b2f16e24a280f70d631d3a28683f839cb23ff939665818c8b0890e782927295ebbdc272655e691ca26adc61ee4b000be78e06f2acdb1a607f9b227bd9dbb97080890723ae9ccda2511bd33a024f076043081e1b9a42a1d1b94fd4d6914a613fac2df80e87ade79a9e5ddae1034bf142288ef34a0cbf9f5a46e972ca1b2f3dda75ed50af0357e29363545a039f456b00f6a92511aebe34db6ae4b836d5b06987c16e8963d8452ba507e5cb1e6562ab0d08893494871cba679dce9ad6fc176ca65085699405fecf6043e67817463a2942fffd46acbb356d6dadf22c07cc96a69444b1f6d3d7b006ecde2d261b8145d6fa62834a81d0a2dddf7f189df76b20c630f7c67ca850e4b4d0ed39c7afad16717f236eeec0d4fbde80b2a04464b9e6543bdddf36302e5e552abd7898a021753ca4bc7488f88ee9371645ef5525b6147eb55660e4272a50b2a0d620c5dba558ead9e55b9737a327f16fdcf01138fc99ed2e6a29ba259dbfa76a5ba7292657d72494b771549e4b8704eb0c7d01d5dfaa60c180a9d54642b1c90c527ef80866f5cef1c377a49fec942d1e4a71f077c55ab11da1bac19eb2e249fb23bb3358a1f7676e2c66142f349716bc2832a121a23e7ec49aea94b633fed3089afc08d0ff439c92731a44ec2a358d8946bf66fefc2d588024b42f3d6dec9b1d0b8efa86834c7c397be060dc7e74fbae49d29f62d37a7f43c5d2d938b01a7614c5be512acc4c9a6aa783f0f64b766dfb1bb7aa634bc18a4d4b15ee3e04f96e6d33ed1f4e37862b7ccfbdad72675905a30eb80f5e72c6adee769300b8216f92e699ae27272bc09586235f589607c17cb0e8884d938f9a137608fc3de15fb2a8c791a0a297bcf4c3a85269cd509b1f4c2272ec8eabc8da7d105289e3c9fcb4a3b755d8dee020efb6485f97ac82115d12489784fac1e410764f8adaab533cba368e2a1dbbf2c6cccb0415bfd66be164c3f34b0881d4930327038c14649bcd2c31b50a0323b46d9380a7538e34a165c35929f20dc613f02d2e028fd3b958340cc8f0ed90c2f634672e5f3949c5cdeb92b7f601c3c5d046fcc43da8054449119a29f38404f0f4c57e8787dcfa7760456a8213d360854d3228f2eaf00127f6f50ae6b1e193cef0ad75147a3a91c2997372670c6f5fe4dbe4ee1a703ec68175327e45e3d034c380a459c10071b114e15b0f4f11ff27959257e1f18d5c9ff7b98abc9269faa037eaaa011936e4e7bd02ed3e335b77e6156c8e1120a1879899fbaef039f9ab1b8ca021057f3984db7272a323daf996aafe84f49f950cb933cec6e2c40de8696d50a02adefa5b9b12025e8b3e1a037e3b56b88ca3fb353ddfe5641b88cf1faa643ee9bbb7a7ee84e0b2b022d2073e221be8f35ede65115128c487533edfbb98ea163d19bf2ee18a346395ec611b0372de188850f574d009fae878b0359deba1451c67c7ae5ae0a3bc2488e038465236353693334433227261a0ab6f28732d1fec418490cecb760544ed423c82942d715882bb1df605392e59cf20760e9f629b59e6782851278660af92fffa2e2c8fb67f97a70b139d86e35ae9c50bd11404d0504251eee25ca9115d96432ff8b7be11950383bc344e545cc325c20c4bab773887244ce2a98de05f250b0154a4a338b1ba69ff76cef3e5cc8583a3d2461a6497cdd21a458a25c85c01d9c6885f84e670b6f0e03a3e44f357c90352012405bbb420d313ad505c4daefb20807357bb31fc291ff7b428c7fa7878aabf64c6996d06f0fc19e30526b4a8fdbad5e46587673093bbfa5d900ea9bc2587a04012ef45212ec0df552bf98a9fd056d9dd7438d8e43319bf7afeb1e7050847f1a511ed506569f9a426b3eb96a0b703167ec842653ad5f041b1bed15b49be9d215ef57371ce344ec7124c453e82f427bab33df4a126613a2d64fc9ecf8ba4e8a49a1421b094a7645d1592ab6a715acb3f3f8de4f775659d848ad1dd4cba39549b5e06aaa941d095b0f8d0be88e61f6c993463580ad72d53193afd19bca6e0aa3d8f9a88737d854b0e4937df6596d166eeb31158198c3d502a0c4717826853bb54732ac97f96a891aae1437539eb14dbe080447f7d91c98d6124cdf1d3d648e6c", 0xffa}], 0x5, &(0x7f0000000240)=[@timestamping={{0x14, 0x1, 0x25, 0x7fff}}], 0x18}}], 0x3, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, 0x0, 0x0) connect$inet(r4, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa0}, {0xffff, 0x3, 0x1, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffe, 0xfffffffffffffff7}, {0x0, 0x8, 0xfffffffffffffffc, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in6=@empty, 0x2, 0x6c}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3500, 0x5, 0x0, 0xb7, 0x4000000}}, 0xe8) sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0) socket$nl_generic(0x10, 0x3, 0x10) accept4(r0, 0x0, 0x0, 0x0) 4.201665245s ago: executing program 2 (id=1440): creat(&(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) r1 = dup(r0) write$P9_RLERRORu(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="5300000007000046009d40", @ANYBLOB="fe4cecb210bc091b104f801f21ddeb4c9b"], 0x53) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f00000000c0)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}]}, 0x3, 0x4f2, &(0x7f0000000140)="$eJzs3E1sFFUcAPD/bLttAdGKiIIoBTQ2JrZQUDh4gcTEgyZGPMixKZUgBQztQQiRkhg8k3g3Ho03Tbzq0Xgy8YoHDyaGSAwXwNOa2Zlp97u79Culv1+y7Xszb/fNf9687dv3uhPApjWS/kginoiI2xHxVJatLzCS/Xpw79rUw3vXpmK+Ujn1b1Itdz/N54rnbcszo6WI0hdJwwtmZq9cPT85MzN9Oc+Pz134dHz2ytXXz12YPDt9dvrixPHjR48cPvbmxBu9B9WivjSu+3s+v7R39zunb7031V9sH8p/18bRVn/LrTfaFR/p8FKvLFnZxrK9Jp00n6fra3owdG0ov6zLaf+/NnPg9HofELBmKpVKZbD97vlKoxtNW4ANK4n1PgJgfRR/6NPPv/fvlbv7HPwYuXsi+wCUxv0gf2R7+qOUlyk3fL5dSSMR8dH8f1+nj+g0D/HnKh0AALDp/HyiGAmm47/ske0pxa6ack/mayjDEfF0ROyIiGciYiAino2oln0uIp5vrCCJqHSof2dDfrH+H/JVhNKdZQfZQTr+eytf26of/xWjvxjuy3PbI4oB8/Sh/JyMRnnw43Mz04dbLntk56eT2vFf+kjrL8aC+XHc6W+YoDszOTf56BHXu3sjYk9/Y/xpKMnCclcSEbsjYk8Prztckz732rd7FzLl+nJLx19VabGk1249rieVbyJezdp/Puraf7HGpPP65PhQzEwfGk+vgkMt6/j1t5vvt6t/yfh//KvxKW8f++nUcsNekLb/1iz+cuSxV9dvF+MfTiKShfXa2YhKX2913Pzjy+rrjhxs3jdSnX3q/fofSD6spov+9dnk3NzlwxEDybvN2ycWn1vki/Jp/KMHW/f/Hflz0jPxQkSkF/GLEfFSROzL225/RByIiObQfv+nSP1y8uVP2p2bLq//VXP3ZJ5oir+u/RfX67tMFE9Ot/Sd33/7YZs3j/bxF42etv/Ramo039L6/S+pe4vo9kiXdfIAAABggyhF9X//S2ML6VJpbCybA9oZW0szl2bn9kXExTPZdwSGo1wqZrqy+eByks9/Vuf8ivxEQ/5IPm/8Vd+Wan5s6tJSU6PAKttW7fNJU/9P/d3jPC+wAa3AOhqwQS3V/3fdWqMDAdZcm/5fWuvjANZeTf+fb1Nk3n/KwOPJ53/YvFr1/+vxXccFOu8ZsPFV9GXYxAb0f9jE+uODhXR10r/lt22Bx5G//7Ap9fq9/t4SlcHWu4aixR0DhlbnMLbU1VWOiFUKeUt+u4N2ZdKR1QpWmkbS5YE9ShXFELD9HR5Kvb3gYDTv6uvYFkkP93EoEulZWbLw2V0rc/HXNEFxT5TlNu71hi3fL/bTcpfNvUKJdXk7AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHH/BwAA//8Wt9I+") sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) openat(0xffffffffffffff9c, &(0x7f0000000680)='./file1\x00', 0x143042, 0x2a0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f00000003c0)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@dax_inode}, {@journal_dev={'journal_dev', 0x3d, 0xb7f}}, {@data_err_ignore}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0xfe, 0x44a, &(0x7f0000000900)="$eJzs3MtPXFUYAPDvzjD0LVjro7VVtBqJDyj0YRduajRxoYmJLmpcIdAGOy2mYGIbougCl6aJe+PSxL/AjXVj1JWJW90bE2LYWF2NuTP30hFmgIGBqZ3fL7lwzpxLzvnuvYf55tyZCaBrDaQ/koj9EfFrRPQ12mGg9uvW0tz430tz40lUKm/8maR/Fn8tzY3nuybZ7321SqWyRr8Lb0eMlcuTV7P68Ozl94Znrl1/bury2MXJi5NXRs+ePXXyWO+Z0dNtifNAOtYjH04fPfzKWzdeGz9/450fv07Huz9rr4+jXQZqR7ehJ9vdWYcdqCsnPR0cCC0pRkR6ukrV+d8Xxdiz3NYXL3/S0cEB26pSKVR2NW+erwB3sTRRB7pR/kSfvv7Ntx1KPe4Ii+dieR3jVrbVWnqikO1Tyl4jbYeBiDg//88X6RbbtA4BAFDv5rmIeLZR/leIB+r2uye7N9QfEfdGxMGIuC8iDkXE/RHVfR+MiIda7H/lHZLV+U9l1S2pdkrzvxeye1v/zf/y7C/6i1ntQDX+UnJhqjx5Ijsmg1HaldZH1ujju5d++axZW33+l25p/3kumI3jj54VC3QTY7NjW4m53uLHEUd6GsWfLOe8aX58OCKObLKPqae/Otqsbf3419CGpLzyZcRTtfM/HyvizyVN70+OPH9m9PTw7ihPnhjOr4rVfvp54fVm/W8p/jZYvFmJvQ2v/+X4+5PdETPXrl+q3q+dab2Phd8+bfqaZrPXf2/yZrXcmz32wdjs7NWRiN7k1dWPj97+27ye759e/4PHG8//g3H7SDwcEelFfCwiHomIR7OxPxYRj0fE8TXi/+HFJ95tPf41VuXbKI1/Yr3zH/Xnv/VC8dL337Qefy49/6eqpcHskY38/9voALdy7AAAAOD/olB9D3xSGFouFwpDQ7X38B+KvYXy9MzsMxem378yUXuvfH+UCvlKV1/deuhItjac10dX1E9m68afF/dU60Pj0+WJTgcPXW5fk/mf+r3Y6dEB287ntaB7mf/Qvcx/6F7mP3Qv8x+6V6P5/1EHxgHsvHWe//fs1DiAnSf/h+5l/kP3Mv+hKzX9bHxhSx/5V+hQ4dverX1Xw8YLUbhDQr5rCqVo2NSz4S+z2GRhV8OmTv9nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI9/AwAA//+TduMT") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000010000000850000000e00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='ext4\x00') mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x800000, 0x0) 2.197875421s ago: executing program 0 (id=1441): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x3292e291) 1.348584142s ago: executing program 1 (id=1442): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x10}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = getpid() sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)={0x174, 0x140, 0x107, 0x8000, 0x8, {0x2, 0x7c}, [@nested={0x15e, 0xf3, 0x0, 0x1, [@nested={0xc2, 0x38, 0x0, 0x1, [@typed={0x8, 0xfe, 0x0, 0x0, @pid=0xffffffffffffffff}, @nested={0xa7, 0x98, 0x0, 0x1, [@typed={0x8, 0xaf, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x8, 0x6d, 0x0, 0x0, @u32=0x62}, @generic="450cea13c37a228f9f400527ceaabd5a92030595c5f3ec54fd2eefe1eb09cc613330e217570c061bdec4ba907681013d267bd8d223417b012fa98dddd9c6132404714993e3e2bd7bcf15f84cda10e1384b3d0d27b12135b9c804b5bef1197c65a6b399be08976c744b934c247252ec43663e23a71c6e2484387dd1a0a3f75ba3ed4781b8d1f1c51737fde3", @typed={0x5, 0x13f, 0x0, 0x0, @str='\x00'}]}, @generic="86fd050d019f3cdd620ed8ca288f"]}, @typed={0x14, 0x139, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @typed={0x8, 0x2c, 0x0, 0x0, @pid=r2}, @typed={0x8, 0x76, 0x0, 0x0, @u32=0x1afe}, @generic="b517cf62cf2c0c5a5a2063ac2e5530bb1c689312a004788126517583fd45b711d623c225a43a981d17b99092bbd7de526c54c97c108c96046412b49a81510914915c198768815d89a8f8cca46640eadba458e77e14a2", @typed={0x8, 0x142, 0x0, 0x0, @ipv4=@empty}, @typed={0x14, 0xd9, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x30}}]}]}, 0x174}, 0x1, 0x0, 0x0, 0x4091}, 0xc000) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x40c00) ioctl$VIDIOC_G_EDID(r3, 0xc0285628, &(0x7f0000000140)={0x0, 0x10, 0x7, '\x00', &(0x7f0000000040)=0x5}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a7260180"], 0x26c0}}, 0x4010) syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) r4 = syz_open_dev$ndb(&(0x7f0000000500), 0x0, 0x0) r5 = syz_clone3(&(0x7f0000000400)={0x172824a00, &(0x7f0000000100), 0x0, &(0x7f0000000280), {0x2b}, &(0x7f00000002c0)=""/137, 0x89, &(0x7f0000000380)=""/35, &(0x7f00000003c0)=[0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x4}, 0x58) r6 = syz_open_procfs(0x0, &(0x7f0000000480)='cmdline\x00') ioctl$NBD_SET_SIZE_BLOCKS(r4, 0xab07, 0x80000000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) sched_setscheduler(r5, 0x1, &(0x7f00000001c0)=0xfffff000) ioctl$NBD_SET_SOCK(r4, 0xab00, r7) ioctl$CEC_S_MODE(r6, 0x40046109, &(0x7f00000004c0)=0x2) ioctl$NBD_DO_IT(r4, 0xab03) ioctl$NBD_CLEAR_SOCK(r4, 0xab04) syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) 1.348267073s ago: executing program 3 (id=1443): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair$unix(0x1, 0x2, 0x0, 0x0) dup(0xffffffffffffffff) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0) write$binfmt_aout(r1, 0x0, 0xfffffeb7) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x70bd27, 0x25dfdc00, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x4) prlimit64(0x0, 0xe, 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0) r5 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) r6 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@delqdisc={0x24, 0x25, 0x300, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x6, 0xfff2}, {0x480bd72125a0c189, 0x5}, {0xffe0, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x4808}, 0x880) connect$inet(r5, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10) r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x7ffffffffffffd, &(0x7f0000000580)={0xffffffffffffffff}, 0x13f, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r7, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @loopback, 0xb}, r8}}, 0x30) 1.342878262s ago: executing program 0 (id=1452): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r0, 0x3292e291) 990.882637ms ago: executing program 0 (id=1444): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x0, 0x0}) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000340)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 497.987933ms ago: executing program 0 (id=1445): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2) getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x2000000, {0x0, 0x0, 0x0, r3, {0xfff1}, {0xfff3}, {0xffff}}}, 0x24}}, 0x880) 332.513085ms ago: executing program 2 (id=1446): futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x1, 0x800001, 0x0, 0x0, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) getpid() munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) mlock2(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) 108.591608ms ago: executing program 1 (id=1447): socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000040), 0x4) r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000a636000000007fffffff8500000050000000850000000f000000"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x18) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6) r4 = openat$nvme_fabrics(0xffffff9c, 0x0, 0x20a83, 0x0) connect$unix(r4, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) syz_io_uring_submit(0x0, 0x0, 0x0) syz_open_dev$sndpcmc(0x0, 0x57, 0x200002) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r5, 0x0, 0x8080) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0) 0s ago: executing program 0 (id=1448): setxattr$trusted_overlay_redirect(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): cted capacity change from 0 to 512 [ 126.999453][ T4789] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 127.106399][ T4805] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 127.120632][ T4812] loop3: detected capacity change from 0 to 128 [ 127.140000][ T4805] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.159487][ T4252] ocfs2: Unmounting device (7,0) on (node local) [ 127.289296][ T26] audit: type=1800 audit(1748419354.277:7): pid=4805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.96" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 127.380947][ T26] audit: type=1800 audit(1748419354.317:8): pid=4805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.96" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 127.715401][ T4816] loop0: detected capacity change from 0 to 32768 [ 127.782377][ T4816] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.99 (4816) [ 127.786309][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 127.811250][ T4816] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 127.821675][ T4816] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 127.831904][ T4816] BTRFS info (device loop0): using free space tree [ 128.689128][ T4816] BTRFS info (device loop0): enabling ssd optimizations [ 128.892752][ T4813] loop2: detected capacity change from 0 to 40427 [ 129.001897][ T4813] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 129.141853][ T4813] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 129.390451][ T4813] F2FS-fs (loop2): Found nat_bits in checkpoint [ 129.580675][ T4252] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 130.470457][ T4852] sctp: failed to load transform for md5: -2 [ 132.511637][ T4529] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 132.605432][ T4867] loop4: detected capacity change from 0 to 32768 [ 132.614932][ T4865] loop2: detected capacity change from 0 to 32768 [ 132.646482][ T4547] kworker/u4:13: attempt to access beyond end of device [ 132.646482][ T4547] loop3: rw=1, sector=145, nr_sectors = 88 limit=128 [ 132.673929][ T4867] XFS (loop4): Mounting V5 Filesystem [ 132.680799][ T4865] XFS (loop2): Mounting V5 Filesystem [ 132.713167][ T4529] usb 2-1: Using ep0 maxpacket: 32 [ 132.715673][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.725221][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.725968][ T4529] usb 2-1: config 0 has no interfaces? [ 132.769693][ T4867] XFS (loop4): Ending clean mount [ 132.792679][ T4865] XFS (loop2): Ending clean mount [ 132.792696][ T4867] XFS (loop4): Quotacheck needed: Please wait. [ 132.799067][ T4529] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 132.866380][ T4529] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.874417][ T4867] XFS (loop4): Quotacheck: Done. [ 132.878577][ T4529] usb 2-1: Product: syz [ 132.900207][ T4529] usb 2-1: Manufacturer: syz [ 132.910329][ T4529] usb 2-1: SerialNumber: syz [ 132.945601][ T4865] XFS (loop2): Quotacheck needed: Please wait. [ 132.961338][ T4529] usb 2-1: config 0 descriptor?? [ 133.048986][ T4865] XFS (loop2): Quotacheck: Done. [ 133.103323][ T4253] XFS (loop4): Unmounting Filesystem [ 133.269927][ T4262] XFS (loop2): Unmounting Filesystem [ 133.658520][ T4302] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 133.719331][ T4904] loop2: detected capacity change from 0 to 256 [ 133.735933][ T4904] exfat: Deprecated parameter 'utf8' [ 133.759919][ T4904] exfat: Deprecated parameter 'namecase' [ 133.808905][ T4904] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 133.853417][ T4302] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 133.879831][ T4302] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 133.918656][ T4302] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 133.945701][ T4302] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 133.980349][ T4302] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 134.000991][ T4302] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 134.009352][ T4302] usb 1-1: Manufacturer: syz [ 134.031331][ T4302] usb 1-1: config 0 descriptor?? [ 134.139185][ T4908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.116'. [ 134.149937][ T4908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.116'. [ 134.172786][ T4903] loop4: detected capacity change from 0 to 32768 [ 134.199101][ T4903] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop4 scanned by syz.4.114 (4903) [ 134.266247][ T4903] BTRFS info (device loop4): first mount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b [ 134.282767][ T4903] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 134.294811][ T4903] BTRFS info (device loop4): using free space tree [ 134.804058][ T4903] BTRFS info (device loop4): enabling ssd optimizations [ 135.022509][ T4302] rc_core: IR keymap rc-hauppauge not found [ 135.028780][ T4302] Registered IR keymap rc-empty [ 135.047513][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.091640][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.134504][ T4302] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 135.182441][ T4938] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 135.209767][ T4302] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input5 [ 135.231866][ T4253] BTRFS info (device loop4): last unmount of filesystem db05bf05-c4f4-4d41-ba1f-eb57295b561b [ 135.252073][ T4938] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.278531][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.352229][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.392602][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.432113][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.472189][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.513096][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.552027][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.591902][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.624921][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.654009][ T4297] usb 2-1: USB disconnect, device number 3 [ 135.661681][ T4302] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 135.712750][ T4302] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 135.772983][ T4302] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 137.279630][ T4960] netlink: 20 bytes leftover after parsing attributes in process `syz.3.124'. [ 137.330161][ T4527] usb 1-1: USB disconnect, device number 3 [ 137.648253][ T4968] loop4: detected capacity change from 0 to 512 [ 137.719536][ T4968] EXT4-fs: Ignoring removed nobh option [ 138.288212][ T4968] EXT4-fs error (device loop4): __ext4_iget:5076: inode #11: block 6: comm syz.4.127: invalid block [ 138.356124][ T4968] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.127: couldn't read orphan inode 11 (err -117) [ 138.378260][ T4968] EXT4-fs (loop4): 1 truncate cleaned up [ 138.450627][ T4968] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 138.609482][ T4950] loop1: detected capacity change from 0 to 32768 [ 138.737501][ T4950] XFS (loop1): Mounting V5 Filesystem [ 138.881950][ T4527] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 139.071761][ T4527] usb 3-1: Using ep0 maxpacket: 32 [ 139.091946][ T4527] usb 3-1: config 0 has no interfaces? [ 139.113715][ T4527] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 139.123335][ T4527] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 139.131500][ T4527] usb 3-1: Product: syz [ 139.141252][ T4527] usb 3-1: Manufacturer: syz [ 139.148337][ T4527] usb 3-1: SerialNumber: syz [ 139.212577][ T4527] usb 3-1: config 0 descriptor?? [ 139.244591][ T4950] XFS (loop1): Ending clean mount [ 139.370855][ T26] audit: type=1800 audit(1748419366.357:9): pid=4988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.127" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 139.657957][ T4950] XFS (loop1): Quotacheck needed: Please wait. [ 139.851881][ T4950] XFS (loop1): Quotacheck: Done. [ 139.959723][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 140.017425][ T4251] XFS (loop1): Unmounting Filesystem [ 140.247285][ T5008] loop4: detected capacity change from 0 to 512 [ 140.286939][ T5008] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 140.359886][ T5008] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 140.856373][ T26] audit: type=1800 audit(1748419367.847:10): pid=5008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.133" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 141.214656][ T26] audit: type=1800 audit(1748419368.007:11): pid=5015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.133" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 141.586830][ T4302] usb 3-1: USB disconnect, device number 2 [ 141.608743][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 141.889916][ T5019] loop0: detected capacity change from 0 to 4096 [ 141.974567][ T5020] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 142.014751][ T26] audit: type=1800 audit(1748419369.007:12): pid=5019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.137" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 145.896637][ T5037] loop3: detected capacity change from 0 to 32768 [ 145.928112][ T5037] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.143 (5037) [ 145.962193][ T5037] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 145.972569][ T5037] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 145.981264][ T5037] BTRFS info (device loop3): using free space tree [ 146.051643][ T5034] loop2: detected capacity change from 0 to 64 [ 146.311847][ T5037] BTRFS info (device loop3): enabling ssd optimizations [ 146.362805][ T5037] BTRFS info (device loop3): scrub: started on devid 1 [ 146.419697][ T5037] BTRFS info (device loop3): scrub: finished on devid 1 with status: 0 [ 146.991338][ T4263] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 147.288950][ T4421] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop3 scanned by udevd (4421) [ 147.341642][ T27] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 147.551629][ T27] usb 3-1: Using ep0 maxpacket: 32 [ 147.560426][ T27] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 147.584196][ T27] usb 3-1: config 0 has no interface number 0 [ 147.614195][ T27] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 147.641671][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.670280][ T27] usb 3-1: Product: syz [ 147.680456][ T27] usb 3-1: Manufacturer: syz [ 147.691965][ T27] usb 3-1: SerialNumber: syz [ 147.731440][ T27] usb 3-1: config 0 descriptor?? [ 147.747757][ T27] usb 3-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 147.767303][ T27] usb 3-1: selecting invalid altsetting 1 [ 147.779719][ T5051] loop4: detected capacity change from 0 to 32768 [ 147.786319][ T27] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 147.897631][ T27] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 147.919278][ T27] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 147.935550][ T5067] loop1: detected capacity change from 0 to 32768 [ 148.009675][ T27] usb 3-1: media controller created [ 148.093006][ T5067] XFS (loop1): Mounting V5 Filesystem [ 148.221852][ T27] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 148.314172][ T5051] XFS (loop4): Mounting V5 Filesystem [ 148.314704][ T5067] XFS (loop1): Ending clean mount [ 148.383356][ T5067] XFS (loop1): Quotacheck needed: Please wait. [ 148.467310][ T5051] XFS (loop4): Ending clean mount [ 148.479126][ T5051] XFS (loop4): Quotacheck needed: Please wait. [ 148.554148][ T5051] XFS (loop4): Quotacheck: Done. [ 148.584012][ T5067] XFS (loop1): Quotacheck: Done. [ 148.660270][ T26] audit: type=1800 audit(1748419375.647:13): pid=5051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.146" name="bus" dev="loop4" ino=9290 res=0 errno=0 [ 148.865557][ T4253] XFS (loop4): Unmounting Filesystem [ 149.042389][ T5069] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 149.057478][ T5105] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 149.064051][ T5105] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 149.072179][ T5105] vhci_hcd vhci_hcd.0: Device attached [ 149.168326][ T27] usb 3-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 149.231856][ T4529] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 149.276828][ T27] zl10353_read_register: readreg error (reg=127, ret==-32) [ 149.420305][ T27] usb 3-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 149.481748][ T4529] usb 4-1: Using ep0 maxpacket: 8 [ 149.494487][ T4529] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 149.635333][ T4529] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 149.726102][ T5106] vhci_hcd: connection closed [ 149.729619][ T4346] vhci_hcd: stop threads [ 149.801058][ T4529] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 149.836179][ T4346] vhci_hcd: release socket [ 149.900871][ T4346] vhci_hcd: disconnect device [ 149.983464][ T4529] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 150.184519][ T4529] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 150.318846][ T4529] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.327651][ T27] usb 3-1: USB disconnect, device number 3 [ 150.622714][ T4529] usb 4-1: GET_CAPABILITIES returned 0 [ 150.631295][ T4529] usbtmc 4-1:16.0: can't read capabilities [ 150.979437][ T4667] usb 4-1: USB disconnect, device number 3 [ 151.230033][ T4251] XFS (loop1): Unmounting Filesystem [ 152.402283][ T5130] syz.3.164 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 153.719822][ T5149] loop3: detected capacity change from 0 to 128 [ 154.829798][ T5143] loop0: detected capacity change from 0 to 32768 [ 155.236224][ T5143] XFS (loop0): Mounting V5 Filesystem [ 155.322260][ T5172] loop9: detected capacity change from 0 to 7 [ 155.334308][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.343791][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.354460][ T5000] kworker/u4:19: attempt to access beyond end of device [ 155.354460][ T5000] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 155.370658][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.379951][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.389537][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.398913][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.418675][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.427921][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.452688][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.461935][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.471568][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.480766][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.495277][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.505428][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.514816][ T4421] ldm_validate_partition_table(): Disk read failed. [ 155.531878][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.541143][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.549996][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.559196][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.575609][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 155.584817][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 155.595091][ T4421] Dev loop9: unable to read RDB block 0 [ 155.642259][ T4421] loop9: unable to read partition table [ 155.647305][ T5143] XFS (loop0): Ending clean mount [ 155.698189][ T5143] XFS (loop0): Quotacheck needed: Please wait. [ 156.164187][ T4421] loop9: partition table beyond EOD, truncated [ 156.240471][ T5143] XFS (loop0): Quotacheck: Done. [ 156.300410][ T26] audit: type=1800 audit(1748419383.287:14): pid=5143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.168" name="bus" dev="loop0" ino=9290 res=0 errno=0 [ 156.466851][ T4252] XFS (loop0): Unmounting Filesystem [ 158.294200][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready [ 159.307141][ T5209] loop3: detected capacity change from 0 to 128 [ 160.037645][ T5193] loop4: detected capacity change from 0 to 32768 [ 160.640944][ T5193] XFS (loop4): Mounting V5 Filesystem [ 161.037092][ T4481] kworker/u4:12: attempt to access beyond end of device [ 161.037092][ T4481] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 161.063565][ T5193] XFS (loop4): log mount failed [ 163.315727][ T4265] Bluetooth: hci2: Dropping invalid advertising data [ 163.324284][ T4265] Bluetooth: hci2: Malformed LE Event: 0x02 [ 163.818606][ T5247] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 164.462412][ T5248] fuse: Bad value for 'fd' [ 164.849559][ T5254] Bluetooth: MGMT ver 1.22 [ 165.730614][ T5252] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 165.742121][ T5252] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 166.074245][ T5259] loop0: detected capacity change from 0 to 128 [ 167.685375][ T4254] Bluetooth: hci0: command 0x0401 tx timeout [ 167.691581][ T4265] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 168.116440][ T33] kworker/u4:2: attempt to access beyond end of device [ 168.116440][ T33] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 168.381148][ T5272] loop1: detected capacity change from 0 to 32768 [ 169.170227][ T5272] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 169.707033][ T4270] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10 [ 171.036278][ T5302] loop3: detected capacity change from 0 to 1024 [ 171.119582][ T5302] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 172.888133][ T5328] 9p: Unknown Cache mode readahead [ 172.899895][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 174.073447][ T5334] loop3: detected capacity change from 0 to 512 [ 174.156922][ T5334] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 174.197204][ T5334] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 174.257965][ T5334] EXT4-fs (loop3): 1 truncate cleaned up [ 174.269442][ T5334] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 174.506200][ T4263] EXT4-fs (loop3): unmounting filesystem. [ 177.618765][ T5366] loop1: detected capacity change from 0 to 1024 [ 177.724140][ T5366] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 178.688814][ T5372] loop4: detected capacity change from 0 to 128 [ 179.087839][ T5359] loop0: detected capacity change from 0 to 32768 [ 179.117906][ T5375] usb usb1: usbfs: process 5375 (syz.4.232) did not claim interface 1 before use [ 180.084441][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 180.796138][ T5384] process 'syz.1.236' launched './file2' with NULL argv: empty string added [ 180.931242][ T4270] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 10 [ 181.223663][ T5394] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.239' sets config #0 [ 184.534870][ T5427] Zero length message leads to an empty skb [ 184.648777][ T5411] loop2: detected capacity change from 0 to 32768 [ 184.674487][ T5411] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10 [ 186.565197][ T4270] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10 [ 187.725435][ T5459] loop2: detected capacity change from 0 to 1024 [ 187.828533][ T5459] hfsplus: bad catalog entry type [ 187.946824][ T46] hfsplus: b-tree write err: -5, ino 4 [ 192.549978][ T5491] loop3: detected capacity change from 0 to 32768 [ 192.635536][ T5491] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 192.718623][ T5491] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 192.811715][ T5491] BTRFS info (device loop3): enabling auto defrag [ 192.818209][ T5491] BTRFS info (device loop3): doing ref verification [ 192.848584][ T5491] BTRFS info (device loop3): use no compression [ 192.871094][ T5491] BTRFS info (device loop3): force clearing of disk cache [ 192.901850][ T5491] BTRFS info (device loop3): setting nodatacow, compression disabled [ 192.930493][ T5491] BTRFS info (device loop3): disabling free space tree [ 193.099182][ T5486] loop1: detected capacity change from 0 to 40427 [ 193.146918][ T5491] BTRFS info (device loop3): enabling ssd optimizations [ 193.183734][ T5491] BTRFS info (device loop3): rebuilding free space tree [ 193.205237][ T5486] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3ffff [ 193.432758][ T5486] F2FS-fs (loop1): invalid crc value [ 193.451235][ T5491] BTRFS info (device loop3): disabling free space tree [ 193.459799][ T5527] Illegal XDP return value 4294967274 on prog (id 14) dev N/A, expect packet loss! [ 193.531927][ T5491] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 193.728961][ T5527] loop4: detected capacity change from 0 to 32768 [ 193.785048][ T5527] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 193.794117][ T5527] dlm: no local IP address has been set [ 193.799931][ T5527] dlm: cannot start dlm midcomms -107 [ 193.805363][ T5527] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 194.577180][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.586132][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.672366][ T5486] F2FS-fs (loop1): Found nat_bits in checkpoint [ 194.696582][ T5491] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 195.021770][ T5491] overlayfs: missing 'lowerdir' [ 195.047424][ T5486] F2FS-fs (loop1): Start checkpoint disabled! [ 195.071842][ T4667] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 195.662192][ T4667] usb 5-1: Using ep0 maxpacket: 8 [ 195.678513][ T4667] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 195.743095][ T4667] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.778212][ T4667] usb 5-1: Product: syz [ 195.831275][ T4667] usb 5-1: Manufacturer: syz [ 195.852201][ T4667] usb 5-1: SerialNumber: syz [ 195.886443][ T4667] usb 5-1: config 0 descriptor?? [ 196.312825][ T4265] Bluetooth: hci1: command 0x0406 tx timeout [ 196.312907][ T48] Bluetooth: hci0: command 0x0406 tx timeout [ 196.334626][ T4254] Bluetooth: hci3: command 0x0406 tx timeout [ 196.464777][ T4667] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 196.631770][ T48] Bluetooth: hci2: command 0x0406 tx timeout [ 196.822552][ T4263] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 198.085597][ T5555] fuse: Bad value for 'fd' [ 198.625810][ T4667] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71 [ 198.659622][ T4667] usb 5-1: USB disconnect, device number 4 [ 198.789144][ T5561] loop0: detected capacity change from 0 to 4096 [ 198.925947][ T5563] netlink: 'syz.3.283': attribute type 1 has an invalid length. [ 198.975227][ T5563] netlink: 'syz.3.283': attribute type 4 has an invalid length. [ 199.015367][ T5563] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.283'. [ 199.245235][ T4252] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 199.291679][ T4252] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 201.243457][ T5580] loop3: detected capacity change from 0 to 32768 [ 201.251770][ T5580] XFS: ikeep mount option is deprecated. [ 201.626039][ T5580] XFS (loop3): Mounting V5 Filesystem [ 201.765314][ T5573] loop2: detected capacity change from 0 to 32768 [ 201.791391][ T5573] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.293 (5573) [ 201.850923][ T5580] XFS (loop3): Ending clean mount [ 201.857382][ T5573] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 201.874008][ T5580] XFS (loop3): Quotacheck needed: Please wait. [ 201.891722][ T5573] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 201.933932][ T5573] BTRFS info (device loop2): enabling auto defrag [ 201.940432][ T5573] BTRFS info (device loop2): doing ref verification [ 201.974258][ T5580] XFS (loop3): Quotacheck: Done. [ 201.991790][ T5573] BTRFS info (device loop2): use no compression [ 201.998131][ T5573] BTRFS info (device loop2): force clearing of disk cache [ 202.026546][ T5569] loop1: detected capacity change from 0 to 32768 [ 202.070524][ T5573] BTRFS info (device loop2): setting nodatacow, compression disabled [ 202.130395][ T5573] BTRFS info (device loop2): disabling free space tree [ 202.375284][ T5569] XFS (loop1): Mounting V5 Filesystem [ 202.947911][ T5569] XFS (loop1): log mount failed [ 203.156753][ T5573] BTRFS error (device loop2): open_ctree failed: -12 [ 203.177271][ T4421] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by udevd (4421) [ 203.213829][ T4263] XFS (loop3): Unmounting Filesystem [ 207.332158][ T5666] loop3: detected capacity change from 0 to 32768 [ 207.366982][ T5666] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 207.410029][ T5666] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 207.442836][ T5666] BTRFS info (device loop3): enabling auto defrag [ 207.500159][ T5666] BTRFS info (device loop3): doing ref verification [ 207.522707][ T5666] BTRFS info (device loop3): use no compression [ 207.547479][ T5666] BTRFS info (device loop3): force clearing of disk cache [ 207.577835][ T5666] BTRFS info (device loop3): setting nodatacow, compression disabled [ 207.645773][ T5666] BTRFS info (device loop3): disabling free space tree [ 208.686287][ T5673] loop4: detected capacity change from 0 to 32768 [ 208.703233][ T5666] BTRFS info (device loop3): enabling ssd optimizations [ 208.726757][ T5666] BTRFS info (device loop3): rebuilding free space tree [ 208.869973][ T5673] XFS (loop4): Mounting V5 Filesystem [ 208.879854][ T5666] BTRFS info (device loop3): disabling free space tree [ 208.948134][ T5666] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 208.991694][ T5666] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 209.103085][ T5673] XFS (loop4): Ending clean mount [ 209.129078][ T5673] XFS (loop4): Quotacheck needed: Please wait. [ 209.166687][ T26] audit: type=1326 audit(1748419436.157:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5674 comm="syz.0.316" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac1ed8e969 code=0x0 [ 209.257877][ T5666] overlayfs: missing 'lowerdir' [ 209.314351][ T5673] XFS (loop4): Quotacheck: Done. [ 209.330029][ T26] audit: type=1800 audit(1748419436.317:16): pid=5673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.315" name="bus" dev="loop4" ino=9290 res=0 errno=0 [ 209.770996][ T4253] XFS (loop4): Unmounting Filesystem [ 210.831679][ T4263] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 215.807640][ T5770] loop3: detected capacity change from 0 to 128 [ 216.356690][ T5331] kworker/u4:20: attempt to access beyond end of device [ 216.356690][ T5331] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 223.015201][ T5736] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 223.201673][ T5736] usb 3-1: Using ep0 maxpacket: 32 [ 223.209063][ T5736] usb 3-1: config 0 has no interfaces? [ 223.226447][ T5736] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 223.263199][ T5736] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.286401][ T5736] usb 3-1: Product: syz [ 223.295239][ T5736] usb 3-1: Manufacturer: syz [ 223.303848][ T5736] usb 3-1: SerialNumber: syz [ 223.319944][ T5736] usb 3-1: config 0 descriptor?? [ 225.790674][ T5737] usb 3-1: USB disconnect, device number 4 [ 228.058336][ T14] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 228.635800][ T14] usb 2-1: Using ep0 maxpacket: 32 [ 228.645218][ T14] usb 2-1: config 0 has no interfaces? [ 228.721128][ T14] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 228.750284][ T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 228.787250][ T14] usb 2-1: Product: syz [ 228.804977][ T14] usb 2-1: Manufacturer: syz [ 228.819747][ T14] usb 2-1: SerialNumber: syz [ 228.842207][ T14] usb 2-1: config 0 descriptor?? [ 230.790246][ T14] usb 2-1: USB disconnect, device number 4 [ 231.884935][ T5980] loop3: detected capacity change from 0 to 128 [ 232.811721][ T4281] kworker/u4:6: attempt to access beyond end of device [ 232.811721][ T4281] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 234.091821][ T4667] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 234.281652][ T4667] usb 4-1: Using ep0 maxpacket: 32 [ 234.289023][ T4667] usb 4-1: config 0 has no interfaces? [ 234.313932][ T4667] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 234.345540][ T4667] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.373162][ T4667] usb 4-1: Product: syz [ 234.383220][ T4667] usb 4-1: Manufacturer: syz [ 234.403305][ T4667] usb 4-1: SerialNumber: syz [ 234.445883][ T4667] usb 4-1: config 0 descriptor?? [ 236.178308][ T6030] loop2: detected capacity change from 0 to 128 [ 236.329746][ T4667] usb 4-1: USB disconnect, device number 4 [ 237.175060][ T4562] kworker/u4:15: attempt to access beyond end of device [ 237.175060][ T4562] loop2: rw=1, sector=145, nr_sectors = 896 limit=128 [ 239.111688][ T14] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 239.331761][ T14] usb 2-1: Using ep0 maxpacket: 32 [ 239.341248][ T14] usb 2-1: config 0 has no interfaces? [ 239.372558][ T14] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 239.434794][ T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.475351][ T6078] loop0: detected capacity change from 0 to 128 [ 239.486777][ T14] usb 2-1: Product: syz [ 239.501232][ T14] usb 2-1: Manufacturer: syz [ 239.539727][ T14] usb 2-1: SerialNumber: syz [ 239.589212][ T14] usb 2-1: config 0 descriptor?? [ 240.448650][ T4281] kworker/u4:6: attempt to access beyond end of device [ 240.448650][ T4281] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 241.967080][ T4667] usb 2-1: USB disconnect, device number 5 [ 243.503740][ T6126] loop0: detected capacity change from 0 to 128 [ 244.031822][ T4667] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 244.273176][ T4667] usb 4-1: Using ep0 maxpacket: 32 [ 244.310863][ T4667] usb 4-1: config 0 has no interfaces? [ 244.380642][ T4667] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 244.490684][ T4667] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 244.549876][ T4743] kworker/u4:18: attempt to access beyond end of device [ 244.549876][ T4743] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 244.563815][ T4667] usb 4-1: Product: syz [ 244.569051][ T4667] usb 4-1: Manufacturer: syz [ 244.585716][ T4667] usb 4-1: SerialNumber: syz [ 244.606877][ T4667] usb 4-1: config 0 descriptor?? [ 246.599105][ T4301] usb 4-1: USB disconnect, device number 5 [ 246.693838][ T6179] loop1: detected capacity change from 0 to 128 [ 247.689993][ T4481] kworker/u4:12: attempt to access beyond end of device [ 247.689993][ T4481] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 247.765565][ T6173] loop2: detected capacity change from 0 to 32768 [ 247.987857][ T6173] XFS (loop2): Mounting V5 Filesystem [ 248.195859][ T6173] XFS (loop2): Ending clean mount [ 248.217051][ T6173] XFS (loop2): Quotacheck needed: Please wait. [ 248.329671][ T6173] XFS (loop2): Quotacheck: Done. [ 248.362362][ T26] audit: type=1800 audit(1748419475.357:17): pid=6173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.475" name="bus" dev="loop2" ino=9290 res=0 errno=0 [ 248.500712][ T4262] XFS (loop2): Unmounting Filesystem [ 251.721847][ T5556] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 251.921756][ T5556] usb 3-1: Using ep0 maxpacket: 32 [ 251.946489][ T5556] usb 3-1: config 0 has no interfaces? [ 252.012215][ T5556] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 252.022337][ T5556] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.030487][ T5556] usb 3-1: Product: syz [ 252.035481][ T5556] usb 3-1: Manufacturer: syz [ 252.057932][ T5556] usb 3-1: SerialNumber: syz [ 252.126645][ T5556] usb 3-1: config 0 descriptor?? [ 252.551882][ T4254] Bluetooth: hci4: command 0x0406 tx timeout [ 254.153625][ T6285] loop0: detected capacity change from 0 to 128 [ 254.369096][ T4667] usb 3-1: USB disconnect, device number 5 [ 255.137347][ T4448] kworker/u4:10: attempt to access beyond end of device [ 255.137347][ T4448] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 255.607578][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.617382][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.286891][ T6335] syz.3.523 uses obsolete (PF_INET,SOCK_PACKET) [ 258.304726][ T6333] loop0: detected capacity change from 0 to 128 [ 258.666160][ T4666] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 259.112007][ T4666] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 259.331552][ T4666] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 259.351621][ T4666] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 259.371654][ T4666] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 259.384387][ T4666] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.408690][ T4666] usb 3-1: config 0 descriptor?? [ 259.424700][ T9] kworker/u4:0: attempt to access beyond end of device [ 259.424700][ T9] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 260.142259][ T4666] usbhid 3-1:0.0: can't add hid device: -71 [ 260.148323][ T4666] usbhid: probe of 3-1:0.0 failed with error -71 [ 260.228532][ T4666] usb 3-1: USB disconnect, device number 6 [ 260.531180][ T6361] netlink: 24 bytes leftover after parsing attributes in process `syz.0.530'. [ 262.167742][ T6373] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 262.405530][ T6381] loop3: detected capacity change from 0 to 128 [ 263.395977][ T4432] kworker/u4:9: attempt to access beyond end of device [ 263.395977][ T4432] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 263.901248][ T6398] 9pnet_virtio: no channels available for device syz [ 263.921126][ T6402] netlink: 8 bytes leftover after parsing attributes in process `syz.0.544'. [ 263.999391][ T6402] IPVS: Error joining to the multicast group [ 266.380478][ T6424] loop3: detected capacity change from 0 to 128 [ 267.348046][ T4714] kworker/u4:17: attempt to access beyond end of device [ 267.348046][ T4714] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 267.402639][ T5737] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 267.601711][ T5737] usb 1-1: Using ep0 maxpacket: 8 [ 267.671888][ T5737] usb 1-1: config 0 has an invalid interface number: 55 but max is 0 [ 267.682348][ T5737] usb 1-1: config 0 has no interface number 0 [ 267.688774][ T5737] usb 1-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping [ 267.701658][ T5737] usb 1-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping [ 268.006488][ T5737] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 268.019935][ T5737] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 268.019965][ T5737] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.063016][ T5737] usb 1-1: config 0 descriptor?? [ 268.071808][ T14] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 268.092508][ T5737] ldusb 1-1:0.55: Interrupt in endpoint not found [ 268.264045][ T14] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 268.275754][ T5556] usb 1-1: USB disconnect, device number 4 [ 268.308593][ T14] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 268.322201][ T6440] netlink: 12 bytes leftover after parsing attributes in process `syz.1.555'. [ 268.412554][ T14] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 268.441633][ T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.503508][ T14] usb 4-1: config 0 descriptor?? [ 268.518381][ T14] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 270.939001][ T6469] loop1: detected capacity change from 0 to 128 [ 272.352045][ T4481] kworker/u4:12: attempt to access beyond end of device [ 272.352045][ T4481] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 272.511952][ T5737] usb 4-1: USB disconnect, device number 6 [ 273.681941][ T48] Bluetooth: hci2: Malformed Event: 0x2f [ 273.819545][ T6492] block nbd1: shutting down sockets [ 274.897327][ T6503] loop2: detected capacity change from 0 to 32768 [ 275.925965][ T6504] sched: RT throttling activated [ 275.940355][ T6503] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 275.948454][ T6503] dlm: no local IP address has been set [ 275.954650][ T6503] dlm: cannot start dlm midcomms -107 [ 275.960020][ T6503] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 276.756839][ T6514] netlink: 24 bytes leftover after parsing attributes in process `syz.3.574'. [ 277.131736][ T4299] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 277.641636][ T4299] usb 2-1: Using ep0 maxpacket: 32 [ 277.653633][ T4299] usb 2-1: config 0 has no interfaces? [ 277.701300][ T4299] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 277.779454][ T4299] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 277.814388][ T4299] usb 2-1: Product: syz [ 277.869437][ T4299] usb 2-1: Manufacturer: syz [ 277.920504][ T4299] usb 2-1: SerialNumber: syz [ 278.095496][ T4299] usb 2-1: config 0 descriptor?? [ 279.573570][ T6536] loop2: detected capacity change from 0 to 32768 [ 279.746639][ T6536] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.579 (6536) [ 279.808049][ T6536] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 279.828323][ T6536] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 280.126063][ T6552] loop3: detected capacity change from 0 to 32768 [ 280.139333][ T6552] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 280.147387][ T6552] dlm: no local IP address has been set [ 280.154934][ T6552] dlm: cannot start dlm midcomms -107 [ 280.160363][ T6552] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 280.179671][ T6536] BTRFS info (device loop2): enabling auto defrag [ 280.186387][ T6536] BTRFS info (device loop2): doing ref verification [ 280.193289][ T6536] BTRFS info (device loop2): use no compression [ 280.199716][ T6536] BTRFS info (device loop2): force clearing of disk cache [ 281.031526][ T4299] usb 2-1: USB disconnect, device number 6 [ 281.121866][ T6536] BTRFS info (device loop2): setting nodatacow, compression disabled [ 281.130203][ T6536] BTRFS info (device loop2): disabling free space tree [ 281.574971][ T6536] BTRFS info (device loop2): enabling ssd optimizations [ 281.587511][ T6536] BTRFS info (device loop2): rebuilding free space tree [ 281.617284][ T6536] BTRFS info (device loop2): disabling free space tree [ 281.642559][ T6536] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 281.692438][ T6536] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 282.806015][ T4262] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 285.042594][ T4270] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop2 scanned by udevd (4270) [ 286.802647][ T4301] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 287.012597][ T4301] usb 1-1: Using ep0 maxpacket: 32 [ 287.097619][ T6638] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 287.911736][ T4301] usb 1-1: config 0 has no interfaces? [ 288.436909][ T4301] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 288.481519][ T4301] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.531655][ T4301] usb 1-1: Product: syz [ 288.570947][ T4301] usb 1-1: Manufacturer: syz [ 288.594685][ T4301] usb 1-1: SerialNumber: syz [ 288.634387][ T4301] usb 1-1: config 0 descriptor?? [ 288.658931][ T6622] loop4: detected capacity change from 0 to 32768 [ 288.765927][ T6622] XFS (loop4): Mounting V5 Filesystem [ 288.885827][ T6622] XFS (loop4): Ending clean mount [ 288.918430][ T6622] XFS (loop4): Quotacheck needed: Please wait. [ 289.043824][ T6622] XFS (loop4): Quotacheck: Done. [ 289.091645][ T26] audit: type=1800 audit(1748419516.077:18): pid=6622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.598" name="bus" dev="loop4" ino=9290 res=0 errno=0 [ 289.221798][ T4253] XFS (loop4): Unmounting Filesystem [ 289.865436][ T6643] loop3: detected capacity change from 0 to 32768 [ 289.946049][ T6643] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11 [ 290.048011][ T5736] usb 1-1: USB disconnect, device number 5 [ 290.387704][ T6659] loop2: detected capacity change from 0 to 1024 [ 291.715222][ T6659] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 291.741710][ T4270] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11 [ 292.304058][ T4667] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 292.584583][ T4667] usb 1-1: Using ep0 maxpacket: 32 [ 292.907200][ T4667] usb 1-1: config 0 has no interfaces? [ 292.920049][ T4667] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 292.931568][ T4667] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 292.954256][ T4667] usb 1-1: Product: syz [ 292.969053][ T4667] usb 1-1: Manufacturer: syz [ 293.017018][ T4667] usb 1-1: SerialNumber: syz [ 293.019714][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 293.058651][ T4667] usb 1-1: config 0 descriptor?? [ 293.312000][ T4524] usb 1-1: USB disconnect, device number 6 [ 294.698971][ T6689] loop2: detected capacity change from 0 to 512 [ 294.849029][ T6689] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 294.883405][ T6689] ext4 filesystem being mounted at /117/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 295.068251][ T26] audit: type=1800 audit(1748419522.057:19): pid=6689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.625" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 296.048395][ T4667] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 296.198476][ T26] audit: type=1800 audit(1748419523.187:20): pid=6707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.625" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 296.561733][ T4667] usb 4-1: Using ep0 maxpacket: 32 [ 296.576463][ T4667] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 296.601557][ T4667] usb 4-1: config 0 has no interface number 0 [ 296.881595][ T4667] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 296.894858][ T4667] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 296.934722][ T4667] usb 4-1: Product: syz [ 296.938955][ T4667] usb 4-1: Manufacturer: syz [ 296.948750][ T6711] loop4: detected capacity change from 0 to 128 [ 296.968326][ T4667] usb 4-1: SerialNumber: syz [ 297.003307][ T4667] usb 4-1: config 0 descriptor?? [ 297.030597][ T4667] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 297.058518][ T4667] usb 4-1: selecting invalid altsetting 1 [ 297.194523][ T4667] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 297.210033][ T4667] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 297.245092][ T4667] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 297.271883][ T4667] usb 4-1: media controller created [ 297.956554][ T4667] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 298.015749][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 298.339497][ T6704] loop1: detected capacity change from 0 to 32768 [ 298.394336][ T6704] XFS (loop1): Mounting V5 Filesystem [ 298.507508][ T6704] XFS (loop1): Ending clean mount [ 298.526443][ T6704] XFS (loop1): Quotacheck needed: Please wait. [ 298.621573][ T4524] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 298.629756][ T6704] XFS (loop1): Quotacheck: Done. [ 298.638440][ T6719] loop4: detected capacity change from 0 to 32768 [ 298.653207][ T26] audit: type=1800 audit(1748419525.647:21): pid=6704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.616" name="bus" dev="loop1" ino=9290 res=0 errno=0 [ 298.698596][ T6719] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11 [ 298.727277][ T4251] XFS (loop1): Unmounting Filesystem [ 298.869122][ T4421] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11 [ 298.873931][ T4524] usb 1-1: Using ep0 maxpacket: 32 [ 298.904060][ T4524] usb 1-1: config 0 has no interfaces? [ 298.918035][ T4524] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 298.941643][ T4524] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.952006][ T6702] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 298.970115][ T4524] usb 1-1: Product: syz [ 298.981703][ T4524] usb 1-1: Manufacturer: syz [ 298.991833][ T4667] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-32 [ 298.995403][ T4524] usb 1-1: SerialNumber: syz [ 298.998857][ T4667] zl10353_read_register: readreg error (reg=127, ret==-32) [ 299.032864][ T4524] usb 1-1: config 0 descriptor?? [ 299.091999][ T4667] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 299.172479][ T6734] fuse: Bad value for 'fd' [ 299.178277][ T4667] usb 4-1: USB disconnect, device number 7 [ 300.259261][ T6738] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 300.273066][ T6738] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 300.731796][ T6719] loop4: detected capacity change from 0 to 32768 [ 300.893537][ T6719] XFS (loop4): Mounting V5 Filesystem [ 301.394689][ T6719] XFS (loop4): Ending clean mount [ 301.429244][ T6719] XFS (loop4): Quotacheck needed: Please wait. [ 301.500996][ T4529] usb 1-1: USB disconnect, device number 7 [ 301.533532][ T6719] XFS (loop4): Quotacheck: Done. [ 301.775504][ T6756] loop1: detected capacity change from 0 to 4096 [ 302.358845][ T6758] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 302.416904][ T26] audit: type=1800 audit(1748419529.407:22): pid=6756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.626" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 305.388044][ T4253] XFS (loop4): Unmounting Filesystem [ 310.127510][ T6794] loop0: detected capacity change from 0 to 128 [ 310.915533][ T6799] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 310.922151][ T6799] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 310.930926][ T6799] vhci_hcd vhci_hcd.0: Device attached [ 311.228817][ T6800] vhci_hcd: connection closed [ 311.233625][ T4324] vhci_hcd: stop threads [ 311.294237][ T4324] vhci_hcd: release socket [ 311.341863][ T4301] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 311.399827][ T4324] vhci_hcd: disconnect device [ 312.065718][ T6817] netlink: 8 bytes leftover after parsing attributes in process `syz.3.643'. [ 312.565582][ T4667] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 312.781596][ T4667] usb 3-1: Using ep0 maxpacket: 32 [ 312.788933][ T4667] usb 3-1: config 0 has no interfaces? [ 312.832959][ T4667] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 312.869857][ T4667] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.925180][ T4667] usb 3-1: Product: syz [ 312.934995][ T4667] usb 3-1: Manufacturer: syz [ 312.955424][ T4667] usb 3-1: SerialNumber: syz [ 312.992788][ T4667] usb 3-1: config 0 descriptor?? [ 313.177023][ T6823] loop4: detected capacity change from 0 to 32768 [ 313.201696][ T6823] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11 [ 314.720713][ T6841] loop3: detected capacity change from 0 to 128 [ 315.497618][ T4667] usb 3-1: USB disconnect, device number 7 [ 315.852556][ T4270] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11 [ 316.372073][ T6850] random: crng reseeded on system resumption [ 316.541882][ T4301] vhci_hcd: vhci_device speed not set [ 317.038370][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.045181][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.791591][ T6883] tipc: Enabling of bearer rejected, failed to enable media [ 318.977213][ T6859] loop4: detected capacity change from 0 to 32768 [ 319.130290][ T6859] XFS (loop4): Mounting V5 Filesystem [ 319.305265][ T6859] XFS (loop4): Ending clean mount [ 319.354931][ T6859] XFS (loop4): Quotacheck needed: Please wait. [ 319.548426][ T6859] XFS (loop4): Quotacheck: Done. [ 319.579921][ T6901] loop0: detected capacity change from 0 to 128 [ 319.642304][ T4253] XFS (loop4): Unmounting Filesystem [ 319.821546][ T5736] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 320.041789][ T5736] usb 3-1: Using ep0 maxpacket: 32 [ 320.075571][ T5736] usb 3-1: config 0 has no interfaces? [ 320.133367][ T5736] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 320.240412][ T5736] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.334870][ T5736] usb 3-1: Product: syz [ 320.370958][ T5736] usb 3-1: Manufacturer: syz [ 320.437391][ T5736] usb 3-1: SerialNumber: syz [ 320.456853][ T5736] usb 3-1: config 0 descriptor?? [ 320.667282][ T6902] loop3: detected capacity change from 0 to 32768 [ 320.688820][ T6902] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11 [ 321.651274][ T4270] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 11 [ 322.424058][ T6902] loop3: detected capacity change from 0 to 32768 [ 322.537891][ T5736] usb 3-1: USB disconnect, device number 8 [ 323.159099][ T4254] block nbd1: Receive control failed (result -32) [ 323.176157][ T6921] block nbd1: shutting down sockets [ 323.743643][ T6940] netlink: 132 bytes leftover after parsing attributes in process `syz.3.675'. [ 324.469588][ T951] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 324.580699][ T951] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 324.827901][ T6965] fido_id[6965]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 326.875196][ T6973] mmap: syz.4.676 (6973) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 328.672731][ T6942] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 330.721642][ T4254] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 331.201185][ T6987] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 331.201259][ T6987] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 331.221996][ T6987] vhci_hcd vhci_hcd.0: Device attached [ 331.381619][ T4667] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 331.491559][ T4664] usb 33-1: new high-speed USB device number 2 using vhci_hcd [ 331.611519][ T4667] usb 3-1: Using ep0 maxpacket: 32 [ 331.618445][ T4667] usb 3-1: config 0 has no interfaces? [ 331.656798][ T4667] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 333.223856][ T4254] block nbd4: Receive control failed (result -32) [ 333.242072][ T7008] block nbd4: shutting down sockets [ 333.253552][ T4667] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.337764][ T4667] usb 3-1: Product: syz [ 333.403471][ T4667] usb 3-1: Manufacturer: syz [ 333.489688][ T4667] usb 3-1: SerialNumber: syz [ 333.679721][ T4667] usb 3-1: config 0 descriptor?? [ 334.027842][ T6987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.684'. [ 334.346429][ T6998] vhci_hcd: connection reset by peer [ 334.354734][ T6617] vhci_hcd: stop threads [ 334.359120][ T6617] vhci_hcd: release socket [ 334.416383][ T4665] usb 3-1: USB disconnect, device number 9 [ 334.453024][ T6617] vhci_hcd: disconnect device [ 336.631796][ T4664] vhci_hcd: vhci_device speed not set [ 338.310861][ T7048] misc userio: Invalid payload size [ 339.409591][ T7048] misc userio: No port type given on /dev/userio [ 340.631714][ T1043] block nbd1: Attempted send on invalid socket [ 340.639803][ T1043] blk_print_req_error: 11 callbacks suppressed [ 340.640748][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 340.658354][ T7072] hpfs: hpfs_map_sector(): read error [ 341.150055][ T4254] block nbd2: Receive control failed (result -32) [ 341.162049][ T7075] block nbd2: shutting down sockets [ 343.734488][ T7093] input: syz1 as /devices/virtual/input/input8 [ 343.862326][ T4524] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 343.968263][ T7116] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 343.987014][ T4524] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 345.539206][ T7127] fido_id[7127]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 347.028438][ T7134] loop2: detected capacity change from 0 to 32768 [ 347.424950][ T7134] XFS (loop2): Mounting V5 Filesystem [ 347.640672][ T7134] XFS (loop2): Ending clean mount [ 347.667723][ T7134] XFS (loop2): Quotacheck needed: Please wait. [ 347.867460][ T7134] XFS (loop2): Quotacheck: Done. [ 347.882533][ T26] audit: type=1800 audit(1748419574.877:23): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.712" name="bus" dev="loop2" ino=9290 res=0 errno=0 [ 348.183309][ T4262] XFS (loop2): Unmounting Filesystem [ 350.954025][ T1043] block nbd2: Attempted send on invalid socket [ 350.964524][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 351.003708][ T7205] hpfs: hpfs_map_sector(): read error [ 353.981877][ T7231] 9pnet_virtio: no channels available for device syz [ 356.712716][ T7260] nbd2: detected capacity change from 0 to 4294967296 [ 356.765526][ T7262] block nbd2: shutting down sockets [ 356.841900][ C0] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.851046][ C0] buffer_io_error: 10 callbacks suppressed [ 356.851057][ C0] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.867457][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.876583][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.886272][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.895365][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.903301][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.912358][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.920237][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.929384][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.937861][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.946922][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.954819][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.963884][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.971900][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 356.981020][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 356.988871][ T6986] ldm_validate_partition_table(): Disk read failed. [ 357.004438][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 357.013530][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 357.021646][ T1043] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 357.030699][ T1043] Buffer I/O error on dev nbd2, logical block 0, async page read [ 357.043414][ T6986] Dev nbd2: unable to read RDB block 0 [ 357.062030][ T6986] nbd2: unable to read partition table [ 357.067754][ T6986] nbd2: partition table beyond EOD, truncated [ 360.214018][ T7285] input: syz1 as /devices/virtual/input/input9 [ 364.048151][ T7318] netlink: 8 bytes leftover after parsing attributes in process `syz.4.756'. [ 365.741788][ T7344] tipc: Started in network mode [ 365.771629][ T7344] tipc: Node identity 4, cluster identity 4711 [ 365.791767][ T7344] tipc: Node number set to 4 [ 368.705555][ T7386] nbd3: detected capacity change from 0 to 4294967296 [ 368.758156][ T7389] block nbd3: shutting down sockets [ 368.772831][ C1] blk_print_req_error: 2 callbacks suppressed [ 368.772844][ C1] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 368.788015][ C1] buffer_io_error: 2 callbacks suppressed [ 368.788025][ C1] Buffer I/O error on dev nbd3, logical block 0, async page read [ 368.801755][ T52] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 368.810810][ T52] Buffer I/O error on dev nbd3, logical block 0, async page read [ 368.818782][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 368.830161][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 368.838139][ T6986] ldm_validate_partition_table(): Disk read failed. [ 368.880701][ T6986] Dev nbd3: unable to read RDB block 0 [ 368.924363][ T6986] nbd3: unable to read partition table [ 368.984040][ T6986] nbd3: partition table beyond EOD, truncated [ 369.022723][ T7357] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 369.233129][ T7397] netlink: 12 bytes leftover after parsing attributes in process `syz.3.779'. [ 369.570385][ T7404] netlink: 4 bytes leftover after parsing attributes in process `syz.4.780'. [ 369.639671][ T7404] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 369.651659][ T7404] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 369.722053][ T7404] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 369.757287][ T7404] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 371.121629][ T4254] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 375.718819][ T7427] loop2: detected capacity change from 0 to 32768 [ 375.776466][ T7427] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 375.848371][ T7427] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 375.880983][ T7427] BTRFS info (device loop2): enabling auto defrag [ 375.938640][ T7427] BTRFS info (device loop2): doing ref verification [ 375.991621][ T7427] BTRFS info (device loop2): use no compression [ 376.020076][ T7427] BTRFS info (device loop2): force clearing of disk cache [ 376.050515][ T7427] BTRFS info (device loop2): setting nodatacow, compression disabled [ 376.098350][ T7427] BTRFS info (device loop2): disabling free space tree [ 376.519944][ T7456] tmpfs: Unknown parameter 'grpquota' [ 378.319312][ T7427] BTRFS error (device loop2): open_ctree failed: -12 [ 378.321075][ T6986] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by udevd (6986) [ 378.484443][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.490807][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.984302][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 378.993106][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 379.000564][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 379.018689][ T7483] IPv6: ADDRCONF(NETDEV_CHANGE): ipip0: link becomes ready [ 382.040181][ T7517] Bluetooth: hci5: Frame reassembly failed (-84) [ 382.852718][ T7520] netlink: 4 bytes leftover after parsing attributes in process `syz.1.811'. [ 384.151561][ T4254] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 384.260313][ T7523] loop1: detected capacity change from 0 to 32768 [ 384.302133][ T7523] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 384.351258][ T7523] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 384.494404][ T7523] BTRFS info (device loop1): enabling auto defrag [ 384.501301][ T7523] BTRFS info (device loop1): doing ref verification [ 384.541565][ T7523] BTRFS info (device loop1): use no compression [ 384.800587][ T7523] BTRFS info (device loop1): force clearing of disk cache [ 384.843760][ T7523] BTRFS info (device loop1): setting nodatacow, compression disabled [ 384.949011][ T7523] BTRFS info (device loop1): disabling free space tree [ 385.642659][ T7523] BTRFS info (device loop1): enabling ssd optimizations [ 385.712253][ T7523] BTRFS info (device loop1): rebuilding free space tree [ 385.750502][ T7523] BTRFS info (device loop1): disabling free space tree [ 385.815963][ T7523] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 385.991094][ T7523] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 386.265958][ T4251] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 387.417879][ T7592] loop4: detected capacity change from 0 to 512 [ 387.453528][ T7592] EXT4-fs: Ignoring removed nobh option [ 387.606187][ T7592] EXT4-fs error (device loop4): __ext4_iget:5076: inode #11: block 6: comm syz.4.828: invalid block [ 387.642251][ T7592] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.828: couldn't read orphan inode 11 (err -117) [ 388.272176][ T7602] fuseblk: Bad value for 'fd' [ 388.614289][ T7592] EXT4-fs (loop4): 1 truncate cleaned up [ 388.620446][ T7592] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 390.231555][ T26] audit: type=1800 audit(1748419617.217:24): pid=7604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.828" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 390.379305][ T4253] EXT4-fs (loop4): unmounting filesystem. [ 390.714157][ T7616] loop3: detected capacity change from 0 to 32768 [ 390.758030][ T7616] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.833 (7616) [ 391.011882][ T7616] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 391.912968][ T7616] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 391.921982][ T7616] BTRFS info (device loop3): enabling auto defrag [ 391.928427][ T7616] BTRFS info (device loop3): doing ref verification [ 391.938377][ T7616] BTRFS info (device loop3): use no compression [ 392.981806][ T7616] BTRFS info (device loop3): force clearing of disk cache [ 393.023593][ T7616] BTRFS info (device loop3): setting nodatacow, compression disabled [ 393.032642][ T7616] BTRFS info (device loop3): disabling free space tree [ 393.062215][ T7641] netlink: 68 bytes leftover after parsing attributes in process `syz.1.841'. [ 393.164569][ T7641] netlink: 24 bytes leftover after parsing attributes in process `syz.1.841'. [ 393.218903][ T7641] netlink: 24 bytes leftover after parsing attributes in process `syz.1.841'. [ 393.230032][ T7641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.841'. [ 393.246372][ T7665] block nbd0: shutting down sockets [ 393.618339][ T7616] BTRFS error (device loop3): open_ctree failed: -12 [ 394.412325][ T26] audit: type=1326 audit(1748419621.407:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 395.586219][ T7686] loop0: detected capacity change from 0 to 512 [ 395.606980][ T26] audit: type=1326 audit(1748419622.227:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 395.616635][ T7686] EXT4-fs: Ignoring removed nobh option [ 395.746106][ T26] audit: type=1326 audit(1748419622.227:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 395.828280][ T7692] overlayfs: failed to resolve './file1': -2 [ 395.835223][ T7686] EXT4-fs error (device loop0): __ext4_iget:5076: inode #11: block 6: comm syz.0.848: invalid block [ 395.892774][ T7686] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.848: couldn't read orphan inode 11 (err -117) [ 395.952033][ T7686] EXT4-fs (loop0): 1 truncate cleaned up [ 395.979901][ T26] audit: type=1326 audit(1748419622.227:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 396.008536][ T7686] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 396.147029][ T26] audit: type=1326 audit(1748419622.277:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 396.827579][ T26] audit: type=1326 audit(1748419622.277:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 396.938319][ T26] audit: type=1326 audit(1748419622.277:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 397.094342][ T26] audit: type=1326 audit(1748419622.277:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 397.157309][ T26] audit: type=1326 audit(1748419622.277:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 397.206028][ T26] audit: type=1326 audit(1748419622.277:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 397.233488][ T26] audit: type=1326 audit(1748419622.277:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7678 comm="syz.3.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5d8f38e969 code=0x7ffc0000 [ 397.487280][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 400.268109][ T7748] netlink: 24 bytes leftover after parsing attributes in process `syz.3.861'. [ 400.386106][ T7748] netlink: 'syz.3.861': attribute type 10 has an invalid length. [ 400.471489][ T7748] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 400.502084][ T7748] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 400.516104][ T7749] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 400.544766][ T7749] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 400.624328][ T7749] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 400.651278][ T7749] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 400.709608][ T7725] loop4: detected capacity change from 0 to 32768 [ 400.772003][ T7749] bond0: (slave batadv0): Releasing backup interface [ 400.800511][ T7725] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.855 (7725) [ 400.964683][ T7725] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 401.434806][ T7725] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 401.446267][ T7725] BTRFS info (device loop4): enabling auto defrag [ 401.452914][ T7725] BTRFS info (device loop4): doing ref verification [ 401.459915][ T7725] BTRFS info (device loop4): use no compression [ 401.466364][ T7725] BTRFS info (device loop4): force clearing of disk cache [ 401.477841][ T7725] BTRFS info (device loop4): setting nodatacow, compression disabled [ 401.486408][ T7725] BTRFS info (device loop4): disabling free space tree [ 401.648369][ T7725] BTRFS error (device loop4): open_ctree failed: -12 [ 402.191116][ T6986] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by udevd (6986) [ 402.373172][ T7798] netlink: 32 bytes leftover after parsing attributes in process `syz.0.870'. [ 403.942242][ T7823] tmpfs: Unknown parameter 'grpquota' [ 408.119286][ T7853] loop2: detected capacity change from 0 to 512 [ 408.160556][ T7853] EXT4-fs: Ignoring removed nobh option [ 408.244314][ T7853] EXT4-fs error (device loop2): __ext4_iget:5076: inode #11: block 6: comm syz.2.884: invalid block [ 408.303469][ T7853] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.884: couldn't read orphan inode 11 (err -117) [ 408.321883][ T7853] EXT4-fs (loop2): 1 truncate cleaned up [ 408.327645][ T7853] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 409.202067][ T7856] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 409.382277][ T7872] tmpfs: Unknown parameter 'grpquota' [ 410.710141][ T26] kauditd_printk_skb: 54 callbacks suppressed [ 410.710159][ T26] audit: type=1800 audit(1748419637.697:90): pid=7859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.884" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 411.082548][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 412.234918][ T7882] tty tty29: ldisc open failed (-12), clearing slot 28 [ 416.009524][ T7922] loop1: detected capacity change from 0 to 32768 [ 416.063133][ T7922] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 416.118154][ T7922] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 416.166949][ T7922] BTRFS info (device loop1): enabling auto defrag [ 416.204045][ T7922] BTRFS info (device loop1): doing ref verification [ 416.320108][ T7922] BTRFS info (device loop1): use no compression [ 416.346970][ T7922] BTRFS info (device loop1): force clearing of disk cache [ 416.382856][ T7922] BTRFS info (device loop1): setting nodatacow, compression disabled [ 416.411347][ T7922] BTRFS info (device loop1): disabling free space tree [ 416.609692][ T7922] BTRFS info (device loop1): enabling ssd optimizations [ 416.651563][ T4663] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 416.763670][ T7922] BTRFS info (device loop1): rebuilding free space tree [ 417.065985][ T7922] BTRFS info (device loop1): disabling free space tree [ 417.227848][ T7922] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 417.257936][ T7922] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 417.282896][ T4663] usb 3-1: Using ep0 maxpacket: 16 [ 417.296396][ T4663] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 417.343830][ T4663] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 417.385539][ T4663] usb 3-1: Product: syz [ 417.389761][ T4663] usb 3-1: Manufacturer: syz [ 417.427305][ T4663] usb 3-1: SerialNumber: syz [ 417.468875][ T4663] usb 3-1: config 0 descriptor?? [ 417.610019][ T26] audit: type=1800 audit(1748419644.597:91): pid=7982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.904" name="bus" dev="overlay" ino=269 res=0 errno=0 [ 419.363750][ T4663] usb 3-1: USB disconnect, device number 10 [ 419.697341][ T8004] netlink: 24 bytes leftover after parsing attributes in process `syz.4.926'. [ 419.825014][ T7128] udevd[7128]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 419.845206][ T4251] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 423.778425][ T8035] binder: 8028:8035 ioctl 40046205 0 returned -22 [ 429.104746][ T8094] Bluetooth: hci5: Frame reassembly failed (-84) [ 431.271749][ T48] Bluetooth: hci5: command 0xfc11 tx timeout [ 431.280981][ T4254] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 431.981549][ T8114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.953'. [ 433.031732][ T4527] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 433.308195][ T4527] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 433.487506][ T4527] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 433.555024][ T4527] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 433.634679][ T4527] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 433.687138][ T4527] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 433.754170][ T4527] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 434.223711][ T4527] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 434.236179][ T4527] usb 5-1: Product: syz [ 434.240493][ T4527] usb 5-1: Manufacturer: syz [ 434.264021][ T4527] cdc_wdm 5-1:1.0: skipping garbage [ 434.271933][ T4527] cdc_wdm 5-1:1.0: skipping garbage [ 434.285198][ T4527] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 434.291469][ T4527] cdc_wdm 5-1:1.0: Unknown control protocol [ 435.502271][ T8166] Bluetooth: hci5: Frame reassembly failed (-84) [ 436.096170][ T5556] usb 5-1: USB disconnect, device number 5 [ 436.102941][ T8152] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 436.751679][ T5556] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 436.765840][ T8176] loop2: detected capacity change from 0 to 512 [ 436.787891][ T8176] EXT4-fs: Ignoring removed nobh option [ 436.887318][ T8176] EXT4-fs error (device loop2): __ext4_iget:5076: inode #11: block 6: comm syz.2.971: invalid block [ 436.921966][ T5556] usb 2-1: device descriptor read/64, error -71 [ 436.961206][ T8176] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.971: couldn't read orphan inode 11 (err -117) [ 437.042220][ T8176] EXT4-fs (loop2): 1 truncate cleaned up [ 437.060998][ T8176] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 437.191901][ T5556] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 437.351603][ T5556] usb 2-1: device descriptor read/64, error -71 [ 437.472434][ T5556] usb usb2-port1: attempt power cycle [ 437.881508][ T5556] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 437.922356][ T5556] usb 2-1: device descriptor read/8, error -71 [ 437.960757][ T26] audit: type=1800 audit(1748419664.947:92): pid=8181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.971" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 438.116708][ T8190] raw_sendmsg: syz.3.973 forgot to set AF_INET. Fix it! [ 438.144544][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 438.161902][ T48] Bluetooth: hci5: command 0xfc11 tx timeout [ 438.171214][ T4254] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 438.209318][ T5556] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 438.282199][ T5556] usb 2-1: device descriptor read/8, error -71 [ 438.421795][ T5556] usb usb2-port1: unable to enumerate USB device [ 438.765190][ T8198] tmpfs: Unknown parameter 'grpquota' [ 439.507256][ T8194] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 439.553827][ T8194] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 439.583451][ T8194] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 439.611210][ T8194] Bluetooth: hci1: Suspend notifier action (1) failed: -4 [ 439.660072][ T8194] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 439.717939][ T8194] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 439.733549][ T8194] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 439.858701][ T8194] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 439.881182][ T8194] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 439.889806][ T8194] Bluetooth: hci3: Suspend notifier action (1) failed: -4 [ 439.897200][ T8194] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 439.904865][ T8194] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 439.914313][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.920685][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.935860][ T8194] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 441.601554][ T4254] Bluetooth: hci1: command 0x0c1a tx timeout [ 441.703847][ T8230] Bluetooth: hci5: Frame reassembly failed (-84) [ 442.330464][ T48] Bluetooth: hci4: command 0x0c1a tx timeout [ 442.336585][ T4267] Bluetooth: hci3: command 0x0c1a tx timeout [ 442.342845][ T4267] Bluetooth: hci2: command 0x0c1a tx timeout [ 442.589020][ T8235] block nbd0: shutting down sockets [ 443.271640][ T8241] tmpfs: Unknown parameter 'grpquota' [ 444.337411][ T4267] Bluetooth: hci1: command 0x0406 tx timeout [ 444.391630][ T4267] Bluetooth: hci3: command 0x0406 tx timeout [ 444.391674][ T4265] Bluetooth: hci4: command 0x0406 tx timeout [ 444.397808][ T4254] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 444.405453][ T4265] Bluetooth: hci5: command 0xfc11 tx timeout [ 444.412968][ T4267] Bluetooth: hci2: command 0x0406 tx timeout [ 444.663435][ T8246] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 444.810933][ T8246] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 444.884047][ T8254] nbd3: detected capacity change from 0 to 4294967296 [ 444.944678][ T8255] block nbd3: shutting down sockets [ 444.978694][ C0] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 444.987821][ C0] Buffer I/O error on dev nbd3, logical block 0, async page read [ 444.997111][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.006228][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.014226][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.023330][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.031295][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.040368][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.049127][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.058257][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.066258][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.075348][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.083366][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.092449][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.100405][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.109490][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.117380][ T6986] ldm_validate_partition_table(): Disk read failed. [ 445.124865][ T1043] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 445.134092][ T1043] Buffer I/O error on dev nbd3, logical block 0, async page read [ 445.141941][ T6986] Dev nbd3: unable to read RDB block 0 [ 445.147653][ T6986] nbd3: unable to read partition table [ 445.154781][ T6986] nbd3: partition table beyond EOD, truncated [ 446.452566][ T8279] Bluetooth: hci5: Frame reassembly failed (-84) [ 447.506903][ T8289] block nbd0: shutting down sockets [ 449.851867][ T8319] Bluetooth: hci5: Frame reassembly failed (-84) [ 450.112151][ T4346] Bluetooth: hci5: Frame reassembly failed (-84) [ 452.261545][ T8335] program syz.1.1017 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 452.572730][ T8245] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 453.364911][ T8347] block nbd3: shutting down sockets [ 454.434086][ T8369] Bluetooth: hci5: Frame reassembly failed (-84) [ 454.576723][ T4281] Bluetooth: hci5: Frame reassembly failed (-84) [ 456.471639][ T4254] Bluetooth: hci5: command 0xfc11 tx timeout [ 456.471689][ T8245] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 456.578195][ T8407] block nbd1: shutting down sockets [ 458.491589][ T8423] tmpfs: Unknown parameter 'grpquota' [ 459.863726][ T8431] fuseblk: Bad value for 'fd' [ 460.196048][ T8433] binder: 8429:8433 ioctl 4018620d 0 returned -22 [ 460.250941][ T8432] binder: 8429:8432 ioctl c0306201 0 returned -14 [ 461.232750][ T8456] Bluetooth: hci5: Frame reassembly failed (-84) [ 462.599032][ T26] audit: type=1326 audit(1748419689.587:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 462.708104][ T26] audit: type=1326 audit(1748419689.617:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 462.710425][ T8475] block nbd4: shutting down sockets [ 462.854392][ T26] audit: type=1326 audit(1748419689.617:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 462.946411][ T26] audit: type=1326 audit(1748419689.617:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 463.160669][ T26] audit: type=1326 audit(1748419689.617:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 463.349942][ T26] audit: type=1326 audit(1748419689.627:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 463.528279][ T26] audit: type=1326 audit(1748419689.627:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 463.720629][ T26] audit: type=1326 audit(1748419689.627:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 463.828008][ T26] audit: type=1326 audit(1748419689.627:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 464.031842][ T26] audit: type=1326 audit(1748419689.627:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd47138e969 code=0x7ffc0000 [ 465.141742][ T8515] Bluetooth: hci5: Frame reassembly failed (-84) [ 465.758041][ T46] Bluetooth: hci5: Frame reassembly failed (-84) [ 466.584034][ T8535] block nbd3: shutting down sockets [ 467.340467][ T8546] binder_alloc: 8545: binder_alloc_buf, no vma [ 467.487339][ T8548] tmpfs: Unknown parameter 'usrquota' [ 467.751669][ T8245] Bluetooth: hci5: command 0xfc11 tx timeout [ 467.760125][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 468.342266][ T8566] tmpfs: Unknown parameter 'grpquota' [ 470.404968][ T8576] loop1: detected capacity change from 0 to 512 [ 470.417654][ T8576] EXT4-fs: Ignoring removed nobh option [ 470.446987][ T8576] EXT4-fs error (device loop1): __ext4_iget:5076: inode #11: block 6: comm syz.1.1085: invalid block [ 470.505073][ T8576] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1085: couldn't read orphan inode 11 (err -117) [ 470.533459][ T8576] EXT4-fs (loop1): 1 truncate cleaned up [ 470.555137][ T8576] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 471.459726][ T26] kauditd_printk_skb: 43 callbacks suppressed [ 471.459744][ T26] audit: type=1800 audit(1748419698.227:146): pid=8585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1085" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 471.541306][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 471.760057][ T8603] binder_alloc: 8602: binder_alloc_buf, no vma [ 471.807680][ T8605] block nbd4: shutting down sockets [ 472.611618][ T8608] tmpfs: Unknown parameter 'grpquota' [ 475.196042][ T8630] Bluetooth: hci5: Frame reassembly failed (-84) [ 476.306903][ T8643] binder_alloc: 8642: binder_alloc_buf, no vma [ 477.201648][ T8654] tmpfs: Unknown parameter 'grpquota' [ 477.271637][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 478.422753][ T8664] block nbd0: shutting down sockets [ 478.555552][ T8674] loop2: detected capacity change from 0 to 512 [ 478.586237][ T8674] EXT4-fs: Ignoring removed nobh option [ 478.706576][ T8674] EXT4-fs error (device loop2): __ext4_iget:5076: inode #11: block 6: comm syz.2.1113: invalid block [ 478.759656][ T8674] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1113: couldn't read orphan inode 11 (err -117) [ 478.849802][ T8674] EXT4-fs (loop2): 1 truncate cleaned up [ 478.900638][ T8674] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 479.303646][ T26] audit: type=1800 audit(1748419706.277:147): pid=8674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1113" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 479.945302][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 480.075823][ T8701] Bluetooth: hci5: Frame reassembly failed (-84) [ 480.789018][ T8702] netem: incorrect ge model size [ 480.833520][ T8702] netem: change failed [ 481.974137][ T8716] block nbd4: shutting down sockets [ 482.713093][ T4254] Bluetooth: hci5: command 0xfc11 tx timeout [ 482.714268][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 483.062229][ T8727] loop0: detected capacity change from 0 to 512 [ 483.110958][ T8727] EXT4-fs: Ignoring removed nobh option [ 483.199868][ T8727] EXT4-fs error (device loop0): __ext4_iget:5076: inode #11: block 6: comm syz.0.1129: invalid block [ 483.261099][ T8727] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1129: couldn't read orphan inode 11 (err -117) [ 483.345397][ T8727] EXT4-fs (loop0): 1 truncate cleaned up [ 483.351190][ T8727] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 483.855544][ T26] audit: type=1800 audit(1748419710.847:148): pid=8727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1129" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 483.911556][ T8733] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 484.307214][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 484.758086][ T8755] Bluetooth: hci5: Frame reassembly failed (-84) [ 484.800472][ T6617] Bluetooth: hci5: Frame reassembly failed (-84) [ 485.006989][ T6617] Bluetooth: hci5: Frame reassembly failed (-84) [ 485.453583][ T8731] loop4: detected capacity change from 0 to 32768 [ 485.475616][ T8731] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1130 (8731) [ 485.708969][ T8731] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 485.726257][ T8731] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 486.019952][ T8731] BTRFS info (device loop4): enabling auto defrag [ 486.071792][ T8731] BTRFS info (device loop4): doing ref verification [ 486.078951][ T8731] BTRFS info (device loop4): use no compression [ 486.104996][ T8731] BTRFS info (device loop4): force clearing of disk cache [ 486.119546][ T8731] BTRFS info (device loop4): setting nodatacow, compression disabled [ 486.152241][ T8731] BTRFS info (device loop4): disabling free space tree [ 486.252424][ T8785] overlayfs: failed to resolve './file0': -2 [ 486.553512][ T8731] BTRFS error (device loop4): open_ctree failed: -12 [ 486.560844][ T6986] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by udevd (6986) [ 486.871687][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 486.879573][ T4254] Bluetooth: hci5: command 0xfc11 tx timeout [ 488.133586][ T8816] netlink: 'syz.3.1148': attribute type 10 has an invalid length. [ 488.257250][ T8816] device veth0_vlan left promiscuous mode [ 488.586318][ T8816] device veth0_vlan entered promiscuous mode [ 488.650992][ T8816] team0: Device veth0_vlan failed to register rx_handler [ 489.043357][ T8828] overlayfs: failed to resolve './file0': -2 [ 489.455105][ T8834] Bluetooth: hci5: Frame reassembly failed (-84) [ 489.718261][ T61] Bluetooth: hci5: Frame reassembly failed (-84) [ 489.849203][ T8835] binder: BINDER_SET_CONTEXT_MGR already set [ 490.008603][ T8835] binder: 8833:8835 ioctl 4018620d 200000000040 returned -16 [ 490.198994][ T8839] 9pnet_virtio: no channels available for device syz [ 491.591584][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 492.690801][ T5556] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 492.891599][ T5556] usb 3-1: Using ep0 maxpacket: 8 [ 492.899282][ T5556] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 492.979267][ T5556] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 493.029950][ T5556] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 493.074454][ T5556] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 493.156659][ T5556] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 493.207826][ T5556] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 493.416661][ T8873] overlayfs: failed to resolve './file0': -2 [ 493.496217][ T5556] usb 3-1: usb_control_msg returned -71 [ 493.512561][ T5556] usbtmc 3-1:16.0: can't read capabilities [ 493.561008][ T5556] usb 3-1: USB disconnect, device number 11 [ 494.289818][ T8879] loop1: detected capacity change from 0 to 512 [ 494.322536][ T8879] EXT4-fs: Ignoring removed nobh option [ 494.403414][ T8879] EXT4-fs error (device loop1): __ext4_iget:5076: inode #11: block 6: comm syz.1.1171: invalid block [ 494.440282][ T8879] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1171: couldn't read orphan inode 11 (err -117) [ 494.474006][ T8879] EXT4-fs (loop1): 1 truncate cleaned up [ 494.521772][ T8879] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 495.100446][ T26] audit: type=1800 audit(1748419722.077:149): pid=8879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1171" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 495.356506][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 495.733281][ T8901] binder: BINDER_SET_CONTEXT_MGR already set [ 495.838406][ T8901] binder: 8900:8901 ioctl 4018620d 200000000040 returned -16 [ 497.086429][ T8921] overlayfs: failed to resolve './file0': -2 [ 498.076693][ T48] block nbd3: Receive control failed (result -32) [ 498.088645][ T8931] block nbd3: shutting down sockets [ 498.512886][ T8898] loop2: detected capacity change from 0 to 32768 [ 498.638577][ T8948] binder: BINDER_SET_CONTEXT_MGR already set [ 498.690525][ T8948] binder: 8946:8948 ioctl 4018620d 200000000040 returned -16 [ 500.167900][ T8969] overlayfs: failed to resolve './file1': -2 [ 500.801501][ T4671] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 500.991614][ T4671] usb 2-1: Using ep0 maxpacket: 32 [ 500.997912][ T4671] usb 2-1: no configurations [ 501.020604][ T4671] usb 2-1: can't read configurations, error -22 [ 501.211698][ T4671] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 501.357386][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.363790][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.411606][ T4671] usb 2-1: Using ep0 maxpacket: 32 [ 501.426062][ T4671] usb 2-1: no configurations [ 501.458032][ T4671] usb 2-1: can't read configurations, error -22 [ 501.510834][ T4671] usb usb2-port1: attempt power cycle [ 501.954907][ T4671] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 502.000544][ T4671] usb 2-1: Using ep0 maxpacket: 32 [ 502.017411][ T4671] usb 2-1: no configurations [ 502.026682][ T4671] usb 2-1: can't read configurations, error -22 [ 502.255946][ T4671] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 502.384158][ T4671] usb 2-1: Using ep0 maxpacket: 32 [ 502.436500][ T4671] usb 2-1: no configurations [ 502.498148][ T4671] usb 2-1: can't read configurations, error -22 [ 502.603649][ T4671] usb usb2-port1: unable to enumerate USB device [ 503.168821][ T8998] loop0: detected capacity change from 0 to 512 [ 503.284837][ T8998] EXT4-fs: Ignoring removed nobh option [ 503.353064][ T9001] overlayfs: failed to resolve './file1': -2 [ 503.628059][ T8998] EXT4-fs error (device loop0): __ext4_iget:5076: inode #11: block 6: comm syz.0.1205: invalid block [ 503.776856][ T8998] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1205: couldn't read orphan inode 11 (err -117) [ 503.917228][ T8998] EXT4-fs (loop0): 1 truncate cleaned up [ 503.923011][ T8998] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 505.121637][ T9018] tmpfs: Unknown parameter 'grpquota' [ 505.888498][ T26] audit: type=1800 audit(1748419732.877:150): pid=8998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1205" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 506.389392][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 506.671605][ T9031] tmpfs: Unknown parameter 'grpquota' [ 509.379089][ T9052] overlayfs: failed to resolve './file1': -2 [ 510.797905][ T9070] Bluetooth: hci5: Frame reassembly failed (-84) [ 510.939320][ T4346] Bluetooth: hci5: Frame reassembly failed (-84) [ 511.402859][ T5556] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 511.591760][ T5556] usb 3-1: Using ep0 maxpacket: 32 [ 511.597943][ T5556] usb 3-1: no configurations [ 511.625739][ T5556] usb 3-1: can't read configurations, error -22 [ 511.895929][ T8019] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 512.511609][ T9083] tmpfs: Unknown parameter 'grpquota' [ 513.015243][ T5556] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 513.024329][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 513.031826][ T4254] Bluetooth: hci5: command 0xfc11 tx timeout [ 513.651570][ T5556] usb 3-1: Using ep0 maxpacket: 32 [ 513.652510][ T8019] usb 2-1: Using ep0 maxpacket: 8 [ 513.813001][ T8019] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 513.898068][ T8019] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 514.207162][ T5556] usb 3-1: device descriptor read/all, error -71 [ 514.216615][ T5556] usb usb3-port1: attempt power cycle [ 514.273594][ T8019] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 515.480882][ T8019] usb 2-1: unable to read config index 1 descriptor/start: -71 [ 515.511750][ T8019] usb 2-1: can't read configurations, error -71 [ 515.723951][ T9103] loop1: detected capacity change from 0 to 512 [ 515.744045][ T9103] EXT4-fs: Ignoring removed nobh option [ 515.864357][ T9103] EXT4-fs error (device loop1): __ext4_iget:5076: inode #11: block 6: comm syz.1.1236: invalid block [ 515.880624][ T9103] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1236: couldn't read orphan inode 11 (err -117) [ 516.841491][ T9103] EXT4-fs (loop1): 1 truncate cleaned up [ 516.961702][ T9103] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 517.671526][ T9111] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 517.839169][ T9126] Bluetooth: hci5: Frame reassembly failed (-84) [ 517.922171][ T4281] Bluetooth: hci5: Frame reassembly failed (-84) [ 517.932701][ T4281] Bluetooth: hci5: Frame reassembly failed (-84) [ 518.777205][ T26] audit: type=1800 audit(1748419745.717:151): pid=9121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1236" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 519.187440][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 519.264757][ T4672] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 519.464617][ T4672] usb 1-1: Using ep0 maxpacket: 32 [ 519.470820][ T4672] usb 1-1: no configurations [ 519.494751][ T4672] usb 1-1: can't read configurations, error -22 [ 521.026901][ T4254] Bluetooth: hci5: command 0xfc11 tx timeout [ 521.036562][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 521.045125][ T26] audit: type=1326 audit(1748419747.837:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9137 comm="syz.3.1245" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d8f38e969 code=0x0 [ 521.221704][ T4672] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 521.484846][ T9154] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1250'. [ 521.501564][ T4672] usb 1-1: Using ep0 maxpacket: 32 [ 521.512276][ T4672] usb 1-1: no configurations [ 521.615450][ T4672] usb 1-1: can't read configurations, error -22 [ 521.622030][ T4672] usb usb1-port1: attempt power cycle [ 522.381516][ T4672] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 522.866851][ T4672] usb 1-1: device descriptor read/8, error -71 [ 523.235309][ T9169] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.1253'. [ 525.353603][ T9187] loop2: detected capacity change from 0 to 512 [ 525.360905][ T9187] EXT4-fs: Ignoring removed nobh option [ 525.451085][ T9187] EXT4-fs error (device loop2): __ext4_iget:5076: inode #11: block 6: comm syz.2.1258: invalid block [ 525.473254][ T9187] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1258: couldn't read orphan inode 11 (err -117) [ 525.521021][ T9187] EXT4-fs (loop2): 1 truncate cleaned up [ 525.588698][ T9187] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 526.326352][ T26] audit: type=1800 audit(1748419753.317:153): pid=9193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1258" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 526.453102][ T9198] Bluetooth: hci5: Frame reassembly failed (-84) [ 526.541557][ T33] Bluetooth: hci5: Frame reassembly failed (-84) [ 527.121123][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 528.318091][ T9214] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1263'. [ 528.434207][ T9214] netlink: 'syz.4.1263': attribute type 10 has an invalid length. [ 528.472241][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 528.576508][ T4672] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 528.771580][ T4672] usb 2-1: Using ep0 maxpacket: 32 [ 528.779463][ T4672] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 528.796567][ T9223] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1265'. [ 528.818212][ T4672] usb 2-1: can't read configurations, error -61 [ 529.016832][ T4672] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 529.561453][ T4672] usb 2-1: Using ep0 maxpacket: 32 [ 529.568984][ T4672] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 529.593002][ T4672] usb 2-1: can't read configurations, error -61 [ 529.622774][ T4672] usb usb2-port1: attempt power cycle [ 530.052593][ T4672] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 530.092054][ T4672] usb 2-1: Using ep0 maxpacket: 32 [ 530.105758][ T4672] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 531.727593][ T4672] usb 2-1: can't read configurations, error -61 [ 531.911876][ T4672] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 532.059710][ T4672] usb 2-1: device descriptor read/8, error -71 [ 532.195941][ T4672] usb usb2-port1: unable to enumerate USB device [ 532.759643][ T9258] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1276'. [ 534.196393][ T9270] Bluetooth: hci5: Frame reassembly failed (-84) [ 534.941613][ T9271] tmpfs: Unknown parameter 'grpquota' [ 536.081947][ T4301] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 536.369024][ T4301] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 536.453224][ T4301] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 536.646161][ T4301] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 536.673769][ T4301] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.755852][ T4301] usb 5-1: config 0 descriptor?? [ 536.777916][ T4301] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 536.785225][ T4301] dvb-usb: bulk message failed: -22 (3/0) [ 536.808826][ T4301] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 536.836799][ T4301] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 536.844792][ T4301] usb 5-1: media controller created [ 536.859070][ T4301] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 536.871588][ T4254] Bluetooth: hci5: command 0xfc11 tx timeout [ 536.880038][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 537.038155][ T4301] dvb-usb: bulk message failed: -22 (6/0) [ 537.054002][ T9277] dvb-usb: bulk message failed: -22 (4/0) [ 537.061048][ T4301] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 537.095942][ T4301] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input10 [ 537.120484][ T4301] dvb-usb: schedule remote query interval to 150 msecs. [ 537.146795][ T4301] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 537.214946][ T9296] loop1: detected capacity change from 0 to 512 [ 537.229348][ T4670] usb 5-1: USB disconnect, device number 6 [ 537.254486][ T9296] EXT4-fs: Ignoring removed nobh option [ 537.331904][ T9297] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 537.354664][ T4670] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 537.382042][ T9297] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 537.405934][ T9296] EXT4-fs error (device loop1): __ext4_iget:5076: inode #11: block 6: comm syz.1.1287: invalid block [ 537.431551][ T4301] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 537.453441][ T9296] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1287: couldn't read orphan inode 11 (err -117) [ 537.507016][ T9302] random: crng reseeded on system resumption [ 537.529792][ T9296] EXT4-fs (loop1): 1 truncate cleaned up [ 537.536466][ T9296] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 537.641780][ T9299] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 537.711455][ T4301] usb 3-1: Using ep0 maxpacket: 32 [ 537.719867][ T4301] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 538.117443][ T4301] usb 3-1: can't read configurations, error -61 [ 538.346879][ T26] audit: type=1800 audit(1748419765.337:154): pid=9303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1287" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 538.352494][ T4301] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 538.475512][ T4251] EXT4-fs (loop1): unmounting filesystem. [ 538.641838][ T4301] usb 3-1: Using ep0 maxpacket: 32 [ 538.674470][ T4301] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 538.703424][ T4301] usb 3-1: can't read configurations, error -61 [ 538.728791][ T4301] usb usb3-port1: attempt power cycle [ 538.970945][ T48] Bluetooth: hci2: unexpected event for opcode 0x2029 [ 539.061830][ T9326] tmpfs: Unknown parameter 'grpquota' [ 539.881508][ T4301] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 540.102985][ T4301] usb 3-1: Using ep0 maxpacket: 32 [ 540.140499][ T4301] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 540.656558][ T9333] Bluetooth: hci5: Frame reassembly failed (-84) [ 540.731704][ T4301] usb 3-1: can't read configurations, error -61 [ 540.901510][ T4301] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 541.161630][ T4301] usb 3-1: device not accepting address 18, error -71 [ 541.171648][ T4301] usb usb3-port1: unable to enumerate USB device [ 541.354380][ T9352] input: syz1 as /devices/virtual/input/input11 [ 541.513210][ T9357] loop0: detected capacity change from 0 to 512 [ 541.591493][ T9357] EXT4-fs: Ignoring removed nobh option [ 541.647140][ T9357] EXT4-fs error (device loop0): __ext4_iget:5076: inode #11: block 6: comm syz.0.1302: invalid block [ 541.745209][ T9357] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1302: couldn't read orphan inode 11 (err -117) [ 541.767673][ T9357] EXT4-fs (loop0): 1 truncate cleaned up [ 541.773610][ T9357] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 542.240971][ T26] audit: type=1800 audit(1748419769.227:155): pid=9358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1302" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 542.711545][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 542.956754][ T4252] EXT4-fs (loop0): unmounting filesystem. [ 543.034443][ T48] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 543.044961][ T48] Bluetooth: hci2: Injecting HCI hardware error event [ 543.064584][ T4254] Bluetooth: hci2: hardware error 0x00 [ 543.446204][ T26] audit: type=1800 audit(1748419770.417:156): pid=9387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1311" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 543.769872][ T9390] loop6: detected capacity change from 0 to 524287999 [ 543.926578][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x84700 phys_seg 128 prio class 1 [ 543.936387][ C1] I/O error, dev loop6, sector 2440 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 1 [ 543.947958][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1 [ 543.957178][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 544.617567][ C0] I/O error, dev loop6, sector 524287744 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 544.656392][ C0] I/O error, dev loop6, sector 524287744 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 544.666398][ C0] Buffer I/O error on dev loop6, logical block 65535968, async page read [ 544.891522][ T5737] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 545.171515][ T5737] usb 5-1: Using ep0 maxpacket: 32 [ 545.179693][ T5737] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 545.288831][ T5737] usb 5-1: can't read configurations, error -61 [ 545.450145][ T9413] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1316'. [ 545.541488][ T5737] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 545.741804][ T5737] usb 5-1: Using ep0 maxpacket: 32 [ 545.800909][ T5737] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 545.860761][ T5737] usb 5-1: can't read configurations, error -61 [ 545.905688][ T5737] usb usb5-port1: attempt power cycle [ 546.221591][ T9424] Bluetooth: hci5: Frame reassembly failed (-84) [ 546.284194][ T61] Bluetooth: hci5: Frame reassembly failed (-84) [ 546.351540][ T5737] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 546.791594][ T4254] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 546.798669][ T5737] usb 5-1: device descriptor read/8, error -71 [ 547.806156][ T9440] tmpfs: Unknown parameter 'grpquota' [ 548.351553][ T48] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 548.501499][ T5737] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 548.544971][ T5737] usb 5-1: Using ep0 maxpacket: 8 [ 548.551680][ T5737] usb 5-1: config 0 has no interfaces? [ 548.586738][ T5737] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 548.598176][ T48] Bluetooth: hci1: unexpected event for opcode 0x203d [ 548.608489][ T5737] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 548.625605][ T5737] usb 5-1: Product: syz [ 548.666159][ T5737] usb 5-1: Manufacturer: syz [ 548.676299][ T5737] usb 5-1: SerialNumber: syz [ 548.718657][ T5737] usb 5-1: config 0 descriptor?? [ 548.722083][ T9449] netlink: 308 bytes leftover after parsing attributes in process `syz.0.1329'. [ 549.712392][ T5737] usb 5-1: USB disconnect, device number 10 [ 550.598505][ T9466] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1333'. [ 551.975524][ T9477] block nbd0: shutting down sockets [ 552.821612][ T9484] tmpfs: Unknown parameter 'grpquota' [ 553.766678][ T9489] overlayfs: missing 'lowerdir' [ 554.249840][ T9496] random: crng reseeded on system resumption [ 555.175925][ T9508] netlink: 308 bytes leftover after parsing attributes in process `syz.1.1345'. [ 555.232655][ T9509] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1346'. [ 556.231082][ T9522] ieee802154 phy0 wpan0: encryption failed: -22 [ 557.092214][ T9536] tmpfs: Unknown parameter 'grpquota' [ 558.346778][ T9540] overlayfs: missing 'lowerdir' [ 558.717967][ T9549] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1358'. [ 558.810231][ T9551] device vlan2 entered promiscuous mode [ 558.839192][ T9551] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1357'. [ 560.775155][ T9558] netlink: 308 bytes leftover after parsing attributes in process `syz.4.1360'. [ 561.871196][ T9583] overlayfs: missing 'lowerdir' [ 562.451886][ T9589] tmpfs: Unknown parameter 'grpquota' [ 563.023425][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.029888][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.158553][ T9609] binder: 9608:9609 ioctl 4018620d 0 returned -22 [ 564.173543][ T9603] netlink: 'syz.4.1372': attribute type 1 has an invalid length. [ 565.999926][ T9630] netlink: 308 bytes leftover after parsing attributes in process `syz.1.1378'. [ 566.004863][ T9631] overlayfs: missing 'lowerdir' [ 567.066372][ T9640] loop3: detected capacity change from 0 to 512 [ 567.155434][ T9640] EXT4-fs (loop3): bad geometry: first data block is 0 with a 1k block and cluster size [ 569.705540][ T26] audit: type=1326 audit(1748419796.697:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 570.824798][ T26] audit: type=1326 audit(1748419796.707:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 571.073632][ T26] audit: type=1326 audit(1748419796.707:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 571.288928][ T26] audit: type=1326 audit(1748419796.707:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 571.487143][ T26] audit: type=1326 audit(1748419796.707:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 571.802444][ T26] audit: type=1326 audit(1748419796.707:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 572.016230][ T26] audit: type=1326 audit(1748419796.707:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 572.287925][ T26] audit: type=1326 audit(1748419796.707:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 572.410931][ T9687] overlayfs: missing 'lowerdir' [ 572.538896][ T26] audit: type=1326 audit(1748419796.707:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 572.539627][ T9690] netlink: 308 bytes leftover after parsing attributes in process `syz.3.1392'. [ 573.146270][ T26] audit: type=1326 audit(1748419796.707:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9653 comm="syz.4.1385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2b58e969 code=0x7ffc0000 [ 573.449534][ T9702] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1394'. [ 576.446971][ T9735] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1397'. [ 576.625811][ T9742] netlink: 763 bytes leftover after parsing attributes in process `syz.3.1399'. [ 576.677855][ T9743] netlink: 'syz.1.1397': attribute type 10 has an invalid length. [ 576.737828][ T9743] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 576.788495][ T9743] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 576.943199][ T9744] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 576.955911][ T9744] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 577.040109][ T9744] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 577.070062][ T9744] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 577.326248][ T9744] bond0: (slave batadv0): Releasing backup interface [ 577.513059][ T9757] netlink: 'syz.4.1402': attribute type 1 has an invalid length. [ 577.520903][ T9757] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1402'. [ 577.544938][ T9757] tmpfs: Unknown parameter 'grpquota' [ 578.123815][ T9759] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 578.132883][ T4301] usb 3-1: new full-speed USB device number 19 using dummy_hcd [ 578.196421][ T9759] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 578.325935][ T4301] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 578.353576][ T4301] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 578.388935][ T9764] netlink: 308 bytes leftover after parsing attributes in process `syz.4.1405'. [ 578.423716][ T4301] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 578.983255][ T4301] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.010679][ T4301] usb 3-1: config 0 descriptor?? [ 579.037652][ T4301] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 579.061499][ T4301] dvb-usb: bulk message failed: -22 (3/0) [ 579.079192][ T4301] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 579.099200][ T4301] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 579.118282][ T4301] usb 3-1: media controller created [ 579.129577][ T4301] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 579.180379][ T4301] dvb-usb: bulk message failed: -22 (6/0) [ 579.197961][ T4301] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 579.241697][ T4301] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input12 [ 579.390347][ T9753] dvb-usb: bulk message failed: -22 (4/0) [ 579.444757][ T4301] dvb-usb: schedule remote query interval to 150 msecs. [ 579.470261][ T4301] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 579.624843][ T4670] dvb-usb: bulk message failed: -22 (1/0) [ 579.632046][ T4670] dvb-usb: error while querying for an remote control event. [ 579.775920][ T9779] netem: incorrect ge model size [ 579.785741][ T9779] netem: change failed [ 579.808537][ T4670] usb 3-1: USB disconnect, device number 19 [ 579.909688][ T4670] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 580.431976][ T9785] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1410'. [ 581.555318][ T9810] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 581.574513][ T9810] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 582.861582][ T9820] tmpfs: Unknown parameter 'grpquota' [ 583.809941][ T9826] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1422'. [ 584.954461][ T9845] nbd0: detected capacity change from 0 to 4294967296 [ 585.050020][ T9843] block nbd0: shutting down sockets [ 585.302093][ C0] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.311295][ C0] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.321592][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.330771][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.401365][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.512619][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.555832][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.564926][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.572825][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.581881][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.589754][ T1043] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.598820][ T1043] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.606778][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.615921][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.623836][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.633011][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.640839][ T6986] ldm_validate_partition_table(): Disk read failed. [ 585.647597][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.656673][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.664666][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 585.673799][ T52] Buffer I/O error on dev nbd0, logical block 0, async page read [ 585.691667][ T6986] Dev nbd0: unable to read RDB block 0 [ 585.712614][ T6986] nbd0: unable to read partition table [ 585.767542][ T6986] nbd0: partition table beyond EOD, truncated [ 586.065572][ T9862] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 586.093837][ T9862] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 586.124996][ T9860] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1430'. [ 586.245106][ T9866] device wg1 entered promiscuous mode [ 586.858598][ T9883] block nbd0: shutting down sockets [ 586.900268][ T9884] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1434'. [ 589.175744][ T9911] loop2: detected capacity change from 0 to 512 [ 589.222498][ T9911] EXT4-fs: Ignoring removed nobh option [ 589.340122][ T9911] EXT4-fs error (device loop2): __ext4_iget:5076: inode #11: block 6: comm syz.2.1440: invalid block [ 589.488456][ T9911] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.1440: couldn't read orphan inode 11 (err -117) [ 589.827695][ T9911] EXT4-fs (loop2): 1 truncate cleaned up [ 589.872664][ T9911] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 590.363881][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 590.363897][ T26] audit: type=1800 audit(1748419817.357:170): pid=9918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1440" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 590.566537][ T9923] overlayfs: missing 'lowerdir' [ 591.416799][ T9931] overlayfs: missing 'lowerdir' [ 591.503190][ T9932] nbd1: detected capacity change from 0 to 4294967296 [ 591.588943][ T9935] block nbd1: shutting down sockets [ 591.647339][ C1] blk_print_req_error: 3 callbacks suppressed [ 591.647358][ C1] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.662599][ C1] buffer_io_error: 3 callbacks suppressed [ 591.662610][ C1] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.676373][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.685481][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.693453][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.702583][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.710784][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.720058][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.729178][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.739730][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.747658][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.756799][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.764862][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.774027][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.782053][ T1043] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 591.791480][ T1043] Buffer I/O error on dev nbd1, logical block 0, async page read [ 591.799366][ T6986] ldm_validate_partition_table(): Disk read failed. [ 591.818497][ T6986] Dev nbd1: unable to read RDB block 0 [ 591.857850][ T6986] nbd1: unable to read partition table [ 591.882441][ T6986] nbd1: partition table beyond EOD, truncated [ 592.236509][ T9941] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1445'. [ 592.273630][ T4262] EXT4-fs (loop2): unmounting filesystem. [ 592.813927][ T9956] lo speed is unknown, defaulting to 1000 [ 592.820692][ T9956] lo speed is unknown, defaulting to 1000 [ 592.937654][ T9953] [ 592.940037][ T9953] ====================================================== [ 592.947068][ T9953] WARNING: possible circular locking dependency detected [ 592.954110][ T9953] 6.1.140-syzkaller #0 Not tainted [ 592.959235][ T9953] ------------------------------------------------------ [ 592.966267][ T9953] syz.1.1447/9953 is trying to acquire lock: [ 592.972257][ T9953] ffff8880174697d8 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable+0x1d/0x60 [ 592.981982][ T9953] [ 592.981982][ T9953] but task is already holding lock: [ 592.989361][ T9953] ffff888077707a80 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0 [ 593.000305][ T9953] [ 593.000305][ T9953] which lock already depends on the new lock. [ 593.000305][ T9953] [ 593.010723][ T9953] [ 593.010723][ T9953] the existing dependency chain (in reverse order) is: [ 593.019749][ T9953] [ 593.019749][ T9953] -> #1 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}: [ 593.028477][ T9953] down_write+0x36/0x60 [ 593.033183][ T9953] process_measurement+0x33c/0x1a10 [ 593.038925][ T9953] ima_file_mmap+0x104/0x150 [ 593.044055][ T9953] __se_sys_remap_file_pages+0x53e/0x770 [ 593.050244][ T9953] do_syscall_64+0x4c/0xa0 [ 593.055216][ T9953] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 593.061670][ T9953] [ 593.061670][ T9953] -> #0 (&mm->mmap_lock){++++}-{3:3}: [ 593.069262][ T9953] __lock_acquire+0x2cf8/0x7c50 [ 593.074663][ T9953] lock_acquire+0x1b4/0x490 [ 593.079712][ T9953] down_read_killable+0x4c/0x340 [ 593.085212][ T9953] mmap_read_lock_killable+0x1d/0x60 [ 593.091044][ T9953] lock_mm_and_find_vma+0x2b1/0x2f0 [ 593.096799][ T9953] do_user_addr_fault+0x2db/0xb10 [ 593.102384][ T9953] exc_page_fault+0x60/0x100 [ 593.107545][ T9953] asm_exc_page_fault+0x22/0x30 [ 593.112957][ T9953] fault_in_readable+0x13e/0x1f0 [ 593.118451][ T9953] fault_in_iov_iter_readable+0xbb/0x2e0 [ 593.124647][ T9953] generic_perform_write+0x3da/0x560 [ 593.130496][ T9953] __generic_file_write_iter+0x172/0x430 [ 593.136683][ T9953] generic_file_write_iter+0xab/0x2e0 [ 593.142613][ T9953] vfs_write+0x44c/0x960 [ 593.147396][ T9953] ksys_write+0x143/0x240 [ 593.152266][ T9953] do_syscall_64+0x4c/0xa0 [ 593.157235][ T9953] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 593.163686][ T9953] [ 593.163686][ T9953] other info that might help us debug this: [ 593.163686][ T9953] [ 593.173933][ T9953] Possible unsafe locking scenario: [ 593.173933][ T9953] [ 593.181396][ T9953] CPU0 CPU1 [ 593.186771][ T9953] ---- ---- [ 593.192146][ T9953] lock(&sb->s_type->i_mutex_key#12); [ 593.197639][ T9953] lock(&mm->mmap_lock); [ 593.204505][ T9953] lock(&sb->s_type->i_mutex_key#12); [ 593.212513][ T9953] lock(&mm->mmap_lock); [ 593.216868][ T9953] [ 593.216868][ T9953] *** DEADLOCK *** [ 593.216868][ T9953] [ 593.225033][ T9953] 3 locks held by syz.1.1447/9953: [ 593.230165][ T9953] #0: ffff888028290d68 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2ae/0x360 [ 593.239457][ T9953] #1: ffff888079cf2460 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x256/0x960 [ 593.248385][ T9953] #2: ffff888077707a80 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0 [ 593.259773][ T9953] [ 593.259773][ T9953] stack backtrace: [ 593.265708][ T9953] CPU: 0 PID: 9953 Comm: syz.1.1447 Not tainted 6.1.140-syzkaller #0 [ 593.273800][ T9953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 593.283894][ T9953] Call Trace: [ 593.287204][ T9953] [ 593.290157][ T9953] dump_stack_lvl+0x168/0x22e [ 593.294875][ T9953] ? load_image+0x3b0/0x3b0 [ 593.299406][ T9953] ? show_regs_print_info+0x12/0x12 [ 593.304648][ T9953] ? print_circular_bug+0x12b/0x1a0 [ 593.309883][ T9953] check_noncircular+0x274/0x310 [ 593.314865][ T9953] ? add_chain_block+0x940/0x940 [ 593.319842][ T9953] ? lockdep_lock+0xdc/0x1e0 [ 593.324463][ T9953] ? _find_first_zero_bit+0xcf/0x100 [ 593.329773][ T9953] __lock_acquire+0x2cf8/0x7c50 [ 593.334657][ T9953] ? search_extable+0x8c/0xd0 [ 593.339374][ T9953] ? fixup_exception+0xef0/0x1c40 [ 593.344437][ T9953] ? verify_lock_unused+0x140/0x140 [ 593.349668][ T9953] ? ex_get_fixup_type+0x60/0x60 [ 593.354630][ T9953] ? verify_lock_unused+0x140/0x140 [ 593.359853][ T9953] ? preempt_schedule+0xa7/0xb0 [ 593.364724][ T9953] ? verify_lock_unused+0x140/0x140 [ 593.369952][ T9953] ? preempt_schedule_common+0xa5/0xd0 [ 593.375440][ T9953] lock_acquire+0x1b4/0x490 [ 593.379972][ T9953] ? mmap_read_lock_killable+0x1d/0x60 [ 593.385462][ T9953] ? mark_lock+0x94/0x320 [ 593.389818][ T9953] ? read_lock_is_recursive+0x10/0x10 [ 593.395217][ T9953] ? cmp_ex_search+0x1a/0x70 [ 593.399840][ T9953] ? bsearch+0x8a/0xb0 [ 593.403933][ T9953] ? fault_in_readable+0x13e/0x1f0 [ 593.409079][ T9953] ? search_extable+0x8c/0xd0 [ 593.413787][ T9953] ? trim_init_extable+0x3b0/0x3b0 [ 593.418935][ T9953] ? mmap_read_lock_killable+0x1d/0x60 [ 593.424424][ T9953] down_read_killable+0x4c/0x340 [ 593.429392][ T9953] ? mmap_read_lock_killable+0x1d/0x60 [ 593.434882][ T9953] mmap_read_lock_killable+0x1d/0x60 [ 593.440193][ T9953] lock_mm_and_find_vma+0x2b1/0x2f0 [ 593.445427][ T9953] do_user_addr_fault+0x2db/0xb10 [ 593.450490][ T9953] exc_page_fault+0x60/0x100 [ 593.455117][ T9953] asm_exc_page_fault+0x22/0x30 [ 593.460006][ T9953] RIP: 0010:fault_in_readable+0x13e/0x1f0 [ 593.465755][ T9953] Code: 78 91 c3 ff 4d 89 f4 49 81 cc ff 0f 00 00 4d 89 f7 49 01 dc 49 81 e4 00 f0 ff ff 4d 39 e6 77 44 e8 57 91 c3 ff 4d 39 e7 74 47 <41> 8a 07 88 44 24 07 49 81 c7 00 10 00 00 4d 39 e7 74 07 e8 3a 91 [ 593.485407][ T9953] RSP: 0018:ffffc90003307a90 EFLAGS: 00050287 [ 593.491514][ T9953] RAX: ffffffff81bd45b9 RBX: 0000000000001000 RCX: 0000000000080000 [ 593.499520][ T9953] RDX: ffffc9000e279000 RSI: 00000000000187a0 RDI: 00000000000187a1 [ 593.507521][ T9953] RBP: 0000000000000000 R08: ffff88801dacbb80 R09: 0000000000000002 [ 593.515522][ T9953] R10: 0000000000000006 R11: 0000000000000002 R12: 00002000000c1000 [ 593.523517][ T9953] R13: 0000000000000000 R14: 00002000000c0000 R15: 00002000000c0000 [ 593.531527][ T9953] ? fault_in_readable+0x139/0x1f0 [ 593.536702][ T9953] fault_in_iov_iter_readable+0xbb/0x2e0 [ 593.542382][ T9953] generic_perform_write+0x3da/0x560 [ 593.547716][ T9953] ? atime_needs_update+0x780/0x780 [ 593.552957][ T9953] ? generic_file_direct_write+0x660/0x660 [ 593.558804][ T9953] ? __file_remove_privs+0x5b0/0x5b0 [ 593.564132][ T9953] ? generic_write_checks_count+0x3d9/0x4c0 [ 593.570053][ T9953] __generic_file_write_iter+0x172/0x430 [ 593.575728][ T9953] generic_file_write_iter+0xab/0x2e0 [ 593.581144][ T9953] vfs_write+0x44c/0x960 [ 593.585409][ T9953] ? file_end_write+0x250/0x250 [ 593.590280][ T9953] ? __fget_files+0x44a/0x4d0 [ 593.594996][ T9953] ? __fdget_pos+0x2ae/0x360 [ 593.599613][ T9953] ? ksys_write+0x71/0x240 [ 593.604047][ T9953] ksys_write+0x143/0x240 [ 593.608397][ T9953] ? __ia32_sys_read+0x80/0x80 [ 593.613182][ T9953] ? lockdep_hardirqs_on+0x94/0x140 [ 593.618418][ T9953] do_syscall_64+0x4c/0xa0 [ 593.622860][ T9953] ? clear_bhb_loop+0x60/0xb0 [ 593.627555][ T9953] ? clear_bhb_loop+0x60/0xb0 [ 593.632250][ T9953] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 593.638182][ T9953] RIP: 0033:0x7f0d5cb8e969 [ 593.642625][ T9953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.662255][ T9953] RSP: 002b:00007f0d5d949038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 593.670699][ T9953] RAX: ffffffffffffffda RBX: 00007f0d5cdb6080 RCX: 00007f0d5cb8e969 [ 593.678708][ T9953] RDX: 000000000208e24b RSI: 0000200000000000 RDI: 000000000000000a [ 593.686706][ T9953] RBP: 00007f0d5cc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 593.694701][ T9953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.702693][ T9953] R13: 0000000000000000 R14: 00007f0d5cdb6080 R15: 00007ffe0f9fb758 [ 593.710693][ T9953] [ 594.319351][ T9956] lo speed is unknown, defaulting to 1000 [ 594.340551][ T9956] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 594.373762][ T9956] lo speed is unknown, defaulting to 1000 [ 594.394543][ T9956] lo speed is unknown, defaulting to 1000 [ 594.408787][ T9956] lo speed is unknown, defaulting to 1000 [ 594.435833][ T9956] lo speed is unknown, defaulting to 1000 [ 594.445937][ T9956] lo speed is unknown, defaulting to 1000