last executing test programs: 6m36.064189665s ago: executing program 1 (id=619): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x10000000}) 6m35.722994593s ago: executing program 1 (id=620): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3103000000000000000009000000040003"], 0x24}}, 0x0) 6m34.908219274s ago: executing program 1 (id=624): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001a"], 0x34}}, 0x24008010) 6m34.473170048s ago: executing program 1 (id=628): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0xfc, 0x1ca, &(0x7f00000008c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000140)='./file0\x00') 6m33.344954017s ago: executing program 1 (id=631): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x48, r1, 0x1, 0x4, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x7}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) 6m23.097647542s ago: executing program 1 (id=657): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, @none={0x0, 0x3}}, 0x14, &(0x7f0000000100)={&(0x7f0000000040)="7a38e0000200456f", 0x8}, 0x1, 0x0, 0x0, 0x200000c0}, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000002c0)) 6m22.39000377s ago: executing program 32 (id=657): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, @none={0x0, 0x3}}, 0x14, &(0x7f0000000100)={&(0x7f0000000040)="7a38e0000200456f", 0x8}, 0x1, 0x0, 0x0, 0x200000c0}, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000002c0)) 5m49.805687855s ago: executing program 2 (id=736): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000580)={0x2c, r1, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4040000) 5m49.09040528s ago: executing program 2 (id=739): r0 = creat(&(0x7f0000000700)='./file0\x00', 0x49) close(r0) execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000500)={[&(0x7f00000002c0)=':!:#\x00']}) 5m47.72634175s ago: executing program 2 (id=743): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48) sendto$netrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 5m46.584591452s ago: executing program 2 (id=748): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000080)={[{@nr_inodes}]}) 5m43.91762921s ago: executing program 2 (id=755): r0 = syz_io_uring_setup(0x6165, &(0x7f0000000300)={0x0, 0xe8be, 0x10100, 0x0, 0x3}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x402}}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 5m41.90767224s ago: executing program 2 (id=760): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="200000005e000100000000000000000008000000", @ANYRESDEC], 0x20}], 0x1}, 0x0) 5m41.248883665s ago: executing program 33 (id=760): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="200000005e000100000000000000000008000000", @ANYRESDEC], 0x20}], 0x1}, 0x0) 1m54.282931788s ago: executing program 6 (id=1545): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000001c0)={@val={0xa, 0x800e}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @tipc={{0x5, 0x4, 0x0, 0x11, 0x3c, 0x67, 0x0, 0x7, 0x6, 0x0, @loopback, @remote}, @name_distributor={{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0xb, 0x2, 0xf001, 0x0, 0x1, 0x0, 0x2, 0x0, 0x4e20, 0x4e20, 0x2}}}}}}}, 0x4e) 1m53.104820237s ago: executing program 6 (id=1548): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000000)='./file1\x00', 0xa18c14, &(0x7f0000000040)={[{@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@utf8no}, {@uni_xlateno}, {@shortname_mixed}, {@numtail}, {@shortname_lower}, {@utf8}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@utf8no}]}, 0x81, 0x29b, &(0x7f0000000580)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 1m51.89614446s ago: executing program 6 (id=1553): sendmsg$unix(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f00000005c0)="553a45983c430093df0d6038ba2f78777934ebc21b7361cf1d42008663b05ea20100000000000080a102fbdcae896b5511a756a37294a995f2234868a12a46577459928d495ba172b4c4249298e37112f241144d277bfe1398604c9b02366ad2779847d7d129ba435463a404867c80ec945a9fa8", 0x74}], 0x2}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f000000a300)) ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random='\rh\x00 \x00'}) 1m51.057459079s ago: executing program 6 (id=1557): openat2$dir(0xffffff9c, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "5a1f0010008a3f7f0bc52a00"}) 1m50.521425302s ago: executing program 6 (id=1559): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000c40), 0x5, 0x4a7, &(0x7f0000001140)="$eJzs3EtvG0UcAPD/bl59hZhSXm2hhoKIeCRNWqAHJB4CqRckJDiUY0jTqjRtUBMkWkU0IFSOqJ+gcETiE3CCCwIkJBBXuCOkCuXS0gNatLY3dRI7OGkc0+T3k1zPeGZ3ZnY969mZbgLYssr5P0nEroj4LSIGqtHFGcrVtxvzs+N/z8+OJ5Flb/6VVPJdn58dL7IW2+2sRQbTiPSTJPY1KHf6wsUzY5OTE+dr8eGZs+8NT1+4+Mzps2OnJk5NnBs9evTI4ZHnnxt9dl3a2Z/Xde+HU/sfPPb2ldfHj19554ev8vruqqVfn5/tXbxFqQjsjYhs6f5eaqHMcpQXH8s6j6+u+v97/XXhpLuDFWFVuiIiP109lf4/EF1x6+QNxGsfR6QdrR/QPlmWZX3LPs2vCtvzwFwGbGJJdLoGQGcUv/j5fXzx2uAhSEdde7l6A5S3+0btVU3prtz5lEvVe6P+NpVfjgMRcfPq8bmbV2PJfAoAQDt8k49/nm40/kvjvrp8d9XWhkoRcXdE7I6IeyJiT0TcG1HJe39EPNBqwUnjpZHl459ftq+xaS3Jx38v1Na2Fo//Fua9S121WH+l/T3JydOTE4dqx2Qwevry+MgKZXz76q+fNUsrR0Q+9iteefnFWLBWjz+7l0zQnRibGbudNte7diBib3ej9icLKwFJbFvz/vNjdvrJL/c3S//v9q9gHdaZsi8inqie/7lY0v5CsvL65PC2mJw4NFx8K5b78efLbzQr/7bavw6ufRSxo+H3f6H9paR+vXZ61UV0X/7906b3NGv9/vcmb1XCxaLtB2MzM+dHInqTueWfj97atogX+fP2Dx5s3P93R/zzeW27fRGRf4kfioiHIyp3bXndH4mIRyPi4AoH4PtXHns3f/9pTe1vr7z9J1Z1/usDPbH0k0aBrjPffd2s/NbO/5FKaLD2SSvXv2rhxXWreQXXetwAAADgTpJW/g98kkRU50121aXtiR3p5NT0zFMnp94/d6KaVoqetJjpGqibDx2pzQ0X8dEl8cOVeeMsy7LtlfjQ+NRku9bUgdbsrPb/dGjhWpCmQ0PVtD+6Fud9sSM1BNpqVetozZ5oA+5IrfV/HR82o4X+v/xJwILOD5tUtf93DXS6HsDG8/daYOtq1P8vRdzoQFWADeb3H7Yu/R+2rtX2/1Kb6gFsPL//sCUtfiS+N1p4nL+lwO5j67OfzR/o6nQ1+ta2eaQdP3TLA0mDpLRB5rTlPfeuS8VipTx9EdHqDi/FRh3MTl+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1se/AQAA//++KOKq") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000240)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0) 1m48.485710859s ago: executing program 6 (id=1563): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001880)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001880)=ANY=[], 0x10) 1m32.455237029s ago: executing program 34 (id=1563): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001880)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001880)=ANY=[], 0x10) 1m14.629229818s ago: executing program 4 (id=1630): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff40f5", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0x4, 0x28}]}}}}}}}}, 0x0) 1m14.106896925s ago: executing program 4 (id=1632): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000056, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") r0 = creat(&(0x7f0000003840)='./bus\x00', 0x0) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0) ftruncate(r0, 0x1f) pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000000100)='\x00', 0x1}], 0x1, 0xdcd, 0xa) 1m12.438603434s ago: executing program 4 (id=1636): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x8016, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef) 1m11.308245916s ago: executing program 4 (id=1639): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f00000029c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x8001}}, {@journal_dev={'journal_dev', 0x3d, 0x9676}}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'ext4\x00'}}, {@fsname={'fsname', 0x3d, 'minixdf'}}], 0x2c}, 0x84, 0x45a, &(0x7f0000000480)="$eJzs20tvG1UbAOB3xknv/ZKvlEsvQKAgIi5Jkxbogg0IpG6QkGBRliFJq9K0QU2QaFXRgFBZov4CYInEL2AFGwSsQGxhj5Aq1A2FBRo09kzrJnaIL6mT+nkkt+d4jn3e1zMnPjNnHEDfGsn/SSJ2RcQvETFUq97eYKT2343rl6b/un5pOokse/2PpNruz+uXpsum5et2FpXRNCL9KIkDDfpduHDxzNTc3Oz5oj6+ePad8YULF585fXbq1Oyp2XOTx44dPTLx/HOTz3Ylz915rPvfnz+47/ibV1+dPnH1re+/zOPdVWyvz6NmuOM+R2Lk9s+yzuMdv/vGsruunAz0MBBaUomIfHcNVsf/UFTi1s4bilc+7GlwwLrKsizbuuLZSllYyoC7WBK9jgDojfKLPj//LR93cPrRc9derJ0A5XnfKB61LQORFm0Gl53fdtNIRJxY+vvT/BENr0MAAHTX1/n85+lG87807qtr979ibWg4Iv4fEXsi4p6I2BsR90ZU294fEQ+02P/IsvrK+c9P29tKbI3y+d8LxdrW7fO/cvYXw5Witrua/2By8vTc7OHiMxmNwa15fWKVPr55+edPmm2rn//lj7z/ci5YxPH7wLILdDNTi1Od5Fzv2gcR+wca5Z/cXAlIImJfROxv4/23RcTpJ7842Gz7f+e/ii6sM2WfRzxR2/9LsSz/UrL6+uT4tpibPTxeHhUr/fDjldea9d9R/l2Q7/8dDY//m/kPJ/XrtQut93Hl14+bntO0e/xvSd6olrcUz703tbh4fiJiS7K08vnJW68t62X7PP/RQ43H/56Ifz4rXncgIvKD+MGIeCgiHi5ifyQiHo2IQ6vk/91Lj73dfv7rK89/pqX933qhcubbr5r1v7b9f7RaGi2emZnKsuzy6nmtNcDOPj0AAADYHNLqPfBJOnaznKZjY7V7+PfGjnRufmHxqZPz756bqd0rPxyDaXmla6jueuhEcW24rE8uqx+pXjfOsizbXq2PTc/PrdeaOrA2O5uM/9xvlV5HB6y7ltbRmv2iDdiU/F4T+pfxD/3L+If+ZfxD/2o0/i9H3OhBKMAd5vsf+pfxD/3L+If+1f74dzMQbGKd/K5/tcKe4+v1zndbobIxwmi5EOmGCKO9QroxwqgVtkbEWhtfjjsVWK//MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHvwEAAP//H0rrgQ==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, 0x0) 1m10.109625449s ago: executing program 4 (id=1643): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='task\x00') fchdir(r1) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r2) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1a37c1, 0x42) 1m9.100209468s ago: executing program 4 (id=1646): sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000010000000000000000000000b68c52d2be3c0d900ec666c29d675d162728243eb569bad3fa1fd8a01691c750df426397253f90271edfec8abe81a11ea16df4e7680b1e0e7424ab7e17d15954b3fd56f0845db92f1c21cd48ce8dff07f56431189b9a72376d6d2746af905fd9c010270aba2a59756ac3000dd08d648124ef9279efb93f7f5d28f8a8c6cd651c484fd5774469a0363fc6438d498c99ac03381ecdc537bc37343e7fe1a55c5054705ba639cabecc9c149fb5af8af6f1f88694a991faf766"], 0x48}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="034886dd020027000300300000006000000000082f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef) 1m6.645832878s ago: executing program 35 (id=1646): sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000010000000000000000000000b68c52d2be3c0d900ec666c29d675d162728243eb569bad3fa1fd8a01691c750df426397253f90271edfec8abe81a11ea16df4e7680b1e0e7424ab7e17d15954b3fd56f0845db92f1c21cd48ce8dff07f56431189b9a72376d6d2746af905fd9c010270aba2a59756ac3000dd08d648124ef9279efb93f7f5d28f8a8c6cd651c484fd5774469a0363fc6438d498c99ac03381ecdc537bc37343e7fe1a55c5054705ba639cabecc9c149fb5af8af6f1f88694a991faf766"], 0x48}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="034886dd020027000300300000006000000000082f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef) 36.185132813s ago: executing program 5 (id=1719): sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000c80)=[{{&(0x7f0000000300)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, 0x0}}], 0x1, 0x24004050) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) 35.049940737s ago: executing program 5 (id=1723): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xbd, 0x16, 0xf, 0x40, 0x8086, 0x110, 0xbfad, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x12, 0x24}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000280)={0x1c, &(0x7f00000005c0)={0x40, 0x12}, 0x0, 0x0}) 32.23387461s ago: executing program 5 (id=1730): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001000000090090"], 0x0, 0x0, 0x0, 0x0}, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000000c0)=""/159) 28.602592361s ago: executing program 5 (id=1742): syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="626673002c626673002c626673a8ea3e9173002c626673002c626673002c00"], 0x1, 0x95, &(0x7f0000000240)="$eJzszjGuAVEYBeDzZopHMxtQ2MHswVJQ0qmIxIpsxRLsQKHVjOKSiOk0Q/J9yb3J+U9zTrfjJE3SHZKuTvdqs92t5uvyp2dR92/8mirJf5JRkmlT8mVWur9Hf77ul8839F4AAOBzVdr33I4HWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwfe4BAAD//+TcIcU=") open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"}) openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.pending_reads\x00', 0x440, 0x10) 26.334809202s ago: executing program 5 (id=1748): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "810000cc7100000000000800000000000000ff"}) r1 = syz_open_pts(r0, 0x141201) fcntl$setstatus(r1, 0x4, 0x102800) write(r1, &(0x7f0000000000)="d5", 0xfffffedf) ioctl$TCFLSH(r0, 0x540b, 0x2) 24.396482058s ago: executing program 5 (id=1755): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 23.525956272s ago: executing program 36 (id=1755): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 11.865878015s ago: executing program 0 (id=1795): r0 = socket$inet6(0xa, 0x6, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"]) close_range(r0, 0xffffffffffffffff, 0x0) 11.131387203s ago: executing program 0 (id=1797): r0 = syz_io_uring_setup(0x11e, &(0x7f0000000140), &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x2000010, &(0x7f00000013c0)=ANY=[], 0xf, 0x694, &(0x7f0000000d00)="$eJzs3c1vXFfdB/DvHY8dO0+Vx2mTNkJFRIlUkCISv8gFsyEghLyoUFUWrK3EaaxMnMp2kVshcAHBColF/4CC5B0rJPZBYV123XpZCYlNxCJiY3Tv3LHHnnFsJ36Fzye6Pufec+65v/ndt3nJaAL8z5q5kebjFJm58c5KOb++NtlaX5s8Vze3kpT1RtJsFykWkuJJcrtsL7qmdJU9Pp2ffu+Lp+tftuea9VT1bzxvvT769F2tp1xNMlCXvQb3u4lt491J8kpPl6H9jrWtY5m063UJJ26jx+pBVj/IeQucMp27U9G+b/YYTc4nGa6fB6S+OjSOL8KjcaCrHAAAAJxRnz866QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7Kl//7+op0Zd5mqKzu//D3WW1fUz7fFJBwAAAAAAAAAAh+Brz/IsK7nQmd8oqs/8r1Uzl/LvjeT/8mGWMpfF3MxKZrOc5SxmPMlo10BDK7PLy4vjm2uW+q850XfNieN6xAAAAAAAAADwX+mXmdn6/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6DIhloF9V0qVMfTaOZdttQ2W81+XunfkYU/RY+Pv44AAAA4KUMv8A6//8sz7KSC535jaJ6zf969Xp5OB9mIcuZz3Jamcvd+jV0+aq/sb422Vpfm3xYTr3jfu+fBwqjGrF+f6H/lq9UPUZyL/PVkpu5UwVzN41qzdKVTjz94/qkjKn4bm2fkTXrtJYb+/1u7yIcioO+FTFaBpdsZmSsjq3MxsV2BorqjZpkZyb23DvNnVtKI4ObWxpPY/Odn0tHkPPzdVk+nt8cac4PajMTjVSZmOg6+l5/fiaSr//lTz+531p4cP/e0o3T85D2MLDL8p3HxGRXJt4405loHrD/WJWJy5vzM/lhfpwbuZp3s5j5/DSzWc5cNur22fp4Lv+OPj9Tt7fNvbtXJEP1fmnvs/3EdDU/qGqzuVateyHzKfIodzOXt6t/ExnPtzKVqUx37eHLu8ZdPbbqrG/sPOs7e/qvfYO//o26MpLkt3XZk4Mddjs6D0v72l/m9WJXXttH/dPNXhe7zoOxriy92snOYN/BX+Ta2PxKXSm38au6PB1G60yUJ1DnLtGJ7rV2JprVvaj3OP9DdW4stRYeLN6f/WCX8Vd3zL9Vl+VhtfbV/UbZf1ccrvJ4eTXD9ZVk+9FRtr22eZW5uO2uOlR/4tJua/S0Xa7aiqJzpv5o1zN1qH4O1zvSRNX2Rt+2yartSlfbtudbeZRW7h5D/gB4SaM5PzTyj5HPRz4b+fXI/ZF3hr9/7tvn3hzK4N8Gv9McG3ir8Wbx53yWn2+9/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF7c0kcfP5htteYW+1cauzftUdlr5B2Vov5Bnxfa1imsDCfZtmSwXHDsYYzsDKOnsvGL5Njz0/kRwf59fldWmtnPgLf36vPJiR8Jp70ykP4HwAlfmIAjd2v54Qe3lj76+JvzD2ffn3t/bmFwamp6bHrq7clb9+Zbc2PtvycdJXAUtm76Jx0JAAAAAAAAAAAAsF/9vhhw7ZW9vjSyr+94+J+FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKGYuZHm4xQZH7s5Vs6vr022yqlT3+rZTNJoJMXPkuJJcjvtKaNdwxX545Ns9NnOp/PT733xdP3LrbGa7f5Joy5fwmo95WqSgbo8rPHuvPR4xb86j7BM2PVO4uCk/ScAAP//kSr0rQ==") open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) 8.865533758s ago: executing program 0 (id=1798): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1e7d, 0x2ced, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000780)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x8, "e8abe873"}]}}, 0x0}, 0x0) 8.860853138s ago: executing program 7 (id=1800): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x1, 0x3, 0x4e, 0x0, 0x4, 0x5, 0x5, 0xe, 0xb, 0x7, 0x1, 0xc, 0x0, 0x937, 0xc, 0x5, 0x10, 0xde, 0x6, '\x00', 0x10, 0x7}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.699131505s ago: executing program 7 (id=1803): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) fchdir(r0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/uts\x00') mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r1, &(0x7f00000020c0)={0x2020}, 0x2020) 7.178445817s ago: executing program 7 (id=1805): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x2, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) shutdown(r0, 0x1) sendmsg$netlink(r0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=ANY=[], 0x40, 0x4}, 0x40) 6.689856873s ago: executing program 7 (id=1806): io_setup(0x7, &(0x7f00000000c0)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10) io_submit(r0, 0x40000000000000fd, &(0x7f00000005c0)=[&(0x7f0000000100)={0x0, 0x4, 0x0, 0x0, 0x4, r2, &(0x7f0000000300)='@', 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x1, 0x0, r1, 0x0, 0x0, 0x9}]) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) 5.470458176s ago: executing program 8 (id=1809): r0 = syz_io_uring_setup(0xec7, &(0x7f00000003c0)={0x0, 0x4bb6}, &(0x7f00000002c0)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x4, 0x0, @fd_index, 0x0, &(0x7f0000000280)=[{0x0}, {0x0}], 0x2, 0x7, 0x1}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a0000001801000020207025000000000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) 5.020266725s ago: executing program 0 (id=1810): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r1, 0xf505, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xfe3b) openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x1418c2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0) write$vga_arbiter(r5, &(0x7f0000000080)=ANY=[@ANYBLOB='lock i'], 0xc) write$vga_arbiter(r5, &(0x7f0000000100)=@unlock_all, 0xb) sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x3c, r3, 0x20d, 0x0, 0xfffffffe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_SETUP={0x14, 0x70, [@NL80211_MESH_SETUP_USERSPACE_MPM={0x4}, @NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5, 0x2, 0x1}, @NL80211_MESH_SETUP_IE={0x4}]}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40045}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18}]}}]}, 0x48}}, 0x0) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1e7d, 0x2ced, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) fcntl$dupfd(r7, 0x404, 0xffffffffffffffff) syz_usb_control_io$hid(r6, 0x0, 0x0) sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r6, &(0x7f0000000780)={0x24, 0x0, 0x0, &(0x7f0000000700)={0x0, 0x22, 0x5, {[@main=@item_012={0x1, 0x0, 0x9, "9f"}, @global=@item_012={0x2, 0x1, 0x0, "16c2"}]}}, 0x0}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@delchain={0x24, 0x25, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0xfff1}}}, 0x24}}, 0x0) 5.009695562s ago: executing program 3 (id=1811): unshare(0x2c060000) semget$private(0x0, 0x3, 0x0) semtimedop(0x0, &(0x7f0000000080)=[{0x0, 0x0, 0x1800}], 0x1, 0x0) r0 = semget$private(0x0, 0x2, 0x0) semop(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x1) unshare(0x40200) 4.769865184s ago: executing program 7 (id=1812): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0xe3, 0xdd, 0xef, 0x20, 0x1d50, 0x60a1, 0xa14f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x14, 0x4e}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000140)=ANY=[], 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000400)={0x34, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000640)={0x0, 0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0x44, &(0x7f0000000180)={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000600)={0x40, 0x1}, 0x0, 0x0}) 3.810032388s ago: executing program 3 (id=1813): r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x104}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0) recvmmsg(r1, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f0000000180)=[{&(0x7f00000014c0)=""/4095, 0x10e0}, {&(0x7f00000003c0)=""/254, 0xf0}], 0x4, 0x0, 0x353}}], 0xebadb096fd1881, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d000100000000000000000007"], 0x28}}, 0x0) 3.713902489s ago: executing program 8 (id=1814): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00\x00v4\x00 s/\x92ync_\x00leh4.\xab%nN\xd4\xa2r\t\xd1\x1e,\x00\x00\x00\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000) 2.857245072s ago: executing program 8 (id=1815): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x3ff, @empty, 0xfffffffe}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendmmsg$inet6(r0, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="8252", 0x2}], 0x1}}], 0x1, 0x4000c000) sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd) 2.636859309s ago: executing program 3 (id=1816): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c0000001d00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB='@\x002'], 0x1c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r3, @ANYBLOB="8002020c0a00020057ff0200aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0) 2.126567291s ago: executing program 3 (id=1817): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6) 1.880988889s ago: executing program 8 (id=1818): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000014000905000000000000000002010000", @ANYRES32=r2, @ANYBLOB="08000a000000000008000200ffffffff08000400ac1414aa080004007f00000108000400e000000208000900"], 0x48}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0) 1.464664573s ago: executing program 3 (id=1819): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) shutdown(r1, 0x1) listen(r1, 0x0) sendto$inet6(r0, &(0x7f0000000940)="a5", 0x1, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 1.116453387s ago: executing program 8 (id=1820): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='shortname=lower,nonumtail=0,codepage=1251,shortname=mixed,dos1xfloppy,shortname=lower,rodir,uii_xlate=0,utf8=0,rodir,\x00'], 0x1, 0x217, &(0x7f00000004c0)="$eJzs3TFrE2EYB/CnttVSkGQQiiJ44uIUmop7ilQQA4qSQSeLTVGaWDAQ0KF180voV9DRVXAQV7+ACFIFF7t1ECL1YmNrYiM1OTG/35KH3Pu/e95LyEuGvLl1sr6ytNpY3tzciKmpsZgoRSm2xiIfh2I8Uo8CAPifbLVa8aWVyroXAGA4rP8AMHr6XP+vDrElAGDAfP8HgNFz/cbNy/Pl8sK1JJmKqD9uVpqV9DE9Pr8cd6MW1ZiNXHyNaO1I64uXyguzybaP+ajU19v59WZlfHe+GLnId88Xk9Tu/GRMt/PvpqMac5GLY93zc13zh+PsmZ+uX4hcvL0dq1GLpdjOdvJrxSS5cKW8J3/k+zgAAAAAAAAAAAAAAAAAAAAAABiEQrKj6/49hUKv42m+//2B9u7PMxEnJrKdOwAAAAAAAAAAAAAAAAAAAPwrGg8erizWatX7vyvuvXn2ar8xfRZj7ese9DwHL46e/vCk15jxP7s/f7d4eSrL29Jn8XrjzvFzjZnzmbUxGRG/PtPzrfU5FzGgfp5n+lr8mPW+g2eelhZfrL3/1O+Zh/5RBAAAAAAAAAAAAAAAAAAAI6/zo9+sOwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA7HT+/39wRdZzBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbwEAAP//uSidyw==") mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000000c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.005808236s ago: executing program 0 (id=1821): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='freezer.state\x00', 0x275a, 0x0) r3 = dup2(r0, r2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x100000e, 0x12, r2, 0x0) sendmsg$unix(r3, &(0x7f0000002500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x20000000}, 0x48000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x3) 719.42789ms ago: executing program 7 (id=1822): ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000200)={0x0, 'pimreg0\x00', {0x3}, 0x43}) r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 719.086812ms ago: executing program 3 (id=1823): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000280)={[0xc0, 0x400, 0x2, 0xa, 0xe6f, 0x4, 0x200, 0x3, 0xfffffffffffffff8, 0x8, 0xfffffffffffffff1, 0x80, 0xfffffffffffffffe, 0x2ee, 0x6, 0x8], 0xffff1000, 0x2000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000003c0)={0x40000, 0x0, [0x3ff, 0xfffffffffffffff1, 0x3, 0x9, 0x5, 0x5, 0x6, 0x10000]}) 10.041175ms ago: executing program 0 (id=1824): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000540)=@bpf_ext={0x1c, 0x21, &(0x7f0000000880)=ANY=[@ANYBLOB="180000005500000000000000ff", @ANYBLOB], 0x0, 0x5f0819e0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2c140, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10001, @void, @value}, 0x94) syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000300)='./file1\x00', 0x1014800, &(0x7f0000001880)=ANY=[@ANYRES16=0x0, @ANYBLOB="f9cba1923b054572145c2e67b885838cb353bc831573228abfb498e7f1fd8103aceb50858482ddb69dd9112c10e3d66c32cab6609b02bf9f07615fb29a27d49a24de56c84013a0c47945492852bdc34e69ddc25ffb9f4d1dd1af98558daa9974edd7d1abd46ee9d69da503b22758321d5031603da076b28cfc7d9477af38586cb482ad3a187ab4c7b916fad188280cee", @ANYRES32, @ANYRES8, @ANYRES8=0x0, @ANYRES64, @ANYRESDEC, @ANYRES64, @ANYBLOB="7540c430e8d8cb55e0610f65aa69c7eb0e142a7517e581064ff06e9ce239e0442bbf8cf256a108d756ee68844798521e40cb7b7963cd4041f65dc013adbd4ccf55477d30e5c56ff7db509a5cef7b7db994b9626f3e1e66ff309fa925885a36b49f6a215f7990ea209bdf87f38e08ed924527c0e45f594c78d32118cd03202a8875"], 0x1, 0xda6, &(0x7f0000006680)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000080), 0x10010) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x10012, r1, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r0, 0x80186e84, &(0x7f0000000800)={@desc={0x1, 0x0, @auto="0b2882a48f00"}}) 0s ago: executing program 8 (id=1825): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) syz_io_uring_setup(0x6865, &(0x7f00000003c0)={0x0, 0x0, 0x2000}, &(0x7f0000000080), &(0x7f0000000140)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): 16 compat=0 ip=0x7f1a5058040b code=0x7ffc0000 [ 561.642923][ T29] audit: type=1326 audit(1732846248.284:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9543 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1a5057f46a code=0x7ffc0000 [ 561.665800][ T29] audit: type=1326 audit(1732846248.294:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9543 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1a5057f46a code=0x7ffc0000 [ 561.688907][ T29] audit: type=1326 audit(1732846248.294:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9543 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1a5057f077 code=0x7ffc0000 [ 561.711689][ T29] audit: type=1326 audit(1732846248.294:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9543 comm="syz.3.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f1a50581faa code=0x7ffc0000 [ 562.111898][ T9545] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 562.887773][ T9580] input: syz0 as /devices/virtual/input/input36 [ 564.288959][ T9594] program syz.3.1171 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 564.372553][ T9591] loop4: detected capacity change from 0 to 32768 [ 566.284946][ T9616] loop3: detected capacity change from 0 to 1024 [ 566.797216][ T9620] loop4: detected capacity change from 0 to 512 [ 566.859647][ T9620] EXT4-fs: Ignoring removed oldalloc option [ 567.028021][ T9620] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1180: Parent and EA inode have the same ino 15 [ 567.071206][ T9620] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1180: Parent and EA inode have the same ino 15 [ 567.168835][ T9620] EXT4-fs (loop4): 1 orphan inode deleted [ 567.290098][ T9620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 567.525652][ T5807] Bluetooth: hci0: unexpected event for opcode 0x0c26 [ 567.655374][ T9635] loop6: detected capacity change from 0 to 64 [ 568.196844][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.934859][ T9652] netlink: 112 bytes leftover after parsing attributes in process `syz.6.1193'. [ 569.259797][ T9654] loop4: detected capacity change from 0 to 1024 [ 569.395997][ T9654] hfsplus: extend alloc file! (8192,65536,366) [ 570.988401][ T44] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 571.054872][ T9679] loop0: detected capacity change from 0 to 2048 [ 571.179170][ T44] usb 5-1: Using ep0 maxpacket: 16 [ 571.192413][ T9679] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 571.222680][ T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 571.222871][ T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58880, setting to 1024 [ 571.223050][ T44] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 571.223278][ T44] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 571.223434][ T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.261927][ T44] usb 5-1: config 0 descriptor?? [ 571.264815][ T9677] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 571.279137][ T9687] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 571.301964][ T44] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input37 [ 571.623517][ T44] usb 5-1: USB disconnect, device number 23 [ 571.714207][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.184015][ T9705] loop0: detected capacity change from 0 to 256 [ 573.636945][ T9710] loop6: detected capacity change from 0 to 2048 [ 573.748500][ T9705] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 574.237112][ T9710] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 575.147619][ T9731] netlink: 'syz.4.1216': attribute type 1 has an invalid length. [ 575.155971][ T9731] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 575.163631][ T9731] IPv6: NLM_F_CREATE should be set when creating new route [ 576.205874][ T9739] loop4: detected capacity change from 0 to 1024 [ 576.243704][ T9739] EXT4-fs: Ignoring removed nobh option [ 576.390935][ T9739] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 576.608429][ T5865] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 577.085640][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.134851][ T5865] usb 4-1: Using ep0 maxpacket: 8 [ 577.228063][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 577.239577][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 577.249859][ T5865] usb 4-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00 [ 577.259411][ T5865] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 577.274017][ T5865] usb 4-1: config 0 descriptor?? [ 577.581113][ T5865] usbhid 4-1:0.0: can't add hid device: -71 [ 577.587773][ T5865] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 577.783052][ T5865] usb 4-1: USB disconnect, device number 19 [ 578.235012][ T9761] loop0: detected capacity change from 0 to 32768 [ 578.418370][ T9761] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1225 (9761) [ 578.660749][ T9761] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 578.671455][ T9761] BTRFS info (device loop0): using sha256 (sha256-generic) checksum algorithm [ 578.682873][ T9761] BTRFS info (device loop0): using free-space-tree [ 579.279144][ T44] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 579.396209][ T9761] BTRFS info (device loop0): rebuilding free space tree [ 579.493912][ T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 579.505443][ T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 579.515719][ T44] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 579.529271][ T44] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 579.543225][ T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.617814][ T44] usb 5-1: config 0 descriptor?? [ 580.128554][ T9797] loop6: detected capacity change from 0 to 2048 [ 580.195298][ T44] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving [ 580.241342][ T44] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 580.265575][ T9797] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 580.386382][ T9797] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 580.435475][ T5865] usb 5-1: USB disconnect, device number 24 [ 581.037522][ T9808] loop3: detected capacity change from 0 to 2048 [ 581.152482][ T8126] UDF-fs: warning (device loop6): udf_evict_inode: Inode 1367 (mode 120777) has inode size 4 different from extent length 512. Filesystem need not be standards compliant. [ 581.325333][ T5806] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 581.549879][ T9812] loop5: detected capacity change from 0 to 512 [ 581.594253][ T9812] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 581.644277][ T9820] loop6: detected capacity change from 0 to 128 [ 581.668961][ T9808] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 581.745579][ T9808] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 581.780106][ T9812] EXT4-fs (loop5): 1 truncate cleaned up [ 581.787720][ T9812] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 582.331857][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.772970][ T7728] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.046926][ T9836] netlink: 'syz.5.1240': attribute type 29 has an invalid length. [ 583.071878][ T9836] netlink: 'syz.5.1240': attribute type 29 has an invalid length. [ 583.091872][ T9836] netlink: 500 bytes leftover after parsing attributes in process `syz.5.1240'. [ 583.102047][ T9836] unsupported nla_type 40 [ 583.246186][ T9842] syzkaller1: entered promiscuous mode [ 583.252328][ T9842] syzkaller1: entered allmulticast mode [ 584.918572][ T5865] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 585.158794][ T44] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 585.430417][ T44] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 585.440078][ T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 585.450378][ T5865] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 585.460955][ T5865] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 585.521140][ T44] usb 4-1: config 0 descriptor?? [ 585.551718][ T44] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 585.562983][ T5865] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 585.572460][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 585.583740][ T5865] usb 5-1: SerialNumber: syz [ 585.901593][ T5865] usb 5-1: 0:2 : does not exist [ 586.161035][ T44] gp8psk: usb in 128 operation failed. [ 586.198479][ T44] gp8psk: usb in 137 operation failed. [ 586.211898][ T44] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 586.294277][ T44] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 586.309514][ T44] usb 4-1: media controller created [ 586.372870][ T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 586.552675][ T44] gp8psk_fe: Frontend attached [ 586.557847][ T44] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 586.566629][ T44] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 586.748496][ T5437] usb 5-1: USB disconnect, device number 25 [ 586.877834][ T9876] loop6: detected capacity change from 0 to 512 [ 586.931925][ T9876] EXT4-fs: Ignoring removed orlov option [ 587.007316][ T9876] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102] [ 587.051361][ T9876] System zones: 1-12 [ 587.075114][ T9876] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.1252: casefold flag without casefold feature [ 587.138784][ T44] gp8psk: usb in 137 operation failed. [ 587.144506][ T44] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 587.154441][ T44] gp8psk: found Genpix USB device pID = 203 (hex) [ 587.316140][ T9876] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.1252: couldn't read orphan inode 15 (err -117) [ 587.468320][ T44] usb 4-1: USB disconnect, device number 20 [ 587.497857][ T6039] udevd[6039]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 587.500342][ T9876] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 587.669934][ T9876] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 587.779026][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.785701][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 588.266118][ T44] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 588.695525][ T9899] loop5: detected capacity change from 0 to 4096 [ 588.739756][ T9899] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 588.824258][ T9899] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 588.842580][ T9899] ntfs3(loop5): Failed to load $MFTMirr (-22). [ 590.785419][ T9925] loop3: detected capacity change from 0 to 32768 [ 591.300647][ T9925] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 591.507359][ T5816] ocfs2: Unmounting device (7,3) on (node local) [ 592.702367][ T9942] loop4: detected capacity change from 0 to 4096 [ 592.779115][ T9942] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 593.328874][ T5865] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 593.463247][ T9954] loop3: detected capacity change from 0 to 1024 [ 593.545697][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 593.557201][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 593.569865][ T5865] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 593.583804][ T5865] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 593.593364][ T5865] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.780764][ T5865] usb 6-1: config 0 descriptor?? [ 593.943743][ T3600] hfsplus: b-tree write err: -5, ino 4 [ 594.340338][ T5865] acrux 0003:1A34:0802.001A: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.5-1/input0 [ 594.351965][ T5865] acrux 0003:1A34:0802.001A: no inputs found [ 594.358386][ T5865] acrux 0003:1A34:0802.001A: Failed to enable force feedback support, error: -19 [ 594.645077][ T44] usb 6-1: USB disconnect, device number 10 [ 595.297668][ T9977] loop3: detected capacity change from 0 to 128 [ 595.320377][ T9973] loop0: detected capacity change from 0 to 2048 [ 595.448538][ T9978] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 595.920962][ T9975] loop4: detected capacity change from 0 to 4096 [ 596.628948][ T5865] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 596.909438][ T5865] usb 6-1: Using ep0 maxpacket: 8 [ 597.067675][ T5865] usb 6-1: config 150 has an invalid interface number: 204 but max is 1 [ 597.076701][ T5865] usb 6-1: config 150 has no interface number 0 [ 597.083426][ T5865] usb 6-1: config 150 interface 204 has no altsetting 0 [ 597.090901][ T5865] usb 6-1: config 150 interface 1 has no altsetting 0 [ 597.198772][ T5865] usb 6-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 597.208986][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.217269][ T5865] usb 6-1: Product: syz [ 597.221892][ T5865] usb 6-1: Manufacturer: syz [ 597.226740][ T5865] usb 6-1: SerialNumber: syz [ 597.524019][ T5865] xr_serial 6-1:150.204: xr_serial converter detected [ 597.706794][T10000] loop3: detected capacity change from 0 to 4096 [ 598.165667][T10015] loop0: detected capacity change from 0 to 4096 [ 598.188522][T10013] loop6: detected capacity change from 0 to 128 [ 598.223703][T10015] NILFS (loop0): invalid segment: Checksum error in segment payload [ 598.232233][T10015] NILFS (loop0): trying rollback from an earlier position [ 598.374967][T10015] NILFS (loop0): recovery complete [ 598.460536][ T5865] xr_serial ttyUSB0: Failed to set reg 0x0e: -71 [ 598.467313][ T5865] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 598.518745][T10016] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 598.566391][ T5865] usb 6-1: USB disconnect, device number 11 [ 598.576354][ T5865] xr_serial 6-1:150.204: device disconnected [ 600.064332][T10036] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 601.258961][ T44] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 601.434528][ T44] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 601.446144][ T44] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 601.460260][ T44] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 601.474994][ T44] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 601.484793][ T44] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 601.800782][ T44] usb 6-1: config 0 descriptor?? [ 602.759987][T10066] loop3: detected capacity change from 0 to 32768 [ 602.797654][ T44] plantronics 0003:047F:FFFF.001B: No inputs registered, leaving [ 602.818340][ T44] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 602.853932][T10067] loop6: detected capacity change from 0 to 4096 [ 602.883983][T10066] ERROR: (device loop3): diRead: i_ino != di_number [ 602.883983][T10066] [ 602.898908][T10066] ERROR: (device loop3): remounting filesystem as read-only [ 603.016822][ T5865] usb 6-1: USB disconnect, device number 12 [ 603.327247][T10073] nullb0: AHDI p1 [ 603.536982][T10067] ntfs3(loop6): failed to convert "0000" to iso8859-6 [ 603.903135][T10079] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1321'. [ 604.919371][ T5865] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 604.968451][ T44] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 605.168589][ T5865] usb 4-1: Using ep0 maxpacket: 16 [ 605.192485][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 97, changing to 7 [ 605.198743][ T44] usb 6-1: Using ep0 maxpacket: 8 [ 605.204078][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 24929, setting to 1024 [ 605.233630][ T44] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 605.247095][ T44] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 605.276301][ T44] usb 6-1: config 0 descriptor?? [ 605.278877][ T5865] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 605.290851][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 605.299333][ T5865] usb 4-1: Product: syz [ 605.303734][ T5865] usb 4-1: Manufacturer: syz [ 605.308675][ T5865] usb 4-1: SerialNumber: syz [ 605.326555][ T5865] usb 4-1: config 0 descriptor?? [ 605.348951][ T5865] hub 4-1:0.0: bad descriptor, ignoring hub [ 605.355157][ T5865] hub 4-1:0.0: probe with driver hub failed with error -5 [ 605.371714][ T5865] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input38 [ 605.679572][ T10] usb 4-1: USB disconnect, device number 21 [ 606.361041][ T44] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 606.379994][ T44] asix 6-1:0.0: probe with driver asix failed with error -71 [ 606.457130][ T44] usb 6-1: USB disconnect, device number 13 [ 608.274072][T10123] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1338'. [ 609.085958][T10133] loop4: detected capacity change from 0 to 512 [ 609.111287][T10133] EXT4-fs: Ignoring removed orlov option [ 609.454163][T10133] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.1344: Attempting to read directory block (0) that is past i_size (256) [ 609.550659][T10133] EXT4-fs (loop4): Remounting filesystem read-only [ 609.557464][T10133] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 609.788988][T10133] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 610.067071][T10153] syz.3.1350 (10153): drop_caches: 4 [ 610.191097][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 612.007780][T10163] loop0: detected capacity change from 0 to 32768 [ 612.110073][T10163] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 612.315004][ T5806] ocfs2: Unmounting device (7,0) on (node local) [ 612.740622][T10175] loop5: detected capacity change from 0 to 256 [ 612.842920][T10175] exfat: Deprecated parameter 'namecase' [ 613.037269][T10175] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 614.039286][ T29] kauditd_printk_skb: 42 callbacks suppressed [ 614.039366][ T29] audit: type=1326 audit(1732846300.764:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.158405][ T29] audit: type=1326 audit(1732846300.834:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.181636][ T29] audit: type=1326 audit(1732846300.854:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.205098][ T29] audit: type=1326 audit(1732846300.854:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.228734][ T29] audit: type=1326 audit(1732846300.854:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.254369][ T29] audit: type=1326 audit(1732846300.874:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.278334][ T29] audit: type=1326 audit(1732846300.874:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.301272][ T29] audit: type=1326 audit(1732846300.874:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.626432][T10196] loop4: detected capacity change from 0 to 2048 [ 614.928138][T10195] loop3: detected capacity change from 0 to 32768 [ 614.939324][ T29] audit: type=1326 audit(1732846301.054:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 614.961277][T10196] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 614.962595][ T29] audit: type=1326 audit(1732846301.054:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10192 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4903780809 code=0x7ffc0000 [ 615.036632][T10195] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 615.064395][T10195] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 615.556370][ T5816] ocfs2: Unmounting device (7,3) on (node local) [ 616.436001][T10213] loop6: detected capacity change from 0 to 64 [ 617.807186][T10202] loop5: detected capacity change from 0 to 32768 [ 617.849996][T10225] sctp: [Deprecated]: syz.6.1376 (pid 10225) Use of int in max_burst socket option deprecated. [ 617.849996][T10225] Use struct sctp_assoc_value instead [ 618.807863][T10234] loop0: detected capacity change from 0 to 2048 [ 618.950146][T10234] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 619.059507][ T29] kauditd_printk_skb: 51 callbacks suppressed [ 619.059584][ T29] audit: type=1326 audit(1732846305.784:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6aa157f170 code=0x7ffc0000 [ 619.094160][ T29] audit: type=1326 audit(1732846305.784:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6aa158040b code=0x7ffc0000 [ 619.117194][ T29] audit: type=1326 audit(1732846305.784:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6aa157f46a code=0x7ffc0000 [ 619.217440][ T29] audit: type=1326 audit(1732846305.914:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 619.240476][ T29] audit: type=1326 audit(1732846305.934:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 619.262995][ C0] vkms_vblank_simulate: vblank timer overrun [ 619.272488][ T29] audit: type=1326 audit(1732846305.934:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 619.296181][ T29] audit: type=1326 audit(1732846305.934:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 619.319427][ T29] audit: type=1326 audit(1732846305.944:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 619.342262][ T29] audit: type=1326 audit(1732846305.944:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 619.364774][ C0] vkms_vblank_simulate: vblank timer overrun [ 619.374903][ T29] audit: type=1326 audit(1732846305.944:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10233 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 619.397501][ C0] vkms_vblank_simulate: vblank timer overrun [ 619.915789][T10241] loop6: detected capacity change from 0 to 2048 [ 619.975627][T10238] loop3: detected capacity change from 0 to 32768 [ 620.211604][T10238] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 620.319205][T10243] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 620.343780][T10238] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 620.435910][T10243] NILFS (loop6): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 620.447414][T10243] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=4) [ 620.566168][ T5816] ocfs2: Unmounting device (7,3) on (node local) [ 620.622706][T10243] Remounting filesystem read-only [ 620.654697][T10241] NILFS (loop6): mounting fs with errors [ 620.710574][T10241] NILFS error (device loop6): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 620.720965][T10241] Remounting filesystem read-only [ 620.842560][T10250] mkiss: ax0: crc mode is auto. [ 621.488905][ T8126] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer [ 622.740454][T10268] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1393'. [ 623.644957][T10274] loop0: detected capacity change from 0 to 2048 [ 623.717038][T10274] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 623.929836][T10277] loop6: detected capacity change from 0 to 4096 [ 624.068580][ T29] kauditd_printk_skb: 79 callbacks suppressed [ 624.068659][ T29] audit: type=1326 audit(1732846310.784:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.101734][ T29] audit: type=1326 audit(1732846310.784:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.238561][ T29] audit: type=1326 audit(1732846310.864:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.261507][ T29] audit: type=1326 audit(1732846310.864:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.284451][ T29] audit: type=1326 audit(1732846310.864:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.309955][ T29] audit: type=1326 audit(1732846310.874:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.334333][ T29] audit: type=1326 audit(1732846310.874:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.357305][ T29] audit: type=1326 audit(1732846310.874:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10273 comm="syz.0.1395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa1580809 code=0x7ffc0000 [ 624.711390][T10292] loop9: detected capacity change from 0 to 7 [ 624.770492][T10292] Dev loop9: unable to read RDB block 7 [ 624.776385][T10292] loop9: AHDI p1 p3 [ 624.781168][T10292] loop9: partition table partially beyond EOD, truncated [ 624.789551][T10292] loop9: p1 start 2048 is beyond EOD, truncated [ 625.951818][T10307] loop6: detected capacity change from 0 to 16 [ 625.963308][T10307] erofs (device loop6): mounted with root inode @ nid 36. [ 626.039103][T10304] loop4: detected capacity change from 0 to 1024 [ 626.052043][T10304] EXT4-fs: Ignoring removed orlov option [ 626.144209][T10304] EXT4-fs (loop4): Test dummy encryption mode enabled [ 626.226054][T10304] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 626.686477][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 627.110343][T10317] loop4: detected capacity change from 0 to 256 [ 627.148378][ T29] audit: type=1326 audit(1732846313.864:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.6.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 627.305955][ T29] audit: type=1326 audit(1732846313.924:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.6.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 627.412835][T10317] FAT-fs (loop4): Directory bread(block 64) failed [ 627.420029][T10317] FAT-fs (loop4): Directory bread(block 65) failed [ 627.426959][T10317] FAT-fs (loop4): Directory bread(block 66) failed [ 627.434123][T10317] FAT-fs (loop4): Directory bread(block 67) failed [ 627.441182][T10317] FAT-fs (loop4): Directory bread(block 68) failed [ 627.448105][T10317] FAT-fs (loop4): Directory bread(block 69) failed [ 627.455047][T10317] FAT-fs (loop4): Directory bread(block 70) failed [ 627.465214][T10317] FAT-fs (loop4): Directory bread(block 71) failed [ 627.473036][T10317] FAT-fs (loop4): Directory bread(block 72) failed [ 627.479985][T10317] FAT-fs (loop4): Directory bread(block 73) failed [ 627.558960][T10319] loop6: detected capacity change from 0 to 2048 [ 627.786223][T10319] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 628.840521][T10339] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 629.238447][T10345] gretap0: entered promiscuous mode [ 629.244406][T10345] vlan2: entered promiscuous mode [ 629.311000][T10345] gretap0: left promiscuous mode [ 629.462376][ T29] kauditd_printk_skb: 52 callbacks suppressed [ 629.462456][ T29] audit: type=1804 audit(1732846316.184:768): pid=10347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1425" name="/" dev="pidfs" ino=10646 res=1 errno=0 [ 630.053262][ T29] audit: type=1326 audit(1732846316.764:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 630.076460][ T29] audit: type=1326 audit(1732846316.774:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 630.099517][ T29] audit: type=1326 audit(1732846316.774:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 630.122441][ T29] audit: type=1326 audit(1732846316.774:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 630.210042][ T29] audit: type=1326 audit(1732846316.904:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 630.235808][ T29] audit: type=1326 audit(1732846316.904:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 630.259672][ T29] audit: type=1326 audit(1732846316.904:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1d68980809 code=0x7ffc0000 [ 630.282535][ T29] audit: type=1326 audit(1732846316.904:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1d68980843 code=0x7ffc0000 [ 630.305336][ T29] audit: type=1326 audit(1732846316.914:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10352 comm="syz.6.1427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1d6897f2bf code=0x7ffc0000 [ 630.381945][T10354] loop6: detected capacity change from 0 to 2048 [ 630.759843][T10354] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 631.008348][T10357] loop4: detected capacity change from 0 to 1024 [ 631.581018][ T3600] hfsplus: b-tree write err: -5, ino 4 [ 632.044090][T10350] loop5: detected capacity change from 0 to 32768 [ 632.153757][T10350] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1426 (10350) [ 632.217495][T10353] loop3: detected capacity change from 0 to 32768 [ 632.239401][T10353] (syz.3.1428,10353,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 632.241866][T10353] (syz.3.1428,10353,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 632.305481][T10350] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 632.305737][T10350] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm [ 632.306290][T10350] BTRFS info (device loop5): using free-space-tree [ 632.368802][T10353] JBD2: Ignoring recovery information on journal [ 632.438606][T10353] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 632.502346][T10370] loop0: detected capacity change from 0 to 1024 [ 632.626067][T10370] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 632.847042][T10370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 632.973355][T10393] sp0: Synchronizing with TNC [ 633.407149][T10396] loop4: detected capacity change from 0 to 1024 [ 633.425599][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.433722][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.441657][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.449526][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.457216][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.465077][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.472936][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.480739][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.488974][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.497470][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.511086][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.520430][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.528269][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.535954][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.543766][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.565410][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.573354][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.584500][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.592511][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.600364][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.612946][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.622124][ T44] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 633.658817][ T44] hid-generic 0000:0000:0000.001C: hidraw0: HID vffffff.fe Device [syz0] on syz1 [ 633.724841][ T7728] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 633.736301][T10396] EXT4-fs (loop4): can't mount with journal_async_commit, fs mounted w/o journal [ 633.844758][ T5816] ocfs2: Unmounting device (7,3) on (node local) [ 634.060343][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 635.064108][T10399] loop3: detected capacity change from 0 to 32768 [ 635.398946][T10399] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 636.000477][T10414] loop6: detected capacity change from 0 to 4096 [ 636.060570][T10414] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 636.138604][T10412] loop4: detected capacity change from 0 to 2048 [ 636.480720][T10412] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 636.585515][ T5816] ocfs2: Unmounting device (7,3) on (node local) [ 636.736110][T10414] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 637.399965][T10422] loop0: detected capacity change from 0 to 4096 [ 637.506863][T10422] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 637.523591][T10422] ntfs3(loop0): It is recommened to use chkdsk. [ 637.872660][T10431] loop4: detected capacity change from 0 to 512 [ 638.413106][T10430] loop6: detected capacity change from 0 to 32768 [ 638.431065][T10431] EXT4-fs: Ignoring removed i_version option [ 638.437421][T10431] EXT4-fs: Ignoring removed nobh option [ 638.445054][T10430] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1448 (10430) [ 638.463631][T10431] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 638.627565][T10431] EXT4-fs (loop4): 1 truncate cleaned up [ 638.635360][T10431] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 638.706252][T10430] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 638.718488][T10430] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 638.733892][T10430] BTRFS info (device loop6): using free-space-tree [ 639.260595][T10453] loop5: detected capacity change from 0 to 1024 [ 639.521337][T10453] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 639.728599][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 639.801356][T10453] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 640.071066][T10468] loop4: detected capacity change from 0 to 8 [ 640.121380][T10468] SQUASHFS error: lzo decompression failed, data probably corrupt [ 640.130611][T10468] SQUASHFS error: Failed to read block 0x91: -5 [ 640.137089][T10468] SQUASHFS error: Unable to read metadata cache entry [8f] [ 640.144879][T10468] SQUASHFS error: Unable to read inode 0x11f [ 640.669622][ T7728] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.928971][T10476] loop0: detected capacity change from 0 to 256 [ 641.599909][ T8126] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 641.635300][T10487] loop5: detected capacity change from 0 to 128 [ 641.665501][T10487] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 642.248408][T10480] sctp: failed to load transform for md5: -4 [ 642.452996][T10487] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 642.742186][T10497] loop3: detected capacity change from 0 to 1024 [ 643.438993][T10499] loop4: detected capacity change from 0 to 32768 [ 643.517125][T10501] loop5: detected capacity change from 0 to 164 [ 643.649490][ T3688] hfsplus: b-tree write err: -5, ino 4 [ 643.682568][T10501] Unable to read rock-ridge attributes [ 645.564585][T10520] 9pnet_fd: Insufficient options for proto=fd [ 645.882321][T10522] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1475'. [ 646.204697][T10526] loop5: detected capacity change from 0 to 256 [ 646.240611][T10529] loop3: detected capacity change from 0 to 64 [ 646.292766][T10526] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 647.963597][T10539] loop3: detected capacity change from 0 to 256 [ 649.143001][T10550] loop5: detected capacity change from 0 to 2048 [ 649.352976][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.360143][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 649.447332][T10554] loop6: detected capacity change from 0 to 512 [ 649.589468][T10554] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities [ 649.596416][T10550] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 649.745717][T10550] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 649.795316][T10550] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 30 with max blocks 1 with error 28 [ 649.808230][T10550] EXT4-fs (loop5): This should not happen!! Data will be lost [ 649.808230][T10550] [ 649.818971][T10550] EXT4-fs (loop5): Total free blocks count 0 [ 649.825179][T10550] EXT4-fs (loop5): Free/Dirty block details [ 649.831490][T10550] EXT4-fs (loop5): free_blocks=2415919504 [ 649.837449][T10550] EXT4-fs (loop5): dirty_blocks=16 [ 649.842943][T10550] EXT4-fs (loop5): Block reservation details [ 649.849394][T10550] EXT4-fs (loop5): i_reserved_data_blocks=1 [ 650.339504][ T44] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 650.471836][ T7728] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 650.535779][ T44] usb 4-1: Using ep0 maxpacket: 32 [ 650.699187][ T44] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 650.710398][ T44] usb 4-1: config 0 has no interface number 0 [ 650.799513][ T44] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 650.811811][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 650.821021][ T44] usb 4-1: Product: syz [ 650.825440][ T44] usb 4-1: Manufacturer: syz [ 650.830491][ T44] usb 4-1: SerialNumber: syz [ 650.917409][ T44] usb 4-1: config 0 descriptor?? [ 650.956539][ T44] smsc95xx v2.0.0 [ 651.343108][T10570] loop6: detected capacity change from 0 to 1024 [ 652.063146][ T44] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 652.361800][T10577] loop5: detected capacity change from 0 to 128 [ 652.656644][T10580] hfsplus: request for non-existent node 1280 in B*Tree [ 652.664213][T10580] hfsplus: request for non-existent node 1280 in B*Tree [ 652.704221][ T44] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 652.716347][ T44] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 652.829882][ T44] usb 4-1: USB disconnect, device number 22 [ 653.188995][T10589] loop5: detected capacity change from 0 to 256 [ 654.923644][ T29] kauditd_printk_skb: 42 callbacks suppressed [ 654.923720][ T29] audit: type=1326 audit(1732846341.644:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10606 comm="syz.6.1508" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d68980809 code=0x0 [ 655.057408][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.066327][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.075871][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.085007][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.093568][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.101396][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.111951][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.120404][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.128354][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.136071][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.144068][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.151904][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.159800][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.167523][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.175380][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.183200][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.191018][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.199125][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.206828][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.217155][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.225726][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.233615][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.241519][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.249338][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.257052][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.264953][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.272749][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.273961][T10610] loop5: detected capacity change from 0 to 1024 [ 655.280512][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.280686][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.302534][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.310349][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.320668][ T5865] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 655.359813][ T5865] hid-generic 0000:0000:0000.001D: hidraw0: HID v0.00 Device [syz0] on syz0 [ 655.580906][T10610] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal [ 656.400334][T10617] loop3: detected capacity change from 0 to 1024 [ 656.848585][T10617] hfsplus: keylen 65060 too large [ 656.856824][T10617] hfsplus: xattr searching failed [ 657.168758][T10627] loop0: detected capacity change from 0 to 4096 [ 657.192185][T10627] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 657.204206][T10627] ntfs3(loop0): It is recommened to use chkdsk. [ 657.438603][T10627] ntfs3(loop0): failed to convert "076c" to cp775 [ 657.495266][T10627] ntfs3(loop0): ino=5, "/" directory corrupted [ 658.208482][T10633] loop4: detected capacity change from 0 to 1024 [ 658.536429][T10637] loop0: detected capacity change from 0 to 1764 [ 658.545567][T10633] hfsplus: xattr search failed [ 659.080701][ T4196] hfsplus: b-tree write err: -5, ino 3 [ 659.554325][T10631] loop3: detected capacity change from 0 to 32768 [ 659.980097][T10640] loop0: detected capacity change from 0 to 4096 [ 660.926419][T10652] loop6: detected capacity change from 0 to 64 [ 661.609346][ T5865] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 661.836927][T10660] loop0: detected capacity change from 0 to 2048 [ 661.928475][ T5865] usb 4-1: Using ep0 maxpacket: 32 [ 661.958362][T10660] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 661.967108][ T5865] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 661.978922][ T5865] usb 4-1: config 0 has no interface number 0 [ 662.039258][T10660] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 662.065837][ T5865] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 662.077511][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.086550][ T5865] usb 4-1: Product: syz [ 662.091084][ T5865] usb 4-1: Manufacturer: syz [ 662.095920][ T5865] usb 4-1: SerialNumber: syz [ 662.115852][ T5865] usb 4-1: config 0 descriptor?? [ 662.143488][ T5865] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 662.152791][ T5865] usb 4-1: selecting invalid altsetting 1 [ 662.158927][ T5865] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 662.212241][ T5865] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 662.223733][ T5865] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 662.232850][ T5865] usb 4-1: media controller created [ 662.285595][ T5865] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 662.638662][ T5865] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 662.761477][T10664] loop6: detected capacity change from 0 to 2048 [ 662.932869][ T5865] usb 4-1: USB disconnect, device number 23 [ 663.004036][T10664] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 663.433933][T10667] loop0: detected capacity change from 0 to 512 [ 663.478686][T10667] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 663.634776][T10674] loop3: detected capacity change from 0 to 256 [ 663.896130][T10667] EXT4-fs (loop0): 1 truncate cleaned up [ 663.903889][T10667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 664.639018][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 664.828872][T10686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1539'. [ 666.323359][T10677] loop5: detected capacity change from 0 to 40427 [ 666.466602][T10677] F2FS-fs (loop5): Found nat_bits in checkpoint [ 666.568828][T10705] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 667.351369][T10717] loop6: detected capacity change from 0 to 256 [ 667.741706][T10720] loop4: detected capacity change from 0 to 164 [ 667.958281][T10720] rock: corrupted directory entry. extent=28, offset=0, size=16777216 [ 668.008943][T10723] mmap: syz.3.1551 (10723) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 669.664100][ T44] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 669.763490][T10740] loop6: detected capacity change from 0 to 512 [ 669.869141][ T44] usb 5-1: Using ep0 maxpacket: 32 [ 669.896237][T10740] EXT4-fs error (device loop6): ext4_orphan_get:1415: comm syz.6.1559: bad orphan inode 13 [ 669.972577][T10740] ext4_test_bit(bit=12, block=4) = 1 [ 669.978959][T10740] is_bad_inode(inode)=0 [ 669.983309][T10740] NEXT_ORPHAN(inode)=0 [ 669.987563][T10740] max_ino=32 [ 669.991230][T10740] i_nlink=1 [ 669.996155][T10740] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 670.009997][ T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 670.021381][ T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 670.031629][ T44] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 670.041541][ T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 670.089004][T10740] EXT4-fs warning (device loop6): dx_probe:833: inode #2: comm syz.6.1559: Unrecognised inode hash code 20 [ 670.100959][T10740] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz.6.1559: Corrupt directory, running e2fsck is recommended [ 670.201058][ T44] usb 5-1: config 0 descriptor?? [ 670.637133][T10746] loop5: detected capacity change from 0 to 128 [ 671.210210][T10745] loop3: detected capacity change from 0 to 32768 [ 671.333366][ T44] savu 0003:1E7D:2D5A.001E: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 671.545485][ T8126] EXT4-fs warning (device loop6): dx_probe:833: inode #2: comm syz-executor: Unrecognised inode hash code 20 [ 671.557641][ T8126] EXT4-fs warning (device loop6): dx_probe:966: inode #2: comm syz-executor: Corrupt directory, running e2fsck is recommended [ 671.869074][ T8126] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 13: comm syz-executor: path /149/file0: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 671.945227][ T8126] EXT4-fs error (device loop6): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 672.013947][ T5865] usb 5-1: USB disconnect, device number 26 [ 672.096469][T10752] program syz.5.1561 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 672.398975][T10742] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 673.715190][T10764] loop0: detected capacity change from 0 to 32768 [ 673.935646][T10764] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 674.144144][T10772] loop5: detected capacity change from 0 to 512 [ 674.621986][ T5806] ocfs2: Unmounting device (7,0) on (node local) [ 675.476694][T10772] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #17: comm syz.5.1570: iget: bogus i_mode (0) [ 675.586022][T10772] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.1570: couldn't read orphan inode 17 (err -117) [ 675.694904][T10772] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 676.258382][ T7728] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 676.373296][T10779] loop3: detected capacity change from 0 to 2048 [ 676.505123][T10780] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 677.511220][T10783] loop3: detected capacity change from 0 to 8 [ 677.670057][T10783] SQUASHFS error: zlib decompression failed, data probably corrupt [ 677.679658][T10783] SQUASHFS error: Failed to read block 0x4e8: -5 [ 677.729347][ T29] audit: type=1800 audit(1732846364.404:821): pid=10783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1574" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 678.839347][T10790] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 679.530985][T10794] loop0: detected capacity change from 0 to 128 [ 680.479936][T10799] loop3: detected capacity change from 0 to 32768 [ 680.662835][T10799] JBD2: Ignoring recovery information on journal [ 680.677170][T10799] jbd2_journal_bmap: journal block not found at offset 64 on loop3-27 [ 680.685883][T10799] JBD2: bad block at offset 64 [ 680.769254][T10799] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 680.791771][T10799] OCFS2: ERROR (device loop3): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total [ 680.816483][T10799] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 680.826763][T10799] OCFS2: Returning error to the calling process. [ 680.833370][T10799] (syz.3.1580,10799,0):ocfs2_claim_suballoc_bits:2038 ERROR: status = -5 [ 680.842282][T10799] (syz.3.1580,10799,0):__ocfs2_claim_clusters:2412 ERROR: status = -5 [ 680.850800][T10799] (syz.3.1580,10799,0):__ocfs2_claim_clusters:2420 ERROR: status = -5 [ 680.859349][T10799] (syz.3.1580,10799,0):ocfs2_block_group_alloc_contig:437 ERROR: status = -5 [ 680.868561][T10799] (syz.3.1580,10799,0):ocfs2_block_group_alloc:709 ERROR: status = -5 [ 680.877127][T10799] (syz.3.1580,10799,0):ocfs2_block_group_alloc:762 ERROR: status = -5 [ 680.885657][T10799] (syz.3.1580,10799,0):ocfs2_reserve_suballoc_bits:837 ERROR: status = -5 [ 680.894510][T10799] (syz.3.1580,10799,0):ocfs2_reserve_suballoc_bits:854 ERROR: status = -5 [ 680.903472][T10799] (syz.3.1580,10799,0):ocfs2_reserve_new_metadata_blocks:994 ERROR: status = -5 [ 680.912905][T10799] (syz.3.1580,10799,0):ocfs2_reserve_new_metadata_blocks:1017 ERROR: status = -5 [ 680.924926][T10799] (syz.3.1580,10799,0):ocfs2_expand_inline_dir:2822 ERROR: status = -5 [ 680.933559][T10799] (syz.3.1580,10799,0):ocfs2_extend_dir:3186 ERROR: status = -5 [ 680.941581][T10799] (syz.3.1580,10799,0):ocfs2_prepare_dir_for_insert:4291 ERROR: status = -5 [ 680.950647][T10799] (syz.3.1580,10799,0):ocfs2_symlink:1875 ERROR: status = -5 [ 680.958966][T10799] (syz.3.1580,10799,0):ocfs2_symlink:2076 ERROR: status = -5 [ 681.154727][ T5816] ocfs2: Unmounting device (7,3) on (node local) [ 681.379075][T10804] loop5: detected capacity change from 0 to 256 [ 681.689034][T10804] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 682.071411][ T29] audit: type=1800 audit(1732846368.764:822): pid=10804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1573" name="bus" dev="loop5" ino=1048674 res=0 errno=0 [ 682.313167][T10816] loop0: detected capacity change from 0 to 512 [ 682.427143][T10816] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 682.643760][T10816] EXT4-fs (loop0): 1 truncate cleaned up [ 682.651485][T10816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 682.867699][T10817] loop4: detected capacity change from 0 to 1024 [ 683.878260][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 685.062542][ T4339] hfsplus: b-tree write err: -5, ino 4 [ 687.017661][T10843] loop0: detected capacity change from 0 to 32768 [ 687.288766][T10843] add_index: next_index = 0. Resetting! [ 687.294680][T10843] find_entry called with index >= next_index [ 687.300995][T10843] find_entry called with index >= next_index [ 687.307162][T10843] find_entry called with index >= next_index [ 687.313412][T10843] find_entry called with index >= next_index [ 687.568318][ T29] audit: type=1800 audit(1732846374.284:823): pid=8126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor" name="file2" dev="loop6" ino=16 res=0 errno=0 [ 688.219516][ T44] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 688.446146][ T44] usb 5-1: Using ep0 maxpacket: 16 [ 688.722840][T10860] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 688.829993][T10860] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 688.839466][T10860] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 688.852885][T10860] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 688.865407][T10860] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 688.874716][T10860] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 688.877759][T10866] loop0: detected capacity change from 0 to 512 [ 689.329176][ T44] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 689.341641][ T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 689.442342][ T44] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 689.452018][ T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 689.461369][ T44] usb 5-1: Product: syz [ 689.465782][ T44] usb 5-1: Manufacturer: syz [ 689.471248][ T44] usb 5-1: SerialNumber: syz [ 689.514050][ T44] usb 5-1: config 0 descriptor?? [ 689.542963][ T44] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 689.552683][ T44] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 689.671288][T10866] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 689.684849][T10866] ext4 filesystem being mounted at /325/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 689.716653][T10872] loop5: detected capacity change from 0 to 2048 [ 689.749413][T10864] loop3: detected capacity change from 0 to 4096 [ 689.797859][T10864] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 689.840431][ T4064] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 689.892819][T10866] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1590: bg 0: block 18: invalid block bitmap [ 689.941312][T10866] Quota error (device loop0): write_blk: dquota write failed [ 689.949846][T10866] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 689.960982][T10866] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.1590: Failed to acquire dquot type 1 [ 690.040243][T10911] Quota error (device loop0): write_blk: dquota write failed [ 690.048657][T10911] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 690.058974][T10911] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.1590: Failed to acquire dquot type 1 [ 690.066218][T10864] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 690.091071][T10864] ntfs3(loop3): Failed to load $Extend (-22). [ 690.097594][T10864] ntfs3(loop3): Failed to initialize $Extend. [ 690.211374][T10872] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 690.490620][ T44] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 690.629337][ T29] audit: type=1800 audit(1732846377.294:824): pid=10864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1594" name="bus" dev="loop3" ino=34 res=0 errno=0 [ 690.666973][ T4064] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 690.800238][ T9525] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 690.810131][ T44] em28xx 5-1:0.0: Config register raw data: 0xff [ 690.816740][ T44] em28xx 5-1:0.0: I2S Audio (3 sample rate(s)) [ 690.824259][ T44] em28xx 5-1:0.0: No AC97 audio processor [ 690.840404][ T44] usb 5-1: USB disconnect, device number 27 [ 690.887624][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 690.968486][T10867] Bluetooth: hci5: command tx timeout [ 691.056671][ T4064] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 691.181059][ T4064] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 691.503580][T10857] chnl_net:caif_netlink_parms(): no params data found [ 692.014773][ T4064] bridge_slave_1: left allmulticast mode [ 692.022631][ T4064] bridge_slave_1: left promiscuous mode [ 692.032707][ T4064] bridge0: port 2(bridge_slave_1) entered disabled state [ 692.215940][ T4064] bridge_slave_0: left allmulticast mode [ 692.222766][ T4064] bridge_slave_0: left promiscuous mode [ 692.229471][ T4064] bridge0: port 1(bridge_slave_0) entered disabled state [ 692.322529][T11045] loop4: detected capacity change from 0 to 1024 [ 692.423466][T11045] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 692.451613][T11048] loop3: detected capacity change from 0 to 1024 [ 692.490210][T11048] EXT4-fs: Ignoring removed nobh option [ 692.577267][T11045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 692.653232][T11048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 693.019251][T10867] Bluetooth: hci5: command tx timeout [ 693.035639][ T4064] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 693.134131][ T4064] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 693.139193][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.180974][ T4064] bond0 (unregistering): Released all slaves [ 693.184989][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 694.419112][ T5437] usb 6-1: new full-speed USB device number 14 using dummy_hcd [ 694.611802][ T4064] hsr_slave_0: left promiscuous mode [ 694.632835][ T5437] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 694.646058][ T5437] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 694.658621][ T5437] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 694.670127][ T5437] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 694.688487][ T5437] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 694.798435][ T4064] hsr_slave_1: left promiscuous mode [ 694.889580][ T4064] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 694.897338][ T4064] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 694.917551][ T5437] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 694.919590][T11113] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1603'. [ 694.927131][ T5437] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 694.948626][ T5437] usb 6-1: Product: syz [ 694.953037][ T5437] usb 6-1: Manufacturer: syz [ 694.955876][ T4064] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 694.957774][ T5437] usb 6-1: SerialNumber: syz [ 694.965790][ T4064] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 695.018155][ T4064] veth1_macvtap: left promiscuous mode [ 695.023939][ T4064] veth0_macvtap: left promiscuous mode [ 695.030127][ T4064] veth1_vlan: left promiscuous mode [ 695.035777][ T4064] veth0_vlan: left promiscuous mode [ 695.117608][T11126] loop8: detected capacity change from 0 to 7 [ 695.186907][T10867] Bluetooth: hci5: command tx timeout [ 695.210381][ T5437] usb 6-1: config 0 descriptor?? [ 695.369206][T11126] loop8: [CUMANA/ADFS] p1 [ADFS] p1 [ 695.375027][T11126] loop8: partition table partially beyond EOD, truncated [ 695.384190][T11126] loop8: p1 size 2916235312 extends beyond EOD, truncated [ 695.535260][ T5437] radio-si470x 6-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 695.722647][ T5437] radio-si470x 6-1:0.0: si470x_get_report: usb_control_msg returned -32 [ 695.732913][ T5437] radio-si470x 6-1:0.0: si470x_get_scratch: si470x_get_report returned -32 [ 695.743961][ T5437] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -5 [ 695.899918][T11123] loop3: detected capacity change from 0 to 40427 [ 695.920540][T11123] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1fffff [ 695.958159][ T6039] udevd[6039]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory [ 696.047374][T11123] F2FS-fs (loop3): invalid crc value [ 696.062664][ T5437] usb 6-1: USB disconnect, device number 14 [ 696.067235][T11123] F2FS-fs (loop3): Found nat_bits in checkpoint [ 696.408128][T11123] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 696.659451][ T5816] syz-executor: attempt to access beyond end of device [ 696.659451][ T5816] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 696.675379][ T5816] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 697.269696][T10867] Bluetooth: hci5: command tx timeout [ 697.938494][ T4064] team0 (unregistering): Port device team_slave_1 removed [ 698.009865][ T4064] team0 (unregistering): Port device team_slave_0 removed [ 698.382324][T11171] loop5: detected capacity change from 0 to 1764 [ 698.677412][T10857] bridge0: port 1(bridge_slave_0) entered blocking state [ 698.685201][T10857] bridge0: port 1(bridge_slave_0) entered disabled state [ 698.693155][T10857] bridge_slave_0: entered allmulticast mode [ 698.702259][T10857] bridge_slave_0: entered promiscuous mode [ 698.720580][T10857] bridge0: port 2(bridge_slave_1) entered blocking state [ 698.728369][T10857] bridge0: port 2(bridge_slave_1) entered disabled state [ 698.738549][T10857] bridge_slave_1: entered allmulticast mode [ 698.747431][T10857] bridge_slave_1: entered promiscuous mode [ 699.472708][T10857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 699.494206][T10857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 700.271809][T10857] team0: Port device team_slave_0 added [ 700.290085][T10857] team0: Port device team_slave_1 added [ 700.726130][T11275] loop0: detected capacity change from 0 to 1024 [ 700.769062][T10857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 700.776255][T10857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 700.805595][T10857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 700.885995][T11275] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 700.971926][T10857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 700.979321][T10857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 701.008889][T10857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 701.237567][T11284] loop3: detected capacity change from 0 to 512 [ 701.506104][T10857] hsr_slave_0: entered promiscuous mode [ 701.553101][T11284] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 701.566578][T11284] ext4 filesystem being mounted at /303/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 701.656992][T10857] hsr_slave_1: entered promiscuous mode [ 701.916299][ T29] audit: type=1800 audit(1732846388.614:825): pid=11325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1617" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 701.937440][ T29] audit: type=1800 audit(1732846388.654:826): pid=11284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1617" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 701.992957][T11335] loop5: detected capacity change from 0 to 1024 [ 702.013530][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.355136][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 703.078589][T11390] ptrace attach of "./syz-executor exec"[11399] was attempted by "./syz-executor exec"[11390] [ 703.213004][T10857] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 703.344867][T10857] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 703.433858][T10857] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 703.580288][T10857] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 703.626514][ T5437] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 704.029800][ T5437] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 704.040804][ T5437] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 704.356458][ T5437] usb 6-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 704.369433][ T5437] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 704.377729][ T5437] usb 6-1: Product: syz [ 704.384017][ T5437] usb 6-1: Manufacturer: syz [ 704.389903][T11435] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1626'. [ 704.389928][ T5437] usb 6-1: SerialNumber: syz [ 704.475646][ T5437] usb 6-1: config 0 descriptor?? [ 704.483717][T11419] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 704.499874][T11419] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 704.600209][T10857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 704.621322][T11440] loop0: detected capacity change from 0 to 256 [ 704.766377][T11419] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 704.789327][T10857] 8021q: adding VLAN 0 to HW filter on device team0 [ 704.819876][T11419] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 704.840508][T11440] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 704.874774][ T3854] bridge0: port 1(bridge_slave_0) entered blocking state [ 704.882700][ T3854] bridge0: port 1(bridge_slave_0) entered forwarding state [ 704.987769][ T3854] bridge0: port 2(bridge_slave_1) entered blocking state [ 704.995581][ T3854] bridge0: port 2(bridge_slave_1) entered forwarding state [ 705.089028][T11440] exFAT-fs (loop0): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967293) [ 705.089028][T11440] [ 705.101691][T11440] exFAT-fs (loop0): Filesystem has been set read-only [ 705.108937][T11440] exFAT-fs (loop0): error, failed to bmap (inode : ffff88804aa5c730 iblock : 0, err : -5) [ 705.349476][ T5437] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00 [ 705.599251][ T5437] dm9601 6-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 705.657082][T11456] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 705.785496][ T5437] usb 6-1: USB disconnect, device number 15 [ 706.497241][T11469] loop4: detected capacity change from 0 to 1024 [ 706.543240][T11469] EXT4-fs: Ignoring removed bh option [ 706.770041][T11469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 707.626730][ T5820] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 707.684843][T10857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 708.235775][T11509] syzkaller1: entered promiscuous mode [ 708.241634][T11509] syzkaller1: entered allmulticast mode [ 709.078231][T11533] loop4: detected capacity change from 0 to 512 [ 709.195522][T11533] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 709.299923][T11533] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1639: invalid indirect mapped block 8 (level 2) [ 709.379666][T11533] EXT4-fs (loop4): Remounting filesystem read-only [ 709.399408][T11533] EXT4-fs (loop4): 1 truncate cleaned up [ 709.407004][T11533] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 709.627702][T11547] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 710.185015][T10857] veth0_vlan: entered promiscuous mode [ 710.328351][T10857] veth1_vlan: entered promiscuous mode [ 710.549675][ T8263] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 710.657328][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 710.664133][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 710.851823][T10857] veth0_macvtap: entered promiscuous mode [ 710.962294][ T7913] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 711.076062][T10857] veth1_macvtap: entered promiscuous mode [ 711.183619][ T7913] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 711.379397][ T7913] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 711.505033][ T7913] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 711.596810][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 711.608332][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 711.618714][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 711.629483][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 711.642731][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 711.654154][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 711.664397][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 711.675212][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 711.689780][T10857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 712.079134][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 712.090011][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 712.100152][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 712.111114][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 712.121225][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 712.132005][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 712.142255][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 712.154918][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 712.170159][T10857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 712.260864][ T7913] bridge_slave_1: left allmulticast mode [ 712.266906][ T7913] bridge_slave_1: left promiscuous mode [ 712.273824][ T7913] bridge0: port 2(bridge_slave_1) entered disabled state [ 712.358367][ T7913] bridge_slave_0: left allmulticast mode [ 712.364279][ T7913] bridge_slave_0: left promiscuous mode [ 712.371058][ T7913] bridge0: port 1(bridge_slave_0) entered disabled state [ 713.077361][ T7913] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 713.125421][ T7913] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 713.166243][ T7913] bond0 (unregistering): Released all slaves [ 713.226896][T10857] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 713.236208][T10857] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 713.245518][T10857] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 713.254790][T10857] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 714.089217][T10860] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 714.107522][T10860] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 714.180102][T10860] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 714.302790][T10860] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 714.314209][T10860] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 714.323843][T10860] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 715.278184][ T7913] hsr_slave_0: left promiscuous mode [ 715.292921][ T7913] hsr_slave_1: left promiscuous mode [ 715.329426][ T7913] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 715.337160][ T7913] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 715.421153][ T7913] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 715.431457][ T7913] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 715.578729][ T7913] veth1_macvtap: left promiscuous mode [ 715.584507][ T7913] veth0_macvtap: left promiscuous mode [ 715.590593][ T7913] veth1_vlan: left promiscuous mode [ 715.596142][ T7913] veth0_vlan: left promiscuous mode [ 715.800988][T11655] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 716.459236][T10867] Bluetooth: hci2: command tx timeout [ 716.528928][T11662] loop5: detected capacity change from 0 to 512 [ 716.560839][T11662] EXT4-fs: Ignoring removed mblk_io_submit option [ 716.568585][T11662] ext4: Unknown parameter 'mask' [ 718.184659][ T7913] pim6reg9 (unregistering): left allmulticast mode [ 718.516585][T11684] tls_set_device_offload: netdev not found [ 718.539245][T10867] Bluetooth: hci2: command tx timeout [ 718.812370][T11682] loop5: detected capacity change from 0 to 4096 [ 718.873132][T11682] EXT4-fs: Ignoring removed nomblk_io_submit option [ 718.958944][ T7913] team0 (unregistering): Port device team_slave_1 removed [ 719.010103][ T7913] team0 (unregistering): Port device team_slave_0 removed [ 719.053452][T11682] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 719.670681][T11682] syz.5.1658 (pid 11682) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 720.658887][T10867] Bluetooth: hci2: command tx timeout [ 720.677472][ T7728] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 720.838822][T11602] chnl_net:caif_netlink_parms(): no params data found [ 722.740708][T10867] Bluetooth: hci2: command tx timeout [ 722.841603][T11602] bridge0: port 1(bridge_slave_0) entered blocking state [ 722.852122][T11602] bridge0: port 1(bridge_slave_0) entered disabled state [ 722.860224][T11602] bridge_slave_0: entered allmulticast mode [ 722.869386][T11602] bridge_slave_0: entered promiscuous mode [ 722.929953][T11602] bridge0: port 2(bridge_slave_1) entered blocking state [ 722.937652][T11602] bridge0: port 2(bridge_slave_1) entered disabled state [ 722.947089][T11602] bridge_slave_1: entered allmulticast mode [ 722.956336][T11602] bridge_slave_1: entered promiscuous mode [ 723.011582][T11872] loop5: detected capacity change from 0 to 128 [ 723.239923][T11602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 723.291649][T11602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 723.484268][T11872] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 723.594774][T11872] ext4 filesystem being mounted at /204/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 723.597143][T11854] loop0: detected capacity change from 0 to 1024 [ 723.668339][T11602] team0: Port device team_slave_0 added [ 723.671776][T11854] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 723.729425][T11602] team0: Port device team_slave_1 added [ 724.123314][T11602] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 724.132999][T11602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 724.160127][T11602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 724.303793][ T7728] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 724.324585][T11602] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 724.334185][T11602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 724.361243][T11602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 724.876749][T11978] loop0: detected capacity change from 0 to 1024 [ 724.983322][T11602] hsr_slave_0: entered promiscuous mode [ 725.022573][T11602] hsr_slave_1: entered promiscuous mode [ 725.026798][T11978] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 725.047614][T11602] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 725.059428][T11602] Cannot create hsr debugfs directory [ 725.375735][T11978] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 725.547156][T12013] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 725.753131][T12044] TCP: tcp_parse_options: Illegal window scaling value 249 > 14 received [ 725.861767][ T4196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 725.872211][ T4196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 726.117714][ T3600] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 726.126073][ T3600] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 726.245154][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.637222][T12062] loop5: detected capacity change from 0 to 2048 [ 726.756632][T12062] loop5: p1 < > p4 [ 726.773254][T12062] loop5: p4 size 8388608 extends beyond EOD, truncated [ 726.847267][T11602] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 726.909585][T11602] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 727.022167][T11602] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 727.391187][T11602] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 727.461964][T12110] loop3: detected capacity change from 0 to 512 [ 727.546608][T12111] loop0: detected capacity change from 0 to 512 [ 727.676139][T12111] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 727.801057][T12111] EXT4-fs (loop0): 1 truncate cleaned up [ 727.930132][T12111] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 728.246431][T11602] 8021q: adding VLAN 0 to HW filter on device bond0 [ 728.369994][T12110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 728.384795][T12110] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 728.695275][T11602] 8021q: adding VLAN 0 to HW filter on device team0 [ 728.796236][ T4196] bridge0: port 1(bridge_slave_0) entered blocking state [ 728.804022][ T4196] bridge0: port 1(bridge_slave_0) entered forwarding state [ 728.846728][T12110] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 728.947571][ T4196] bridge0: port 2(bridge_slave_1) entered blocking state [ 728.955364][ T4196] bridge0: port 2(bridge_slave_1) entered forwarding state [ 729.139701][T12110] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28 [ 729.157491][T12110] EXT4-fs (loop3): This should not happen!! Data will be lost [ 729.157491][T12110] [ 729.169682][T12110] EXT4-fs (loop3): Total free blocks count 0 [ 729.175919][T12110] EXT4-fs (loop3): Free/Dirty block details [ 729.184034][T12110] EXT4-fs (loop3): free_blocks=65280 [ 729.189673][T12110] EXT4-fs (loop3): dirty_blocks=2 [ 729.194927][T12110] EXT4-fs (loop3): Block reservation details [ 729.201285][T12110] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 729.236231][ T5806] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 729.347432][T12140] loop5: detected capacity change from 0 to 512 [ 729.444741][T12134] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28 [ 729.545399][T12140] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 729.730940][T12140] EXT4-fs (loop5): 1 truncate cleaned up [ 729.739154][T12140] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.295576][ T7728] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.952949][T11602] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 733.697277][T12226] loop3: detected capacity change from 0 to 128 [ 733.869967][T12226] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 733.926056][T11602] veth0_vlan: entered promiscuous mode [ 733.963242][T11602] veth1_vlan: entered promiscuous mode [ 734.039935][T12226] ext4 filesystem being mounted at /315/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 734.089642][T11602] veth0_macvtap: entered promiscuous mode [ 734.244283][T11602] veth1_macvtap: entered promiscuous mode [ 734.342650][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 734.354032][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.366073][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 734.379965][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.387742][T12233] netlink: 'syz.5.1691': attribute type 4 has an invalid length. [ 734.392275][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 734.408852][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.419198][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 734.429967][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.444247][T11602] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 734.458398][T12236] loop0: detected capacity change from 0 to 128 [ 734.465768][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 734.479994][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.492837][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 734.503878][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.506205][T12239] netlink: 'syz.5.1691': attribute type 4 has an invalid length. [ 734.513975][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 734.514070][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.514155][T11602] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 734.514248][T11602] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 734.518475][T11602] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 734.628870][T12236] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 734.724807][T12236] ext4 filesystem being mounted at /353/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 735.001782][ T5816] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 735.067351][T11602] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.076949][T11602] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.088902][T11602] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.098950][T11602] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.650849][T12256] loop5: detected capacity change from 0 to 128 [ 735.731568][T12256] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 735.753549][T12256] ext4 filesystem being mounted at /214/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 736.079908][ T5806] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 736.540876][ T7728] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 736.673649][T12274] loop7: detected capacity change from 0 to 2048 [ 736.877815][T12274] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 737.303310][T12293] loop3: detected capacity change from 0 to 256 [ 737.833904][T10857] UDF-fs: warning (device loop7): udf_evict_inode: Inode 1357 (mode 100000) has inode size 1099511628289 different from extent length 1099511628800. Filesystem need not be standards compliant. [ 739.189036][T12332] loop5: detected capacity change from 0 to 1024 [ 739.364689][T12332] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 740.052737][T12344] loop0: detected capacity change from 0 to 256 [ 740.233821][T12352] loop7: detected capacity change from 0 to 128 [ 741.029749][T12354] loop3: detected capacity change from 0 to 32768 [ 741.061735][T12352] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 741.151745][T12354] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 741.209791][T12354] (syz.3.1710,12354,1):ocfs2_remove_inode_range:1794 ERROR: status = -22 [ 741.216959][T12352] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 741.218696][T12354] (syz.3.1710,12354,1):__ocfs2_change_file_space:2045 ERROR: status = -22 [ 741.387590][T12344] FAT-fs (loop0): Directory bread(block 64) failed [ 741.394592][T12344] FAT-fs (loop0): Directory bread(block 65) failed [ 741.402036][T12344] FAT-fs (loop0): Directory bread(block 66) failed [ 741.408979][T12344] FAT-fs (loop0): Directory bread(block 67) failed [ 741.415875][T12344] FAT-fs (loop0): Directory bread(block 68) failed [ 741.422827][T12344] FAT-fs (loop0): Directory bread(block 69) failed [ 741.430019][T12344] FAT-fs (loop0): Directory bread(block 70) failed [ 741.439367][T12344] FAT-fs (loop0): Directory bread(block 71) failed [ 741.446286][T12344] FAT-fs (loop0): Directory bread(block 72) failed [ 741.453847][T12344] FAT-fs (loop0): Directory bread(block 73) failed [ 741.648952][T12344] syz.0.1708: attempt to access beyond end of device [ 741.648952][T12344] loop0: rw=524288, sector=1192, nr_sectors = 4 limit=256 [ 741.663639][T12344] syz.0.1708: attempt to access beyond end of device [ 741.663639][T12344] loop0: rw=0, sector=1192, nr_sectors = 4 limit=256 [ 741.679234][ T29] audit: type=1800 audit(1732846428.394:827): pid=12344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1708" name="file1" dev="loop0" ino=1048683 res=0 errno=0 [ 741.727492][ T5816] ocfs2: Unmounting device (7,3) on (node local) [ 741.917217][ T3688] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 741.925633][ T3688] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 742.315674][ T3600] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 742.324890][ T3600] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 742.380923][T10857] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 744.500057][T12436] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1719'. [ 745.530350][ T5437] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 745.568567][T12461] hsr0: entered promiscuous mode [ 745.624385][T12461] hsr_slave_0: left promiscuous mode [ 745.633936][T12451] loop8: detected capacity change from 0 to 4096 [ 745.683217][T12461] hsr_slave_1: left promiscuous mode [ 745.780536][ T5437] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 745.790074][ T5437] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.982661][T12466] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 746.061506][ T5437] usb 6-1: config 0 descriptor?? [ 746.170795][ T5437] gspca_main: spca508-2.14.0 probing 8086:0110 [ 746.380050][ T29] audit: type=1800 audit(1732846433.044:828): pid=12451 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1722" name="bus" dev="loop8" ino=18 res=0 errno=0 [ 746.466720][T12464] loop7: detected capacity change from 0 to 32768 [ 746.578920][ T5437] gspca_spca508: reg_read err -32 [ 746.615880][ T5437] gspca_spca508: reg_read err -32 [ 746.624942][ T5437] gspca_spca508: reg_read err -32 [ 746.760023][ T5437] gspca_spca508: reg_read err -32 [ 747.025812][ T5437] gspca_spca508: reg write: error -71 [ 747.032242][ T5437] spca508 6-1:0.0: probe with driver spca508 failed with error -71 [ 747.182577][ T5437] usb 6-1: USB disconnect, device number 16 [ 748.175406][T12501] loop3: detected capacity change from 0 to 2048 [ 748.453656][T12501] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 749.574773][T12531] loop3: detected capacity change from 0 to 512 [ 749.688339][ T5437] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 749.864294][T12531] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 749.879018][T12531] ext4 filesystem being mounted at /325/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 750.098209][ T29] audit: type=1800 audit(1732846436.814:829): pid=12531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1732" name="file2" dev="loop3" ino=16 res=0 errno=0 [ 750.121396][T12545] input: syz0 as /devices/virtual/input/input39 [ 750.380268][T12543] netlink: 'syz.0.1737': attribute type 3 has an invalid length. [ 750.388420][T12543] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1737'. [ 750.700378][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 750.870073][ T5437] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 750.882569][ T5437] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 750.893796][ T5437] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 750.904351][ T5437] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 750.960823][ T5437] usb 6-1: config 0 descriptor?? [ 751.023860][T12565] loop8: detected capacity change from 0 to 64 [ 751.432081][ T5437] usb 6-1: can't set config #0, error -71 [ 751.664165][ T5437] usb 6-1: USB disconnect, device number 17 [ 751.759816][ T5865] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 751.925392][T12566] loop0: detected capacity change from 0 to 4096 [ 751.937576][T12594] loop5: detected capacity change from 0 to 64 [ 751.958698][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 751.970670][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 751.985588][ T5865] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 752.000492][ T5865] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 752.009979][ T5865] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 752.340242][ T5865] usb 4-1: config 0 descriptor?? [ 752.398963][T12601] loop7: detected capacity change from 0 to 256 [ 752.602539][T12594] loop5: detected capacity change from 64 to 0 [ 752.654680][T12609] syz.5.1742: attempt to access beyond end of device [ 752.654680][T12609] loop5: rw=0, sector=7, nr_sectors = 1 limit=0 [ 752.668837][T12609] syz.5.1742: attempt to access beyond end of device [ 752.668837][T12609] loop5: rw=0, sector=7, nr_sectors = 1 limit=0 [ 752.682191][T12609] syz.5.1742: attempt to access beyond end of device [ 752.682191][T12609] loop5: rw=0, sector=1, nr_sectors = 1 limit=0 [ 752.695624][T12609] BFS-fs: find_inode(): Unable to read inode loop5:00000002 [ 753.041570][ T5865] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving [ 753.114536][ T5865] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 753.463794][ T5437] usb 4-1: USB disconnect, device number 24 [ 753.625664][ T7728] syz-executor: attempt to access beyond end of device [ 753.625664][ T7728] loop5: rw=0, sector=7, nr_sectors = 1 limit=0 [ 753.886876][ T4196] kworker/u8:23: attempt to access beyond end of device [ 753.886876][ T4196] loop5: rw=0, sector=1, nr_sectors = 1 limit=0 [ 753.900403][ T4196] BFS-fs: find_inode(): Unable to read inode loop5:00000001 [ 753.909341][ T4196] kworker/u8:23: attempt to access beyond end of device [ 753.909341][ T4196] loop5: rw=0, sector=1, nr_sectors = 1 limit=0 [ 753.923709][ T4196] BFS-fs: find_inode(): Unable to read inode loop5:00000000 [ 754.861319][T12672] loop0: detected capacity change from 0 to 16 [ 754.965288][T12673] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 755.106418][T12672] erofs (device loop0): mounted with root inode @ nid 36. [ 755.781788][ T29] audit: type=1800 audit(1732846442.424:830): pid=12672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1749" name="file0" dev="overlay" ino=49 res=0 errno=0 [ 757.131801][T12713] input: syz0 as /devices/virtual/input/input40 [ 757.346203][T10860] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 757.356015][T10860] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 757.367520][T10860] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 757.481532][T10860] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 757.492876][T10860] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 757.506888][T10860] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 758.107274][T12747] loop3: detected capacity change from 0 to 128 [ 758.891239][T12747] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 759.036759][T12711] chnl_net:caif_netlink_parms(): no params data found [ 759.049560][T12747] ext4 filesystem being mounted at /330/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 759.123407][T12855] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 759.822687][T10867] Bluetooth: hci1: command tx timeout [ 760.031780][ T5816] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 761.153139][T12933] loop3: detected capacity change from 0 to 2048 [ 761.204078][T12711] bridge0: port 1(bridge_slave_0) entered blocking state [ 761.211785][T12933] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 761.212005][T12711] bridge0: port 1(bridge_slave_0) entered disabled state [ 761.232078][T12711] bridge_slave_0: entered allmulticast mode [ 761.241845][T12711] bridge_slave_0: entered promiscuous mode [ 761.273281][T12711] bridge0: port 2(bridge_slave_1) entered blocking state [ 761.281629][T12711] bridge0: port 2(bridge_slave_1) entered disabled state [ 761.290025][T12711] bridge_slave_1: entered allmulticast mode [ 761.302732][T12711] bridge_slave_1: entered promiscuous mode [ 761.319837][T11700] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 761.363116][T12951] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 761.488236][T11700] usb 8-1: Using ep0 maxpacket: 8 [ 761.495954][ T29] audit: type=1804 audit(1732846448.184:831): pid=12933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1776" name="/newroot/333/file0/file1" dev="loop3" ino=15 res=1 errno=0 [ 761.547549][T11700] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 761.559417][T11700] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 761.569713][T11700] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 761.579188][T11700] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.595767][T11700] usb 8-1: config 0 descriptor?? [ 761.675382][T12711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 761.888993][T12711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 761.909193][T10867] Bluetooth: hci1: command tx timeout [ 762.094556][T11700] kone 0003:1E7D:2CED.0020: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.7-1/input0 [ 762.378279][T12711] team0: Port device team_slave_0 added [ 762.383946][T11700] usb 8-1: USB disconnect, device number 2 [ 762.438845][T12711] team0: Port device team_slave_1 added [ 762.948812][T12711] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 762.956122][T12711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 762.983584][T12711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 763.341960][T12711] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 763.351621][T12711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 763.378824][T12711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 763.988159][T10867] Bluetooth: hci1: command tx timeout [ 764.124372][T12711] hsr_slave_0: entered promiscuous mode [ 764.199709][T13069] loop8: detected capacity change from 0 to 4096 [ 764.263330][T12711] hsr_slave_1: entered promiscuous mode [ 764.351358][T13069] ntfs3: Unknown parameter '' [ 764.380616][T12711] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 764.380701][T12711] Cannot create hsr debugfs directory [ 766.076317][T10867] Bluetooth: hci1: command tx timeout [ 766.334351][T12711] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 766.443627][T12711] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 766.617743][T13227] loop8: detected capacity change from 0 to 4096 [ 766.694300][T13227] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512). [ 766.745835][T12711] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 766.866571][T12711] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 767.250338][T13227] ntfs3(loop8): Mark volume as dirty due to NTFS errors [ 767.834786][T12711] 8021q: adding VLAN 0 to HW filter on device bond0 [ 767.882348][T12711] 8021q: adding VLAN 0 to HW filter on device team0 [ 767.950679][ T3798] bridge0: port 1(bridge_slave_0) entered blocking state [ 767.958442][ T3798] bridge0: port 1(bridge_slave_0) entered forwarding state [ 767.979879][ T3798] bridge0: port 2(bridge_slave_1) entered blocking state [ 767.987569][ T3798] bridge0: port 2(bridge_slave_1) entered forwarding state [ 768.045768][T13275] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1794'. [ 768.447089][T13227] overlayfs: refusing to follow metacopy origin for (/file1) [ 768.489174][ T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 768.689175][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 768.739868][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 768.751391][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 768.761912][ T10] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 768.773333][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 768.861290][ T10] usb 8-1: config 0 descriptor?? [ 768.993671][T13186] ------------[ cut here ]------------ [ 768.999899][T13186] WARNING: CPU: 0 PID: 13186 at net/ipv6/ip6mr.c:419 ip6mr_rules_exit+0x5b0/0x6b0 [ 769.009721][T13186] Modules linked in: [ 769.014057][T13186] CPU: 0 UID: 0 PID: 13186 Comm: syz.3.1788 Not tainted 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 769.025137][T13186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 769.035785][T13186] RIP: 0010:ip6mr_rules_exit+0x5b0/0x6b0 [ 769.042268][T13186] Code: 9d fd ff ff 8b 3a e8 df 52 2e f4 e9 b0 fd ff ff e8 c5 4e 93 f3 48 bb 00 01 00 00 00 00 ad de e9 c7 fe ff ff e8 b1 4e 93 f3 90 <0f> 0b 90 e9 b3 fd ff ff 8b 7d d4 e8 b0 52 2e f4 e9 c4 fe ff ff e8 [ 769.062500][T13186] RSP: 0018:ffff88811836b828 EFLAGS: 00010246 [ 769.069441][T13186] RAX: ffffffff8e21c39f RBX: ffff88810495f780 RCX: 0000000000080000 [ 769.078099][T13186] RDX: ffffc9000a486000 RSI: 000000000007ffff RDI: 0000000000080000 [ 769.092204][T13186] RBP: ffff88811836b898 R08: ffffea000000000f R09: 0000000000000000 [ 769.102416][T13186] R10: ffff88823f8c6c20 R11: ffffffff8e21bce0 R12: ffff88801612d6c8 [ 769.110924][T13186] R13: 0000000000000000 R14: ffff888050937000 R15: ffff88801612d6d8 [ 769.119435][T13186] FS: 00007f1a513606c0(0000) GS:ffff88813fc00000(0000) knlGS:0000000000000000 [ 769.129252][T13186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 769.136206][T13186] CR2: 0000555576e7b608 CR3: 000000012942e000 CR4: 00000000003526f0 [ 769.144758][T13186] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 769.153272][T13186] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 769.161862][T13186] Call Trace: [ 769.165560][T13186] [ 769.168927][T13186] ? show_trace_log_lvl+0x268/0x3d0 [ 769.174634][T13186] ? ip6mr_net_exit_batch+0x65/0x100 [ 769.180606][T13186] ? show_regs+0xb4/0xe0 [ 769.191066][T13186] ? __warn+0x2c7/0x780 [ 769.195530][T13186] ? ip6mr_rules_exit+0x5b0/0x6b0 [ 769.202709][T13186] ? report_bug+0x929/0xbd0 [ 769.207771][T13186] ? ip6mr_rules_exit+0x5b0/0x6b0 [ 769.213694][T13186] ? handle_bug+0x6d/0x90 [ 769.218504][T13186] ? exc_invalid_op+0x1f/0x50 [ 769.223469][T13186] ? asm_exc_invalid_op+0x1f/0x30 [ 769.228984][T13186] ? __pfx_ip6mr_net_exit_batch+0x10/0x10 [ 769.235049][T13186] ? ip6mr_rules_exit+0x5af/0x6b0 [ 769.240505][T13186] ? ip6mr_rules_exit+0x5b0/0x6b0 [ 769.245837][T13186] ? ip6mr_rules_exit+0x5af/0x6b0 [ 769.251311][T13186] ip6mr_net_exit_batch+0x65/0x100 [ 769.256705][T13186] ? __pfx_ip6mr_net_exit_batch+0x10/0x10 [ 769.262907][T13186] setup_net+0xe3b/0x12b0 [ 769.267553][T13186] ? kmsan_internal_set_shadow_origin+0x20/0x100 [ 769.274371][T13186] copy_net_ns+0x4d4/0xaa0 [ 769.279531][T13186] create_new_namespaces+0x717/0xdb0 [ 769.291173][T13186] copy_namespaces+0x3c6/0x520 [ 769.296258][T13186] copy_process+0x2781/0x5c20 [ 769.303071][T13186] ? filter_irq_stacks+0x110/0x1a0 [ 769.308771][T13186] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 769.315456][T13186] kernel_clone+0x401/0x1040 [ 769.320503][T13186] ? kmsan_get_metadata+0x13e/0x1c0 [ 769.326063][T13186] ? kmsan_get_metadata+0x13e/0x1c0 [ 769.331761][T13186] ? __msan_memset+0xf5/0x1b0 [ 769.336764][T13186] __x64_sys_clone+0x25c/0x360 [ 769.342102][T13186] x64_sys_call+0x3bcc/0x3c30 [ 769.347087][T13186] do_syscall_64+0xcd/0x1e0 [ 769.351968][T13186] ? clear_bhb_loop+0x25/0x80 [ 769.356988][T13186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 769.363413][T13186] RIP: 0033:0x7f1a50580809 [ 769.368301][T13186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 769.394548][T13186] RSP: 002b:00007f1a51360008 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 769.405295][T13186] RAX: ffffffffffffffda RBX: 00007f1a50746080 RCX: 00007f1a50580809 [ 769.413699][T13186] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 769.422164][T13186] RBP: 00007f1a505f393e R08: 0000000000000000 R09: 0000000000000000 [ 769.430606][T13186] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 769.439029][T13186] R13: 0000000000000001 R14: 00007f1a50746080 R15: 00007ffe04e36ad8 [ 769.447276][T13186] [ 769.450635][T13186] ---[ end trace 0000000000000000 ]--- [ 769.485027][ T10] kone 0003:1E7D:2CED.0021: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.7-1/input0 [ 769.689753][T13186] ------------[ cut here ]------------ [ 769.698428][T13186] WARNING: CPU: 1 PID: 13186 at net/ipv4/ipmr.c:440 ipmr_rules_exit+0x5b0/0x6b0 [ 769.707836][T13186] Modules linked in: [ 769.712996][T13186] CPU: 1 UID: 0 PID: 13186 Comm: syz.3.1788 Tainted: G W 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 769.725386][T13186] Tainted: [W]=WARN [ 769.729623][T13186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 769.736495][T13292] loop0: detected capacity change from 0 to 1024 [ 769.739974][T13186] RIP: 0010:ipmr_rules_exit+0x5b0/0x6b0 [ 769.740153][T13186] Code: 9d fd ff ff 8b 3a e8 5f 98 73 f4 e9 b0 fd ff ff e8 45 94 d8 f3 48 bb 00 01 00 00 00 00 ad de e9 c7 fe ff ff e8 31 94 d8 f3 90 <0f> 0b 90 e9 b3 fd ff ff 8b 7d d4 e8 30 98 73 f4 e9 c4 fe ff ff e8 [ 769.740281][T13186] RSP: 0018:ffff88811836b828 EFLAGS: 00010246 [ 769.740405][T13186] RAX: ffffffff8ddc7e1f RBX: ffff888127faed80 RCX: 0000000000080000 [ 769.740514][T13186] RDX: ffffc9000a486000 RSI: 000000000007ffff RDI: 0000000000080000 [ 769.740635][T13186] RBP: ffff88811836b898 R08: ffffea000000000f R09: 0000000000000000 [ 769.806913][T13186] R10: ffff88823f8c6c20 R11: ffffffff8ddc7760 R12: ffff88801612d328 [ 769.815946][T13186] R13: 0000000000000000 R14: ffff888022034000 R15: ffff88801612d338 [ 769.826323][T13186] FS: 00007f1a513606c0(0000) GS:ffff88813fd00000(0000) knlGS:0000000000000000 [ 769.837151][T13186] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 769.844233][T13186] CR2: 00007ffd0b164e78 CR3: 000000012942e000 CR4: 00000000003526f0 [ 769.852613][T13186] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 769.860952][T13186] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 769.869332][T13186] Call Trace: [ 769.872788][T13186] [ 769.875916][T13186] ? show_trace_log_lvl+0x268/0x3d0 [ 769.881669][T13186] ? ipmr_net_exit_batch+0x65/0x100 [ 769.888162][T13186] ? show_regs+0xb4/0xe0 [ 769.892686][T13186] ? __warn+0x2c7/0x780 [ 769.897140][T13186] ? ipmr_rules_exit+0x5b0/0x6b0 [ 769.905354][T13186] ? report_bug+0x929/0xbd0 [ 769.910948][T13186] ? ipmr_rules_exit+0x5b0/0x6b0 [ 769.916191][T13186] ? handle_bug+0x6d/0x90 [ 769.921026][T13186] ? exc_invalid_op+0x1f/0x50 [ 769.926002][T13186] ? asm_exc_invalid_op+0x1f/0x30 [ 769.931902][T13186] ? __pfx_ipmr_net_exit_batch+0x10/0x10 [ 769.937842][T13186] ? ipmr_rules_exit+0x5af/0x6b0 [ 769.943322][T13186] ? ipmr_rules_exit+0x5b0/0x6b0 [ 769.948682][T13186] ? ipmr_rules_exit+0x5af/0x6b0 [ 769.953924][T13186] ipmr_net_exit_batch+0x65/0x100 [ 769.959396][T13186] ? __pfx_ipmr_net_exit_batch+0x10/0x10 [ 769.965320][T13186] setup_net+0xe3b/0x12b0 [ 769.970143][T13186] ? kmsan_internal_set_shadow_origin+0x20/0x100 [ 769.976815][T13186] copy_net_ns+0x4d4/0xaa0 [ 769.981728][T13186] create_new_namespaces+0x717/0xdb0 [ 769.987447][T13186] copy_namespaces+0x3c6/0x520 [ 769.992715][T13186] copy_process+0x2781/0x5c20 [ 769.997749][T13186] ? filter_irq_stacks+0x110/0x1a0 [ 770.005882][T13186] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 770.013291][T13186] kernel_clone+0x401/0x1040 [ 770.018348][T13186] ? kmsan_get_metadata+0x13e/0x1c0 [ 770.023890][T13186] ? kmsan_get_metadata+0x13e/0x1c0 [ 770.029607][T13186] ? __msan_memset+0xf5/0x1b0 [ 770.036867][T13186] __x64_sys_clone+0x25c/0x360 [ 770.042150][T13186] x64_sys_call+0x3bcc/0x3c30 [ 770.047158][T13186] do_syscall_64+0xcd/0x1e0 [ 770.052101][T13186] ? clear_bhb_loop+0x25/0x80 [ 770.057139][T13186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 770.063717][T13186] RIP: 0033:0x7f1a50580809 [ 770.068953][T13186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 770.089054][T13186] RSP: 002b:00007f1a51360008 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 770.097792][T13186] RAX: ffffffffffffffda RBX: 00007f1a50746080 RCX: 00007f1a50580809 [ 770.109024][T13186] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000 [ 770.117265][T13186] RBP: 00007f1a505f393e R08: 0000000000000000 R09: 0000000000000000 [ 770.126335][T13186] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 770.134709][T13186] R13: 0000000000000001 R14: 00007f1a50746080 R15: 00007ffe04e36ad8 [ 770.145231][T13186] [ 770.149826][T13186] ---[ end trace 0000000000000000 ]--- [ 770.339731][ T10] usb 8-1: USB disconnect, device number 3 [ 770.455016][T13292] hfsplus: request for non-existent node 3 in B*Tree [ 770.462365][T13292] hfsplus: request for non-existent node 3 in B*Tree [ 771.036140][T12711] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 772.101199][ T1276] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.108125][ T1276] ieee802154 phy1 wpan1: encryption failed: -22 [ 772.907618][T13354] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 772.914423][T13354] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 773.011850][T13354] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 773.018361][T13354] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 773.095308][T13354] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 773.101952][T13354] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 773.143525][T13354] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 773.155517][T13354] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 773.162764][T13354] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 773.255480][T13354] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 773.408252][T13354] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 773.414632][T13354] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 773.527115][T13354] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 774.418222][T10867] Bluetooth: hci0: command 0x0406 tx timeout [ 774.656639][T12711] veth0_vlan: entered promiscuous mode [ 774.689262][T12711] veth1_vlan: entered promiscuous mode [ 774.781187][T12711] veth0_macvtap: entered promiscuous mode [ 774.801832][T12711] veth1_macvtap: entered promiscuous mode [ 775.083044][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 775.094649][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.104976][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 775.115784][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.128610][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 775.140027][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.150217][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 775.161044][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.171209][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 775.183674][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.204180][T10867] Bluetooth: hci5: command 0x0c1a tx timeout [ 775.210565][T10867] Bluetooth: hci3: command 0x0406 tx timeout [ 775.386782][T10867] Bluetooth: hci2: command 0x0c1a tx timeout [ 775.460013][T12711] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 775.499508][T10860] Bluetooth: hci1: command 0x0c1a tx timeout [ 775.503386][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.516983][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.527294][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.541215][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.554125][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.565130][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.575412][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.586400][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.596558][T12711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 775.607375][T12711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 775.622244][T12711] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 775.741761][T12711] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.752696][T12711] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.761944][T12711] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.771096][T12711] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 776.198663][ T10] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 776.378428][ T10] usb 8-1: Using ep0 maxpacket: 32 [ 776.460568][ T10] usb 8-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 776.470163][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 776.478704][ T10] usb 8-1: Product: syz [ 776.483110][ T10] usb 8-1: Manufacturer: syz [ 776.488164][ T10] usb 8-1: SerialNumber: syz [ 776.496808][T10860] Bluetooth: hci0: command 0x0406 tx timeout [ 776.521317][ T10] usb 8-1: config 0 descriptor?? [ 776.912593][T13454] netlink: 'syz.3.1813': attribute type 1 has an invalid length. [ 776.921039][T13454] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1813'. [ 776.979378][ T10] airspy 8-1:0.0: Board ID: 00 [ 776.984613][ T10] airspy 8-1:0.0: Firmware version: [ 777.259220][T10860] Bluetooth: hci3: command 0x0406 tx timeout [ 777.266326][T10860] Bluetooth: hci5: command 0x0c1a tx timeout [ 777.418230][T10860] Bluetooth: hci2: command 0x0c1a tx timeout [ 777.578715][T10860] Bluetooth: hci1: command 0x0c1a tx timeout [ 778.234944][ T10] airspy 8-1:0.0: usb_control_msg() failed -71 request 0f [ 778.284515][ T10] airspy 8-1:0.0: Registered as swradio24 [ 778.287547][T13473] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1818'. [ 778.290621][ T10] airspy 8-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 778.560846][ T10] usb 8-1: USB disconnect, device number 4 [ 778.826665][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:2. Sending cookies. [ 779.339239][T10860] Bluetooth: hci5: command 0x0c1a tx timeout [ 779.489810][T13500] loop8: detected capacity change from 0 to 256 [ 779.537860][T13500] vfat: Unknown parameter 'uii_xlate' [ 779.545149][T10860] Bluetooth: hci2: command 0x0c1a tx timeout [ 779.575777][T13500] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 779.590210][T13500] overlayfs: maximum fs stacking depth exceeded [ 779.662618][T10860] Bluetooth: hci1: command 0x0c1a tx timeout [ 780.160230][T13513] ===================================================== [ 780.167538][T13513] BUG: KMSAN: uninit-value in io_nop+0x549/0x8a0 [ 780.174385][T13513] io_nop+0x549/0x8a0 [ 780.178691][T13513] io_issue_sqe+0x420/0x2130 [ 780.183475][T13513] io_submit_sqes+0x11bc/0x2f80 [ 780.188775][T13513] __se_sys_io_uring_enter+0x423/0x4aa0 [ 780.194535][T13513] __x64_sys_io_uring_enter+0x11f/0x1a0 [ 780.200523][T13513] x64_sys_call+0xce5/0x3c30 [ 780.205332][T13513] do_syscall_64+0xcd/0x1e0 [ 780.210286][T13513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.216777][T13513] [ 780.219463][T13513] Uninit was created at: [ 780.223966][T13513] __alloc_pages_noprof+0x9a7/0xe00 [ 780.229596][T13513] alloc_pages_mpol_noprof+0x299/0x990 [ 780.235238][T13513] alloc_pages_noprof+0x1bf/0x1e0 [ 780.240556][T13513] allocate_slab+0x320/0x12e0 [ 780.247585][T13513] ___slab_alloc+0x12ef/0x35e0 [ 780.253270][T13513] kmem_cache_alloc_bulk_noprof+0x486/0x1330 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 780.261139][T13513] __io_alloc_req_refill+0x84/0x5b0 [ 780.266539][T13513] io_submit_sqes+0x9a2/0x2f80 [ 780.271686][T13513] __se_sys_io_uring_enter+0x423/0x4aa0 [ 780.277441][T13513] __x64_sys_io_uring_enter+0x11f/0x1a0 [ 780.284117][T13513] x64_sys_call+0xce5/0x3c30 [ 780.289157][T13513] do_syscall_64+0xcd/0x1e0 [ 780.293833][T13513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.300090][T13513] [ 780.302541][T13513] CPU: 1 UID: 0 PID: 13513 Comm: syz.7.1822 Tainted: G W 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 780.314856][T13513] Tainted: [W]=WARN [ 780.318900][T13513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 780.329274][T13513] ===================================================== [ 780.336319][T13513] Disabling lock debugging due to kernel taint [ 780.342789][T13513] Kernel panic - not syncing: kmsan.panic set ... [ 780.349364][T13513] CPU: 1 UID: 0 PID: 13513 Comm: syz.7.1822 Tainted: G B W 6.12.0-syzkaller-10689-g7af08b57bcb9 #0 [ 780.361503][T13513] Tainted: [B]=BAD_PAGE, [W]=WARN [ 780.366657][T13513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 780.376876][T13513] Call Trace: [ 780.380276][T13513] [ 780.383320][T13513] dump_stack_lvl+0x216/0x2d0 [ 780.388170][T13513] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 780.394207][T13513] dump_stack+0x1e/0x30 [ 780.398517][T13513] panic+0x4e2/0xcf0 [ 780.402654][T13513] ? kmsan_get_metadata+0x91/0x1c0 [ 780.408007][T13513] kmsan_report+0x2c7/0x2d0 [ 780.412702][T13513] ? kmsan_get_metadata+0x13e/0x1c0 [ 780.418124][T13513] ? kmsan_get_metadata+0x13e/0x1c0 [ 780.423531][T13513] ? __msan_warning+0x95/0x120 [ 780.428493][T13513] ? io_nop+0x549/0x8a0 [ 780.432809][T13513] ? io_issue_sqe+0x420/0x2130 [ 780.437743][T13513] ? io_submit_sqes+0x11bc/0x2f80 [ 780.442944][T13513] ? __se_sys_io_uring_enter+0x423/0x4aa0 [ 780.448860][T13513] ? __x64_sys_io_uring_enter+0x11f/0x1a0 [ 780.454778][T13513] ? x64_sys_call+0xce5/0x3c30 [ 780.459740][T13513] ? do_syscall_64+0xcd/0x1e0 [ 780.464585][T13513] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.470863][T13513] ? mod_objcg_state+0x6ee/0xe00 [ 780.475972][T13513] ? kmsan_get_metadata+0x13e/0x1c0 [ 780.481382][T13513] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 780.487412][T13513] ? __memcg_slab_post_alloc_hook+0xbdd/0x1540 [ 780.493773][T13513] ? kmsan_get_metadata+0x13e/0x1c0 [ 780.499181][T13513] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 780.505211][T13513] __msan_warning+0x95/0x120 [ 780.509999][T13513] io_nop+0x549/0x8a0 [ 780.514148][T13513] ? __pfx_io_nop+0x10/0x10 [ 780.518811][T13513] io_issue_sqe+0x420/0x2130 [ 780.523578][T13513] ? kmsan_get_metadata+0x13e/0x1c0 [ 780.528988][T13513] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 780.535029][T13513] io_submit_sqes+0x11bc/0x2f80 [ 780.540083][T13513] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 780.546635][T13513] __se_sys_io_uring_enter+0x423/0x4aa0 [ 780.552388][T13513] ? futex_wait+0x2bf/0x360 [ 780.557087][T13513] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 780.563635][T13513] ? kmsan_get_metadata+0x13e/0x1c0 [ 780.569062][T13513] ? do_futex+0x341/0x4a0 [ 780.573545][T13513] ? kmsan_get_metadata+0x13e/0x1c0 [ 780.578962][T13513] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 780.584996][T13513] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 780.591023][T13513] __x64_sys_io_uring_enter+0x11f/0x1a0 [ 780.596777][T13513] x64_sys_call+0xce5/0x3c30 [ 780.601576][T13513] do_syscall_64+0xcd/0x1e0 [ 780.606241][T13513] ? clear_bhb_loop+0x25/0x80 [ 780.611128][T13513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.617227][T13513] RIP: 0033:0x7fe93a580809 [ 780.621776][T13513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 780.641583][T13513] RSP: 002b:00007fe93b2dd058 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 780.650176][T13513] RAX: ffffffffffffffda RBX: 00007fe93a745fa0 RCX: 00007fe93a580809 [ 780.658308][T13513] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000003 [ 780.666601][T13513] RBP: 00007fe93a5f393e R08: 0000000000000000 R09: 0000000000000000 [ 780.674713][T13513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 780.682841][T13513] R13: 0000000000000000 R14: 00007fe93a745fa0 R15: 00007ffd0d74e198 [ 780.691001][T13513] [ 780.694425][T13513] Kernel Offset: disabled [ 780.698841][T13513] Rebooting in 86400 seconds..