last executing test programs: 18.32240901s ago: executing program 4: bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48) socket$kcm(0x21, 0x2, 0x2) sendmmsg(0xffffffffffffffff, &(0x7f0000001800), 0x0, 0x0) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='./bus\x00', 0xa10002, &(0x7f00000003c0)=ANY=[], 0x21, 0x150c, &(0x7f0000003040)="$eJzs3AuYT1XbMPD7Xmtthib9m+QwrLXuzT8NliFJDgk5JEnySJJTQmiSJCExzpKGJOQ4SQ5DSA7TmDTO50POSZI0SRISQtZ3zfP0fD3P0/O+fb1v3+f63rl/17Wv/7r/e99rrzX3zPz32nPt+bbXmHot6tduRkTw34J/e0kGgBgAGAEANwBAAACV4irF5ezPJzH5v3cS9ud6OO1aj4BdS1z/3I3rn7tx/XM3rn/uxvXP3bj+uRvXP3fj+jOWm+2cV/RG3nLvxvf/czP+/P8fJLvc1C83l7u59x9I4frnblz/3I3rn7tx/XM3rn/uxvXP3bj+uRvXn7Hc7L9+75j/dvA/YbvW33+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxnKHi/5XCgD+3r7W42KMMcYYY4wxxtifx+e91iNgjDHGGGOMMcbY/30IAiQoCCAP5IUYyAf54TqIheuhANwAEbgR4uAmKAg3QyEoDEWgKMRDMSgOGgxYIAihBJSEKNwCpeBWSIDSUAbKgoNykAjloQLcBhXhdqgEd0BluBOqQFWoBtXhLqgBd0NNqAW14R6oA3WhHtSHe6EB3AcN4X5oBA9AY3gQmsBD0BT+As3gYWgOj0ALeBRawmPQClpDG2gL7f5L+S9CP3gJ+sMASIaBMAgGwxAYCsNgOIyAl2EkvAKj4FVIgdEwBl6DsfA6jIM3YDxMgInwJkyCyTAFpsI0mA6p8BbMgLdhJrwDs2A2zIG5kAbzYD68CwtgISyC92AxvA9LYCksg+WQDh9ABqyATPgQVsJHkAWrYDWsgbWwDtbDBtgIm2AzbIGtsA22ww7YCR/DLtgNe2Av7IP9cAA+gYPwKRyCz+AwfP4H8y/8S35vBAQUKFChwjyYB2MwBvNjfozFWCyABTCCEYzDOCyIBbEQFsIiWATjMR6LY3E0aJCQsASWwChGsRSWwgRMwDJYBh06TMRErIC3YUWsiJWwElbGylgFq2JVrI7VsQbWwJpYE2tjbayDdbAe1sN78V68DxtiQ2yEjbAxNsYm2ASbYlNshs2wOTbHFtgCW2JLbIWtsA22wXbYDttje+yAHbATdsLO2Bm7YldMwiTsht2wO3bHHtgDe2JP7IW9sDf2wT74Ir6IL+FLOADriIE4CAfhEByCw3A4DseXcSS+gq/gq5iCo3EMvoav4es4Ds/jeJyAE3Ei1hCTcQpORRLTMRVTcQbOwJk4E2fhbJyNczEN5+F8nI8LcCEuxPdwMb6P7+NSXIrLMR3TMQNXYCZm4kq8gFm4ClfjGlyL63AtbsCNuAE34xbcjNtwG+7AHfgxfoy7cTfuxb24HxUAfoKf4qeYgofxMB7BI3gUj+IxPIbZmI3H8TiewBN4Ek/iKTyFp/EMnsUzeA7P4Xm8gBfxIl7CS3gFn4//uvn+0ptSQORQQok8Io+IETEiv8gvYkWsKCAKiIiIiDgRJwqKgqKQKCSKiCIiXsSL4qK4MMIIEqEoIUqIqIiKUqKUSBAJoowoI5xwIlEkigqigqgoKopK4g5RWdwpqoiqoqOrLqqLGqKTqylqidqitqgj6op6or6oLxqIBqKhaCgaiUaisWgsmoiHRFMxEIfhwyKnMi3EaGwpxmAr0Vq0EW3F6/i4aC/GYQfRUXQST4oJOB67ivYuSTwtuokp2F08K6bic6KnmI69xAuit+gj+ooXRT/RwfUXA8QsHCgGibk4RAwVw8RwsQDripyK1ROvihQxWowRr4nl+LoYJ94Q48UEMVG8KSaJyWKKmCqmiekiVbwlZoi3xUzxjpglZos5Yq5IE/PEfPGuWCAWikXiPbFYvC+WiKVimVgu0sUHIkOsEJniQ7FSfCSyxCqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQO8XHYpfYLfaIvWKf2C8OiE/EQfGpOCQ+E4fF5+KI+EIcFV+KY+IrkS2+FsfFN+KE+FacFN+JU+J7cVqcEWfFD+Kc+FGcFxfERfGTuCQuiyviZ3FVeAESpZBSKhnIPDKvjJH5ZH55nYyV18sC8gYZkTfKOHmTLChvloVkYVlEFpXxspgsLrU00kqSoSwhS8qovEWWkrfKBFlalpFlpZPlZKIsLyvI22RFebusJO+QleWdsoqsKqvJ6vIuWUPeLWvKWrK2vEfWkXVlPVlf3isbyPtkQ3m/bCQfkI3lg7KJfEg2lX+RzeTDsrl8RLaQj8qW8jHZSraWbWRb2U4+LtvLJ2QH2VF2kk/KzrKL7CqfkknyadlNPiO7y2dlj3wge8rnZS/5guwt+8i+8md5VXrZXw6QyXKgHCQHyyFyqBwmh8sR8mU5Ur4iR8lXZYocLcfI1+RY+bocJ9+Q4+UEOVG+KSfJyXKKnCqnyekyVb4lZ8i35Uz5jpwlZ8s5cq5Mk/PksF96WvR/kP/2v8kf9dez75A75cdyl9wt98i9cp/cLw/IA/KgPCgPyUPysDwsj8gj8qg8Ko/JYzJbZsvj8rg8IU/Ik/KkPCVPydPyjPxJ/iDPyR/leXlBXpA/yUvykrzyy9cAFCqhpFIqUHlUXhWj8qn86joVq65XBdQNKqJuVHHqJlVQ3awKqcKqiCqq4lUxVVxpZZRVpEJVQpVUUXUL/nJBocqossqpcipRlf8j+aqUulUlqNL/lP9742un2qn2qr3qoDqoTqqT6qw6q66qq0pSSaqb6qa6q+6qh+qheqqeqpfqpXqr3qqv6qv6qX6qv+qvklWyGqQGqyFqqBqmhqsR6mU1Uo1Uo9QolaJS1Bg1Ro1VY9U4NU6NV+PVRDVRTVKT1BQ1RU1T01SqSlUz1Aw1U81Us9QsNUfNUWkqTc1X89UCtUAtUovUYrVYLVFL1DK1TKWrdJWhMlSmylQr1UqVpVapVWqNWqPWqXVqg9qgNqlNaovaorapbSpL7VQ71S61S+1Re9Q+tU8dUAfUQXVQHVKH1GF1WB1RR9RRdVQdU8dUtspWx9VxdUKdUCfVSXVKnVKn1Wl1Vp1V59Q5dV6dVxfVRXVJXVJX1BV1VV3NuewLRCACFaggT5AniAligvxB/iA2iA0KBAWCSBAJ4oK4oGBwc1AoKBwUCYoG8UGxoHigAxPYgIIwKBGUDKLBLUGp4NYgISgdlAnKBi4oFyQG5YPLwW1BxeD2oFJwR1A5uDOoElQNqgXVg7uCGsHdQc2gVlA7uCeoE9QN6gX1g3uDBsF9QcPg/qBR8EDQOHgwaBI8FDQN/hI0Cx4OmgePBC2CR4OWwWNBq6B10CZoG7T7U/v3/nzhJ1x/PUAn64F6kB6sh+ihepgerkfol/VI/YoepV/VKXq0HqNf02P163qcfkOP1xP0RP2mnqQn6yl6qp6mp+tU/Zaeod/WM/U7epaerefouTpNz9Pz9bt6gV6oF+n39GL9vl6il+plerlO1x/oDL1CZ+oP9Ur9kc7Sq/RqvUav1ev0er1Bb9Sb9Ga9RW/V2/R2vUPv1B/rXXq33qP36n16vz6gP9EH9af6kP5MH9af6yP6C31Uf6mP6a90tv5aH9ff6BP6W31Sf6dP6e/1aX1Gn9U/6HP6R31eX9AX9U/6kr6sr+if9VXtcy7ucz7ejTLK5DF5TIyJMflNfhNrYk0BU8BETMTEmThT0BQ0hUwhU8QUMfEm3hQ3xU0OMmRKmBImaqKmlCllEkyCKWPKGGecSTSJpoKpYCqaiqaSqWQqm8qmiqliqplq5i5zl7nb3G1qmVrmHnOPqWvqmvqmvmlgGpiGpqFpZBqZxqaxaWKamKamqWlmmpnmprlpYVqYlqalaWVamTamjWln2pn2pr3pYDqYTqaT6Ww6m66mq0kySaab6Wa6m+6mh+lhepqeppfpZXqb3qav6Wv6mX6mv+lvkk2yGWQGmSFmiBlmhpkRZoQZaUaaUWaUSTEpZowZY8aasWacGWfGmwlmonnTTDKTzRQz1Uwz002qSTUzzAwz08w0s8wsM8fMMWkmzcw3880Cs8AsMovMYrPYLDFLzDKzzKSbdJNhMkymyTQrzUqTZbLMarParDVrzXqz3mw0G81ms9lsNVvNdrPd7DQ7zS6zy+wxe8w+s88cMAfMQXPQHDKHzGFz2BwxRzwCmGPmmMk22ea4OW5OmBPmpDlpTplT5rQ5bc6as+acOWfOm/PmorloLpnL5or52Vw13sTYfDa/vc7G2uttAXuD/de4iC1q420xW9xqW8gW/qfYWGsTbGlb5u9LTFveJsTkvJa1zpaziba8rWKr2mq2ur3L1rB325q/iRvY+2xDe79tZB+w9e29/xQ3tg/aJvZR29Q+ZpvZ1ra5bWtb2EdtS/uYbWVb2za2re1su9iu9imbZJ+23ewzv4kz7Aq70W6ym+0We9B+ai/an+wJ+629ZC/b/naAHWFftiPtK3aUfdWm2NG/iSfaN+0kO9lOsVPtNDv9N/EcO9em2Xl2vn3XLrALfxOn2w/sYptpl9ildpld/tc4Z0yZ9kO70n5ks+wqu9qusWvtOrvebvjfY11jt9ntdoc9YD+xu+xuu8futfvs/r/GOfM4ZD+zh+3n9rj9xh61X9pj9qTNtl//Nc6Z30n7nT1lv7en7Rl71v5gz9kf7Xl7IWf+PmfuP9if7VXrLRCSIEmKAspDeSmG8lF+uo5i6XoqQDdQhG6kOLqJCtLNVIgKUxEqSvFUjIqTJkOWiEIqQSUpSrdQKbqVEqg0laGy5KgcJVJ5qkC3UUW6nSrRHVSZ7qQqVJWqUXW6i2rQ3VSTalFtuofqUF2qR/XpXmpA91FDup8a0QPUmB6kJvQQNaW/UDN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjpTF+pKT1ESPU3d6BnqTs9SD3qOetLz1IteoN7Uh/rSi9SPXqL+NICSaSANosE0hIbSMBpOI+hlGkmv0Ch6lVJoNI2h12gsvU7j6A0aTxNoIr1Jk2gyTaGpNI2mUyq9RTPobZpJ79Asmk1zaC6l0TyaT+/SAlpIi+g9Wkzv0xJaSstoOaXTB5RBKyiTPqSV9BFl0SpaTWtoLa2j9bSBNtIm2kxbaCtto+20g3bSx7SLdtMe2kv7aD8doE/oIOX75QfuczpCX9BR+pKO0VeUTV/TcfqGTtC3dJK+o1P0PZ2mM3SWfqBz9COdpwt0kX6iS3SZrtDPdJU8QYihCGWowiDME+YNY8J8Yf7wujA2vD4sEN4QRsIbw7jwprBgeHNYKCwcFgmLhvFhsbB4qEMT2pDCMCwRlgyj4S1hqfDWMCEsHZYJy4YuLBcmhuXDCuFtYcXw9rBSeEdYObwzrBJWDR99oHp4V1gjvDusGdYKa4f3hHXCumG9sH54b9ggvC9sGN4fNgofCCuGD4ZNwodC+OV5lebhI2GL8NGwZfhY2CpsHbYJ24btwsfD9uETYYewY9gpfDLsHHYJu4ZPhUnh02G38Jnf3Z8cDgwHhYPDwaH398tl0eXR9OgH0Yzoimhm9MPoyuhH0azoqujq6Jro2ui66ProhujG6Kbo5uiW6Nbotuj26I6o9/XzgkMnnHTKBS6Py+tiXD6X313nYt31roC7wUXcjS7O3eQKuptdIVfYFXFFXbwr5oo77YyzjlzoSriSLupucaXcrS7BlXZlXFnnXDmX6Nq6dq6da++ecB1cR9fJPemedF1cF/eUe8o97bq5Z1x396zr4Z5zPd3z7nn3guvt+ri+7kXXz73k+rsBLtklu0FukBvihrhhbpgb4Ua4kW6kG+VGuRSX4sa4MW6sG+vGuXFuvBvvJrqJbpKb5Ka4KW6am+ZSXaqb4Wa4mW6mCwBgjpvj0lyam+/muwVugVvkFrnFCYvdErfELXPLXLpLdxkuw2W6TLfSrXRZLsutdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdTrfT7XK7clYWbp/b5w64A+6gO+gOuUPusDvsjrgj7qg76o65r1y2+9odd9+4E+5bd9J95065791pd8addT+4c+5Hd95dcBdrgbvkLrsr7md31XmXGnkrMiPydmRm5J3IrMjsyJzI3EhaZF5kfuTdyILIwsiiyHuRxZH3I0siSyPLIssj6ZEPIhmRFZHMyIeRlZGPIlmRVZHVkTWRtZF1CnyxXaEv4Uv6qL/Fl/K3+gRf2pfxZb3z5XyiL+8r+Nt8RX+7r+Tv8JX9nb6Kr+qr+cd8K9/at/FtfTv/uG/vn/AdfEffyT/pO/suvqt/yif5p303/4zv7p/1Pfxzvqd/3vfyL/jevo/v61/0/fxLvr8f4JP9QD/ID/ZD/FA/zA/3I/zLfqR/xY/yr/oUP9qP8a/5sf51P87ngfF+gp/o3/ST/GQ/xU/10/x0n+rf8jP8236mf8fP8rP9HD/Xp/l5fr5/1y/wC/0i/55f7N/3S/xSv8wv9+n+A5/hV/hM/6Ff6T/yWX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+J3+Y7/L7/Z7/F6/z+/3B/wn/qD/1B/yn/nD/nN/xH/hj/ov/TH/lc/2X/vj/ht/wn/rT/rv/Cn/vT/tz/iz/gd/zv/oz/sL/qL/yV/yl/0V/7O/+gefWav7Z95CZ4wxxhj7/8jg39k/8N+8pwBA/NK+7L2/fnfR7H/cLwFga6G/tYeK+M4RAHh6QK+H/77VqZOcnPzLsVkSgpJLASDyLyf4JV4FnaALJEFHqPBvxzdU9LlEv9N/9A6A/P+QEwO/xr/2/8V/0P/jT07MqBxejPtP+l8KkFDy15ycVfjf41XQKWc20BEq/gf9F27/O+PP92UqQId/yIkFgA75/nX8ifAEPANJ/3QkY4wxxhhjjDH2N0NFtR6/t37OWZ/Hq19z8sKv8e+tzxljjDHGGGOMMXbtPden71OPJyV17MENbnAjlzW6/CfHXOvfTIwxxhhjjLE/268X/b++l+9aDogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuF/l/8p7FrPUfGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsWvtfAQAA//8uTzNp") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r3 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmsg(r3, &(0x7f00000000c0)={0x0, 0x952c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) 17.872954887s ago: executing program 1: alarm(0x0) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0xa1000a, &(0x7f0000000280)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) pwrite64(r0, &(0x7f0000000000)="1f", 0x8800000, 0x8000000) 16.929242445s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000080)={0x19, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r5}) 14.411152586s ago: executing program 1: sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957e2013d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0) r0 = creat(0x0, 0x48) ioctl$TIOCSISO7816(r0, 0xc0285443, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a40)={0xffffffffffffffff}) openat$tun(0xffffffffffffff9c, 0x0, 0x400, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000009500040000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000001a00)=@newqdisc={0x54, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x24, 0x2, {{}, [@TCA_NETEM_DELAY_DIST={0x6, 0x2, "58d5"}]}}}]}, 0x54}}, 0x0) close_range(r3, 0xffffffffffffffff, 0x2) recvmmsg(0xffffffffffffffff, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=""/4096, 0x1000}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001b00)=""/85, 0x55}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001e40)=""/224, 0xe0}}], 0x3, 0x0, 0x0) syz_io_uring_setup(0x7290, &(0x7f0000000280)={0x0, 0x0, 0x2}, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = fcntl$dupfd(r7, 0x0, r7) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001640)={{0x14}, [@NFT_MSG_NEWTABLE={0x104, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2001}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xe3, 0x6, "80d8809327133652b1010b569062b825eaa89384198c1417d9223e15876ed9add4e2a8e52ce5589e5f3ba1dd51bcc551169cdd89635e00a4b1f9b20b246510a13060a45dc88bd0f79da051a728efcbeb28f42169ca9b5523427da6d1dc35ebac9ae242d8a34adfe0ce84a9bd3d0ba5ef51a9fce3752fd52b9e5edc134c07dbcc0593c503a5db939f155e78cede2b5eef769e15bf3d89e1fa1cb611f840d764389ae47095f0a373d6d706fb356d5e570a8e72427dc3a6d31892c53e9b14e0881c368691e442791bba14bad54272e43ead7b0d6b4091b19859ab1b0923e35f35"}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0xcc, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0xa4, 0x4, 0x0, 0x1, [{0x80, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x70, 0x2, 0x0, 0x1, [@NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0xe1f}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x9}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_MASK={0x28, 0x4, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_VERDICT_CHAIN_ID={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}, {0x20, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_LEVEL={0x8, 0x5, 0x1, 0x0, 0xfffffff8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x4}}, 0x224}}, 0x40000) setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x4}, {0x6}]}, 0x10) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r9, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0}}, 0x0) recvmmsg(r2, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/188, 0xbc, 0xdf0e}}], 0x1800, 0x2002, 0x0) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x127c, 0xf0ff1f00000000) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xb, &(0x7f0000000000)=""/20, &(0x7f0000000040)=0x14) 8.177564864s ago: executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "5f12dd0000000000eaff00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xff, "8ca0abedae45e69d3120ab4a1a5a8cf4b93736"}) ioctl$TIOCGPTPEER(r2, 0x5441, 0x0) 7.931112331s ago: executing program 3: alarm(0x0) syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0xa1000a, &(0x7f0000000280)=ANY=[], 0x21, 0x1507, &(0x7f0000001b00)="$eJzs3Au4TtX2MPAx5pyLTdKb5D7HHIs3bUyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnf45zO1zmn8//39f/3fZ7vv8fvedbzzvGud8w15h5773ettZ93f9NhSOW6VSrUZmb4b8G/PXQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3sHEX+uh6Zf7QrE1ST9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadn2GTmvly3tbnL/Py2T9///QY4WHvvFxsI3dvwDKdL/tE36n7ZJ/9M26X/aJv1P26T/aZv0P22T/guRlv3X7x3L3w7+J2xX+/tPCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIUTacCH8ygDA38dXuy4hhBBCCCGEEEL8eUL6q12BEEIIIYQQQggh/u9DUKDBQATpID2kQAbICNdAJrgWMsN1kIDrIQvcAFnhRsgG2SEH5IRckBvygAUCBwwx5IV8kISbID/cDKlQAApCIfBQGIpAUSgGt0BxuBVKwG1QEm6HUlAaykBZuAPKwZ1QHu6CCnA3VIRKUBmqwD1QFe6FanAfVIf7oQY8ADXhQagFf4Ha8BDUgYehLjwC9eBRqA8NoCE0gsb/pfwXoAu8CF2hG3SHHtATekFv6AN9oR/0h5dgALwMA+EVGASDYQi8CkPhNRgGr8NwGAEj4Q0YBaNhDIyFcTAeJsCbMBHegknwNkyGKTAVpsF0mAEz4R2YBbNhDrwLc+E9mAfzYQEshEXwPiyGJbAUPoBl8CEshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHj2AH7IRdsBv2wF7YBx/DfvgEDsCncBA++4P55/8lvyMCAipUaNBgOkyHKZiCGTEjZsJMmBkzYwITmAWzYFbMitkwG+bAHJgLc2EezIOEhIyMeTEvJjGJ+TE/pmIqFsSC6NFjESyCxfAWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LYwWsgBWxIlbGyngP3oP3YjWshtWxOtbAGlgTa2ItrIW1sTbWwTpYF+tiPayH9bE+NsSG2BgbYxNsgk2xKTbH5tgCW2ArbIWtsTW2wTbYFttiO2yH7bE9dsAO2BE7YSd8AV/AF/FF7IYVVQ/siT2xN/bGvtgP++FLOABfxpfxFRyEg3EIvoqv4ms4DM/hcByBI3EkllOjcQyORVbjcQJOwIk4ESfhJJyMU3AKTsPpOANn4kychbNxNr6Lc/E9fA/n43xciItwES7GJbgUl+IyPI/LcQWuxFW4GtfgalyH63EdbsRNuBG34BbchtvwI/wId+JO3I27cS8aAPwYP8FPcBAexIN4CA/hYTyMR/AIHsWjeAyP4XE8jifwBJ7Ek3gKT+MZPI1n8Syew/N4AS/gRbyIl/C5XF/V2VtgwyBQVxhlVDqVTqWoFJVRZVSZVCaVWWVWCZVQWVQWlVVlVdlUNpVD5VC5VC6VR+VRpEixilVelVclVVLlV/lVqkpVBVVB5ZVXRVQRVUwVU8VVcVVC3aZKqttVKVVaNfNlVVlVTjX35dVdqoKqoCqqSqqyqqKqqKqqqqqmqqnqqrqqoWqomupBVUv1wL74kLrSmbpqMNZTQ7C+aqAaqkbqNXxMNVHDsKlqppqrJ9QIHI6tVBPfWj2l2qgx2FY9o8bis6q9Go8d1POqo+qkOqsXVBfV1HdV3dRk7KF6qmnYW/VRfVU/NQsrqSsdq6xeUYPUYDVEvaoW4mtqmHpdDVcj1Ej1hhqlRqsxaqwap8arCepNNVG9pSapt9VkNUVNVdPUdDVDzVTvqFlqtpqj3lVz1XtqnpqvFqiFapF6Xy1WS9RS9YFapj5Uy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtU9vVR2qH2ql2qd1qj9qr9qmP1X71iTqgPlUH1WfqkPpcHVZfqCPqS3VUfaWOqa/VcfWNOqG+VSfVd+qUOq3OqO/VWfWDOqfOqwvqR3VR/aQuqZ/VZRUUaNRKa210pNPp9DpFZ9AZ9TU6k75WZ9bX6YS+XmfRN+is+kadTWfXOXROnUvn1nm01aSdZh3rvDqfTuqbdH59s07VBXRBXUh7XVgX0UV1MX2LLq5v1SX0bbqkvl2X0qV1GV1W36HL6Tt1eX2XrqDv1hV1JV1ZV9H36Kr6Xl1N36er6/t1Df2Arqkf1LX0X3Rt/ZCuox/WdfUjup5+VNfXDXRD3Ug31o/pJvpx3VQ30831E7qFbqlb6Sd1a/2UbqOf1m31M7qdfla318/pDvp53VF30p31z/qyDrqr7qa76x66p+6le+s+uq/up/vrl/QA/bIeqF/Rg/RgPUS/qofq1/Qw/boerkfokfoNPUqP1mP0WD1Oj9cT9Jt6on5LT9Jv68l6ip6qp+npeobu+8tMc/4P8t/6N/kD/3r0bXq7/kjv0Dv1Lr1b79F79T69T+/X+/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Cn9Qn9Sl9Wv+ov9dn9Q/6nD6vz+sf9UV9UV/65WsABo0y2hgTmXQmvUkxGUxGc43JZK41mc11JmGuN1nMDSarudFkM9lNDpPT5DK5TR5jDRln2MQmr8lnkuYm/OWEwhQ0hYw3hU0RU/SP5Jv85maTagr8U/7v1dfYNDZNTBPT1DQ1zU1z08K0MK1MK9PatDZtTBvT1rQ17Uw70960Nx1MB9PRdDSdTWfTxXQxXU1X0910Nz1NL9Pb9DF9TT/T37xkBpgBZqAZaAaZQWaIGWKGmqFmmBlmhpvhZqQZaUaZUWaMGWPGmXFmgplgJpqJZpKZZCabyWaqmWqmm+lmpplpZplZZo6ZY+aauWaemWcWmAVmkVlkFpvFZqlZapaZZWa5WWFWmFVmlVlj1ph1Zp3ZYDaYTWaT2WK2mOVmu9ludpgdZpfZZfaYPWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5oQ5YU6ak+aUOWXOmDPmrDlrzplz5oK5YC6ai+aSuWQum8tXTvsiFanIRCZKF6WLUqKUKGOUMcoUZYoyR5mjRJSIskRZoqzRjVG2KHuUI8oZ5YpyR3kiG1HkIo7iKG+UL0pGN0X5o5uj1KhAVDAqFPmocFQkKhoVi26Jike3RiWi26KS0e1Rqah0VCYqG90RlYvujMpHd0UVorujilGlqHJUJbonqhrdG1WL7ouqR/dHNaIHoprRg1Gt6C9R7eihqE70cFQ3eiSqFz0a1Y8aRA2jRlHjP3X+EM5lf9x3td1sd9vD9rS9bG/bx/a1/Wx/+5IdYF+2A+0rdpAdbIfYV+1Q+5odZl+3w+0IO9K+YUfZ0XaMHWvH2fF2gn3TTrRv2Un2bTvZTrFT7TQ73c6wM+07dpadbefYd+1c+56dZ+fbBXahXWTft4vtErvUfmCX2Q/tcrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Hb7kd1hd9pddrfdY/faffZju99+Yg/YT+1B+5k9ZD+3h+0X9oj90h61X9lj9mt73H5jT9hv7Un7nT1lT9sz9nt71v5gz9nz9oL90V60P9lL9md72YYrJ/dX3t7JkKF0lI5SKIUyUkbKRJkoM2WmBCUoC2WhrJSVslE2ykE5KBflojyUh65gYspLeSlJScpP+SmVUqkgFSRPnopQESpGxag4FacSVIJKUkkqRaWoDJWhO+gOupPupLvoLrqb7qZKVImqUBWqSlWpGlWj6lSdalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqTI2pCTWhptSUmlNzakEtqBW1otbUmtpQG2pLbakdtaP21J46UAfqSB2pM3WmLtSFulJX6k7dqSf1pN7Um/pSX+pP/WkADaCBNJAG0SAaQkNoKA2lYTSMhtMIGklv0CgaTWNoLI2j8TSBJtBEmkiTaBJNpsk0labSdJpOM2kmzaJZNIfm0FyaS/NoHi2gBbSIFtFiWkxLaSkto2W0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSdttMO2kG7aBftoT20j/bRftpPB+gAHaSDdIgOBQSgI3SEjtJROkbH6DgdpxN0gk7SSTpFp+gMnaGzdJbO0Tm6QBfoIv1El+hnukyBUlwGl9Fd4zK5a11md5371ziHy+lyudwuj7Mum8v+TzE551JdAVfw75eYrqhLTbnyWMh5V9gVcUVdKVfalXFl3R2unLvTlf9NXNXd66q5+1x1d7+r4u75p7iGe8DVdI+4Wu5RV9s1cHVcI1fXPeLquUddfdfANXSNXAvX0rVyT7rW7inXxj39m3ixW+LWuw1uo9vk9rtP3AX3ozvuvnEX3U+uq+vm+ruX3AD3shvoXnGD3ODfxCPdG26UG+3GuLFunBv/m3iqm+amuxlupnvHzXKzfxMvcu+7uW6pm+fmuwVu4V/jKzUtdR+4Ze5Dt9ytcCvdKrfarXFr3br/Xesqt8VtddvcPvex2+F2ul1ut9vj9v41vrKOA+5Td9B95o65r91h94U74k64o+6rv8ZX1nfCfetOuu/cKXfanXHfu7PuB3fOnb+y/nBl7d+7n91lFxwwsmLNhiNOx+k5hTNwRr6GM/G1nJmv4wRfz1n4Bs7KN3I2zs45OCfn4tychy0TO2aOOS/n4yTfxPn5Zk7lAlyQC7HnwlyEi3IxvoWL861cgm/jknw7l+LSXIbL8h1cju/k8nwXV+C7uSJX4spche/hqnwvV+P7uDrfzzX4Aa7JD3It/gvX5oe4Dj/MdfkRrsePcn1uwA25ETfmx7gJP85NuRk35ye4BbfkVvwkt+anuA0/zW35GW7Hz3J7fo478PPckTtxZ36Bu/CL3JW7cXfuwT25F/fmPtyX+3F/fokH8Ms8kF/hQTyYh/CrPJRf42H8Og/nETyS3+BRPJrH8Fgex+N5Ar/JE/ktnsRv82SewlN5Gk/nGTyT3+FZPJvn8Ls8l9/jeTyfF/BCXsTv82Jewkv5A17GH/JyXsEreRWv5jW8ltfxet7AG3kTb+YtvJW38Xb+iHfwTt7Fu3kP7+V9/DHv5wy//MB9xof4cz7MX/AR/pKP8ld8jL/m4/wNn+Bv+SR/x6f4NJ/h7/ks/8Dn+Dxf4B/5Iv/El/hnvsyBIcZYxTo2cRSni9PHKXGGOGN8TZwpvjbOHF8XJ+Lr4yzxDXHW+MY4W5w9zhHnjHPFueM8sY0pdjHHcZw3zhcn45vi/PHNcWpcIC4YF4p9XDguEheNi8W3xMXjW+MS8W1xyfj2uFRcOn7k/rLxHXG5+M64fHxXXCG+O64YV4orx1Xie+Kq8b1xtfi+uHp8f1w8fiCuGT8Ywy+fV6kTPxzXjR+J68WPxvXjBnHDuFHcOH4sbhI/HjeNm8XN4yfiFnHLuFX8ZNw6fipuEz/9u/u7xz3innGvuFccwn16QXJhclHy/eTi5JLk0uQHyWXJD5PLkyuSK5OrkquTa5Jrk+uS65MbkhuTm5Kbk1uSW5PbkiFUSQ8evfLaGx/5dD69T/EZfEZ/jc/kr/WZ/XU+4a/3WfwNPqu/0Wfz2X0On9Pn8rl9Hm89eefZxz6vz+eT/iaf39/sU30BX9AX8t4X9kV8I9/YN/ZN/OO+qW/mm/sn/BO+pW/pn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/a9fV/f1/f3/f0AP8AP9AP9ID/ID/FD/FA/1A/zw/xwP9yP9CP9KD/Kj/Fj/Dg/zk/wE/xEP9FP8pN8BABT/VQ/3U/3M/1MP8vP8nP8HD83da6f5+f5BX6BX+QX+cV+sV/ql/plfplf7pf7lX6lX+1X+7V+rV/v1/uNfqPf7Df7rX6r3+63+x1+h9/ld/k9fo/f5/f5/X6/P+AP+IP+oD/kD/nD/rA/4r/0R/1X/pj/2h/33/gT/lt/0n/nT/nT/oz/3p/1P/hz/ry/4H/0F/1P/pL/2V/2wU9IvJmYmHgrMSnxdmJyYkpiamJaYnpiRmJm4p3ErMTsxJzEu4m5ifcS8xLzEwsSCxOLEu8nFieWJJYmPkgsS3yYWJ5YkViZWJVYnVhjIOTeEYe8IV9IhptC/nBzSA0FQsFQKPhQOBQJRUOxcEsoHm4NJcJtoWS4PZQKpUOZ8GioHxqEhqFRaBweC03C46FpaBaahydCi9AytApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86Fj6BQ6hxdCl/Bi6Bq6he6hR+gZeoXeoU/oG/qF/uGlMCC8HAaGV8KgMDgMCa+GoeG1MCy8HoaHEWFkeCOMCqPDmDA2jAvjw4TwZpgY3gqTwtthcpgSpoZpYXqYEWaGd8KsMDvMCe+GueG9MC/MDwvCwrAovB8WhyVhafggLAsfhuVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS9gatoXt4aOwI+wMu8LusCfsDfvCx2F/+CQcCJ+Gg+GzcCh8Hg6HL8KR8GU4Gr4Kx8LX4Xj4JpwI34aT4btwKpwOZ8L34Wz4IZwL58OF8GO4GH4Kl8LP4fIf/MxapT/zFroQQgghxP9Hev3O/h7/5jkDAOqX8U8hhGt35jz6j/s1AGzO9rdxH5WrRQIAnurW4aG/bxUrdu/e/ZfXLtcQ5ZsPAIl/OcAv8QpoDi2hNTSDYv+2vj6q00X+nfmTtwFk/IecFPg1/nX+z/+D+R97YuTikvGFLP/J/PMBUvP9mnPlKvzv8QpofmU10AyK/wfzZ2/yO/Vn+GICQNN/yMkEAE0z/Gv9ReBxeBpa/9MrhRBCCCGEEEKIv+mjyrT7vevnK9fnucyvOenh1/j3rs+FEEIIIYQQQghx9T3bqfOTj7Vu3aydDGQggzQ2aPmfvOZq/2YSQgghhBBC/Nl+Pen/9bkMV7MgIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAiDfp/8Z/GrvYahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//D5g3fQ==") pwrite64(0xffffffffffffffff, &(0x7f0000000000)="1f", 0x8800000, 0x8000000) 7.680104822s ago: executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000001c0), 0xff13) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = socket(0xa, 0x6, 0x0) getsockopt$inet6_mreq(r1, 0x10d, 0xdb, 0x0, &(0x7f0000000000)) 7.534677868s ago: executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') getdents(r0, &(0x7f0000000000)=""/24, 0x18) getdents64(r0, &(0x7f0000000080)=""/151, 0x97) 7.352107577s ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f00000003c0), 0xfd, 0x45d, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H68bZvQikfLS0ECiLiI2nSAj1wAYEEEkhIcCjHkKRVqNugJki0KjQgVI6oEnfEEYm/gAtwQcAJiSvcUaUK9dLCyWjtdeI4cYgTx07r30/aZMa7m3ke744zu2M7gJ41lP1IIvZExO8RMVCtLt9gqPrr1o1Lk3/fuDSZRLn85l9JZbubNy5N1jat7fe/vDKcRqSfJg1/sGruwsUzE6XS9Pm8Pjp/9r3RuQsXn545O3F6+vT0ufETJ44fG3vu2fFn2pJnltfNgx/NHjrwyttXX588efWdn7/JwtqTr6/Po12GDn/XdN1j7W6sy/bWlZO+LgZCSwoRkR2uYqX/D0Qhlg7eQLz8SVeDA7ZUuVwu72i+eqEM3MGS6HYEQHfU/tFn17+1pUNDj23h+gvVC6As71v5Ul3TF2m+TbHh+radhiLi5MI/X2ZLbNF9CACAet9n45+nKuOOV/sj6sZ/adxbt93/8zmUwYi4KyL2RcTdEbE/Iu6JqGx7X0Tc32L7Qw31leOf9NqGElunbPz3fD63tXz8Vxv9xWAhr+2t5F9MTs2Upo/mz8lwFHdk9bE12vjhpd8+b7aufvyXLVn7tbFgHse1voYbdFMT8xObybne9Y8jDvatln+yOBOQRMSBiDi4wTZmnvj6ULN1/53/Gtowz1T+KuLx6vFfiIb8a5K15ydHd0Zp+uho7axY6Zdfr7zRrP1N5d8G2fHfver5v5j/YFI/XzvXehtX/vis6TXNes//nXX7ZOd/f/JWpdyfP/bBxPz8+bGI/uS1lY+PL+1bq9e2z/IfPrJ6/98XS8/EAxGRncSHI+LBiHgoj/3hiHgkIo6skf9PLz767sbzj/rXorbL8p9q6fi3Xiic+fHb9ef/Yaw8/scrpeH8kfW8/q03wM08dwAAAHC7SCvvgU/SkcVymo6MVN/Dvz92p6XZufknT82+f26q+l75wSimp2Z2VfYdqLsfOpbfG67Vxxvqx/L7xl8UdlXqI5OzpaluJw89Luvne6rdeVn/z/xZ6GpoQCe0NI+2a+viADrP5zWhd+n/0Lv0f+hd+j/0rtX6/+UuxAF0XrX/r/ItfWta2JJYgM4y/ofepf9D79L/oSdt7HP9lzfxbQB3ZqG4PcLoYCHSbRHG7VGInRHbIIxWCt1+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiPfwMAAP//Hhfhsg==") openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10) fcntl$dupfd(r0, 0x0, r1) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$kcm(0x10, 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) add_key(0x0, &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000480), 0x0, 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000000100), 0x0, 0x0) ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000002600)={0x0, 0x1, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0) recvmmsg(r3, &(0x7f0000002640)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 7.20600653s ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000046000000fcffffff95"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r0}, 0x10) 6.940969597s ago: executing program 1: openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x77359400}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$inet6(0xa, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='./control\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x0, 0x0, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x0) connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r2 = socket$unix(0x1, 0x1, 0x0) connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r1, 0x800) 6.934420309s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 6.770856301s ago: executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500}, 0x48) r1 = getgid() r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0) write$FUSE_ENTRY(r2, &(0x7f00000005c0)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0xffffffff00000000, 0x5, 0xfffffff8, {0x2, 0x3, 0x5, 0x100000001, 0x3f7, 0x4, 0xfff, 0x4, 0xfffffffc, 0x8000, 0x400, 0xffffffffffffffff, r1, 0x4, 0x1}}}, 0x90) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r4 = openat(r3, &(0x7f0000000040)='.\x00', 0x200000, 0x0) mkdirat(r4, &(0x7f0000000140)='./bus\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mount$bpf(0x0, &(0x7f0000001040)='./bus\x00', &(0x7f0000001080), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='context']) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x20808a, &(0x7f00000003c0)={[{@block_validity}]}, 0xfe, 0x51a, &(0x7f00000008c0)="$eJzs3V9rZGcZAPDnnGSySZOaVL2ohdZild2iO5M0to1etBXFu4JS79eQTELIJBMyk3YTiqT4AQQRLXjllTeCH0CQfgQpFOy9qCiiu3rhhXrkzJzZzc6e2WQxMxOT3w/Omfe858/zvMnmzHv+7DkBXFnPR8QbETERES9GxHxRnxZDHHeHfLm7d95dy4d8zlt/TSIp6vq3OVusNt39KNU6PNpebTTq+8V0rb2zV2sdHt3c2lndrG/Wd5eXl15ZeXXl5ZXFx2/UwsNVebte+8Yff/yDn3/ztV9/6Z3f3frzje/l+X+9t8Dxw+04Dx93xpX8Z3HPZETsDyPYGEwU7amMOxEAAM4k7+N/MiI+1+n/z8dEpzfX0d+lmx59dgAAAMB5yF6fi38lERkAAABwab0eEXORpNXiXoC5SNNqtXsP76fjibTRbLW/uNE82F3P50UsRCXd2GrUF4t7aheikuTTS8Vtt73pl/qml78S8VRE/Gh+pjNdXWs21sd98gMAAACuiNm+4/9/zHeP/wEAAIBLpuR5WQAAAMAlM+j4PxlxHgAAAMDwDDr+vzbiPAAAAICh+Nabb+ZD1nuP9/rbhwfbzbdvrtdb29Wdg7XqWnN/r7rZbG52ntm3c9r2Gs3m3pdj9+B2rV1vtWutw6NbO82D3fatLe8PBAAAgHF56rMffJxExPFXZzpDbiofTQxYwbMC4NJIH2fhPwwvD2D0Bn3NA5ff5LgTAMbneNwJAOP2wKM+SjoFJ2/eSU8u/JshJgUAAJyr658pv/6fHwJUxp0cMFSPdf0fuFRc/4er60zX/++f/P9wmLkAo1XRA4Ar77RXfQx8eEfZ9f+psgWz7NRtAQAAQzXXGSdptbgWOBdpWq1GPNn5r/6VZGOrUV+MiE9ExG/nK9fy6aXuOl4PCAAAAAAAAAAAAAAAAAAAAAAAAABnlGVJZAAAAMClFpH+KYmImQHnB6aSf85H8Uqvd3761k9ur7bb+0t5/d/u1bffL+pfGumpCwAAAGCA3nF67zgeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM7T3TvvrhXD1Cjj/uVrEbHwQPy17pzJmO58TkclIp74exKTJ9ZLImLiHOIfvxcRT5fFT/K0YqHIoj9+GhEzo4n/bJZlpfFnzyE+XGUf5PufN8r+/tJ4vvNZ/vc/WQz/q8H7v/Te/m9iwP7vyTPGeOajX9YGxn8v4pnJ8v1PL34yIP4LZRss+aF89ztHRw9Vdjce2c8irkd5/JOxau2dvVrr8Ojm1s7qZn2zvru8vPTKyqsrL68s1ja2GvViXNrGHz77q//0Vf076+q0PwbEXzil/Z/PC5UTlVl/mCLYR7fvfKpbrPRtohP/xgvlv/+nHxE//zfxheJ7IJ9/vVc+7pZPeu4XHz5XmlgRf31A+0/7/d8YtNE+L377+78/46IAwAi0Do+2VxuN+v7QC+9nWTaqWGcq7M1eiDQuSqHXuxtaiOmL0tL/x8K1iBhd0PM4swUAAFw09zv9484EAAAAAAAAAAAAAAAAAAAArq7WYaTDfpxYf8zj8TQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/hsAAP//zeHaBw==") open(&(0x7f0000000300)='.\x00', 0x0, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sysvipc/shm\x00', 0x0, 0x0) shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) connect$unix(r5, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e23}, 0x6e) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x5}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x5, 0x33}, {0x7fff, 0x9, 0x80, 0x4}, {0x4, 0x2f, 0x3f, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000180)={r7}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) ftruncate(0xffffffffffffffff, 0xc17a) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000480)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000080)={r8, 0x3, r6, 0x5}) shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ffc000/0x3000)=nil) socket$netlink(0x10, 0x3, 0x1d) 6.704010131s ago: executing program 4: r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x26, 0x19, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 6.250015413s ago: executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000001c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x478, 0x2b8, 0x9403, 0x3002, 0x2b8, 0x2c0, 0x3a8, 0x3d8, 0x3d8, 0x3a8, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2b8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x80, 0x1, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d8) 6.037594531s ago: executing program 4: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCMIWAIT(r0, 0x545c, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 5.855755096s ago: executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r1, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @dev}}}, 0x118) 5.659483289s ago: executing program 3: r0 = add_key$keyring(&(0x7f0000000340), &(0x7f00000004c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, &(0x7f0000000500)) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_IO(r1, 0x2285, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) write$sndseq(r2, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38) ioctl$SG_GET_REQUEST_TABLE(r2, 0x2286, &(0x7f00000018c0)) 5.644982265s ago: executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x208004, &(0x7f0000000080)=ANY=[], 0x1, 0x6ff, &(0x7f0000001140)="$eJzs3U9v2+YZAPBHjtN6HlAM21AUQZqyaQ8JkDqS3Dowehg0mXbYyqJAykWCHYqicYagTjs0G7B4h66XbjvsI+zQ675Ev8Ru+wy97zQPpP7ETmzZS1K7CH4/IeYr8iHf56UFPqZCUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKO71my2GtHL+lu3kqN114p8c8byyfa+OzCZ0W9Eo/oXCwvx2mjWa798tPjV6sfluDh6djEWqslC7P701Z+9/4v5ucn6MxI6FQ8e7n72yc7O9pdnncgZ2Uj7WZlnm52NNMnKPFldWWlev7leJutZLy1vl8N0M+kWaWeYF8mV7tWktbq6nKRLt/Ot/sZap5dOZt54p91sriQfLA3STlHm/esfLJXdm1mvl/U36phqcRVzI/ntF8WH2TAZpp3NJLl7b2d7+bgkq6DWSYLaxwW1m+12q9Vut1beW33vRrM5324uxIEZzcfEgVWSZnN+8qJtjF/pJ97X+/zraVbiBzN34Fn8efZv9nkduuGZzY3rf/Qii35sxa1IDn10Yy2KyGPziOVj30X8qW5cT2f2u7/+T6r8a48WX6h+XF4YP7t0VP0/IpfTezyIh7Ebn8UnsRM7sR1fnnlGp/vYiDT6kUUZeWSxGZ16TjKek8RqrMRKNOPjuBnrUUYS65FFL9Io43aUMYy0fkV1o4g0OjGMPIpI4kp042ok0YrVWI3lSCKNpbgdeWxFPzZiLTr1Vu7GvXq/L8/IcRrUOklQe0bQpJi/NH5dzj/xB8Hs+n9jWv//UdeHB2+fQnHix+HcpDE99D63gzg8pb1J/Y+9vf/uVc46IwAAAOB5a9TvvjcuvTR9vp710t+ccVYAAADA81RfhnyxmpyvWq9Hozr/b551WgAAAMBz1IhL43cBFuONUWvySShvAgAAAMALov7//0vVZLFqvREN5/8AAADwovnro3vs78ah99gtB3MRMR8Rja8Ht95u3O9UcZ3750brnXt8i8P1C41XxhupJyvz42fd9GJjfPfL6U0wvx9P7h53r/9GUZx/1gQe3XPzzTuj6Z3pkrqXxfWsly518977reh0XpkbpreGf/j83h8jqt7/1t98pRF37+1sL336xc6dOpevq618fX98N/fG/5HL7+P1UczrL8cTI96Nxvn6gxjjfhdH/Tb3j388lsmQfnKCPr+ZxFxeHE0XD45/oeqztXTU6BcbL4/Xf6aRfzMJfuvKW6PJIVm0Z2RR74v2/v3/2L44URbx1vFZLB+XxfIzZgFwVu5Oq9DBunt+Wv+fqLtPcZQ7ner+TVwZxVy5UB9Y5y8cckRvHnpE3zv3WI19+ur2z7g6irk6CT6qxlZj/vu031bd77fVCt8e2W/Zm+yQ+7+L63MPd9+5V8duf95uL680320232vH+XoY40mV6X/UHgAOulxf/z/rO3YOjzgX8dKkdr8bb44iHp1VVzVpWvF+Pr2kYCk+jS9iJ+7EtfrTBvUVB4f2u7jvMoRrcXmc7OFnrYv7vuHl2jFndaPYyd8uJ4kdfb0MALxILh9Th6f1f/JdfJOIuoSO6v+1fefdC4ecdx+s5bPPjvfXcgDgh5EW3zcWh39pFEU2+Li1utrqDG+mSZF3P0yKbG0jTbL+MC26Nzv9jTQZFPkw7+a9qvFRtpaWSbk1GOTFMFnPi2SQl9mtX0XWS5PxV7+X6WanP8y65aCXdso06eb9Yac7TNayspsMtn7dy8qv9vb2qpXLQdrN1rNuZ5jl/aTMt4puupQkZZqOA2+mRZKtpf1htp5VzX4yKLKXo7idfJT3tjbTZC0tu0U2GOZFnc2kr6y/nheb9WaXznpnA8CPxIOHu599srOz/eXhjYU4clHd+Pfs1UeNsx4jAHDQrCr9xNVnAAAAAAAAAAAAAADAmTjm839P32g8NmcuIn6ovl64xt5Xp9LX5AMefjtPNr7dNyf5EeRz6o0zPjABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCH+FwAA//96oU/f") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 5.566022599s ago: executing program 4: r0 = socket$pppl2tp(0x18, 0x1, 0x1) syz_emit_ethernet(0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c220000050a245d5cde0080045000028000400000002907800000000ffffffff11e09078000000e762ea000000000000000000001cd7a94f6029632c41b20f3da208792271703510d0e6487760ff95ec07e3"], 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000540)=0x9) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000500)) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000300)) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)) ioctl$TIOCSTI(r1, 0x5412, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x7e) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) syz_open_dev$admmidi(0x0, 0x20, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'batadv_slave_0\x00', 0x3ff}) 5.406863864s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000080)={0xff, "0600100000000000c64c3b6e55032a75e5318fca4388c2ffbdbec772020acd2c"}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r5 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) r6 = add_key$user(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x2}, &(0x7f0000000800)='c', 0x1, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r5, r6}, &(0x7f0000001400)=""/86, 0x56, &(0x7f00000000c0)={&(0x7f0000000100)={'crct10dif-generic\x00'}}) keyctl$instantiate_iov(0x14, 0x0, 0x0, 0x0, r6) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2}) 5.319886023s ago: executing program 2: r0 = dup(0xffffffffffffffff) write$cgroup_pid(r0, 0x0, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = gettid() r2 = signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8) readv(r2, 0x0, 0x0) close(r2) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) rt_sigreturn() mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) setxattr$trusted_overlay_nlink(0x0, 0x0, 0x0, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) 4.594991406s ago: executing program 0: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) openat$dsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r5 = accept4(r4, 0x0, 0x0, 0x0) sendmsg$alg(r5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x0) utime(0x0, 0x0) recvmmsg(r5, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) sendto$packet(r5, &(0x7f00000000c0)='\x00', 0xffffffffffffff64, 0x200448d4, 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f00000004c0), 0xb) ftruncate(r0, 0x0) write$cgroup_int(r0, &(0x7f0000000040), 0xfea0) 4.285932133s ago: executing program 3: ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) syz_emit_vhci(0x0, 0x22) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@global=@item_4={0x3, 0x1, 0x0, "9b4d3948"}, @main=@item_012={0x1, 0x0, 0x8, "9f"}, @local=@item_4={0x3, 0x2, 0x0, "6d1fa409"}, @main=@item_012={0x2, 0x0, 0x0, "1a79"}]}}, 0x0}, 0x0) 4.055243077s ago: executing program 4: socket$packet(0x11, 0x0, 0x300) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0) getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) r4 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x4) sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@ipv6_getrule={0x1c}, 0x1c}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1}, 0x24}}, 0x0) 2.262993805s ago: executing program 4: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, 'WNib'}, @local=@item_4, @main=@item_4]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGCOLLECTIONINDEX(r1, 0x40184810, &(0x7f0000000000)={0x3, 0xffffffff}) 839.520042ms ago: executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYRES16=r0], 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x0) accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x80800) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000001500)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r4, &(0x7f0000000240)={0x0, {'syz0\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000040)=""/2, 0x2}}, 0x120) 668.643674ms ago: executing program 3: syz_emit_ethernet(0x6a, &(0x7f0000000080)={@local, @broadcast, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "4f3bf5", 0x30, 0x3a, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, {[], @dest_unreach={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "e84197", 0x0, 0x3b, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote}}}}}}}, 0x0) 315.326562ms ago: executing program 3: r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0) write$nci(r0, 0x0, 0x0) write$eventfd(0xffffffffffffffff, 0x0, 0x0) write$nci(r0, 0x0, 0x0) 0s ago: executing program 2: socket$inet6_icmp(0xa, 0x2, 0x3a) socket$nl_route(0x10, 0x3, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000001c00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_begin\x00', r1}, 0x10) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = dup(r4) ioctl$KVM_SET_MSRS(r5, 0xc048aeca, &(0x7f0000000040)=ANY=[@ANYRES16=r0]) kernel console output (not intermixed with test programs): ff90847cf69 code=0x0 [ 473.859022][ T7996] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 473.917948][ T7998] syz-executor.3: attempt to access beyond end of device [ 473.917948][ T7998] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 473.931729][ T7998] FAT-fs (loop3): unable to read boot sector [ 474.329134][ T7996] nvme_fabrics: missing parameter 'transport=%s' [ 474.336476][ T7996] nvme_fabrics: missing parameter 'nqn=%s' [ 474.369950][ T29] audit: type=1326 audit(1717740959.793:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8004 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa87127cf69 code=0x0 [ 474.547388][ T8000] nvme_fabrics: missing parameter 'transport=%s' [ 474.554357][ T8000] nvme_fabrics: missing parameter 'nqn=%s' [ 474.965942][ T8016] loop0: detected capacity change from 0 to 256 [ 475.381921][ T43] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 475.468749][ T8022] loop4: detected capacity change from 0 to 128 [ 475.644034][ T43] usb 3-1: Using ep0 maxpacket: 32 [ 475.680838][ T8022] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 475.704244][ T8022] ext4 filesystem being mounted at /root/syzkaller-testdir3580042741/syzkaller.ZynHAt/19/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 475.746699][ T5077] Bluetooth: hci0: unexpected event for opcode 0x2040 [ 475.773605][ T43] usb 3-1: config index 0 descriptor too short (expected 35577, got 27) [ 475.782467][ T43] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 475.791507][ T43] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 475.802060][ T43] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 475.811294][ T43] usb 3-1: config 1 has no interface number 0 [ 475.817801][ T43] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 475.827219][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 475.866772][ T8025] tc_dump_action: action bad kind [ 475.992432][ T43] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found [ 476.076501][ T7372] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 476.206832][ T43] snd_usb_pod 3-1:1.1: endpoint not available, using fallback values [ 476.216175][ T43] snd_usb_pod 3-1:1.1: invalid control EP [ 476.222243][ T43] snd_usb_pod 3-1:1.1: cannot start listening: -22 [ 476.229244][ T43] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected [ 476.239199][ T43] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 476.469943][ T5116] usb 3-1: USB disconnect, device number 15 [ 476.520178][ T29] audit: type=1326 audit(1717740961.943:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff90847cf69 code=0x0 [ 476.621736][ T43] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 477.032270][ T43] usb 4-1: config 0 has an invalid interface number: 91 but max is 3 [ 477.040659][ T43] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 477.050026][ T43] usb 4-1: config 0 has an invalid interface number: 227 but max is 3 [ 477.058562][ T43] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 477.069038][ T43] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 477.081696][ T43] usb 4-1: config 0 has no interface number 0 [ 477.088016][ T43] usb 4-1: config 0 has no interface number 1 [ 477.095760][ T43] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 477.107420][ T43] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 477.118565][ T43] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 477.129929][ T43] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 477.141482][ T43] usb 4-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 477.155141][ T43] usb 4-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 477.165340][ T43] usb 4-1: config 0 interface 91 has no altsetting 0 [ 477.175840][ T43] usb 4-1: config 0 interface 227 has no altsetting 0 [ 477.183931][ T43] usb 4-1: Dual-Role OTG device on HNP port [ 477.231871][ T43] usb 4-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 477.241988][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.313699][ T43] usb 4-1: config 0 descriptor?? [ 478.129814][ T8064] loop0: detected capacity change from 0 to 1024 [ 478.180978][ T8036] loop3: detected capacity change from 0 to 4096 [ 478.215377][ T8036] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 478.268042][ T8065] loop1: detected capacity change from 0 to 1024 [ 478.397625][ T8064] hfsplus: filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. leaving read-only. [ 478.456717][ T8070] ip6tnl1: entered promiscuous mode [ 478.462367][ T8070] ip6tnl1: entered allmulticast mode [ 478.626270][ T8036] ntfs3: loop3: failed to convert "c46c" to macceltic [ 478.636822][ T8068] tc_dump_action: action bad kind [ 479.041977][ T8073] CIFS: iocharset name too long [ 479.105492][ T43] usb 4-1: string descriptor 0 read error: -71 [ 479.115558][ T43] keyspan 4-1:0.91: Keyspan - (without firmware) converter detected [ 479.139790][ T43] keyspan 4-1:0.227: Keyspan - (without firmware) converter detected [ 479.360529][ T43] usb 4-1: USB disconnect, device number 19 [ 479.371624][ T43] keyspan 4-1:0.91: device disconnected [ 479.380821][ T43] keyspan 4-1:0.227: device disconnected [ 479.572358][ T5116] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 479.595240][ T8084] loop1: detected capacity change from 0 to 256 [ 479.833959][ T5116] usb 3-1: Using ep0 maxpacket: 8 [ 479.982911][ T5116] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 479.993298][ T5116] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.059276][ T5116] usb 3-1: config 0 descriptor?? [ 480.574031][ T29] audit: type=1804 audit(1717740965.943:1353): pid=8088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir811839203/syzkaller.5pQnjn/153/file0" dev="sda1" ino=1954 res=1 errno=0 [ 480.700386][ T29] audit: type=1326 audit(1717740966.063:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8094 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca7e67cf69 code=0x0 [ 480.772938][ T10] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 480.982690][ T5116] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 480.993566][ T5116] asix 3-1:0.0: probe with driver asix failed with error -71 [ 481.002451][ T8100] loop3: detected capacity change from 0 to 512 [ 481.022845][ T5116] usb 3-1: USB disconnect, device number 16 [ 481.052237][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 481.099251][ T8100] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 481.112815][ T8100] ext4 filesystem being mounted at /root/syzkaller-testdir3696037555/syzkaller.RcWdl8/146/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 481.173755][ T10] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 481.183675][ T10] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 481.192809][ T10] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 481.204977][ T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 481.214649][ T10] usb 2-1: config 1 has no interface number 0 [ 481.221052][ T10] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 481.230650][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.272645][ T8100] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0 [ 481.284807][ T8100] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 481.294666][ T8100] EXT4-fs error (device loop3): ext4_acquire_dquot:6882: comm syz-executor.3: Failed to acquire dquot type 0 [ 481.342044][ T10] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 481.394277][ T8100] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 481.402006][ T8100] vhci_hcd: invalid port number 246 [ 481.407400][ T8100] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 481.567364][ T8106] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 283: padding at end of block bitmap is not set [ 481.647342][ T10] snd_usb_pod 2-1:1.1: endpoint not available, using fallback values [ 481.657074][ T10] snd_usb_pod 2-1:1.1: invalid control EP [ 481.663260][ T10] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 481.670283][ T10] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 481.687817][ T10] snd_usb_pod 2-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 481.968951][ T10] usb 2-1: USB disconnect, device number 16 [ 482.093030][ T5084] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.545842][ T8121] tc_dump_action: action bad kind [ 482.571841][ T10] usb 1-1: new full-speed USB device number 14 using dummy_hcd [ 483.017174][ T10] usb 1-1: config 0 has an invalid interface number: 91 but max is 3 [ 483.025725][ T10] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 483.034915][ T10] usb 1-1: config 0 has an invalid interface number: 227 but max is 3 [ 483.043560][ T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 483.053996][ T10] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 483.063326][ T10] usb 1-1: config 0 has no interface number 0 [ 483.069666][ T10] usb 1-1: config 0 has no interface number 1 [ 483.076863][ T10] usb 1-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 483.089022][ T10] usb 1-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 483.100628][ T10] usb 1-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 483.116843][ T10] usb 1-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 483.129918][ T10] usb 1-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 483.143555][ T10] usb 1-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 483.153817][ T10] usb 1-1: config 0 interface 91 has no altsetting 0 [ 483.160769][ T10] usb 1-1: config 0 interface 227 has no altsetting 0 [ 483.168005][ T10] usb 1-1: Dual-Role OTG device on HNP port [ 483.220939][ T10] usb 1-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 483.230683][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.254931][ T10] usb 1-1: config 0 descriptor?? [ 483.590058][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 483.694030][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 483.706833][ T29] audit: type=1804 audit(1717740968.993:1355): pid=8133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1680457384/syzkaller.NiL93v/157/bus" dev="sda1" ino=1967 res=1 errno=0 [ 483.813469][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 483.889959][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 483.979720][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 484.064479][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 484.163624][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 484.713004][ T8137] loop4: detected capacity change from 0 to 1024 [ 484.766791][ T8119] loop0: detected capacity change from 0 to 4096 [ 484.832170][ T8119] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 484.859618][ T8137] EXT4-fs (loop4): Can't support bigalloc feature without extents feature [ 484.859618][ T8137] [ 484.961974][ T29] audit: type=1326 audit(1717740970.343:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8141 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa87127cf69 code=0x0 [ 485.200042][ T8119] ntfs3: loop0: failed to convert "c46c" to macceltic [ 485.525908][ T8148] CIFS: iocharset name too long [ 485.678072][ T10] usb 1-1: string descriptor 0 read error: -71 [ 485.688608][ T10] keyspan 1-1:0.91: Keyspan - (without firmware) converter detected [ 485.706138][ T10] keyspan 1-1:0.227: Keyspan - (without firmware) converter detected [ 485.802625][ T10] usb 1-1: USB disconnect, device number 14 [ 485.813467][ T10] keyspan 1-1:0.91: device disconnected [ 485.822890][ T10] keyspan 1-1:0.227: device disconnected [ 486.888650][ T8166] loop1: detected capacity change from 0 to 2048 [ 487.039979][ T8173] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 487.221666][ T8174] ip6tnl1: entered promiscuous mode [ 487.227152][ T8174] ip6tnl1: entered allmulticast mode [ 487.260793][ T8166] NILFS (loop1): error -2 reading inode: ino=34359738374 [ 487.296789][ T8166] NILFS (loop1): error -2 reading inode: ino=34359738374 [ 487.345275][ T8166] NILFS (loop1): error -2 reading inode: ino=34359738374 [ 487.370549][ T8171] tc_dump_action: action bad kind [ 487.430908][ T8166] NILFS (loop1): error -2 reading inode: ino=34359738374 [ 487.816822][ T8173] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 487.839312][ T8173] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 487.939583][ T8173] Remounting filesystem read-only [ 487.946692][ T77] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 487.954043][ T77] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 487.961967][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 487.971077][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 487.980278][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.125530][ T77] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 488.136603][ T77] NILFS (loop1): discard dirty block: blocknr=18, size=1024 [ 488.145260][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.155014][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.164221][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.276242][ T77] NILFS (loop1): discard dirty page: offset=0, ino=18 [ 488.283568][ T77] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 488.291256][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.300692][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.309899][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.420604][ T77] NILFS (loop1): discard dirty page: offset=0, ino=3 [ 488.427836][ T77] NILFS (loop1): discard dirty block: blocknr=42, size=1024 [ 488.435493][ T77] NILFS (loop1): discard dirty block: blocknr=43, size=1024 [ 488.446694][ T77] NILFS (loop1): discard dirty block: blocknr=44, size=1024 [ 488.455438][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.464664][ T77] NILFS (loop1): discard dirty page: offset=65536, ino=3 [ 488.472151][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.481548][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.490684][ T77] NILFS (loop1): discard dirty block: blocknr=0, size=1024 [ 488.498315][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.507554][ T77] NILFS (loop1): discard dirty page: offset=196608, ino=3 [ 488.515002][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.524212][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.533812][ T77] NILFS (loop1): discard dirty block: blocknr=49, size=1024 [ 488.544918][ T77] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.629995][ T5068] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 488.661136][ T5068] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 488.668501][ T5068] NILFS (loop1): discard dirty block: blocknr=35, size=1024 [ 488.676179][ T5068] NILFS (loop1): discard dirty block: blocknr=36, size=1024 [ 488.683840][ T5068] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 488.691720][ T5068] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 488.732300][ T8202] loop4: detected capacity change from 0 to 256 [ 488.758025][ T5068] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 488.765290][ T5068] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 488.772941][ T5068] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.782146][ T5068] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.791269][ T5068] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.827276][ T5068] NILFS (loop1): discard dirty page: offset=0, ino=4 [ 488.834480][ T5068] NILFS (loop1): discard dirty block: blocknr=40, size=1024 [ 488.842421][ T5068] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.855740][ T5068] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.866083][ T5068] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 488.875970][ T5116] usb 4-1: new full-speed USB device number 20 using dummy_hcd [ 489.282251][ T5116] usb 4-1: config 0 has an invalid interface number: 91 but max is 3 [ 489.290733][ T5116] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 489.300769][ T5116] usb 4-1: config 0 has an invalid interface number: 227 but max is 3 [ 489.309782][ T5116] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 489.320257][ T5116] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 489.329850][ T5116] usb 4-1: config 0 has no interface number 0 [ 489.336266][ T5116] usb 4-1: config 0 has no interface number 1 [ 489.342709][ T5116] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 489.354395][ T5116] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 489.368799][ T5116] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 489.380999][ T5116] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 489.392398][ T5116] usb 4-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 489.392451][ T29] audit: type=1326 audit(1717740974.763:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8206 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff90847cf69 code=0x0 [ 489.428611][ T5116] usb 4-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 489.438802][ T5116] usb 4-1: config 0 interface 91 has no altsetting 0 [ 489.445897][ T5116] usb 4-1: config 0 interface 227 has no altsetting 0 [ 489.453074][ T5116] usb 4-1: Dual-Role OTG device on HNP port [ 489.483349][ T5116] usb 4-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 489.492942][ T5116] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.524842][ T5116] usb 4-1: config 0 descriptor?? [ 490.210081][ T8218] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 490.390564][ T8218] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 490.464184][ T8200] loop3: detected capacity change from 0 to 4096 [ 490.574641][ T8200] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 491.125218][ T8200] ntfs3: loop3: failed to convert "c46c" to macceltic [ 491.347415][ T8230] CIFS: iocharset name too long [ 491.429581][ T29] audit: type=1804 audit(1717740976.853:1358): pid=8234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir1680457384/syzkaller.NiL93v/163/memory.events" dev="sda1" ino=1965 res=1 errno=0 [ 491.456501][ T29] audit: type=1800 audit(1717740976.853:1359): pid=8234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="memory.events" dev="sda1" ino=1965 res=0 errno=0 [ 491.478211][ T29] audit: type=1804 audit(1717740976.893:1360): pid=8235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir1680457384/syzkaller.NiL93v/163/memory.events" dev="sda1" ino=1965 res=1 errno=0 [ 491.547049][ T8238] loop0: detected capacity change from 0 to 8 [ 491.592837][ T5116] usb 4-1: string descriptor 0 read error: -71 [ 491.604224][ T5116] keyspan 4-1:0.91: Keyspan - (without firmware) converter detected [ 491.631824][ T5116] keyspan 4-1:0.227: Keyspan - (without firmware) converter detected [ 491.731172][ T5116] usb 4-1: USB disconnect, device number 20 [ 491.743673][ T5116] keyspan 4-1:0.91: device disconnected [ 491.753487][ T5116] keyspan 4-1:0.227: device disconnected [ 491.977984][ T8242] bridge0: port 3(syz_tun) entered blocking state [ 491.987649][ T8242] bridge0: port 3(syz_tun) entered disabled state [ 491.994991][ T8242] syz_tun: entered allmulticast mode [ 492.003292][ T8242] syz_tun: entered promiscuous mode [ 492.010832][ T8242] bridge0: port 3(syz_tun) entered blocking state [ 492.017997][ T8242] bridge0: port 3(syz_tun) entered forwarding state [ 492.500163][ T8252] loop0: detected capacity change from 0 to 512 [ 492.537534][ T8252] ext4: Bad value for 'resuid' [ 492.598015][ T29] audit: type=1326 audit(1717740977.983:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8254 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9db07cf69 code=0x0 [ 492.705949][ T8252] loop0: detected capacity change from 0 to 64 [ 492.723321][ T8252] hfs: unable to parse mount options [ 492.922125][ T5077] Bluetooth: hci5: Malformed Event: 0x13 [ 492.990275][ T8266] loop4: detected capacity change from 0 to 128 [ 493.750758][ T8266] orangefs_mount: mount request failed with -4 [ 494.177201][ T5124] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 494.327904][ T8290] loop4: detected capacity change from 0 to 24 [ 494.362270][ T8290] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 494.587785][ T5124] usb 1-1: config 0 has an invalid interface number: 91 but max is 3 [ 494.596420][ T5124] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 494.605510][ T5124] usb 1-1: config 0 has an invalid interface number: 227 but max is 3 [ 494.614245][ T5124] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 494.624728][ T5124] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 494.634138][ T5124] usb 1-1: config 0 has no interface number 0 [ 494.640468][ T5124] usb 1-1: config 0 has no interface number 1 [ 494.647008][ T5124] usb 1-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 494.658630][ T5124] usb 1-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 494.669882][ T5124] usb 1-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 494.681536][ T5124] usb 1-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 494.697848][ T5124] usb 1-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 494.713058][ T5124] usb 1-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 494.723375][ T5124] usb 1-1: config 0 interface 91 has no altsetting 0 [ 494.730330][ T5124] usb 1-1: config 0 interface 227 has no altsetting 0 [ 494.733541][ T5077] Bluetooth: hci1: unexpected event for opcode 0x0809 [ 494.738172][ T5124] usb 1-1: Dual-Role OTG device on HNP port [ 494.885905][ T5124] usb 1-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 494.900812][ T5124] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.965963][ T5124] usb 1-1: config 0 descriptor?? [ 495.178351][ T29] audit: type=1326 audit(1717740980.543:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff90847cf69 code=0x0 [ 495.834264][ T8281] loop0: detected capacity change from 0 to 4096 [ 495.880021][ T8281] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 496.103515][ T8318] loop4: detected capacity change from 0 to 64 [ 496.344155][ T8281] ntfs3: loop0: failed to convert "c46c" to macceltic [ 496.686072][ T8281] CIFS: iocharset name too long [ 496.695020][ T8327] loop3: detected capacity change from 0 to 512 [ 496.752006][ T5116] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 496.752528][ T5124] usb 1-1: string descriptor 0 read error: -71 [ 496.771842][ T5124] keyspan 1-1:0.91: Keyspan - (without firmware) converter detected [ 496.789279][ T5124] keyspan 1-1:0.227: Keyspan - (without firmware) converter detected [ 496.819334][ T8327] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.836258][ T8327] ext4 filesystem being mounted at /root/syzkaller-testdir3696037555/syzkaller.RcWdl8/159/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 496.957324][ T5124] usb 1-1: USB disconnect, device number 15 [ 496.968271][ T5124] keyspan 1-1:0.91: device disconnected [ 496.977856][ T5124] keyspan 1-1:0.227: device disconnected [ 497.013306][ T8338] loop4: detected capacity change from 0 to 256 [ 497.071143][ T5084] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.182704][ T5116] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 497.194166][ T5116] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 497.207921][ T5116] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 497.217352][ T5116] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.283675][ T5116] usb 2-1: config 0 descriptor?? [ 497.807070][ T5116] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving [ 497.849820][ T5116] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 498.152831][ T8352] nbd0: detected capacity change from 0 to 8388607 [ 498.160076][ T8352] block nbd0: shutting down sockets [ 498.499927][ T8361] netlink: 47 bytes leftover after parsing attributes in process `syz-executor.2'. [ 498.537171][ T29] audit: type=1326 audit(1717740983.903:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8355 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f594e07cf69 code=0x0 [ 498.615448][ T8352] loop0: detected capacity change from 0 to 4096 [ 498.660540][ T8352] ntfs3: Unknown parameter './file1' [ 498.669122][ T8361] netlink: 47 bytes leftover after parsing attributes in process `syz-executor.2'. [ 498.703715][ T8360] loop1: detected capacity change from 0 to 1024 [ 498.732743][ T8360] EXT4-fs: Ignoring removed nomblk_io_submit option [ 498.956212][ T8360] EXT4-fs error (device loop1): __ext4_get_inode_loc:4364: comm syz-executor.1: Invalid inode table block 0 in block_group 0 [ 499.013153][ T8360] EXT4-fs (loop1): Remounting filesystem read-only [ 499.020221][ T8360] EXT4-fs (loop1): get root inode failed [ 499.026266][ T8360] EXT4-fs (loop1): mount failed [ 499.147938][ T8352] loop0: detected capacity change from 0 to 8 [ 499.164648][ T10] kernel write not supported for file /snd/seq (pid: 10 comm: kworker/0:1) [ 499.205874][ T8352] SQUASHFS error: lzo decompression failed, data probably corrupt [ 499.214271][ T8352] SQUASHFS error: Failed to read block 0x1dd: -5 [ 499.220833][ T8352] SQUASHFS error: Unable to read metadata cache entry [1db] [ 499.228893][ T8352] SQUASHFS error: Unable to read inode 0xa7 [ 499.587002][ T5116] usb 2-1: USB disconnect, device number 17 [ 500.573316][ T8393] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 500.671744][ T5116] usb 4-1: new full-speed USB device number 21 using dummy_hcd [ 500.692999][ T8394] ceph: No mds server is up or the cluster is laggy [ 500.707466][ T10] libceph: connect (1)[c::]:6789 error -101 [ 500.714075][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 501.112162][ T5116] usb 4-1: config 0 has an invalid interface number: 91 but max is 3 [ 501.120598][ T5116] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 501.130002][ T5116] usb 4-1: config 0 has an invalid interface number: 227 but max is 3 [ 501.141855][ T5116] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 501.153304][ T5116] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 501.162604][ T5116] usb 4-1: config 0 has no interface number 0 [ 501.168918][ T5116] usb 4-1: config 0 has no interface number 1 [ 501.175339][ T5116] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 501.186965][ T5116] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 501.198139][ T5116] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 501.209320][ T5116] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 501.220691][ T5116] usb 4-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 501.234226][ T5116] usb 4-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 501.247805][ T5116] usb 4-1: config 0 interface 91 has no altsetting 0 [ 501.255814][ T5116] usb 4-1: config 0 interface 227 has no altsetting 0 [ 501.262984][ T5116] usb 4-1: Dual-Role OTG device on HNP port [ 501.299091][ T8409] 9pnet_fd: Insufficient options for proto=fd [ 501.323515][ T5116] usb 4-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 501.333355][ T5116] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.388721][ T5116] usb 4-1: config 0 descriptor?? [ 501.756885][ T29] audit: type=1326 audit(1717740987.173:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8412 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f594e07cf69 code=0x0 [ 502.393667][ T8389] loop3: detected capacity change from 0 to 4096 [ 502.410330][ T8425] loop2: detected capacity change from 0 to 256 [ 502.452282][ T8389] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 502.490511][ T8425] FAT-fs (loop2): Unrecognized mount option "uzرôlate=0" or missing value [ 502.796142][ T8389] ntfs3: loop3: failed to convert "c46c" to macceltic [ 503.063358][ T8432] CIFS: iocharset name too long [ 503.193952][ T5116] usb 4-1: string descriptor 0 read error: -71 [ 503.204195][ T5116] keyspan 4-1:0.91: Keyspan - (without firmware) converter detected [ 503.222330][ T5116] keyspan 4-1:0.227: Keyspan - (without firmware) converter detected [ 503.316669][ T5116] usb 4-1: USB disconnect, device number 21 [ 503.328203][ T5116] keyspan 4-1:0.91: device disconnected [ 503.337536][ T5116] keyspan 4-1:0.227: device disconnected [ 504.368853][ T8453] loop1: detected capacity change from 0 to 256 [ 504.479513][ T8458] 9pnet_fd: Insufficient options for proto=fd [ 504.597485][ T8453] FAT-fs (loop1): Directory bread(block 64) failed [ 504.606343][ T8453] FAT-fs (loop1): Directory bread(block 65) failed [ 504.614317][ T8453] FAT-fs (loop1): Directory bread(block 66) failed [ 504.625751][ T8453] FAT-fs (loop1): Directory bread(block 67) failed [ 504.634022][ T8453] FAT-fs (loop1): Directory bread(block 68) failed [ 504.640798][ T8453] FAT-fs (loop1): Directory bread(block 69) failed [ 504.648031][ T8453] FAT-fs (loop1): Directory bread(block 70) failed [ 504.654910][ T8453] FAT-fs (loop1): Directory bread(block 71) failed [ 504.661978][ T8453] FAT-fs (loop1): Directory bread(block 72) failed [ 504.668759][ T8453] FAT-fs (loop1): Directory bread(block 73) failed [ 505.479276][ T29] audit: type=1326 audit(1717740990.403:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8465 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9db07cf69 code=0x0 [ 505.676573][ T8475] loop3: detected capacity change from 0 to 2048 [ 505.913492][ T8475] loop3: p2 p3 < > p4 < p5 > [ 505.918446][ T8475] loop3: partition table partially beyond EOD, truncated [ 505.926670][ T8475] loop3: p2 start 33028 is beyond EOD, truncated [ 505.933374][ T8475] loop3: p3 start 4284160 is beyond EOD, truncated [ 505.983371][ T8475] loop3: p5 start 33028 is beyond EOD, truncated [ 506.119335][ T8478] netlink: 'syz-executor.0': attribute type 14 has an invalid length. [ 506.130013][ T8478] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.0'. [ 508.533116][ T8491] loop0: detected capacity change from 0 to 32768 [ 508.639628][ T8491] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (8491) [ 509.135372][ T10] usb 3-1: new full-speed USB device number 17 using dummy_hcd [ 509.925423][ T8490] loop2: detected capacity change from 0 to 4096 [ 510.036654][ T8490] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 511.214843][ C1] sched: RT throttling activated [ 511.449768][ T8490] ntfs3: loop2: Failed to read $UpCase (-4). [ 513.347991][ T8518] loop3: detected capacity change from 0 to 1024 [ 513.655070][ T8519] loop3: detected capacity change from 0 to 1024 [ 513.689077][ T8518] EXT4-fs: Ignoring removed nobh option [ 513.690111][ T8518] EXT4-fs (loop3): unable to read superblock [ 513.690368][ T8519] EXT4-fs: Ignoring removed nobh option [ 513.714265][ T8511] loop0: detected capacity change from 0 to 4096 [ 513.793507][ T8519] /dev/loop3: Can't open blockdev [ 513.917349][ T8522] 9pnet_fd: Insufficient options for proto=fd [ 514.525272][ T29] audit: type=1326 audit(1717740999.913:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8528 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa87127cf69 code=0x0 [ 514.549192][ C1] vkms_vblank_simulate: vblank timer overrun [ 515.717677][ T8529] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 515.931796][ T43] usb 4-1: new full-speed USB device number 22 using dummy_hcd [ 516.354137][ T43] usb 4-1: config 0 has an invalid interface number: 91 but max is 3 [ 516.363218][ T43] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 516.372321][ T43] usb 4-1: config 0 has an invalid interface number: 227 but max is 3 [ 516.380766][ T43] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 516.395346][ T43] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 516.405822][ T43] usb 4-1: config 0 has no interface number 0 [ 516.412215][ T43] usb 4-1: config 0 has no interface number 1 [ 516.418628][ T43] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 516.430224][ T43] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 516.445192][ T43] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 516.456441][ T43] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 516.467949][ T43] usb 4-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 516.481761][ T43] usb 4-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 516.491961][ T43] usb 4-1: config 0 interface 91 has no altsetting 0 [ 516.502230][ T43] usb 4-1: config 0 interface 227 has no altsetting 0 [ 516.509334][ T43] usb 4-1: Dual-Role OTG device on HNP port [ 516.556047][ T43] usb 4-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 516.565799][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 516.603469][ T43] usb 4-1: config 0 descriptor?? [ 517.439565][ T8567] 9pnet_fd: Insufficient options for proto=fd [ 517.443504][ T8547] loop3: detected capacity change from 0 to 4096 [ 517.522510][ T8569] 9pnet_fd: Insufficient options for proto=fd [ 518.045019][ T29] audit: type=1326 audit(1717741003.463:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8575 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9db07cf69 code=0x0 [ 518.067471][ T8581] loop3: detected capacity change from 0 to 128 [ 518.067746][ C1] vkms_vblank_simulate: vblank timer overrun [ 518.099693][ T8580] netlink: 'syz-executor.4': attribute type 24 has an invalid length. [ 518.103552][ T8581] FAT-fs (loop3): Unrecognized mount option "SM@Æ!5^Ú˜ýètH^¦Fé" or missing value [ 518.288289][ T43] usb 4-1: string descriptor 0 read error: -71 [ 518.298866][ T43] keyspan 4-1:0.91: Keyspan - (without firmware) converter detected [ 518.317098][ T43] keyspan 4-1:0.227: Keyspan - (without firmware) converter detected [ 518.352589][ T43] usb 4-1: USB disconnect, device number 22 [ 518.363651][ T43] keyspan 4-1:0.91: device disconnected [ 518.373035][ T43] keyspan 4-1:0.227: device disconnected [ 521.364834][ T8613] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 521.378313][ T8632] 9pnet_fd: Insufficient options for proto=fd [ 521.881738][ T29] audit: type=1326 audit(1717741007.223:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8637 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff90847cf69 code=0x0 [ 522.075213][ T8] usb 3-1: new full-speed USB device number 18 using dummy_hcd [ 522.532361][ T8] usb 3-1: config 0 has an invalid interface number: 91 but max is 3 [ 522.532518][ T8] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 522.532639][ T8] usb 3-1: config 0 has an invalid interface number: 227 but max is 3 [ 522.532774][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 522.532896][ T8] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 522.533140][ T8] usb 3-1: config 0 has no interface number 0 [ 522.533252][ T8] usb 3-1: config 0 has no interface number 1 [ 522.533397][ T8] usb 3-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 522.533573][ T8] usb 3-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 522.533722][ T8] usb 3-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 522.533873][ T8] usb 3-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 522.534072][ T8] usb 3-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 522.534269][ T8] usb 3-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 522.534416][ T8] usb 3-1: config 0 interface 91 has no altsetting 0 [ 522.534537][ T8] usb 3-1: config 0 interface 227 has no altsetting 0 [ 522.534715][ T8] usb 3-1: Dual-Role OTG device on HNP port [ 522.549943][ T8652] loop0: detected capacity change from 0 to 512 [ 522.567859][ T8652] ext4: Unknown parameter 'fsname' [ 522.577783][ T8] usb 3-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 522.577947][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 522.591686][ T8] usb 3-1: config 0 descriptor?? [ 523.394477][ T8640] loop2: detected capacity change from 0 to 4096 [ 523.468895][ T8640] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 523.696073][ T8640] ntfs3: loop2: failed to convert "c46c" to macceltic [ 524.394241][ T8] usb 3-1: string descriptor 0 read error: -71 [ 524.397799][ T8] keyspan 3-1:0.91: Keyspan - (without firmware) converter detected [ 524.407384][ T8] keyspan 3-1:0.227: Keyspan - (without firmware) converter detected [ 524.433627][ T8] usb 3-1: USB disconnect, device number 18 [ 524.438144][ T8] keyspan 3-1:0.91: device disconnected [ 524.441703][ T8] keyspan 3-1:0.227: device disconnected [ 525.014472][ T8679] 9pnet_fd: Insufficient options for proto=fd [ 525.224514][ T8673] loop1: detected capacity change from 0 to 32768 [ 525.359599][ T8673] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 525.745295][ T8673] XFS (loop1): Ending clean mount [ 525.787828][ T8673] XFS (loop1): Quotacheck needed: Please wait. [ 525.873456][ T8673] XFS (loop1): Quotacheck: Done. [ 525.905160][ T8673] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode broadcast(3) [ 526.044824][ T5068] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 526.292985][ T29] audit: type=1804 audit(1717741011.683:1369): pid=8701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir811839203/syzkaller.5pQnjn/190/bus" dev="sda1" ino=1944 res=1 errno=0 [ 526.318224][ C1] vkms_vblank_simulate: vblank timer overrun [ 526.371732][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.378577][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 527.159988][ T1054] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.319309][ T1054] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.373146][ T8707] xt_CT: You must specify a L4 protocol and not use inversions on it [ 527.428100][ T8694] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 527.481156][ T59] Bluetooth: hci0: Frame reassembly failed (-84) [ 527.513375][ T29] audit: type=1326 audit(1717741012.873:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8706 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f594e07cf69 code=0x0 [ 527.599350][ T1054] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.682899][ T8707] loop2: detected capacity change from 0 to 1024 [ 527.706813][ T8707] EXT4-fs: Ignoring removed orlov option [ 527.737149][ T8707] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 527.746285][ T8707] EXT4-fs (loop2): Test dummy encryption mode enabled [ 527.790807][ T8707] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 527.802438][ T8707] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 527.816105][ T1054] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 527.890897][ T8707] EXT4-fs (loop2): invalid journal inode [ 527.897159][ T8707] EXT4-fs (loop2): can't get journal size [ 527.960123][ T8707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 528.144839][ T1054] bridge_slave_1: left allmulticast mode [ 528.150923][ T1054] bridge_slave_1: left promiscuous mode [ 528.157663][ T1054] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.292123][ T1054] bridge_slave_0: left allmulticast mode [ 528.298146][ T1054] bridge_slave_0: left promiscuous mode [ 528.305480][ T1054] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.928690][ T1054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 528.956342][ T1054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 529.050536][ T1054] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 529.147696][ T1054] bond0 (unregistering): Released all slaves [ 529.528850][ T5077] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 529.787173][ T5072] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 530.090295][ T5077] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 530.107152][ T5077] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 530.168811][ T5077] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 530.204834][ T5077] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 530.225518][ T5077] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 530.242736][ T5077] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 530.343652][ T8730] 9pnet_fd: Insufficient options for proto=fd [ 530.497516][ T1054] hsr_slave_0: left promiscuous mode [ 530.527361][ T8] usb 3-1: new full-speed USB device number 19 using dummy_hcd [ 530.535732][ T1054] hsr_slave_1: left promiscuous mode [ 530.553252][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 530.561009][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 530.597243][ T1054] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 530.605086][ T1054] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 530.663394][ T1054] veth1_macvtap: left promiscuous mode [ 530.669342][ T1054] veth0_macvtap: left promiscuous mode [ 530.675675][ T1054] veth1_vlan: left promiscuous mode [ 530.681257][ T1054] veth0_vlan: left promiscuous mode [ 530.936053][ T8] usb 3-1: config 0 has an invalid interface number: 91 but max is 3 [ 530.948083][ T8] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 530.958215][ T8] usb 3-1: config 0 has an invalid interface number: 227 but max is 3 [ 530.966829][ T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 530.977320][ T8] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 530.986675][ T8] usb 3-1: config 0 has no interface number 0 [ 530.993090][ T8] usb 3-1: config 0 has no interface number 1 [ 530.999511][ T8] usb 3-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 531.011191][ T8] usb 3-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 531.022660][ T8] usb 3-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 531.033886][ T8] usb 3-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 531.050157][ T8] usb 3-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 531.064010][ T8] usb 3-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 531.074279][ T8] usb 3-1: config 0 interface 91 has no altsetting 0 [ 531.081291][ T8] usb 3-1: config 0 interface 227 has no altsetting 0 [ 531.088586][ T8] usb 3-1: Dual-Role OTG device on HNP port [ 531.131778][ T8] usb 3-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 531.144880][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 531.189868][ T29] audit: type=1804 audit(1717741016.513:1371): pid=8742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2083113711/syzkaller.gels5m/136/bus" dev="sda1" ino=1959 res=1 errno=0 [ 531.215669][ C0] vkms_vblank_simulate: vblank timer overrun [ 531.367421][ T8] usb 3-1: config 0 descriptor?? [ 531.812430][ T1054] team0 (unregistering): Port device team_slave_1 removed [ 531.871216][ T1054] team0 (unregistering): Port device team_slave_0 removed [ 532.363107][ T5077] Bluetooth: hci0: command tx timeout [ 533.173727][ T8728] loop2: detected capacity change from 0 to 4096 [ 533.256232][ T8725] chnl_net:caif_netlink_parms(): no params data found [ 533.568594][ T8] usb 3-1: string descriptor 0 read error: -71 [ 533.579073][ T8] keyspan 3-1:0.91: Keyspan - (without firmware) converter detected [ 533.601194][ T8] keyspan 3-1:0.227: Keyspan - (without firmware) converter detected [ 533.753482][ T8] usb 3-1: USB disconnect, device number 19 [ 533.764393][ T8] keyspan 3-1:0.91: device disconnected [ 533.773771][ T8] keyspan 3-1:0.227: device disconnected [ 534.021586][ T29] audit: type=1326 audit(1717741019.373:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca7e67cf69 code=0x0 [ 534.291251][ T8767] loop2: detected capacity change from 0 to 512 [ 534.345624][ T8767] EXT4-fs: quotafile must be on filesystem root [ 534.401751][ T5077] Bluetooth: hci0: command tx timeout [ 534.712257][ T8772] loop2: detected capacity change from 0 to 1024 [ 534.918226][ T8725] bridge0: port 1(bridge_slave_0) entered blocking state [ 534.931464][ T8725] bridge0: port 1(bridge_slave_0) entered disabled state [ 534.939297][ T8725] bridge_slave_0: entered allmulticast mode [ 534.948576][ T8725] bridge_slave_0: entered promiscuous mode [ 534.993738][ T8772] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 535.049967][ T8725] bridge0: port 2(bridge_slave_1) entered blocking state [ 535.057867][ T8725] bridge0: port 2(bridge_slave_1) entered disabled state [ 535.066132][ T8725] bridge_slave_1: entered allmulticast mode [ 535.075452][ T8725] bridge_slave_1: entered promiscuous mode [ 535.429553][ T5072] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.451651][ T8725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 535.539171][ T8725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 535.814881][ T8725] team0: Port device team_slave_0 added [ 535.890909][ T8725] team0: Port device team_slave_1 added [ 535.986461][ T8785] 9pnet_fd: Insufficient options for proto=fd [ 536.121812][ T8725] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 536.129000][ T8725] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 536.160377][ T8725] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 536.319213][ T8725] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 536.327590][ T8725] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 536.353944][ T8725] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 536.483470][ T5077] Bluetooth: hci0: command tx timeout [ 536.961564][ T8725] hsr_slave_0: entered promiscuous mode [ 537.006444][ T8725] hsr_slave_1: entered promiscuous mode [ 537.020216][ T8791] loop2: detected capacity change from 0 to 1024 [ 537.672336][ T8791] loop2: detected capacity change from 0 to 2048 [ 537.750455][ T8791] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 537.758167][ T8791] UDF-fs: warning (device loop2): udf_load_logicalvol: Damaged or missing LVID, forcing readonly mount [ 537.832803][ T29] audit: type=1804 audit(1717741023.243:1373): pid=8803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3696037555/syzkaller.RcWdl8/184/bus" dev="sda1" ino=1962 res=1 errno=0 [ 538.570662][ T5077] Bluetooth: hci0: command tx timeout [ 538.802025][ T29] audit: type=1800 audit(1717741024.133:1374): pid=8791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1965 res=0 errno=0 [ 538.815012][ T8725] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 538.931311][ T8725] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 538.962759][ T8725] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 538.983567][ T8725] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 539.598100][ T5120] usb 3-1: new full-speed USB device number 20 using dummy_hcd [ 540.608212][ T5120] usb 3-1: config 0 has an invalid interface number: 91 but max is 3 [ 540.617163][ T5120] usb 3-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 540.626240][ T5120] usb 3-1: config 0 has an invalid interface number: 227 but max is 3 [ 540.634866][ T5120] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 540.645815][ T5120] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 540.655271][ T5120] usb 3-1: config 0 has no interface number 0 [ 540.665216][ T5120] usb 3-1: config 0 has no interface number 1 [ 540.672704][ T5120] usb 3-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 540.684219][ T5120] usb 3-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 540.695340][ T5120] usb 3-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 540.706484][ T5120] usb 3-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 540.717854][ T5120] usb 3-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 540.732415][ T5120] usb 3-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 540.742678][ T5120] usb 3-1: config 0 interface 91 has no altsetting 0 [ 540.749608][ T5120] usb 3-1: config 0 interface 227 has no altsetting 0 [ 540.756805][ T5120] usb 3-1: Dual-Role OTG device on HNP port [ 540.785617][ T5120] usb 3-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 540.795110][ T5120] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 540.858513][ T8725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 540.875703][ T5120] usb 3-1: config 0 descriptor?? [ 540.950730][ T8725] 8021q: adding VLAN 0 to HW filter on device team0 [ 541.034827][ T5668] bridge0: port 1(bridge_slave_0) entered blocking state [ 541.042619][ T5668] bridge0: port 1(bridge_slave_0) entered forwarding state [ 541.058832][ T5668] bridge0: port 2(bridge_slave_1) entered blocking state [ 541.066586][ T5668] bridge0: port 2(bridge_slave_1) entered forwarding state [ 541.258655][ T29] audit: type=1326 audit(1717741026.683:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8824 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f594e07cf69 code=0x0 [ 541.292222][ T8829] mmap: syz-executor.0 (8829) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 541.328896][ T8725] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 541.627031][ T8833] loop0: detected capacity change from 0 to 2048 [ 541.716611][ T8833] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 542.080985][ T8809] loop2: detected capacity change from 0 to 4096 [ 542.121547][ T8809] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 542.144076][ T8836] loop3: detected capacity change from 0 to 64 [ 542.228047][ T8836] hfs: unable to change iocharset [ 542.233563][ T8836] hfs: unable to parse mount options [ 542.336729][ T8809] ntfs3: loop2: Failed to read $UpCase (-4). [ 542.534600][ T5120] usb 3-1: string descriptor 0 read error: -71 [ 542.544700][ T5120] keyspan 3-1:0.91: Keyspan - (without firmware) converter detected [ 542.562458][ T5120] keyspan 3-1:0.227: Keyspan - (without firmware) converter detected [ 542.603760][ T8839] 9pnet_fd: Insufficient options for proto=fd [ 542.677667][ T5120] usb 3-1: USB disconnect, device number 20 [ 542.688453][ T5120] keyspan 3-1:0.91: device disconnected [ 542.697809][ T5120] keyspan 3-1:0.227: device disconnected [ 543.128376][ T8725] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 543.640715][ T8725] veth0_vlan: entered promiscuous mode [ 543.762104][ T5070] Bluetooth: hci5: command 0x0406 tx timeout [ 543.799077][ T8725] veth1_vlan: entered promiscuous mode [ 544.053424][ T8725] veth0_macvtap: entered promiscuous mode [ 544.086190][ T8725] veth1_macvtap: entered promiscuous mode [ 544.215248][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.226059][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.236261][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.251043][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.262381][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.273249][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.283502][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 544.297531][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.312848][ T8725] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 544.516842][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.528208][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.538395][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.549298][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.563615][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.575633][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.585814][ T8725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 544.596642][ T8725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 544.612133][ T8725] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 544.617804][ T29] audit: type=1800 audit(1717741029.973:1376): pid=8872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="sda1" ino=1941 res=0 errno=0 [ 544.798982][ T8725] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 544.799201][ T8725] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 544.799402][ T8725] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 544.799603][ T8725] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 545.126512][ T8880] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.0' sets config #0 [ 545.159400][ T8880] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 545.470899][ T29] audit: type=1326 audit(1717741030.733:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8881 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f594e07cf69 code=0x0 [ 546.029890][ T8880] loop0: detected capacity change from 0 to 32768 [ 546.035950][ T8880] jfs: Unrecognized mount option "18446744073709551615 " or missing value [ 547.027009][ T8] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 547.027173][ T8] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 547.062325][ T8] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz0 [ 547.241611][ T43] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 547.303748][ T5125] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 547.682265][ T43] usb 5-1: config 0 has an invalid interface number: 91 but max is 3 [ 547.690728][ T43] usb 5-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 547.700687][ T43] usb 5-1: config 0 has an invalid interface number: 227 but max is 3 [ 547.702145][ T5125] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 547.709118][ T43] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 547.720572][ T5125] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 547.720750][ T5125] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 547.720978][ T5125] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 547.734438][ T43] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 547.734594][ T43] usb 5-1: config 0 has no interface number 0 [ 547.734712][ T43] usb 5-1: config 0 has no interface number 1 [ 547.747067][ T5125] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.760153][ T43] usb 5-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 547.810950][ T43] usb 5-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 547.822123][ T43] usb 5-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 547.836506][ T43] usb 5-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 547.848911][ T43] usb 5-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 547.862567][ T43] usb 5-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 547.872178][ T5125] usb 4-1: config 0 descriptor?? [ 547.872648][ T43] usb 5-1: config 0 interface 91 has no altsetting 0 [ 547.884576][ T43] usb 5-1: config 0 interface 227 has no altsetting 0 [ 547.891727][ T43] usb 5-1: Dual-Role OTG device on HNP port [ 547.900107][ T8893] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 547.915370][ T43] usb 5-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 547.925088][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 547.964736][ T43] usb 5-1: config 0 descriptor?? [ 548.123230][ T8902] syzkaller0: entered promiscuous mode [ 548.128965][ T8902] syzkaller0: entered allmulticast mode [ 548.380351][ T5125] plantronics 0003:047F:FFFF.000A: unknown main item tag 0xd [ 548.450091][ T5125] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 548.492901][ T29] audit: type=1400 audit(1717741033.913:1378): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F0 [ 548.506510][ T29] audit: type=1400 audit(1717741033.933:1379): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F0 [ 548.598174][ C0] vkms_vblank_simulate: vblank timer overrun [ 548.694500][ C0] vkms_vblank_simulate: vblank timer overrun [ 548.758356][ T5125] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 548.947185][ T5120] usb 4-1: USB disconnect, device number 23 [ 549.763953][ T43] usb 5-1: string descriptor 0 read error: -71 [ 549.779135][ T43] keyspan 5-1:0.91: Keyspan - (without firmware) converter detected [ 549.797647][ T43] keyspan 5-1:0.227: Keyspan - (without firmware) converter detected [ 549.850646][ T43] usb 5-1: USB disconnect, device number 15 [ 549.861590][ T43] keyspan 5-1:0.91: device disconnected [ 549.870782][ T43] keyspan 5-1:0.227: device disconnected [ 551.065988][ T8949] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.3' sets config #0 [ 551.079376][ T8949] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 551.266791][ T8951] program syz-executor.0 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 551.953625][ T8949] loop3: detected capacity change from 0 to 32768 [ 551.966172][ T8949] jfs: Unrecognized mount option "18446744073709551615 " or missing value [ 552.182876][ T43] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 552.862688][ T43] usb 1-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 552.862856][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 552.895205][ T43] usb 1-1: config 0 descriptor?? [ 553.161643][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 553.161735][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 553.240860][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 553.240948][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 553.280428][ T8973] 9pnet_fd: Insufficient options for proto=fd [ 553.700424][ T43] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 553.713173][ T43] asix 1-1:0.0: probe with driver asix failed with error -71 [ 553.761223][ T43] usb 1-1: USB disconnect, device number 16 [ 554.622815][ T8] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 554.867982][ T8989] loop2: detected capacity change from 0 to 16 [ 554.928369][ T8989] erofs: (device loop2): mounted with root inode @ nid 36. [ 555.061797][ T8989] syz-executor.2: attempt to access beyond end of device [ 555.061797][ T8989] loop2: rw=0, sector=32, nr_sectors = 16 limit=16 [ 555.075924][ T8989] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 555.082446][ T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 555.096074][ T8] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 555.109730][ T8] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 555.120397][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 555.176871][ T8] usb 5-1: config 0 descriptor?? [ 555.473248][ T5125] usb 5-1: USB disconnect, device number 16 [ 555.539414][ T8994] loop1: detected capacity change from 0 to 4096 [ 555.564273][ T8994] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 555.582209][ T8] usb 4-1: new full-speed USB device number 24 using dummy_hcd [ 555.858493][ T8994] ntfs3: loop1: ino=1b, "file0" failed to parse mft record [ 555.866566][ T8994] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 555.884844][ T8994] ntfs3: loop1: ino=1b, "file0" attr_set_size [ 555.998488][ T8] usb 4-1: config 0 has an invalid interface number: 91 but max is 3 [ 556.008302][ T8] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 556.018380][ T8] usb 4-1: config 0 has an invalid interface number: 227 but max is 3 [ 556.031224][ T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 556.042994][ T8] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 556.052540][ T8] usb 4-1: config 0 has no interface number 0 [ 556.058870][ T8] usb 4-1: config 0 has no interface number 1 [ 556.065354][ T8] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 556.077041][ T8] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 556.089902][ T8] usb 4-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 556.101599][ T8] usb 4-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 556.113065][ T8] usb 4-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 556.130736][ T8] usb 4-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 556.142823][ T8] usb 4-1: config 0 interface 91 has no altsetting 0 [ 556.149777][ T8] usb 4-1: config 0 interface 227 has no altsetting 0 [ 556.157112][ T8] usb 4-1: Dual-Role OTG device on HNP port [ 556.199854][ T9012] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.0' sets config #0 [ 556.212442][ T9012] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 556.262365][ T8] usb 4-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 556.272034][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 556.344530][ T8] usb 4-1: config 0 descriptor?? [ 557.182691][ T9000] loop3: detected capacity change from 0 to 4096 [ 557.765639][ T9024] loop3: detected capacity change from 0 to 128 [ 557.782301][ T43] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 557.853830][ T9024] FAT-fs (loop3): Unrecognized mount option "SM@Æ!5^Ú˜ýètH^¦Fé" or missing value [ 558.137754][ T8] usb 4-1: string descriptor 0 read error: -71 [ 558.149161][ T8] keyspan 4-1:0.91: Keyspan - (without firmware) converter detected [ 558.169809][ T8] keyspan 4-1:0.227: Keyspan - (without firmware) converter detected [ 558.202569][ T43] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 558.213150][ T43] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 558.254968][ T8] usb 4-1: USB disconnect, device number 24 [ 558.265878][ T8] keyspan 4-1:0.91: device disconnected [ 558.279748][ T8] keyspan 4-1:0.227: device disconnected [ 558.342562][ T43] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 558.352326][ T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 558.360596][ T43] usb 5-1: SerialNumber: syz [ 558.462350][ T9019] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 558.828287][ T9028] loop1: detected capacity change from 0 to 1024 [ 559.174473][ T9019] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 559.562535][ T43] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 559.636797][ T43] usb 5-1: USB disconnect, device number 17 [ 559.718865][ T11] hfsplus: b-tree write err: -5, ino 4 [ 559.749909][ T9036] loop3: detected capacity change from 0 to 512 [ 559.875498][ T9036] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 559.884945][ T9036] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 559.934241][ T9036] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 559.974136][ T9036] System zones: 0-2, 18-18, 34-34 [ 560.044496][ T9036] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 560.153962][ T9036] EXT4-fs (loop3): 1 truncate cleaned up [ 560.160182][ T9036] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 560.362426][ T29] audit: type=1326 audit(1717741045.733:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9031 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa87127cf69 code=0x0 [ 560.385048][ C1] vkms_vblank_simulate: vblank timer overrun [ 561.238271][ T5084] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.823178][ T9072] loop1: detected capacity change from 0 to 1024 [ 563.021836][ T10] usb 5-1: new full-speed USB device number 18 using dummy_hcd [ 563.542111][ T10] usb 5-1: config 0 has an invalid interface number: 91 but max is 3 [ 563.550643][ T10] usb 5-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 563.559823][ T10] usb 5-1: config 0 has an invalid interface number: 227 but max is 3 [ 563.568456][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 563.578993][ T10] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 563.588405][ T10] usb 5-1: config 0 has no interface number 0 [ 563.595021][ T10] usb 5-1: config 0 has no interface number 1 [ 563.605679][ T10] usb 5-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 563.618647][ T10] usb 5-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 563.629917][ T10] usb 5-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 563.641250][ T10] usb 5-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 563.652947][ T10] usb 5-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 563.666647][ T10] usb 5-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 563.677005][ T10] usb 5-1: config 0 interface 91 has no altsetting 0 [ 563.684152][ T10] usb 5-1: config 0 interface 227 has no altsetting 0 [ 563.691536][ T10] usb 5-1: Dual-Role OTG device on HNP port [ 563.867386][ T10] usb 5-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 563.877003][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 564.049036][ T10] usb 5-1: config 0 descriptor?? [ 564.710459][ T9092] loop0: detected capacity change from 0 to 512 [ 564.848309][ T9092] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 564.857901][ T9092] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 564.944459][ T9092] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 564.969380][ T9092] System zones: 0-2, 18-18, 34-34 [ 565.058528][ T9092] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 565.153600][ T9092] EXT4-fs (loop0): 1 truncate cleaned up [ 565.159533][ T9092] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 565.379786][ T29] audit: type=1326 audit(1717741050.743:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca7e67cf69 code=0x0 [ 565.473064][ C0] vkms_vblank_simulate: vblank timer overrun [ 565.665720][ T10] usb 5-1: string descriptor 0 read error: -71 [ 565.669568][ T10] keyspan 5-1:0.91: Keyspan - (without firmware) converter detected [ 565.678842][ T10] keyspan 5-1:0.227: Keyspan - (without firmware) converter detected [ 565.731811][ T10] usb 5-1: USB disconnect, device number 18 [ 565.736559][ T10] keyspan 5-1:0.91: device disconnected [ 565.740132][ T10] keyspan 5-1:0.227: device disconnected [ 566.021700][ T5689] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.588988][ T9115] loop3: detected capacity change from 0 to 64 [ 567.240216][ T5120] kernel write not supported for file /vcs (pid: 5120 comm: kworker/1:4) [ 567.373097][ T9129] loop1: detected capacity change from 0 to 1024 [ 567.704312][ T5120] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 568.009079][ T5120] usb 1-1: Using ep0 maxpacket: 16 [ 568.081806][ T2811] hfsplus: b-tree write err: -5, ino 4 [ 568.183862][ T5120] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 568.193621][ T5120] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 568.431126][ T2811] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 568.493184][ T5120] usb 1-1: New USB device found, idVendor=15c2, idProduct=0040, bcdDevice= 7.fb [ 568.502790][ T5120] usb 1-1: New USB device strings: Mfr=7, Product=130, SerialNumber=11 [ 568.511559][ T5120] usb 1-1: Product: syz [ 568.520315][ T5120] usb 1-1: Manufacturer: syz [ 568.526554][ T5120] usb 1-1: SerialNumber: syz [ 568.638321][ T5120] usb 1-1: config 0 descriptor?? [ 568.729903][ T5120] input: iMON Panel, Knob and Mouse(15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input11 [ 568.758177][ T9140] loop3: detected capacity change from 0 to 16 [ 568.758677][ T2811] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 568.802832][ T9140] erofs: (device loop3): mounted with root inode @ nid 36. [ 568.989727][ T2811] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.148892][ T2811] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.597629][ T2811] bridge_slave_1: left allmulticast mode [ 569.603935][ T2811] bridge_slave_1: left promiscuous mode [ 569.610472][ T2811] bridge0: port 2(bridge_slave_1) entered disabled state [ 569.645891][ T5120] rc_core: IR keymap rc-imon-pad not found [ 569.653188][ T5120] Registered IR keymap rc-empty [ 569.658401][ T5120] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 569.669156][ T5120] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 569.696846][ T2811] bridge_slave_0: left allmulticast mode [ 569.703062][ T2811] bridge_slave_0: left promiscuous mode [ 569.709669][ T2811] bridge0: port 1(bridge_slave_0) entered disabled state [ 569.763156][ T5120] imon:send_packet: packet tx failed (-71) [ 569.825325][ T5120] imon 1-1:0.0: remote input dev register failed [ 569.833105][ T5120] imon 1-1:0.0: imon_init_intf0: rc device setup failed [ 570.112687][ T5120] imon 1-1:0.0: unable to initialize intf0, err 0 [ 570.119568][ T5120] imon:imon_probe: failed to initialize context! [ 570.128048][ T5120] imon 1-1:0.0: unable to register, err -19 [ 570.237092][ T5120] usb 1-1: USB disconnect, device number 17 [ 570.555156][ T2811] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 570.669943][ T2811] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 570.730684][ T2811] bond0 (unregistering): Released all slaves [ 570.780393][ T9154] loop0: detected capacity change from 0 to 512 [ 570.952486][ T9154] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 570.962411][ T9154] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 571.111089][ T9156] loop2: detected capacity change from 0 to 164 [ 571.129608][ T9154] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 571.213203][ T9154] System zones: 0-2, 18-18, 34-34 [ 571.334726][ T9154] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 571.351136][ T9156] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 571.397121][ T9154] EXT4-fs (loop0): 1 truncate cleaned up [ 571.403458][ T9154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 571.601921][ T29] audit: type=1326 audit(1717741056.973:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9151 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca7e67cf69 code=0x0 [ 571.856911][ T9165] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 572.118824][ T9161] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 572.245268][ T9161] bond0: (slave netdevsim3): Enslaving as an active interface with an up link [ 572.489720][ T2811] hsr_slave_0: left promiscuous mode [ 572.500887][ T5038] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.555684][ T2811] hsr_slave_1: left promiscuous mode [ 572.606109][ T2811] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 572.618221][ T2811] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 572.727202][ T2811] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 572.735124][ T2811] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 572.848080][ T2811] veth1_macvtap: left promiscuous mode [ 572.855698][ T2811] veth0_macvtap: left promiscuous mode [ 572.861771][ T2811] veth1_vlan: left promiscuous mode [ 572.867244][ T2811] veth0_vlan: left promiscuous mode [ 573.171215][ T5070] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 573.180934][ T5070] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 573.203627][ T5070] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 573.259406][ T5070] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 573.272332][ T5070] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 573.282993][ T5070] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 573.773691][ T5077] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 573.788746][ T5077] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 573.819754][ T5077] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 573.862563][ T5077] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 573.901856][ T5077] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 573.922546][ T5077] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 574.444622][ T2811] team0 (unregistering): Port device team_slave_1 removed [ 574.524063][ T2811] team0 (unregistering): Port device team_slave_0 removed [ 575.384690][ T5077] Bluetooth: hci2: command tx timeout [ 575.824406][ T779] kernel write not supported for file /vcs (pid: 779 comm: kworker/0:2) [ 576.105978][ T5077] Bluetooth: hci5: command tx timeout [ 576.243306][ T9170] chnl_net:caif_netlink_parms(): no params data found [ 576.510891][ T9177] chnl_net:caif_netlink_parms(): no params data found [ 576.890297][ T9203] loop2: detected capacity change from 0 to 1024 [ 577.442038][ T5077] Bluetooth: hci2: command tx timeout [ 577.543164][ T9170] bridge0: port 1(bridge_slave_0) entered blocking state [ 577.551191][ T9170] bridge0: port 1(bridge_slave_0) entered disabled state [ 577.559206][ T9170] bridge_slave_0: entered allmulticast mode [ 577.568619][ T9170] bridge_slave_0: entered promiscuous mode [ 577.734698][ T9170] bridge0: port 2(bridge_slave_1) entered blocking state [ 577.743657][ T9170] bridge0: port 2(bridge_slave_1) entered disabled state [ 577.751763][ T9170] bridge_slave_1: entered allmulticast mode [ 577.760914][ T9170] bridge_slave_1: entered promiscuous mode [ 577.959716][ T9215] sp0: Synchronizing with TNC [ 578.128369][ T9170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 578.164185][ T5077] Bluetooth: hci5: command tx timeout [ 578.223794][ T9217] loop2: detected capacity change from 0 to 2048 [ 578.264464][ T9170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 578.287465][ T9217] udf: Unknown parameter 'iochardinicb' [ 578.294775][ T9177] bridge0: port 1(bridge_slave_0) entered blocking state [ 578.302541][ T9177] bridge0: port 1(bridge_slave_0) entered disabled state [ 578.310384][ T9177] bridge_slave_0: entered allmulticast mode [ 578.319854][ T9177] bridge_slave_0: entered promiscuous mode [ 578.390360][ T9177] bridge0: port 2(bridge_slave_1) entered blocking state [ 578.398319][ T9177] bridge0: port 2(bridge_slave_1) entered disabled state [ 578.406341][ T9177] bridge_slave_1: entered allmulticast mode [ 578.415754][ T9177] bridge_slave_1: entered promiscuous mode [ 578.576381][ T9170] team0: Port device team_slave_0 added [ 578.696421][ T9177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 578.749673][ T9170] team0: Port device team_slave_1 added [ 578.783946][ T9177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 579.154264][ T9224] loop3: detected capacity change from 0 to 164 [ 579.204800][ T9224] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 579.315266][ T9177] team0: Port device team_slave_0 added [ 579.358334][ T9177] team0: Port device team_slave_1 added [ 579.375105][ T9170] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 579.382514][ T9170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 579.408880][ T9170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 579.531812][ T5077] Bluetooth: hci2: command tx timeout [ 579.564809][ T9228] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 579.619334][ T9228] bond0: (slave netdevsim3): Enslaving as an active interface with an up link [ 579.817563][ T9170] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 579.826335][ T9170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 579.853753][ T9170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 579.898828][ T9177] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 579.906072][ T9177] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 579.932510][ T9177] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 579.970679][ T9177] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 579.978149][ T9177] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 580.008460][ T9177] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 580.271788][ T5077] Bluetooth: hci5: command tx timeout [ 580.341023][ T9170] hsr_slave_0: entered promiscuous mode [ 580.374828][ T9170] hsr_slave_1: entered promiscuous mode [ 580.403279][ T10] kernel write not supported for file /vcs (pid: 10 comm: kworker/0:1) [ 580.425776][ T9170] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 580.433906][ T9170] Cannot create hsr debugfs directory [ 580.810327][ T9177] hsr_slave_0: entered promiscuous mode [ 580.977299][ T9177] hsr_slave_1: entered promiscuous mode [ 580.994739][ T9177] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 580.994881][ T9177] Cannot create hsr debugfs directory [ 581.093853][ T9246] loop1: detected capacity change from 0 to 1024 [ 581.458938][ T2811] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 581.572109][ T2811] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 581.615661][ T5077] Bluetooth: hci2: command tx timeout [ 581.779012][ T2811] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 581.910048][ T2811] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 581.956565][ T8820] hfsplus: b-tree write err: -5, ino 4 [ 582.321970][ T5077] Bluetooth: hci5: command tx timeout [ 582.449614][ T2811] bridge_slave_1: left allmulticast mode [ 582.455689][ T2811] bridge_slave_1: left promiscuous mode [ 582.462655][ T2811] bridge0: port 2(bridge_slave_1) entered disabled state [ 582.514474][ T2811] bridge_slave_0: left allmulticast mode [ 582.520514][ T2811] bridge_slave_0: left promiscuous mode [ 582.527966][ T2811] bridge0: port 1(bridge_slave_0) entered disabled state [ 583.216487][ T2811] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 583.338558][ T2811] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 583.391885][ T2811] bond0 (unregistering): Released all slaves [ 584.122687][ T9275] netlink: 416 bytes leftover after parsing attributes in process `syz-executor.3'. [ 584.156960][ T2811] hsr_slave_0: left promiscuous mode [ 584.186667][ T9280] loop2: detected capacity change from 0 to 164 [ 584.194815][ T2811] hsr_slave_1: left promiscuous mode [ 584.220961][ T29] audit: type=1326 audit(1717741069.633:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9274 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa87127cf69 code=0x0 [ 584.245499][ T2811] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 584.253737][ T2811] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 584.267658][ T2811] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 584.276034][ T2811] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 584.299365][ T9280] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 584.315183][ T2811] veth1_macvtap: left promiscuous mode [ 584.320957][ T2811] veth0_macvtap: left promiscuous mode [ 584.327723][ T2811] veth1_vlan: left promiscuous mode [ 584.333448][ T2811] veth0_vlan: left promiscuous mode [ 584.785555][ T9284] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 585.363053][ T2811] team0 (unregistering): Port device team_slave_1 removed [ 585.397830][ T2811] team0 (unregistering): Port device team_slave_0 removed [ 585.797675][ T9281] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 586.192508][ T5126] kernel write not supported for file /vcs (pid: 5126 comm: kworker/1:5) [ 586.643551][ T9170] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 586.713446][ T9170] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 586.781162][ T9170] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 586.848862][ T9177] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 586.907782][ T9170] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 586.995604][ T9177] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 587.101787][ T9177] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 587.182885][ T9177] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 587.861197][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.870670][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 588.220813][ T9170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 588.512187][ T9170] 8021q: adding VLAN 0 to HW filter on device team0 [ 588.599408][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 588.607257][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 588.695050][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 588.702864][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 588.725735][ T9177] 8021q: adding VLAN 0 to HW filter on device bond0 [ 588.982776][ T9177] 8021q: adding VLAN 0 to HW filter on device team0 [ 589.124231][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 589.132151][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 589.275954][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 589.283821][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 590.980043][ T9170] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 591.139868][ T9177] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 591.511054][ T9177] veth0_vlan: entered promiscuous mode [ 591.612247][ T9177] veth1_vlan: entered promiscuous mode [ 591.877323][ T9177] veth0_macvtap: entered promiscuous mode [ 591.970848][ T9177] veth1_macvtap: entered promiscuous mode [ 592.166020][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 592.179141][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 592.189935][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 592.200823][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 592.211062][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 592.221885][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 592.236932][ T9177] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 592.350006][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 592.361536][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 592.371909][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 592.384753][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 592.395596][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 592.409322][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 592.424372][ T9177] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 592.615609][ T9177] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 592.624927][ T9177] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 592.634109][ T9177] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 592.643303][ T9177] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 593.178724][ T9170] veth0_vlan: entered promiscuous mode [ 593.273015][ T9170] veth1_vlan: entered promiscuous mode [ 593.652758][ T9170] veth0_macvtap: entered promiscuous mode [ 593.734148][ T9170] veth1_macvtap: entered promiscuous mode [ 593.953164][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 593.963961][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 593.974197][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 593.984946][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 593.995185][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 594.005968][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 594.018227][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 594.029566][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 594.045193][ T9170] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 594.292770][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 594.303905][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 594.314178][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 594.327021][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 594.337903][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 594.348704][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 594.359146][ T9170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 594.369947][ T9170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 594.385188][ T9170] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 594.527116][ T9170] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 594.536385][ T9170] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 594.545525][ T9170] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 594.554775][ T9170] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 595.279538][ T5124] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 595.561881][ T5124] usb 3-1: Using ep0 maxpacket: 32 [ 595.714647][ T5124] usb 3-1: config 0 has no interfaces? [ 595.720540][ T5124] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 595.730118][ T5124] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 595.815336][ T5124] usb 3-1: config 0 descriptor?? [ 596.061026][ T5125] usb 3-1: USB disconnect, device number 21 [ 597.871565][ T9397] bridge0: port 3(syz_tun) entered disabled state [ 598.084373][ T9397] syz_tun (unregistering): left allmulticast mode [ 598.091081][ T9397] syz_tun (unregistering): left promiscuous mode [ 598.098357][ T9397] bridge0: port 3(syz_tun) entered disabled state [ 599.390031][ T3980] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 599.398164][ T3980] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 599.637733][ T3980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 599.648484][ T3980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 599.995105][ T9415] binder: 9412:9415 ioctl c0306201 200003c0 returned -22 [ 600.356884][ T5124] usb 1-1: new full-speed USB device number 18 using dummy_hcd [ 600.694346][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 600.702681][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 600.827349][ T5668] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 600.835720][ T5668] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 600.883069][ T5124] usb 1-1: config 0 has an invalid interface number: 91 but max is 3 [ 600.891619][ T5124] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 600.900639][ T5124] usb 1-1: config 0 has an invalid interface number: 227 but max is 3 [ 600.909412][ T5124] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 600.921473][ T5124] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 4 [ 600.930780][ T5124] usb 1-1: config 0 has no interface number 0 [ 600.937202][ T5124] usb 1-1: config 0 has no interface number 1 [ 600.943698][ T5124] usb 1-1: config 0 interface 91 altsetting 127 endpoint 0x3 has an invalid bInterval 31, changing to 4 [ 600.955307][ T5124] usb 1-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xB, skipping [ 600.966624][ T5124] usb 1-1: config 0 interface 91 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 600.980408][ T5124] usb 1-1: config 0 interface 91 altsetting 127 endpoint 0xC has invalid maxpacket 512, setting to 64 [ 600.992806][ T5124] usb 1-1: config 0 interface 91 altsetting 127 has 8 endpoint descriptors, different from the interface descriptor's value: 7 [ 601.006980][ T5124] usb 1-1: config 0 interface 227 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0 [ 601.017648][ T5124] usb 1-1: config 0 interface 91 has no altsetting 0 [ 601.024977][ T5124] usb 1-1: config 0 interface 227 has no altsetting 0 [ 601.032510][ T5124] usb 1-1: Dual-Role OTG device on HNP port [ 601.074803][ T5124] usb 1-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 601.086872][ T5124] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 601.127455][ T5124] usb 1-1: config 0 descriptor?? [ 601.936447][ T9418] loop0: detected capacity change from 0 to 4096 [ 601.961295][ T9418] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 602.330197][ T9418] ntfs3: loop0: failed to convert "c46c" to macceltic [ 602.854758][ T5124] usb 1-1: string descriptor 0 read error: -71 [ 602.864936][ T5124] keyspan 1-1:0.91: Keyspan - (without firmware) converter detected [ 602.882679][ T5124] keyspan 1-1:0.227: Keyspan - (without firmware) converter detected [ 602.934918][ T5124] usb 1-1: USB disconnect, device number 18 [ 602.947746][ T5124] keyspan 1-1:0.91: device disconnected [ 602.957771][ T5124] keyspan 1-1:0.227: device disconnected [ 607.174773][ T9503] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 607.421824][ T9505] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 607.446567][ T9505] bond1: (slave vcan1): Error -95 calling set_mac_address [ 611.163468][ T9561] loop4: detected capacity change from 0 to 2048 [ 611.338446][ T9561] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 612.728647][ T9574] loop1: detected capacity change from 0 to 512 [ 612.885115][ T9574] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.899408][ T9574] ext4 filesystem being mounted at /root/syzkaller-testdir755962124/syzkaller.kkOxqG/34/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 615.567475][ T8725] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.199302][ T9591] loop0: detected capacity change from 0 to 2048 [ 617.394014][ T9591] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 621.488017][ T9639] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 621.622077][ T9639] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 621.740039][ T9645] loop3: detected capacity change from 0 to 512 [ 621.782393][ T29] audit: type=1326 audit(1717741107.103:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9642 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa7067cf69 code=0x0 [ 621.858802][ T9645] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 621.870904][ T9645] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 621.964292][ T9645] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 621.982736][ T9645] System zones: 0-2, 18-18, 34-34 [ 622.018723][ T9645] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 622.036123][ T9645] EXT4-fs (loop3): 1 truncate cleaned up [ 622.043665][ T9645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 622.279719][ T9652] bridge0: port 2(bridge_slave_1) entered disabled state [ 622.355640][ T9652] bridge_slave_1: left allmulticast mode [ 622.364191][ T9652] bridge0: port 2(bridge_slave_1) entered disabled state [ 622.629558][ T5084] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 625.931123][ T9686] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 626.024590][ T9686] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 627.317258][ T9693] loop0: detected capacity change from 0 to 512 [ 627.383351][ T9693] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 627.395745][ T9693] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 627.545489][ T9693] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 627.561846][ T9693] System zones: 0-2, 18-18, 34-34 [ 627.629837][ T9693] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 627.751630][ T9693] EXT4-fs (loop0): 1 truncate cleaned up [ 627.757685][ T9693] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 628.258918][ T29] audit: type=1326 audit(1717741113.643:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9698 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa87127cf69 code=0x0 [ 628.445205][ T9177] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 631.449723][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 631.594512][ T9719] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 632.348298][ T9722] fuse: Unknown parameter '0x0000000000000003' [ 632.442177][ T29] audit: type=1326 audit(1717741117.823:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9721 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9db07cf69 code=0x0 [ 633.277626][ T9725] loop1: detected capacity change from 0 to 256 [ 633.585999][ T29] audit: type=1800 audit(1717741118.963:1387): pid=9725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="loop1" ino=1048638 res=0 errno=0 [ 634.109848][ T29] audit: type=1326 audit(1717741119.493:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9730 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd9db07cf69 code=0x0 [ 634.299744][ T9736] loop1: detected capacity change from 0 to 512 [ 634.355561][ T9736] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 634.367664][ T9736] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 634.402539][ T9736] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 634.416437][ T9736] System zones: 0-2, 18-18, 34-34 [ 634.457921][ T9736] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 634.515811][ T9736] EXT4-fs (loop1): 1 truncate cleaned up [ 634.522378][ T9736] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 635.357617][ T8725] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 635.434531][ T9752] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 635.495574][ T43] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 635.567411][ T9752] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 635.782526][ T43] usb 1-1: Using ep0 maxpacket: 8 [ 635.902340][ T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 635.912964][ T43] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 4 [ 635.922407][ T43] usb 1-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=17.bd [ 635.932412][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 635.992708][ T43] usb 1-1: config 0 descriptor?? [ 636.075048][ T43] keyspan 1-1:0.0: Keyspan - (without firmware) converter detected [ 636.267379][ T43] usb 1-1: USB disconnect, device number 19 [ 636.274538][ T43] keyspan 1-1:0.0: device disconnected [ 636.408456][ T9761] loop2: detected capacity change from 0 to 128 [ 636.439401][ T9761] VFS: Found a Xenix FS (block size = 512) on device loop2 [ 636.464339][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.464339][ T9761] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128 [ 636.478591][ T9761] Buffer I/O error on dev loop2, logical block 8767744, async page read [ 636.487254][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.487254][ T9761] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 636.501585][ T9761] Buffer I/O error on dev loop2, logical block 13269809, async page read [ 636.515598][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.515598][ T9761] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128 [ 636.530575][ T9761] Buffer I/O error on dev loop2, logical block 1157, async page read [ 636.538951][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.538951][ T9761] loop2: rw=0, sector=3211264, nr_sectors = 1 limit=128 [ 636.553025][ T9761] Buffer I/O error on dev loop2, logical block 3211264, async page read [ 636.561765][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.561765][ T9761] loop2: rw=0, sector=8768635, nr_sectors = 1 limit=128 [ 636.575889][ T9761] Buffer I/O error on dev loop2, logical block 8768635, async page read [ 636.584603][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.584603][ T9761] loop2: rw=0, sector=13466417, nr_sectors = 1 limit=128 [ 636.598934][ T9761] Buffer I/O error on dev loop2, logical block 13466417, async page read [ 636.607621][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.607621][ T9761] loop2: rw=0, sector=209285, nr_sectors = 1 limit=128 [ 636.626811][ T9761] Buffer I/O error on dev loop2, logical block 209285, async page read [ 636.637575][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.637575][ T9761] loop2: rw=0, sector=8767744, nr_sectors = 1 limit=128 [ 636.651807][ T9761] Buffer I/O error on dev loop2, logical block 8767744, async page read [ 636.660284][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.660284][ T9761] loop2: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 636.674508][ T9761] Buffer I/O error on dev loop2, logical block 13269809, async page read [ 636.683176][ T9761] syz-executor.2: attempt to access beyond end of device [ 636.683176][ T9761] loop2: rw=0, sector=1157, nr_sectors = 1 limit=128 [ 636.697036][ T9761] Buffer I/O error on dev loop2, logical block 1157, async page read [ 636.759991][ T29] audit: type=1800 audit(1717741122.143:1389): pid=9761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="/" dev="loop2" ino=2 res=0 errno=0 [ 636.893493][ T5072] sysv_free_block: trying to free block not in datazone [ 636.912920][ T5072] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 637.376546][ T9763] loop2: detected capacity change from 0 to 256 [ 637.692156][ T9770] veth0_vlan: entered allmulticast mode [ 637.731629][ T29] audit: type=1800 audit(1717741123.103:1390): pid=9763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=1048639 res=0 errno=0 [ 638.388740][ T9771] loop0: detected capacity change from 0 to 64 [ 638.522451][ T9771] hfs: unable to parse mount options [ 639.385097][ T9787] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 639.413013][ T29] audit: type=1326 audit(1717741124.773:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9784 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e66e7cf69 code=0x0 [ 639.421629][ T9787] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.444357][ T9787] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.468948][ T9787] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.476910][ T9787] bridge0: port 2(bridge_slave_1) entered forwarding state [ 639.485817][ T9787] bridge0: port 1(bridge_slave_0) entered blocking state [ 639.493651][ T9787] bridge0: port 1(bridge_slave_0) entered forwarding state [ 639.514139][ T9787] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 640.372968][ T9794] loop1: detected capacity change from 0 to 512 [ 640.462009][ T9794] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 640.471464][ T9794] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 640.537112][ T9794] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 640.552539][ T9794] System zones: 0-2, 18-18, 34-34 [ 640.585615][ T9798] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 640.615844][ T9794] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 640.715591][ T9799] loop2: detected capacity change from 0 to 512 [ 640.726148][ T9794] EXT4-fs (loop1): 1 truncate cleaned up [ 640.732243][ T9794] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 640.755099][ T9798] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 640.814474][ T9799] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 640.885937][ T9799] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 640.949147][ T9799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 641.263453][ T5072] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.538398][ T8725] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 642.080379][ T29] audit: type=1326 audit(1717741127.463:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.104177][ T29] audit: type=1326 audit(1717741127.463:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.128227][ T29] audit: type=1326 audit(1717741127.473:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.157153][ T29] audit: type=1326 audit(1717741127.473:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.182108][ T29] audit: type=1326 audit(1717741127.483:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.205554][ T29] audit: type=1326 audit(1717741127.503:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.228893][ T29] audit: type=1326 audit(1717741127.503:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.257239][ T29] audit: type=1326 audit(1717741127.503:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.282092][ T29] audit: type=1326 audit(1717741127.503:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9811 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f58e907cf69 code=0x7ffc0000 [ 642.607025][ T9820] fuse: Bad value for 'fd' [ 642.943973][ T9814] loop2: detected capacity change from 0 to 4096 [ 643.002148][ T9814] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 643.124217][ T9828] loop4: detected capacity change from 0 to 256 [ 643.890362][ T9833] loop1: detected capacity change from 0 to 256 [ 644.336736][ T9837] loop3: detected capacity change from 0 to 512 [ 644.448139][ T9837] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 644.514612][ T9837] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 644.540427][ T9837] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.669667][ T9845] loop2: detected capacity change from 0 to 512 [ 645.148542][ T9845] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 645.158129][ T9845] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 646.737355][ T9845] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 646.800003][ T9845] System zones: 0-2, 18-18, 34-34 [ 646.874039][ T9845] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 646.963323][ T9845] EXT4-fs (loop2): 1 truncate cleaned up [ 646.969268][ T9845] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 647.169684][ T5084] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 647.658927][ T5072] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 648.272212][ T9866] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 648.308101][ T9866] bridge0: port 2(bridge_slave_1) entered disabled state [ 648.318089][ T9866] bridge0: port 1(bridge_slave_0) entered disabled state [ 648.353373][ T9866] bridge0: port 2(bridge_slave_1) entered blocking state [ 648.361272][ T9866] bridge0: port 2(bridge_slave_1) entered forwarding state [ 648.370111][ T9866] bridge0: port 1(bridge_slave_0) entered blocking state [ 648.377991][ T9866] bridge0: port 1(bridge_slave_0) entered forwarding state [ 648.399080][ T9866] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 649.233116][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.239809][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 650.296991][ T9884] loop0: detected capacity change from 0 to 256 [ 650.616184][ T9890] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 650.746018][ T9889] loop2: detected capacity change from 0 to 512 [ 650.868527][ T9889] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 650.959404][ T9889] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 651.005304][ T9889] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.370857][ T9903] loop3: detected capacity change from 0 to 512 [ 651.484714][ T9903] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 651.494415][ T9903] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 651.580879][ T9903] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 651.622226][ T9903] System zones: 0-2, 18-18, 34-34 [ 651.694049][ T9903] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 651.817893][ T9903] EXT4-fs (loop3): 1 truncate cleaned up [ 651.824020][ T9903] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 651.833313][ T5072] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.555667][ T5084] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.726946][ T9915] loop0: detected capacity change from 0 to 512 [ 652.776962][ T9915] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 652.784595][ T9916] ieee802154 phy0 wpan0: encryption failed: -22 [ 652.922799][ T9918] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 653.518337][ T9925] loop3: detected capacity change from 0 to 256 [ 654.155000][ T9931] loop3: detected capacity change from 0 to 512 [ 654.371965][ T9931] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 654.435028][ T9931] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 654.480280][ T9931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 654.824439][ T9947] loop2: detected capacity change from 0 to 512 [ 654.912435][ T9947] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 654.922020][ T9947] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 654.985273][ T9947] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 655.010567][ T9947] System zones: 0-2, 18-18, 34-34 [ 655.109156][ T9947] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1153: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 655.206253][ T9947] EXT4-fs (loop2): 1 truncate cleaned up [ 655.213137][ T9947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 655.315705][ T9954] xt_CT: You must specify a L4 protocol and not use inversions on it [ 655.489164][ T5084] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.859018][ T5072] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.890272][ T9961] loop0: detected capacity change from 0 to 764 [ 655.990600][ T9961] rock: directory entry would overflow storage [ 655.997063][ T9961] rock: sig=0x4f50, size=4, remaining=3 [ 656.002826][ T9961] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 656.445736][ T9935] Bluetooth: hci0: command 0x0406 tx timeout [ 656.478476][ T9966] sg_write: process 761 (syz-executor.3) changed security contexts after opening file descriptor, this is not allowed. [ 657.074832][ T9975] loop0: detected capacity change from 0 to 512 [ 657.225120][ T9975] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 657.238502][ T9975] ext4 filesystem being mounted at /root/syzkaller-testdir932387393/syzkaller.hF0XlE/39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 657.411650][ T9983] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 657.993524][ T9985] trusted_key: syz-executor.0 sent an empty control message without MSG_MORE. [ 658.258101][ T10] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 658.517428][ T9983] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 659.772664][ T5668] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 660.164684][ T10] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 660.172810][ T10] usb 4-1: can't read configurations, error -71 [ 660.393716][ T9177] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 660.619048][ T5668] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 660.630108][ T5668] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 660.643560][ T5668] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 660.652983][ T5668] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.698992][ T5668] usb 5-1: config 0 descriptor?? [ 660.823438][ T5668] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 661.136994][ T5668] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 661.145387][ T5668] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 661.160674][ T5668] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz1 [ 661.173605][ T1054] ===================================================== [ 661.180761][ T1054] BUG: KMSAN: uninit-value in nci_rx_work+0x35a/0x5d0 [ 661.191916][ T1054] nci_rx_work+0x35a/0x5d0 [ 661.196517][ T1054] process_scheduled_works+0xa81/0x1bd0 [ 661.203373][ T1054] worker_thread+0xea5/0x1560 [ 661.208268][ T1054] kthread+0x3e2/0x540 [ 661.212630][ T1054] ret_from_fork+0x6d/0x90 [ 661.217223][ T1054] ret_from_fork_asm+0x1a/0x30 [ 661.222392][ T1054] [ 661.224824][ T1054] Uninit was created at: [ 661.229296][ T1054] kmem_cache_alloc_node+0x622/0xc90 2024/06/07 06:19:06 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 661.234828][ T1054] kmalloc_reserve+0x13d/0x4a0 [ 661.240279][ T1054] __alloc_skb+0x35b/0x7a0 [ 661.244962][ T1054] virtual_ncidev_write+0x6d/0x290 [ 661.251177][ T1054] vfs_write+0x497/0x14d0 [ 661.255827][ T1054] ksys_write+0x20f/0x4c0 [ 661.260367][ T1054] __x64_sys_write+0x93/0xe0 [ 661.265301][ T1054] x64_sys_call+0x3062/0x3b50 [ 661.270189][ T1054] do_syscall_64+0xcf/0x1e0 [ 661.275003][ T1054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.281127][ T1054] [ 661.285861][ T1054] CPU: 1 PID: 1054 Comm: kworker/u8:6 Tainted: G W 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 661.301810][ T1054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 661.313280][ T1054] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 661.319039][ T1054] ===================================================== [ 661.326192][ T1054] Disabling lock debugging due to kernel taint [ 661.332640][ T1054] Kernel panic - not syncing: kmsan.panic set ... [ 661.339176][ T1054] CPU: 1 PID: 1054 Comm: kworker/u8:6 Tainted: G B W 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 661.350675][ T1054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 661.360891][ T1054] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 661.366641][ T1054] Call Trace: [ 661.370026][ T1054] [ 661.373062][ T1054] dump_stack_lvl+0x216/0x2d0 [ 661.377974][ T1054] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 661.383987][ T1054] dump_stack+0x1e/0x30 [ 661.388344][ T1054] panic+0x4e2/0xcd0 [ 661.392448][ T1054] ? kmsan_get_metadata+0xf1/0x1d0 [ 661.397769][ T1054] kmsan_report+0x2d5/0x2e0 [ 661.402458][ T1054] ? kmsan_get_metadata+0x146/0x1d0 [ 661.407857][ T1054] ? __msan_warning+0x95/0x120 [ 661.412808][ T1054] ? nci_rx_work+0x35a/0x5d0 [ 661.417569][ T1054] ? process_scheduled_works+0xa81/0x1bd0 [ 661.423485][ T1054] ? worker_thread+0xea5/0x1560 [ 661.428526][ T1054] ? kthread+0x3e2/0x540 [ 661.432965][ T1054] ? ret_from_fork+0x6d/0x90 [ 661.437732][ T1054] ? ret_from_fork_asm+0x1a/0x30 [ 661.442895][ T1054] ? filter_irq_stacks+0x60/0x1a0 [ 661.448162][ T1054] ? stack_depot_save_flags+0x2c/0x6e0 [ 661.453832][ T1054] ? kmsan_get_metadata+0x146/0x1d0 [ 661.459246][ T1054] ? kmsan_get_metadata+0x146/0x1d0 [ 661.464644][ T1054] ? kmsan_get_metadata+0x146/0x1d0 [ 661.470040][ T1054] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 661.476531][ T1054] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 661.482841][ T1054] ? kfree_skb_reason+0x197/0x4f0 [ 661.488079][ T1054] ? nfc_send_to_raw_sock+0x504/0x530 [ 661.493669][ T1054] ? kmsan_get_metadata+0x146/0x1d0 [ 661.499062][ T1054] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 661.505091][ T1054] __msan_warning+0x95/0x120 [ 661.509865][ T1054] nci_rx_work+0x35a/0x5d0 [ 661.514640][ T1054] ? __pfx_nci_rx_work+0x10/0x10 [ 661.519756][ T1054] process_scheduled_works+0xa81/0x1bd0 [ 661.525536][ T1054] worker_thread+0xea5/0x1560 [ 661.530521][ T1054] kthread+0x3e2/0x540 [ 661.534791][ T1054] ? __pfx_worker_thread+0x10/0x10 [ 661.540114][ T1054] ? __pfx_kthread+0x10/0x10 [ 661.544916][ T1054] ret_from_fork+0x6d/0x90 [ 661.549521][ T1054] ? __pfx_kthread+0x10/0x10 [ 661.554329][ T1054] ret_from_fork_asm+0x1a/0x30 [ 661.559328][ T1054] [ 661.562791][ T1054] Kernel Offset: disabled [ 661.567213][ T1054] Rebooting in 86400 seconds..