last executing test programs: 11.438401149s ago: executing program 1 (id=1324): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='./file1\x00', 0x0, &(0x7f0000000bc0)={[{@nobarrier}, {@nobarrier}, {@creator={'creator', 0x3d, "bd3c66f5"}}, {@nls={'nls', 0x3d, 'macceltic'}}, {@umask={'umask', 0x3d, 0x1f}}, {@umask={'umask', 0x3d, 0xde5}}]}, 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file2\x00', 0x4, &(0x7f0000000640), 0x3, 0x44c, &(0x7f0000000c40)="$eJzs3MtvVNUfAPDvnUehPH7tj+CDh1pFI/HR0oLIwo1GExeamOgCl7UtBBmooTURQhSNYWtI3BOXJv4FrnRj1JWJW90bEjRsQFdj7sy97cx0prTjtFOYzye5cM69Z3rOd+49M+fc09sABtZY+k8SsSsifouIkXq2ucBY/b87ty7P/H3r8kwS1erbfyW1crdvXZ7Ji+av25lnShGFz5M40KbehYuXzk5XKnMXsvzE4rkPJhYuXnr+zLnp03On585PnThx7Ojki8enXuhJnGlct/d/PH9w3+vvXntz5uS19376Jsnjb4mjR8ZWO/hUtdrj6vprd0M6KfWxIaxLsd5No1zr/yNRjOWTNxKvfdbXxgEbqlqtVh/sfPhKFbiPJdHvFgD9kX/Rp/PffNukoceWcPPl+gQojftOttWPlKKQlSm3zG97aSwiTl7553q6xcbchwAAaPJdOv55rt34rxCN94X+l62hjEbE/yNiT0Qcj4i9EfFARK3sQxHx8Drrb10kWTn+KdzoKrA1Ssd/L2VrW83jv3z0F6PFLLe7Fn85OXWmMncke08OR3lbmp9cpY7vX/31i07HGsd/6ZbWn48Fs3bcKG1rfs3s9OL0f4m50c1PI/aX2sWfLK0EJBGxLyL2d1nHmWe+PtjpWJv4y6WI62v6wT1YZ6p+FfF0/fxfiZb4c8ny+uSfwyvXJye2R2XuyER+Vaz08y9X3+pU/93P/8ZKz/+Ottf/UvyjSeN67cL667j6+/aOc5pur/+h5J2mfR9NLy5emIwYSt6oN7px/1RLuanl8mn8hw+17/97YvmdOBAR6UX8SEQ8GhGPZW1/PCKeiIhDq8T/4ytPvt99/BsrjX92Xed/OTEUrXvaJ4pnf/i2qdLR9cSfnv9jtdThbM9aPv/W0q7urmYAAAC49xQiYlckhfGldKEwPl7/Hf69saNQmV9YfPbU/IfnZ+vPCIxGuZDf6RppuB86mU3r8/xUS/5odt/4y+JwLT8+M1+Z7XfwMOB2duj/qT+K/W4dsOE8rwWDS/+HwaX/w+DS/2Fwten/wyv2bN+ctgCbq933/yd9aAew+Vr6v2U/GCDm/zC49H8YXPo/DKSF4bj7Q/L3bGIoi3KrtOd+SkRhlTL5n4/YGk2V6CLR148lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAnvk3AAD//39l3ZU=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_xfrm(0x10, 0x3, 0x6) socket$alg(0x26, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.sectors\x00', 0x275a, 0x0) 11.098265934s ago: executing program 1 (id=1325): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) writev(r0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 9.847654274s ago: executing program 2 (id=1327): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000640), 0x3, 0x42f, &(0x7f0000000200)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.sectors\x00', 0x275a, 0x0) fallocate(r3, 0x0, 0x0, 0x1040f8) openat$tun(0xffffffffffffff9c, 0x0, 0x169041, 0x0) lseek(r3, 0x0, 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x1e, 0x1, 0x0) epoll_create1(0x0) 9.815071544s ago: executing program 1 (id=1328): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x50) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[], 0xa8) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 9.633033777s ago: executing program 1 (id=1333): r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x16) 9.45477768s ago: executing program 0 (id=1334): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0) 9.329762802s ago: executing program 0 (id=1336): socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3a) syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r2, 0x2f126000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) sched_setscheduler(0x0, 0x5, &(0x7f0000000240)=0x8) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_usb_connect(0x3, 0xd1, &(0x7f0000000340)={{0x12, 0x1, 0x200, 0x65, 0x49, 0x71, 0x20, 0x85a, 0x26, 0x125, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbf, 0x1, 0x1, 0x5, 0x90, 0x3a, [{{0x9, 0x4, 0x2a, 0x8, 0x0, 0xd1, 0x56, 0x51, 0xf7, [@hid_hid={0x9, 0x21, 0x1885, 0x0, 0x1, {0x22, 0x58e}}, @generic={0xa4, 0x21, "384a99821699a33153645c14d119556f4bc5076dd034f91cd435d6cf9be8f19105edc05cc230ad52fb2d17c61d30f7c897af4932cfe953154710c10e234abc221def961b2820840f7226e772e04c7efe0100437e2e8b34144bb50bca2be8e8fce0daf96a8bc4882549f8527a871b12c8bdd2c0ac2aeb7f3937c5637f4ad789de85ecae2688b19fefeb360397e6f82c1807de6ec277f4cf0dbc9c651765847da39eec"}]}}]}}]}}, 0x0) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, 0x0, 0x0, 0x2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118) 7.729690287s ago: executing program 3 (id=1339): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) writev(r0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 6.524140517s ago: executing program 3 (id=1341): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0) socket(0x10, 0x3, 0x4) syz_mount_image$udf(&(0x7f0000000940), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000680)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303030372c6e6f7374726963742c7569643d69676e6f72652c6769643d666f726765742c6c6f6e6761642c6e6f7672732c756e64656c6574652c6d6f64653d30303030303030303030303030303030303033353031362c646d6f64653d30303030303030303030303030303030303030303031312c00e3cc6abaa52ef118fcbe734b47a6bf66bdd357c81c22ed4c07659e40ba6f24e50fafda55f8d6b01f7fa9505996c5c8e5fac082523b41c69e892f8f3372228da85b089c449c8243489693fc724dc3a34a1c85226b306f86ba0484aad17849d21905bbe3dbc20bf4c98777720c05637db44ef1224790223b183be4cbccef28b6dc7701cf3b6d45babe7a0177b34116f8033c0614d351a01526a5e4626159b2d7a3176575b87ce23efc23d6fc182ecb01ea4d182720d93ab9a99e432ce3c68dcdeec61f9cc21345ccd818e18d6d9c4bb97e0f79e4cfb80641"], 0x1, 0xc56, &(0x7f0000002680)="$eJzs3U9sHNd9B/DfGy21S7mtmdhVnDQONm2Ryorl6l9MxSrcVU2zLSDLQijmFoArkVIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEXQI9O6QHLxocipJ6KFjaDogS0CBCgQMJjZt+KKIhNaFEVK/nxs6Ts7897MezPrGVrQmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvvXrh5Km0xYZD+9AYAOChuDT2pZOnt3r+AwCPrSvb/f8/AAAAAAAAAAAAAABwUKQo4qlIMXdpLU1Un7saFzsDt26Pj4xuXW0wVTUPVeXLX41Tp8+c/cKLw+d6ebEz83PqP2ifitfHrlxovjJ7c25+amFharI5PtO5Njs5teM97Lb+ZserE9C8+catyevXF5qnXzhz1+bbQx/Unzg6dH74uRPP9sqOj4yOjm0UafSXr913Q7q2G+FxOIo4ESme//aPUjsiitj9uWg83Gu/2WDVieNVJ8ZHRquOTHfaM4vlxsu9E1FENPsqtXrnaOtrEbWBh9qH7bUilsrmlw0+XnZvbK493746PdW83J5f7Cx2Zmcup25ry/40o4hzKWI5Ilbr9+5uIIqoRYpvPrmWrua3flTn4fPVwODt21HsYR93oGxncyBiuXgErtkBVo8iXosUP373WFzL95nqXvO5iNfK/G7E22W+HJHKL8bZiPe3+B7xaKpFEX9RXv/za2myuh/07isXv9z8w5nrs31le/eVD/l8uOdOsU/Ph8FN+XAc8HtTI4poV3f8tXT/P+wAAAAAAAAAAAAAAAAA8KANRhGfjBSv/vsfV+OKoxqX/uT54d8f+uX+MePP/IL9lGVfiIilYmdjcg/ngYGX0+WU9nks8UdZI4r4kzz+7+v73RgAAAAAAAAAAAAAAAAAAICPtCJ+GCleeu9YWo7+OcU7MzeaV9pXp7uzwvbm/u3Nmb6+vr7eTN1s5ZzIuZRzOedKztWcUeT69e6OWvnzRM6lnMs5V3Ku5oxDuX7OVs6JnEs5l3Ou5FzNGbVcP2cr50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4aKb7x1bUUKSJaERPRzZX6frcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjVUxHfiRTNP2jdWVeLiFT923Ws/O1stA6X+fFoDZf5crQu5GxXWWt9fR/az+4MpCJ+ECnqjXfuXPB8/Qe6n+58DeLtr0UM5uVP1bp5qLdx6IP6E0efPD88+plntltOWzXg+MXOzK3bzfGR0dGxvtW1fPSP960bysctHkzXiYiFN996oz09PTV/PwuHq4XyK3Bf1R+5hVTbh57WPzKn9+AtRO1ANGN/+n6Xxn7doNhT5fP//Ujx2+/9R++B333+N+KXup/uPOHjJ3+68dPAS5t3tMPnf21zvfz8L5/pWz3/n+pb91L+aWSgFtFYvDk3cDSisfDmWyc6N9s3pm5MzZw9efKLw8NfPHNy4HBE43pneqpv6YGcLgAAAAAAAAAAAAAAAICHJxXxu5Gi/YO11IyI29V4raHzw8+dePZQHKrGW901bvv1sSsXmq/M3pybn1pYmJpsjs90rs1OTu30cI1quNf4yOiedOYXGtzj9g82Xpmde3O+c+OPFrfcfqRx4erC4nz72tabYzCKiFb/muNVg8dHRqtGT3faM1XVy1sOpv/wBlIR/xkprp1tps/mdXn8/+YR/tX4/95hlzbv6AGO///MkY3xfx/rK1oeM6UifhIpfusvn4nPVu08Evecs1zubyPF8XOfzuXicFmu14buewW6IwPLsv8bKf7xp3eX7Y2HfGqj7KkPdXIfAeX1fzJSfOfPvxW/ntfd/f6Hra//kc072qP3Pzzdt+7IXe8r2HXXydf/RKR4+al34jeqNf//c9//0Xv3xrFu4Y33c+zR9f/VvnVD+bi/+aA6DwAAAAAAAAAA8AgbSEX8XaT43mgtvZjX7eTv/01u3tEe/f2vT/Stm9ztfEU7XNj1SQUAAACAA2IgFfHDSHFj8Z07Y6jvHv/dN/7zdzbGf46kTVurP+f7leq9AQ/yz//6DeXjTuy+2wAAAAAAAAAAAAAAAAAAAHCgpFTEi3k+9YlqPP/ktvOpr0SKV//7+VwuHS3L9eaBH6p+b1yanTlxYXp6thGL7avTU82xufa1qbLu05Fi7W8+nesW1fzqvfnmu3O8b8zFPh8pRv++V7Y7F3tvbvKnN8qeKst+LFL81z/cXTZPTZ3njq7Kni7L/nWk+Mo/b1326EbZM2XZb0WK73+l2St7pCzbez/qJzbKvnBtttiDqwIAAAAAAAAAAAAAAAAAAMBHzUAq4s8ixf/cXL4zlj/P/z/Q97Hy9tf65vvf5HY1z/9QNf//dsv3M/9/9V6Bpe2OCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj6cURbwVKeYuraWVevm5q3GxU8Tt8ZHRrasNpqrmoap8+atx6vSZs194cfhcLy92Zm5tX/9B+2S8PnblQvOV2Ztz81MLC1OTzfGZzrXZyakd72G39Tc7Xp2A5s03bk1ev77QPP3Cmbs23x76oP7E0aHzw8+deLZXdnxkdHSsr0xt4L6Pfo+0zfrDUcRfRYrnv/2j9L16RBG7PxeNh3vtNxusOnG86sT4yGjVkelOe2ax3Hi5dyKKiGZfpVbvHD2Ea7ErrYilsvllg4+X3Ruba8+3r05PNS+35xc7i53Zmcup29qyP80o4lyKWI6I1fq9uxuIIt6IFN98ci39Sz3iUO88fP7S2JdOnt6+HcUe9nEHynY2ByKWi+2v2eF9bN+joh5F/FOk+PG7x+Jf6xG16P6Kz0W8VuZ3I96O7vVO5RfjbMT7W3yPeDTVooj/K6//+bX0br28H/TuKxe/nJYiZvvK9u4rj/zz4WE64M+TRhTx/eqOv5b+zX/XAAAAAAAAAAAAAAAAAAdIEb8WKV5671iqxgffGVPcmbnRvNK+Ot0d1tcb+9cbM72+vr7eTN1s5ZzIuZRzOedKztWcUeT6OVtlNtbXJ/LnpZzLOVdyruaMQ7l+zlbOiZxLOZdzruRczRm1XD9nK+dEzqWcyzlXcq7mjAMydg8AAAAAAAAAAAAAAAAAAHi8FNU/Kb7x1bW0Xu/OLz0R3VwxH+hj72cBAAD///9X9JQ=") bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r4, 0x0, 0x80000000000008, &(0x7f0000000180)="8c", 0x1) setsockopt$inet_opts(r4, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1) getsockopt$inet_opts(r4, 0x0, 0x9, &(0x7f00000001c0)=""/25, &(0x7f00000000c0)=0x19) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r5, 0x0, 0xee01) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) openat(r5, &(0x7f00000000c0)='.\x00', 0x515401, 0x408) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$TIOCSETD(r6, 0x5423, 0xfffffffffffffffe) syz_usb_connect(0x3, 0x6d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010002f5278e10889e8f9ee49b0102030109025b000140fef0090904000000ace79a002c0fe8"], 0x0) 5.327443545s ago: executing program 4 (id=1342): syz_io_uring_setup(0x3b, &(0x7f0000000640)={0x0, 0xadde, 0x10100, 0x3, 0x203}, &(0x7f0000000380), &(0x7f00000003c0)) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)) syz_open_dev$evdev(0x0, 0x2, 0x140c82) socket$packet(0x11, 0x2, 0x300) socket$inet6(0xa, 0x2, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={0xffffffffffffffff}, 0x4) 5.082339409s ago: executing program 0 (id=1343): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x50) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[], 0xa8) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 4.264188372s ago: executing program 4 (id=1344): r0 = socket(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) pipe2(&(0x7f00000000c0), 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'caif0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000"/16], 0x48}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0x1}, 0x8) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 4.202779183s ago: executing program 0 (id=1345): socket$nl_route(0x10, 0x3, 0x0) socket(0x200000000000011, 0x2, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102) writev(r0, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r2, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmmsg$sock(r1, &(0x7f0000000880)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0x81}}], 0x48}}], 0x2, 0x0) 4.123067134s ago: executing program 2 (id=1346): openat(0xffffffffffffff9c, 0x0, 0x48240, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0) 4.121796994s ago: executing program 4 (id=1347): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) msgget$private(0x0, 0x599) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14) capset(0x0, &(0x7f0000000040)={0x200000, 0x200000}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000480)=0x1) 4.078385585s ago: executing program 1 (id=1348): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r3 = dup(r2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r3, 0x0) sendfile(r3, r3, 0x0, 0xffffffff) 4.015618246s ago: executing program 2 (id=1349): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/56, 0x38}], 0x1, 0x6, 0x6) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x0) 3.042254882s ago: executing program 3 (id=1350): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r1, 0x40000000af01, 0x0) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0)) r3 = socket$packet(0x11, 0x3, 0x300) dup(r0) r4 = fcntl$dupfd(r1, 0x406, r3) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000100)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0, 0x4000}) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, 0x0) 3.028922962s ago: executing program 2 (id=1351): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) writev(r0, &(0x7f0000000540), 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 2.988418672s ago: executing program 4 (id=1352): syz_open_procfs(0x0, &(0x7f0000000380)='net/dev\x00') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x1, 0x1}, 0x18, 0x0) landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r2 = syz_open_procfs(0x0, 0x0) pread64(r2, 0x0, 0x0, 0x1000000000) 2.852012625s ago: executing program 0 (id=1353): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x79) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x9c}, 0x1, 0x0, 0x0, 0x4004001}, 0x20004000) recvmsg(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000005c0)=""/15, 0xf}], 0x1}, 0x0) 2.50415798s ago: executing program 3 (id=1354): syz_io_uring_setup(0x3b, &(0x7f0000000640)={0x0, 0xadde, 0x10100, 0x3, 0x203}, &(0x7f0000000380), &(0x7f00000003c0)) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)) syz_open_dev$evdev(0x0, 0x2, 0x140c82) socket$packet(0x11, 0x2, 0x300) socket$inet6(0xa, 0x2, 0x3a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={0xffffffffffffffff}, 0x4) 2.467188651s ago: executing program 0 (id=1355): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) writev(r1, &(0x7f00000012c0)=[{&(0x7f00000000c0)='A', 0x1}], 0x1) 1.445612667s ago: executing program 4 (id=1356): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.sectors\x00', 0x275a, 0x0) fallocate(r3, 0x0, 0x0, 0x1040f8) openat$tun(0xffffffffffffff9c, 0x0, 0x169041, 0x0) lseek(r3, 0x0, 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x1e, 0x1, 0x0) epoll_create1(0x0) 1.388153078s ago: executing program 2 (id=1357): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x50) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[], 0xa8) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 1.341857039s ago: executing program 3 (id=1358): r0 = socket(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) pipe2(&(0x7f00000000c0), 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'caif0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000"/16], 0x48}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0x1}, 0x8) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 1.24362839s ago: executing program 2 (id=1359): r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x16) 446.217893ms ago: executing program 3 (id=1360): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newqdisc={0x68, 0x14, 0xf0b, 0x70bd28, 0x0, {0x2, 0x0, 0x0, 0x0, {0x10, 0x7}, {0x0, 0x8}, {0x4, 0xffe0}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x7e}}, {0x4}}, {{0x1c, 0x1, {0xa, 0xc4, 0xc, 0x88, 0x0, 0x0, 0x3}}, {0x4}}]}]}, 0x68}}, 0x0) syz_mount_image$udf(&(0x7f0000000940), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000680)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303030372c6e6f7374726963742c7569643d69676e6f72652c6769643d666f726765742c6c6f6e6761642c6e6f7672732c756e64656c6574652c6d6f64653d30303030303030303030303030303030303033353031362c646d6f64653d30303030303030303030303030303030303030303031312c00e3cc6abaa52ef118fcbe734b47a6bf66bdd357c81c22ed4c07659e40ba6f24e50fafda55f8d6b01f7fa9505996c5c8e5fac082523b41c69e892f8f3372228da85b089c449c8243489693fc724dc3a34a1c85226b306f86ba0484aad17849d21905bbe3dbc20bf4c98777720c05637db44ef1224790223b183be4cbccef28b6dc7701cf3b6d45babe7a0177b34116f8033c0614d351a01526a5e4626159b2d7a3176575b87ce23efc23d6fc182ecb01ea4d182720d93ab9a99e432ce3c68dcdeec61f9cc21345ccd818e18d6d9c4bb97e0f79e4cfb80641"], 0x1, 0xc56, &(0x7f0000002680)="$eJzs3U9sHNd9B/DfGy21S7mtmdhVnDQONm2Ryorl6l9MxSrcVU2zLSDLQijmFoArkVIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEXQI9O6QHLxocipJ6KFjaDogS0CBCgQMJjZt+KKIhNaFEVK/nxs6Ts7897MezPrGVrQmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvvXrh5Km0xYZD+9AYAOChuDT2pZOnt3r+AwCPrSvb/f8/AAAAAAAAAAAAAABwUKQo4qlIMXdpLU1Un7saFzsDt26Pj4xuXW0wVTUPVeXLX41Tp8+c/cKLw+d6ebEz83PqP2ifitfHrlxovjJ7c25+amFharI5PtO5Njs5teM97Lb+ZserE9C8+catyevXF5qnXzhz1+bbQx/Unzg6dH74uRPP9sqOj4yOjm0UafSXr913Q7q2G+FxOIo4ESme//aPUjsiitj9uWg83Gu/2WDVieNVJ8ZHRquOTHfaM4vlxsu9E1FENPsqtXrnaOtrEbWBh9qH7bUilsrmlw0+XnZvbK493746PdW83J5f7Cx2Zmcup25ry/40o4hzKWI5Ilbr9+5uIIqoRYpvPrmWrua3flTn4fPVwODt21HsYR93oGxncyBiuXgErtkBVo8iXosUP373WFzL95nqXvO5iNfK/G7E22W+HJHKL8bZiPe3+B7xaKpFEX9RXv/za2myuh/07isXv9z8w5nrs31le/eVD/l8uOdOsU/Ph8FN+XAc8HtTI4poV3f8tXT/P+wAAAAAAAAAAAAAAAAA8KANRhGfjBSv/vsfV+OKoxqX/uT54d8f+uX+MePP/IL9lGVfiIilYmdjcg/ngYGX0+WU9nks8UdZI4r4kzz+7+v73RgAAAAAAAAAAAAAAAAAAICPtCJ+GCleeu9YWo7+OcU7MzeaV9pXp7uzwvbm/u3Nmb6+vr7eTN1s5ZzIuZRzOedKztWcUeT69e6OWvnzRM6lnMs5V3Ku5oxDuX7OVs6JnEs5l3Ou5FzNGbVcP2cr50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4aKb7x1bUUKSJaERPRzZX6frcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjVUxHfiRTNP2jdWVeLiFT923Ws/O1stA6X+fFoDZf5crQu5GxXWWt9fR/az+4MpCJ+ECnqjXfuXPB8/Qe6n+58DeLtr0UM5uVP1bp5qLdx6IP6E0efPD88+plntltOWzXg+MXOzK3bzfGR0dGxvtW1fPSP960bysctHkzXiYiFN996oz09PTV/PwuHq4XyK3Bf1R+5hVTbh57WPzKn9+AtRO1ANGN/+n6Xxn7doNhT5fP//Ujx2+/9R++B333+N+KXup/uPOHjJ3+68dPAS5t3tMPnf21zvfz8L5/pWz3/n+pb91L+aWSgFtFYvDk3cDSisfDmWyc6N9s3pm5MzZw9efKLw8NfPHNy4HBE43pneqpv6YGcLgAAAAAAAAAAAAAAAICHJxXxu5Gi/YO11IyI29V4raHzw8+dePZQHKrGW901bvv1sSsXmq/M3pybn1pYmJpsjs90rs1OTu30cI1quNf4yOiedOYXGtzj9g82Xpmde3O+c+OPFrfcfqRx4erC4nz72tabYzCKiFb/muNVg8dHRqtGT3faM1XVy1sOpv/wBlIR/xkprp1tps/mdXn8/+YR/tX4/95hlzbv6AGO///MkY3xfx/rK1oeM6UifhIpfusvn4nPVu08Evecs1zubyPF8XOfzuXicFmu14buewW6IwPLsv8bKf7xp3eX7Y2HfGqj7KkPdXIfAeX1fzJSfOfPvxW/ntfd/f6Hra//kc072qP3Pzzdt+7IXe8r2HXXydf/RKR4+al34jeqNf//c9//0Xv3xrFu4Y33c+zR9f/VvnVD+bi/+aA6DwAAAAAAAAAA8AgbSEX8XaT43mgtvZjX7eTv/01u3tEe/f2vT/Stm9ztfEU7XNj1SQUAAACAA2IgFfHDSHFj8Z07Y6jvHv/dN/7zdzbGf46kTVurP+f7leq9AQ/yz//6DeXjTuy+2wAAAAAAAAAAAAAAAAAAAHCgpFTEi3k+9YlqPP/ktvOpr0SKV//7+VwuHS3L9eaBH6p+b1yanTlxYXp6thGL7avTU82xufa1qbLu05Fi7W8+nesW1fzqvfnmu3O8b8zFPh8pRv++V7Y7F3tvbvKnN8qeKst+LFL81z/cXTZPTZ3njq7Kni7L/nWk+Mo/b1326EbZM2XZb0WK73+l2St7pCzbez/qJzbKvnBtttiDqwIAAAAAAAAAAAAAAAAAAMBHzUAq4s8ixf/cXL4zlj/P/z/Q97Hy9tf65vvf5HY1z/9QNf//dsv3M/9/9V6Bpe2OCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj6cURbwVKeYuraWVevm5q3GxU8Tt8ZHRrasNpqrmoap8+atx6vSZs194cfhcLy92Zm5tX/9B+2S8PnblQvOV2Ztz81MLC1OTzfGZzrXZyakd72G39Tc7Xp2A5s03bk1ev77QPP3Cmbs23x76oP7E0aHzw8+deLZXdnxkdHSsr0xt4L6Pfo+0zfrDUcRfRYrnv/2j9L16RBG7PxeNh3vtNxusOnG86sT4yGjVkelOe2ax3Hi5dyKKiGZfpVbvHD2Ea7ErrYilsvllg4+X3Ruba8+3r05PNS+35xc7i53Zmcup29qyP80o4lyKWI6I1fq9uxuIIt6IFN98ci39Sz3iUO88fP7S2JdOnt6+HcUe9nEHynY2ByKWi+2v2eF9bN+joh5F/FOk+PG7x+Jf6xG16P6Kz0W8VuZ3I96O7vVO5RfjbMT7W3yPeDTVooj/K6//+bX0br28H/TuKxe/nJYiZvvK9u4rj/zz4WE64M+TRhTx/eqOv5b+zX/XAAAAAAAAAAAAAAAAAAdIEb8WKV5671iqxgffGVPcmbnRvNK+Ot0d1tcb+9cbM72+vr7eTN1s5ZzIuZRzOedKztWcUeT6OVtlNtbXJ/LnpZzLOVdyruaMQ7l+zlbOiZxLOZdzruRczRm1XD9nK+dEzqWcyzlXcq7mjAMydg8AAAAAAAAAAAAAAAAAAHi8FNU/Kb7x1bW0Xu/OLz0R3VwxH+hj72cBAAD///9X9JQ=") bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r4, 0x0, 0x80000000000008, &(0x7f0000000180)="8c", 0x1) setsockopt$inet_opts(r4, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1) getsockopt$inet_opts(r4, 0x0, 0x9, &(0x7f00000001c0)=""/25, &(0x7f00000000c0)=0x19) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r5, 0x0, 0xee01) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb) openat(r5, &(0x7f00000000c0)='.\x00', 0x515401, 0x408) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$TIOCSETD(r6, 0x5423, 0xfffffffffffffffe) syz_usb_connect(0x3, 0x6d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010002f5278e10889e8f9ee49b0102030109025b000140fef0090904000000ace79a002c0fe8"], 0x0) 370.976214ms ago: executing program 4 (id=1361): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/56, 0x38}], 0x1, 0x6, 0x6) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x0) 0s ago: executing program 1 (id=1362): ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xb0a) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x81, 0x0) write$vga_arbiter(r0, &(0x7f0000000440)=ANY=[], 0x7) r1 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x18, 0xa, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) prlimit64(0x0, 0xe, 0x0, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x4) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0xdb4, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r2, 0x18, &(0x7f0000000000)={0x6, 0xffffffffffffffff, 0x21, {0x4, 0x1}, 0x6}, 0x1) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, 0x0) kernel console output (not intermixed with test programs): 6298][ T4298] device veth0_vlan entered promiscuous mode [ 41.433380][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 41.439490][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 41.442380][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 41.444875][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.463750][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.468421][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.471032][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 41.473519][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.483080][ T4307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 41.491161][ T4298] device veth1_vlan entered promiscuous mode [ 41.507056][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.509502][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 41.511398][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 41.516708][ T4304] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.529361][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.531872][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.534413][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.543372][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.563034][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.565843][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.571137][ T4294] device veth0_vlan entered promiscuous mode [ 41.574757][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.578966][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.581443][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.584643][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.588056][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.591742][ T4302] device veth0_vlan entered promiscuous mode [ 41.627129][ T4294] device veth1_vlan entered promiscuous mode [ 41.634221][ T4298] device veth0_macvtap entered promiscuous mode [ 41.642731][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.645619][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.648423][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.652971][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.681875][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.684268][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 41.687381][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 41.689869][ T4302] device veth1_vlan entered promiscuous mode [ 41.694678][ T4298] device veth1_macvtap entered promiscuous mode [ 41.709255][ T4307] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.721773][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.724164][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.727211][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.729530][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.732123][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.745709][ T4294] device veth0_macvtap entered promiscuous mode [ 41.751513][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.754012][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.757573][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.762194][ T4302] device veth0_macvtap entered promiscuous mode [ 41.770915][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.773326][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.777132][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.781970][ T4302] device veth1_macvtap entered promiscuous mode [ 41.792837][ T4294] device veth1_macvtap entered promiscuous mode [ 41.812761][ T4298] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.823925][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.828982][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.831344][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.833923][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.836613][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 41.839220][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 41.841717][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.844144][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.847440][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.849754][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.852334][ T4302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.855068][ T4302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.859884][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.871322][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.873894][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.879122][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.881810][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.884262][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.887100][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.890603][ T4294] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.894121][ T4304] device veth0_vlan entered promiscuous mode [ 41.900723][ T4304] device veth1_vlan entered promiscuous mode [ 41.904349][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.906924][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.909315][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.911826][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 41.914167][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 41.917399][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.919653][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.924963][ T4298] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.931023][ T4302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.933588][ T4302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.936022][ T4299] Bluetooth: hci1: command 0x041b tx timeout [ 41.936263][ T4299] Bluetooth: hci2: command 0x041b tx timeout [ 41.936295][ T4299] Bluetooth: hci0: command 0x041b tx timeout [ 41.943121][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.948994][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.951458][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.954062][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.956783][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.961193][ T4298] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.963392][ T4298] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.966348][ T4298] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.968461][ T4298] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.972921][ T4307] device veth0_vlan entered promiscuous mode [ 41.977366][ T4302] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.979558][ T4302] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.981722][ T4302] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.983921][ T4302] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.987886][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.990467][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.992773][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.000755][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.004207][ T4294] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.010065][ T4294] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.012305][ T4294] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.014486][ T4294] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.016860][ T4301] Bluetooth: hci3: command 0x041b tx timeout [ 42.019527][ T4294] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.023272][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.025423][ T4299] Bluetooth: hci4: command 0x041b tx timeout [ 42.026605][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.029484][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.040673][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.044215][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.079882][ T4307] device veth1_vlan entered promiscuous mode [ 42.082689][ T4304] device veth0_macvtap entered promiscuous mode [ 42.103506][ T4304] device veth1_macvtap entered promiscuous mode [ 42.186729][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.188787][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.197472][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 42.199770][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.202186][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.204683][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.208289][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.210548][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.213040][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.222160][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.224184][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.224499][ T4307] device veth0_macvtap entered promiscuous mode [ 42.234018][ T4304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.240139][ T4304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.242537][ T4304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.245485][ T4304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.248126][ T4304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.250689][ T4304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.254321][ T4304] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.258526][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.260916][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.263227][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.268068][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.281091][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.283277][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.295452][ T4304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.298177][ T4304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.300585][ T4304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.302985][ T4304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.307921][ T4304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.310454][ T4304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.314010][ T4304] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.318259][ T4307] device veth1_macvtap entered promiscuous mode [ 42.320610][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.323027][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.325689][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.328197][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.339901][ T4350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.341952][ T4350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.353613][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.363012][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.366461][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.368834][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.371401][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.373782][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.378841][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.381365][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.383809][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.388251][ T4307] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.391081][ T4304] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.393304][ T4304] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.399013][ T4304] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.401272][ T4304] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.420531][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.423219][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.427330][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.429378][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.444253][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.448927][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.451486][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.453894][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.457131][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.459581][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.462120][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.464596][ T4307] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.468870][ T4307] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.472563][ T4307] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.489918][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.492367][ T4350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.524459][ T4307] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.527844][ T4307] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.530007][ T4307] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.532076][ T4307] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.537448][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.539447][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.542175][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.733272][ T177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.742778][ T177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.751829][ T177] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 43.676042][ T4380] sched: RT throttling activated [ 44.175167][ T4301] Bluetooth: hci0: command 0x040f tx timeout [ 44.177820][ T4301] Bluetooth: hci2: command 0x040f tx timeout [ 44.178367][ T4299] Bluetooth: hci1: command 0x040f tx timeout [ 44.180389][ T4301] Bluetooth: hci4: command 0x040f tx timeout [ 44.182363][ T4301] Bluetooth: hci3: command 0x040f tx timeout [ 45.057763][ T4389] IPv6: NLM_F_REPLACE set, but no existing node found! [ 45.185836][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.187977][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.227888][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 45.235928][ T191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.237970][ T191] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.257298][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 45.326881][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.329066][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.331933][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 45.342366][ T4400] capability: warning: `syz.0.10' uses deprecated v2 capabilities in a way that may be insecure [ 45.400937][ T4402] loop3: detected capacity change from 0 to 256 [ 45.489687][ T4406] loop4: detected capacity change from 0 to 512 [ 45.513167][ T4402] loop3: detected capacity change from 0 to 1764 [ 46.275257][ T4301] Bluetooth: hci3: command 0x0419 tx timeout [ 46.277282][ T4301] Bluetooth: hci1: command 0x0419 tx timeout [ 46.279268][ T4301] Bluetooth: hci4: command 0x0419 tx timeout [ 46.281367][ T4301] Bluetooth: hci2: command 0x0419 tx timeout [ 46.283384][ T4301] Bluetooth: hci0: command 0x0419 tx timeout [ 46.914370][ T4406] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 47.040368][ T4423] loop2: detected capacity change from 0 to 2048 [ 47.042427][ T4423] ======================================================= [ 47.042427][ T4423] WARNING: The mand mount option has been deprecated and [ 47.042427][ T4423] and is ignored by this kernel. Remove the mand [ 47.042427][ T4423] option from the mount to silence this warning. [ 47.042427][ T4423] ======================================================= [ 47.056176][ T4423] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 47.066616][ T4423] UDF-fs: Scanning with blocksize 512 failed [ 47.080651][ T4423] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 47.090671][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 47.152705][ T4425] loop3: detected capacity change from 0 to 256 [ 47.208117][ T4425] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 47.210372][ T4425] FAT-fs (loop3): Filesystem has been set read-only [ 47.218629][ T4345] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 47.225540][ T4427] loop4: detected capacity change from 0 to 512 [ 47.262617][ T4427] EXT4-fs (loop4): orphan cleanup on readonly fs [ 47.272382][ T4425] ecryptfs_parse_options: eCryptfs: unrecognized option [*!-\'G] [ 47.274381][ T4425] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 47.283664][ T4425] Error parsing options; rc = [-22] [ 47.287653][ T4427] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.16: bg 0: block 248: padding at end of block bitmap is not set [ 47.295294][ T4427] Quota error (device loop4): write_blk: dquota write failed [ 47.297228][ T4427] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 47.310344][ T4427] EXT4-fs error (device loop4): ext4_acquire_dquot:6802: comm syz.4.16: Failed to acquire dquot type 1 [ 47.351144][ T4427] EXT4-fs (loop4): 1 truncate cleaned up [ 47.358835][ T4427] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 47.467663][ T4427] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 47.482472][ T4345] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 47.484944][ T4345] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 47.487194][ T4345] usb 1-1: Product: syz [ 47.488195][ T4345] usb 1-1: Manufacturer: syz [ 47.489278][ T4345] usb 1-1: SerialNumber: syz [ 47.493266][ T4345] usb 1-1: config 0 descriptor?? [ 47.498471][ T4345] ch341 1-1:0.0: ch341-uart converter detected [ 47.520821][ T4427] Quota error (device loop4): write_blk: dquota write failed [ 47.524375][ T4427] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 48.256138][ T4427] EXT4-fs error (device loop4): ext4_acquire_dquot:6802: comm syz.4.16: Failed to acquire dquot type 1 [ 48.260381][ T4427] EXT4-fs warning (device loop4): ext4_enable_quotas:7037: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 48.274303][ T4441] netlink: 'syz.3.21': attribute type 6 has an invalid length. [ 48.276302][ T4441] netlink: 'syz.3.21': attribute type 7 has an invalid length. [ 48.278190][ T4441] netlink: 'syz.3.21': attribute type 8 has an invalid length. [ 48.344451][ T4443] loop1: detected capacity change from 0 to 128 [ 48.389068][ T4443] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 48.405044][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 48.413937][ T4448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 48.421655][ T27] audit: type=1326 audit(48.400:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4442 comm="syz.1.20" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb555bce8 code=0x0 [ 48.425499][ T4448] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 48.489173][ T4452] loop2: detected capacity change from 0 to 256 [ 48.518396][ T4452] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 48.644235][ T4458] binder: 4457:4458 tried to acquire reference to desc 0, got 1 instead [ 48.651504][ T4458] binder: 4457:4458 got transaction with invalid data ptr [ 48.653702][ T4458] binder: 4457:4458 transaction call to 4457:0 failed 5/29201/-14, size 0-24 line 3342 [ 48.661313][ T4285] binder: undelivered TRANSACTION_ERROR: 29201 [ 48.844936][ T4468] syz.2.31 sent an empty control message without MSG_MORE. [ 48.848942][ T4467] loop4: detected capacity change from 0 to 1024 [ 48.966645][ T4472] input: syz0 as /devices/virtual/input/input2 [ 49.022937][ T4474] loop3: detected capacity change from 0 to 512 [ 49.027583][ T4474] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 49.030824][ T4474] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 49.048593][ T4474] EXT4-fs (loop3): 1 truncate cleaned up [ 49.050078][ T4474] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 49.153295][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 49.174242][ T4345] usb 1-1: failed to send control message: -71 [ 49.175999][ T4345] ch341-uart: probe of ttyUSB0 failed with error -71 [ 49.192884][ T4345] usb 1-1: USB disconnect, device number 2 [ 49.201948][ T4345] ch341 1-1:0.0: device disconnected [ 49.228878][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 49.289349][ T4487] loop3: detected capacity change from 0 to 512 [ 49.314241][ T4487] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 49.352744][ T4487] EXT4-fs (loop3): 1 truncate cleaned up [ 49.354216][ T4487] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 49.364687][ T4493] loop1: detected capacity change from 0 to 1024 [ 49.424470][ T4497] loop2: detected capacity change from 0 to 256 [ 49.428066][ T4497] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 49.430754][ T4497] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 49.437973][ T4497] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 50.194383][ T4503] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 50.341551][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 50.561973][ T4519] capability: warning: `syz.2.51' uses 32-bit capabilities (legacy support in use) [ 50.825342][ T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 51.040799][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 51.047016][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 51.050231][ T24] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 51.137624][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.284975][ T24] usb 1-1: config 0 descriptor?? [ 51.382334][ T4531] input: syz0 as /devices/virtual/input/input4 [ 51.408842][ T4532] loop4: detected capacity change from 0 to 1024 [ 51.442970][ T4536] loop1: detected capacity change from 0 to 512 [ 51.478827][ T4532] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 51.495004][ T4536] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.60: casefold flag without casefold feature [ 51.496691][ T4535] loop2: detected capacity change from 0 to 2048 [ 51.499937][ T4536] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.60: couldn't read orphan inode 15 (err -117) [ 51.501799][ T4532] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 51.524335][ T4532] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 51.526023][ T4536] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 51.527745][ T4532] EXT4-fs (loop4): This should not happen!! Data will be lost [ 51.527745][ T4532] [ 51.532151][ T4532] EXT4-fs (loop4): Total free blocks count 0 [ 51.533688][ T4532] EXT4-fs (loop4): Free/Dirty block details [ 51.536199][ T4532] EXT4-fs (loop4): free_blocks=68451041280 [ 51.537820][ T4532] EXT4-fs (loop4): dirty_blocks=16 [ 51.539103][ T4532] EXT4-fs (loop4): Block reservation details [ 51.540559][ T4532] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 51.556931][ T4536] process 'syz.1.60' launched './file2' with NULL argv: empty string added [ 51.573150][ T4535] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 51.587999][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 51.692532][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 51.779056][ T4550] loop1: detected capacity change from 0 to 256 [ 51.782730][ T4550] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 51.784486][ T24] hid-led 0003:0FC5:B080.0001: item fetching failed at offset 2/3 [ 51.786675][ T4550] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 51.792241][ T24] hid-led: probe of 0003:0FC5:B080.0001 failed with error -22 [ 51.794054][ T4550] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 52.591447][ T1516] usb 1-1: USB disconnect, device number 3 [ 52.656628][ T4553] loop4: detected capacity change from 0 to 1764 [ 52.671309][ T4523] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 52.676177][ T4523] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 52.679922][ T4523] EXT4-fs (loop2): This should not happen!! Data will be lost [ 52.679922][ T4523] [ 52.682347][ T4523] EXT4-fs (loop2): Total free blocks count 0 [ 52.683714][ T4523] EXT4-fs (loop2): Free/Dirty block details [ 52.685454][ T4523] EXT4-fs (loop2): free_blocks=66060288 [ 52.686810][ T4523] EXT4-fs (loop2): dirty_blocks=16 [ 52.688103][ T4523] EXT4-fs (loop2): Block reservation details [ 52.689596][ T4523] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 52.703041][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 52.773885][ T4557] loop4: detected capacity change from 0 to 2048 [ 52.814443][ T4557] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 53.714574][ T4569] loop3: detected capacity change from 0 to 256 [ 53.735534][ T4572] loop1: detected capacity change from 0 to 512 [ 53.754526][ T4569] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 53.774014][ T4350] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 53.785262][ T4350] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 53.788368][ T4350] EXT4-fs (loop4): This should not happen!! Data will be lost [ 53.788368][ T4350] [ 53.790719][ T4350] EXT4-fs (loop4): Total free blocks count 0 [ 53.792329][ T4350] EXT4-fs (loop4): Free/Dirty block details [ 53.793574][ T4350] EXT4-fs (loop4): free_blocks=66060288 [ 53.794972][ T4350] EXT4-fs (loop4): dirty_blocks=16 [ 53.805215][ T4350] EXT4-fs (loop4): Block reservation details [ 53.806782][ T4350] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 53.809831][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 53.823856][ T4569] exFAT-fs (loop3): hint_cluster is invalid (17) [ 53.912729][ T4581] input: syz0 as /devices/virtual/input/input5 [ 53.943140][ T4583] device bridge2 entered promiscuous mode [ 54.207603][ T4595] loop4: detected capacity change from 0 to 512 [ 54.233391][ T4599] loop1: detected capacity change from 0 to 1024 [ 54.300708][ T4599] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 54.383590][ T4607] loop4: detected capacity change from 0 to 1024 [ 54.400707][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 54.432214][ T4607] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 54.563199][ T4613] loop1: detected capacity change from 0 to 16 [ 54.593235][ T4613] erofs: (device loop1): mounted with root inode @ nid 36. [ 54.943921][ T4615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 54.947565][ T4615] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.530636][ T4622] loop0: detected capacity change from 0 to 128 [ 55.685724][ T4622] EXT4-fs (loop0): Test dummy encryption mode enabled [ 55.702667][ T4622] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 55.722446][ T4622] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 55.799021][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 56.042324][ T4641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.048964][ T4641] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 56.117673][ T4647] input: syz0 as /devices/virtual/input/input6 [ 56.718301][ T4655] netlink: 8 bytes leftover after parsing attributes in process `syz.1.100'. [ 56.774342][ T4657] loop0: detected capacity change from 0 to 2048 [ 56.785550][ T4657] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 56.870990][ T4663] loop1: detected capacity change from 0 to 16 [ 56.873842][ T4663] erofs: (device loop1): mounted with root inode @ nid 36. [ 56.958386][ T4667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.962124][ T4667] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 57.049778][ T4673] loop2: detected capacity change from 0 to 2048 [ 57.094072][ T4673] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 57.113911][ T4675] loop0: detected capacity change from 0 to 128 [ 57.168338][ T4286] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 57.413958][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 58.253719][ T4691] binder: 4689:4691 tried to acquire reference to desc 0, got 1 instead [ 58.267395][ T4691] binder: 4689:4691 got transaction with invalid offset (24, min 24 max 32) or object. [ 58.270016][ T4691] binder: 4689:4691 transaction async to 4689:0 failed 10/29201/-22, size 32-24 line 3355 [ 58.282929][ T22] binder: undelivered TRANSACTION_ERROR: 29201 [ 58.425783][ T4698] input: syz0 as /devices/virtual/input/input7 [ 58.509522][ T4703] loop1: detected capacity change from 0 to 512 [ 58.539586][ T4703] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 58.541491][ T4703] UDF-fs: Scanning with blocksize 512 failed [ 58.550990][ T4703] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 60.419502][ T4703] UDF-fs: Scanning with blocksize 1024 failed [ 60.421983][ T4703] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 60.423828][ T4703] UDF-fs: Scanning with blocksize 2048 failed [ 60.446536][ T4703] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 60.450994][ T4703] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 61.130334][ T4729] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 61.132764][ T4729] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 61.188360][ T4732] loop4: detected capacity change from 0 to 128 [ 61.193454][ T4732] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 61.226221][ T4734] Illegal XDP return value 4294966772 on prog (id 3) dev syz_tun, expect packet loss! [ 61.241444][ T4732] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 61.290789][ T4732] UDF-fs: error (device loop4): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 61.366115][ T4738] loop2: detected capacity change from 0 to 512 [ 61.433061][ T4738] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 61.601456][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 61.796158][ T4753] loop3: detected capacity change from 0 to 128 [ 61.866718][ T4755] input: syz0 as /devices/virtual/input/input9 [ 61.941890][ T4711] kworker/u4:14: attempt to access beyond end of device [ 61.941890][ T4711] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 62.167444][ T4771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 62.170343][ T4771] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.386042][ T4786] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.391282][ T4786] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.418027][ T4788] loop4: detected capacity change from 0 to 256 [ 63.497130][ T4788] loop4: detected capacity change from 0 to 1764 [ 64.498829][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.500546][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.577004][ T4807] loop3: detected capacity change from 0 to 2048 [ 64.590299][ T4807] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 64.695867][ T4811] netlink: 132 bytes leftover after parsing attributes in process `syz.4.158'. [ 64.731602][ T4814] loop0: detected capacity change from 0 to 2048 [ 64.802746][ T4814] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 66.086691][ T4817] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 66.192074][ T4830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 66.210293][ T4830] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 66.569463][ T4838] loop4: detected capacity change from 0 to 256 [ 66.648700][ T4838] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 66.653493][ T4688] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 66.657923][ T4688] EXT4-fs (loop0): This should not happen!! Data will be lost [ 66.657923][ T4688] [ 66.661978][ T4688] EXT4-fs (loop0): Total free blocks count 0 [ 66.663621][ T4688] EXT4-fs (loop0): Free/Dirty block details [ 66.669616][ T4688] EXT4-fs (loop0): free_blocks=66060288 [ 66.671162][ T4688] EXT4-fs (loop0): dirty_blocks=16 [ 66.673558][ T4688] EXT4-fs (loop0): Block reservation details [ 66.676360][ T4688] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 66.682069][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 66.742120][ T4842] loop0: detected capacity change from 0 to 256 [ 66.786882][ T4286] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 66.811236][ T4842] loop0: detected capacity change from 0 to 1764 [ 67.754010][ T4853] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.766862][ T4853] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.788200][ T4295] Bluetooth: hci2: Malformed LE Event: 0x0b [ 67.959377][ T4862] loop0: detected capacity change from 0 to 512 [ 68.022888][ T4862] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 68.083176][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 68.291729][ T4876] loop1: detected capacity change from 0 to 1024 [ 68.597859][ T4688] hfsplus: b-tree write err: -5, ino 4 [ 68.614776][ T4880] loop0: detected capacity change from 0 to 32768 [ 68.672260][ T4884] loop3: detected capacity change from 0 to 1024 [ 68.700928][ T4888] loop2: detected capacity change from 0 to 256 [ 68.733110][ T4880] XFS (loop0): Mounting V5 Filesystem [ 68.924512][ T4888] loop2: detected capacity change from 0 to 1764 [ 68.967785][ T4880] XFS (loop0): Ending clean mount [ 68.974070][ T4880] XFS (loop0): Quotacheck needed: Please wait. [ 70.853272][ T14] cfg80211: failed to load regulatory.db [ 70.894474][ T11] hfsplus: b-tree write err: -5, ino 4 [ 70.932558][ T4880] XFS (loop0): Quotacheck: Done. [ 70.988006][ T4905] loop2: detected capacity change from 0 to 512 [ 70.991814][ T4905] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 70.998920][ T4294] XFS (loop0): Unmounting Filesystem [ 71.008767][ T4905] UDF-fs: Scanning with blocksize 512 failed [ 71.018087][ T4905] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 71.021177][ T4905] UDF-fs: Scanning with blocksize 1024 failed [ 71.024282][ T4905] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 71.028804][ T4905] UDF-fs: Scanning with blocksize 2048 failed [ 71.032718][ T4907] netlink: 20 bytes leftover after parsing attributes in process `syz.3.187'. [ 71.047154][ T4905] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 71.058793][ T4907] device erspan1 entered promiscuous mode [ 71.064239][ T4905] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 71.512014][ T4919] tipc: Started in network mode [ 71.514501][ T4919] tipc: Node identity 4, cluster identity 4711 [ 71.538398][ T4919] tipc: Node number set to 4 [ 72.772828][ T4927] loop1: detected capacity change from 0 to 1024 [ 73.018235][ T4934] loop0: detected capacity change from 0 to 512 [ 73.031683][ T4934] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 73.073794][ T4934] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 73.096948][ T4934] EXT4-fs (loop0): 1 truncate cleaned up [ 73.098401][ T4934] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 73.133944][ T4933] loop3: detected capacity change from 0 to 8192 [ 73.260404][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 73.970275][ T4933] loop3: p1 < > p3 < p5 > p4 [ 73.972039][ T4933] loop3: partition table partially beyond EOD, truncated [ 73.974312][ T4933] loop3: p1 start 4294967040 is beyond EOD, truncated [ 73.983280][ T4438] hfsplus: b-tree write err: -5, ino 4 [ 74.110721][ T4948] loop0: detected capacity change from 0 to 512 [ 74.112723][ T4948] EXT4-fs: Ignoring removed orlov option [ 74.118175][ T4295] Bluetooth: hci2: Unknown advertising packet type: 0x18 [ 74.118216][ T4295] Bluetooth: hci2: Unknown advertising packet type: 0x1e [ 74.120218][ T4295] Bluetooth: hci2: Unknown advertising packet type: 0x30 [ 74.122097][ T4295] Bluetooth: hci2: Malformed LE Event: 0x0d [ 74.154818][ T4948] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.201: bg 0: block 411: padding at end of block bitmap is not set [ 74.169313][ T4298] __loop_clr_fd: partition scan of loop3 failed (rc=-16) [ 74.185359][ T4948] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.201: inode #1: comm syz.0.201: iget: illegal inode # [ 74.190822][ T4948] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.201: error while reading EA inode 1 err=-117 [ 74.205266][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 74.207754][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.210078][ T4305] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 74.212137][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.216190][ T4948] EXT4-fs (loop0): 1 orphan inode deleted [ 74.217678][ T4948] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 74.238655][ T4948] EXT4-fs (loop0): shut down requested (1) [ 74.239820][ T4286] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 74.242500][ T4286] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.244669][ T4286] Buffer I/O error on dev loop3p4, logical block 0, async page read [ 74.254985][ T4305] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 74.272605][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.274991][ T4305] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 74.284702][ T4286] I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.297228][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.305820][ T4286] Buffer I/O error on dev loop3p4, logical block 1, async page read [ 74.398272][ T4286] I/O error, dev loop3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.400708][ T4305] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 74.402920][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 74.420951][ T4286] Buffer I/O error on dev loop3p4, logical block 2, async page read [ 74.443997][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 74.470563][ T4305] Buffer I/O error on dev loop3p3, logical block 0, async page read [ 74.515618][ T4963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.521055][ T4963] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.722573][ T4288] udevd[4288]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 75.039413][ T4974] loop0: detected capacity change from 0 to 1024 [ 75.068649][ T4305] udevd[4305]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 75.087115][ T4288] udevd[4288]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory [ 75.102285][ T4286] udevd[4286]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 75.104579][ T4974] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 75.232865][ T4979] loop3: detected capacity change from 0 to 1024 [ 76.049861][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 76.646824][ T9] hfsplus: b-tree write err: -5, ino 4 [ 76.733817][ T4998] loop3: detected capacity change from 0 to 256 [ 77.092873][ T5011] loop0: detected capacity change from 0 to 512 [ 77.094922][ T5011] EXT4-fs: Ignoring removed oldalloc option [ 77.096996][ T4295] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 77.099298][ T4295] Bluetooth: hci1: Injecting HCI hardware error event [ 77.101941][ T4295] Bluetooth: hci1: hardware error 0x00 [ 77.144759][ T5011] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 77.223544][ T5011] EXT4-fs (loop0): 1 truncate cleaned up [ 77.232847][ T5011] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 78.245828][ T5029] loop1: detected capacity change from 0 to 1024 [ 78.254229][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 78.538125][ T5032] loop2: detected capacity change from 0 to 40427 [ 78.542962][ T5032] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 78.544978][ T5032] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 78.550516][ T5032] F2FS-fs (loop2): invalid crc value [ 78.569598][ T5032] F2FS-fs (loop2): Found nat_bits in checkpoint [ 78.590525][ T5032] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 78.592429][ T5032] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 78.656200][ T4301] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 78.659461][ T4301] Bluetooth: hci4: Injecting HCI hardware error event [ 78.662064][ T47] Bluetooth: hci4: hardware error 0x00 [ 78.993512][ T5052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 79.124643][ T9] hfsplus: b-tree write err: -5, ino 4 [ 79.178595][ T5060] loop4: detected capacity change from 0 to 512 [ 79.180587][ T5060] EXT4-fs: Ignoring removed oldalloc option [ 79.182514][ T5060] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 79.207551][ T5060] EXT4-fs (loop4): 1 truncate cleaned up [ 79.216948][ T5060] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 79.535514][ T4295] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 80.163960][ T5069] loop1: detected capacity change from 0 to 512 [ 80.193813][ T5069] EXT4-fs: Ignoring removed mblk_io_submit option [ 80.242606][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 80.258183][ T5069] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 80.262722][ T5069] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.240: attempt to clear invalid blocks 2 len 1 [ 80.282697][ T5074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.241'. [ 80.303479][ T5069] EXT4-fs (loop1): Remounting filesystem read-only [ 80.305792][ T5069] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 80.327654][ T5069] EXT4-fs (loop1): Remounting filesystem read-only [ 80.329466][ T5069] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.240: invalid indirect mapped block 1819239214 (level 0) [ 80.349153][ T5069] EXT4-fs (loop1): Remounting filesystem read-only [ 80.350727][ T5069] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.240: invalid indirect mapped block 1819239214 (level 1) [ 80.367512][ T5075] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 80.373065][ T5069] EXT4-fs (loop1): Remounting filesystem read-only [ 80.375356][ T5069] EXT4-fs (loop1): 1 truncate cleaned up [ 80.376978][ T5069] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 80.424377][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 80.660728][ T5092] input: syz0 as /devices/virtual/input/input10 [ 80.895177][ T47] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 81.326061][ T5105] syz.4.253 uses obsolete (PF_INET,SOCK_PACKET) [ 81.430027][ T5107] [U] Z [ 81.532977][ T5112] loop1: detected capacity change from 0 to 256 [ 81.544637][ T5112] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 81.644262][ T5120] loop5: detected capacity change from 0 to 3111 [ 81.680880][ T5120] loop5: detected capacity change from 3111 to 4007 [ 81.792228][ T5125] loop1: detected capacity change from 0 to 64 [ 82.931458][ T5143] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.014660][ T5143] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.183827][ T5152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 83.187676][ T5152] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 83.485236][ T5156] loop1: detected capacity change from 0 to 40427 [ 83.517379][ T5156] F2FS-fs (loop1): Unrecognized mount option "age_extent_cache" or missing value [ 83.635715][ T4305] I/O error, dev loop1, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 83.755811][ T5170] loop1: detected capacity change from 0 to 1024 [ 84.719262][ T4687] hfsplus: b-tree write err: -5, ino 4 [ 84.996757][ T5191] netlink: 64 bytes leftover after parsing attributes in process `syz.0.287'. [ 85.116339][ T5186] loop1: detected capacity change from 0 to 40427 [ 85.118877][ T5186] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 85.120739][ T5186] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 85.123112][ T5186] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3ffff [ 85.125327][ T5186] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8 [ 85.129483][ T5186] F2FS-fs (loop1): invalid crc value [ 85.169947][ T5186] F2FS-fs (loop1): Found nat_bits in checkpoint [ 85.202035][ T5186] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 85.203798][ T5186] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 85.244497][ T5186] syz.1.284: attempt to access beyond end of device [ 85.244497][ T5186] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 85.692186][ T5211] loop2: detected capacity change from 0 to 1024 [ 86.668424][ T9] hfsplus: b-tree write err: -5, ino 4 [ 86.725277][ T5221] loop1: detected capacity change from 0 to 256 [ 86.728495][ T5221] FAT-fs (loop1): Directory bread(block 1285) failed [ 86.762405][ T5221] FAT-fs (loop1): FAT read failed (blocknr 1281) [ 86.955220][ T5234] netlink: 4 bytes leftover after parsing attributes in process `syz.2.304'. [ 86.955869][ T5230] netlink: 96 bytes leftover after parsing attributes in process `syz.3.305'. [ 86.959537][ T5230] netlink: 64 bytes leftover after parsing attributes in process `syz.3.305'. [ 87.152845][ T5246] loop0: detected capacity change from 0 to 1024 [ 87.212947][ T5246] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 88.041329][ T5255] loop1: detected capacity change from 0 to 1024 [ 88.123675][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 88.401020][ T191] hfsplus: b-tree write err: -5, ino 4 [ 89.140619][ T5294] loop3: detected capacity change from 0 to 1024 [ 89.183570][ T5294] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 90.065456][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 90.154011][ T5306] loop2: detected capacity change from 0 to 1024 [ 90.162148][ T5305] loop1: detected capacity change from 0 to 2048 [ 90.207554][ T5305] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 90.431828][ T4420] hfsplus: b-tree write err: -5, ino 4 [ 90.642735][ T5328] loop3: detected capacity change from 0 to 1024 [ 90.705396][ T5328] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 91.161140][ T5339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 91.164674][ T5339] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.827006][ T5344] loop1: detected capacity change from 0 to 1024 [ 91.840557][ T5344] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 91.859425][ T5344] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 91.879055][ T5344] JBD2: no valid journal superblock found [ 91.886890][ T5344] EXT4-fs (loop1): error loading journal [ 92.055490][ T5351] loop2: detected capacity change from 0 to 1024 [ 92.103937][ T5350] loop4: detected capacity change from 0 to 4096 [ 92.105878][ T5350] ntfs3: Unknown parameter 'nocase' [ 92.152501][ T4288] I/O error, dev loop4, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 92.208301][ T5355] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.212467][ T5355] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.339548][ T5360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 92.351018][ T5360] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 92.354528][ T4711] hfsplus: b-tree write err: -5, ino 4 [ 92.416645][ T5362] loop2: detected capacity change from 0 to 2048 [ 92.420264][ T5362] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 92.423146][ T5362] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 92.532049][ T5368] loop2: detected capacity change from 0 to 1024 [ 92.534102][ T5368] EXT4-fs: Ignoring removed nobh option [ 92.535693][ T5368] EXT4-fs: Ignoring removed bh option [ 92.538668][ T5368] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 92.553351][ T5368] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 92.614211][ T5368] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.352: Allocating blocks 497-513 which overlap fs metadata [ 92.621296][ T5368] EXT4-fs (loop2): pa 00000000e219d79f: logic 256, phys. 385, len 8 [ 92.623618][ T5368] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 92.651536][ T5368] EXT4-fs error (device loop2): mb_free_blocks:1815: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 92.720988][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 92.962186][ T5382] input: syz0 as /devices/virtual/input/input11 [ 93.027375][ T5385] loop4: detected capacity change from 0 to 1024 [ 93.043298][ T5387] loop1: detected capacity change from 0 to 512 [ 93.045402][ T5387] EXT4-fs: Ignoring removed oldalloc option [ 93.063818][ T5387] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 93.093542][ T5387] EXT4-fs (loop1): 1 truncate cleaned up [ 93.101055][ T5387] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 93.804921][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 93.962786][ T4992] hfsplus: b-tree write err: -5, ino 4 [ 94.141585][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 94.260683][ T5406] loop2: detected capacity change from 0 to 512 [ 94.290469][ T5406] EXT4-fs (loop2): too many log groups per flexible block group [ 94.294946][ T5406] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 94.314231][ T5406] EXT4-fs (loop2): mount failed [ 94.703312][ T5421] loop2: detected capacity change from 0 to 1024 [ 94.726265][ T5421] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 94.905721][ T5428] loop1: detected capacity change from 0 to 1024 [ 95.156402][ T5429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 95.158265][ T5429] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 95.849629][ T177] hfsplus: b-tree write err: -5, ino 4 [ 96.853140][ T5452] loop0: detected capacity change from 0 to 4096 [ 97.076469][ T5464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.081118][ T5464] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.569961][ T5469] netlink: 'syz.4.388': attribute type 13 has an invalid length. [ 97.820350][ T5474] loop1: detected capacity change from 0 to 1024 [ 97.870441][ T5469] gretap0: refused to change device tx_queue_len [ 97.872172][ T5469] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 97.896984][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 98.820023][ T191] hfsplus: b-tree write err: -5, ino 4 [ 99.254327][ T5503] netlink: 8 bytes leftover after parsing attributes in process `syz.2.397'. [ 99.258123][ T5503] netlink: 8 bytes leftover after parsing attributes in process `syz.2.397'. [ 99.293550][ T5505] loop1: detected capacity change from 0 to 512 [ 99.301509][ T5505] EXT4-fs: Ignoring removed oldalloc option [ 99.307641][ T5505] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 99.324438][ T5505] EXT4-fs (loop1): 1 truncate cleaned up [ 99.328044][ T5505] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 100.518937][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 100.689325][ T5518] loop1: detected capacity change from 0 to 1024 [ 100.803686][ T5518] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 101.340680][ T5528] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.343080][ T5528] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.732967][ T5532] loop4: detected capacity change from 0 to 1024 [ 102.400893][ T5547] loop0: detected capacity change from 0 to 512 [ 102.411503][ T5547] EXT4-fs: Ignoring removed oldalloc option [ 102.428051][ T5547] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 102.450323][ T5547] EXT4-fs (loop0): 1 truncate cleaned up [ 102.451972][ T5547] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 103.538497][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 103.610522][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 103.628449][ T5553] Zero length message leads to an empty skb [ 103.691820][ T5557] tipc: Started in network mode [ 103.702598][ T5557] tipc: Node identity ac14140f, cluster identity 4711 [ 103.703109][ T5557] tipc: New replicast peer: 10.1.1.2 [ 103.703276][ T5557] tipc: Enabled bearer , priority 10 [ 103.821380][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 104.494838][ T4374] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 104.550181][ T5576] loop3: detected capacity change from 0 to 1024 [ 104.611756][ T5578] netlink: 8 bytes leftover after parsing attributes in process `syz.1.424'. [ 104.620945][ T5578] netlink: 8 bytes leftover after parsing attributes in process `syz.1.424'. [ 104.775141][ T4374] usb 1-1: Using ep0 maxpacket: 32 [ 104.778035][ T4374] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 104.780588][ T4374] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 104.783600][ T4374] usb 1-1: config 0 interface 0 has no altsetting 0 [ 104.785322][ T4374] usb 1-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00 [ 104.830961][ T4374] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.857595][ T5582] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.876080][ T4374] usb 1-1: config 0 descriptor?? [ 104.882979][ T5582] team0: Port device bond0 added [ 104.891995][ T5585] bridge0: port 3(team0) entered blocking state [ 104.895278][ T14] tipc: Node number set to 2886997007 [ 104.897564][ T5585] bridge0: port 3(team0) entered disabled state [ 104.909372][ T5585] device team0 entered promiscuous mode [ 104.910996][ T5585] device team_slave_0 entered promiscuous mode [ 104.912896][ T5585] device team_slave_1 entered promiscuous mode [ 104.920171][ T5585] device bond0 entered promiscuous mode [ 104.921686][ T5585] device bond_slave_0 entered promiscuous mode [ 104.923396][ T5585] device bond_slave_1 entered promiscuous mode [ 104.927807][ T5585] bridge0: port 3(team0) entered blocking state [ 104.929682][ T5585] bridge0: port 3(team0) entered forwarding state [ 105.359303][ T4374] hid (null): unknown global tag 0xc [ 105.360773][ T4374] hid (null): global environment stack underflow [ 105.366403][ T4374] itetech 0003:048D:8595.0002: unknown global tag 0xc [ 105.370675][ T4374] itetech 0003:048D:8595.0002: item 0 1 1 12 parsing failed [ 105.376373][ T4374] itetech: probe of 0003:048D:8595.0002 failed with error -22 [ 105.495665][ T5492] hfsplus: b-tree write err: -5, ino 4 [ 105.536647][ T5587] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 105.538916][ T5587] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 105.616926][ T4374] usb 1-1: USB disconnect, device number 4 [ 105.714534][ T5593] loop2: detected capacity change from 0 to 1024 [ 105.765117][ T5593] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 106.263951][ T5607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 106.267370][ T5607] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.610919][ T5611] loop0: detected capacity change from 0 to 1024 [ 106.812248][ T5617] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.815930][ T5617] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.904584][ T5624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.442'. [ 107.228026][ T5630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.443'. [ 107.243128][ T5630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.443'. [ 107.673216][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 107.828631][ T5642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 107.830839][ T5642] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 107.876445][ T5648] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.879897][ T5648] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.365501][ T5663] loop4: detected capacity change from 0 to 1024 [ 108.868087][ T5677] loop3: detected capacity change from 0 to 1024 [ 108.973566][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 109.035206][ T5492] hfsplus: b-tree write err: -5, ino 4 [ 109.946096][ T5695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 109.952611][ T5695] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 110.164424][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 110.244252][ T5699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.475'. [ 110.246450][ T5699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.475'. [ 110.440118][ T5707] bridge0: port 3(team0) entered blocking state [ 110.449692][ T5707] bridge0: port 3(team0) entered disabled state [ 110.584755][ T5707] device team0 entered promiscuous mode [ 110.586360][ T5707] device team_slave_0 entered promiscuous mode [ 110.588889][ T5707] device team_slave_1 entered promiscuous mode [ 110.666046][ T5710] loop4: detected capacity change from 0 to 40427 [ 110.669084][ T5710] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 110.670953][ T5710] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 110.673817][ T5710] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x3ffff [ 110.676185][ T5710] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x1f8 [ 110.681657][ T5710] F2FS-fs (loop4): invalid crc value [ 110.686431][ T5710] F2FS-fs (loop4): Found nat_bits in checkpoint [ 110.708974][ T5710] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 110.710842][ T5710] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 110.750206][ T4304] syz-executor: attempt to access beyond end of device [ 110.750206][ T4304] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 110.817152][ T5717] loop1: detected capacity change from 0 to 1024 [ 110.966483][ T5491] hfsplus: b-tree write err: -5, ino 4 [ 111.035665][ T5726] loop4: detected capacity change from 0 to 1024 [ 111.177498][ T5726] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 112.905980][ T5740] loop1: detected capacity change from 0 to 1024 [ 112.925799][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 113.349706][ T5744] loop3: detected capacity change from 0 to 1024 [ 113.351803][ T5744] EXT4-fs: Ignoring removed orlov option [ 113.401819][ T5744] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 113.614258][ T5749] loop2: detected capacity change from 0 to 40427 [ 113.646147][ T5749] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 113.647839][ T5749] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 113.654752][ T5749] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff [ 113.656938][ T5749] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8 [ 113.666491][ T5749] F2FS-fs (loop2): invalid crc value [ 113.962910][ T5758] loop0: detected capacity change from 0 to 4096 [ 114.017434][ T5749] F2FS-fs (loop2): Found nat_bits in checkpoint [ 114.048052][ T5749] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 114.048166][ T5758] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 114.054140][ T5749] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 114.054536][ T5754] netlink: 8 bytes leftover after parsing attributes in process `syz.4.488'. [ 114.057811][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 114.058432][ T5754] netlink: 8 bytes leftover after parsing attributes in process `syz.4.488'. [ 114.168765][ T4307] syz-executor: attempt to access beyond end of device [ 114.168765][ T4307] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 114.202778][ T5765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.247271][ T5765] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.299873][ T11] hfsplus: b-tree write err: -5, ino 4 [ 114.411482][ T5768] loop1: detected capacity change from 0 to 1024 [ 114.565289][ T4688] hfsplus: b-tree write err: -5, ino 4 [ 114.810525][ T5778] loop1: detected capacity change from 0 to 1024 [ 114.857442][ T5778] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 116.358753][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 116.393643][ T5795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.403669][ T5795] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.424769][ T5784] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 116.598357][ T5798] netlink: 8 bytes leftover after parsing attributes in process `syz.1.502'. [ 116.600746][ T5798] netlink: 8 bytes leftover after parsing attributes in process `syz.1.502'. [ 116.808408][ T5816] loop1: detected capacity change from 0 to 1024 [ 116.898415][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 116.949565][ T5824] netlink: 4 bytes leftover after parsing attributes in process `syz.2.508'. [ 116.956716][ T5824] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.958117][ T5828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.509'. [ 116.959144][ T5824] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.964019][ T5824] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 116.966241][ T5824] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 117.048342][ T5824] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 117.050657][ T5824] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 117.052847][ T5824] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 117.055139][ T5824] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 117.185470][ T5834] tipc: Started in network mode [ 117.186777][ T5834] tipc: Node identity 4, cluster identity 4711 [ 117.188434][ T5834] tipc: Node number set to 4 [ 117.229742][ T4439] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 117.567283][ T5857] netlink: 8 bytes leftover after parsing attributes in process `syz.4.515'. [ 117.569434][ T5857] netlink: 8 bytes leftover after parsing attributes in process `syz.4.515'. [ 117.924656][ T4439] usb 1-1: Using ep0 maxpacket: 32 [ 117.927419][ T4439] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.930026][ T4439] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 117.935602][ T4439] usb 1-1: config 0 interface 0 has no altsetting 0 [ 117.939727][ T4439] usb 1-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00 [ 117.944321][ T4439] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.960360][ T4439] usb 1-1: config 0 descriptor?? [ 118.155044][ T5867] loop1: detected capacity change from 0 to 1024 [ 118.295956][ T5873] loop3: detected capacity change from 0 to 8 [ 118.302197][ T5873] squashfs: Unknown parameter '01777777777777777777777' [ 118.320712][ T177] hfsplus: b-tree write err: -5, ino 4 [ 118.353555][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 118.374317][ T5873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.386099][ T5873] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.423175][ T4439] usbhid 1-1:0.0: can't add hid device: -71 [ 118.424774][ T4439] usbhid: probe of 1-1:0.0 failed with error -71 [ 118.428161][ T4439] usb 1-1: USB disconnect, device number 5 [ 120.058745][ T5907] loop1: detected capacity change from 0 to 1024 [ 120.293801][ T5915] loop0: detected capacity change from 0 to 256 [ 120.298815][ T5914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.301203][ T5914] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.318537][ T4688] hfsplus: b-tree write err: -5, ino 4 [ 120.360663][ T5910] loop4: detected capacity change from 0 to 40427 [ 120.363220][ T5910] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 120.364952][ T5910] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 120.365115][ T5915] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 120.370084][ T5910] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x3ffff [ 120.372294][ T5910] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x1f8 [ 120.375464][ T5910] F2FS-fs (loop4): invalid crc value [ 120.390174][ T5915] FAT-fs (loop0): Filesystem has been set read-only [ 120.405604][ T5915] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 120.437999][ T5910] F2FS-fs (loop4): Found nat_bits in checkpoint [ 120.461360][ T5910] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 120.463275][ T5910] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 120.518837][ T4304] syz-executor: attempt to access beyond end of device [ 120.518837][ T4304] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 120.640093][ T47] Bluetooth: hci3: command 0x0405 tx timeout [ 120.928727][ T4343] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 120.993220][ T5938] loop2: detected capacity change from 0 to 2048 [ 121.131880][ T4343] usb 1-1: Using ep0 maxpacket: 32 [ 121.146127][ T4343] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.152133][ T4343] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 121.170825][ T4343] usb 1-1: config 0 interface 0 has no altsetting 0 [ 121.173903][ T4343] usb 1-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00 [ 121.422401][ T4343] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.854006][ T5938] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 121.863470][ T4343] usb 1-1: config 0 descriptor?? [ 121.901532][ T5949] loop3: detected capacity change from 0 to 1024 [ 121.973626][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 122.032151][ T4419] hfsplus: b-tree write err: -5, ino 4 [ 122.304047][ T4343] usbhid 1-1:0.0: can't add hid device: -71 [ 122.305745][ T4343] usbhid: probe of 1-1:0.0 failed with error -71 [ 122.309993][ T4343] usb 1-1: USB disconnect, device number 6 [ 122.517166][ T5977] loop4: detected capacity change from 0 to 2048 [ 122.541822][ T5977] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 122.654925][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 123.482676][ T5986] loop4: detected capacity change from 0 to 1024 [ 123.586612][ T4688] hfsplus: b-tree write err: -5, ino 4 [ 123.643188][ T5994] 9pnet_fd: Insufficient options for proto=fd [ 123.831058][ T6005] loop0: detected capacity change from 0 to 256 [ 123.852970][ T6005] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 123.954834][ T6007] loop2: detected capacity change from 0 to 2048 [ 123.979828][ T6007] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 124.027708][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 124.122559][ T6013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.129403][ T6013] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.134062][ T6015] loop0: detected capacity change from 0 to 1024 [ 124.190586][ T11] hfsplus: b-tree write err: -5, ino 4 [ 125.231113][ T6025] loop2: detected capacity change from 0 to 4096 [ 125.244310][ T6025] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 125.313844][ T6025] ntfs3: loop2: Failed to load $Extend. [ 125.377573][ T6032] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.379732][ T6032] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 125.450352][ T6035] loop2: detected capacity change from 0 to 256 [ 125.471932][ T6036] loop0: detected capacity change from 0 to 2048 [ 125.480240][ T6035] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 125.521201][ T6036] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 125.569612][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 125.777331][ T6055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.779696][ T6055] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.035588][ T6068] loop4: detected capacity change from 0 to 256 [ 126.054549][ T6068] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 126.118406][ T6073] loop2: detected capacity change from 0 to 2048 [ 126.174879][ T6073] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 126.261207][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 126.670378][ T6105] loop3: detected capacity change from 0 to 256 [ 126.710830][ T6105] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 126.729706][ T6107] loop2: detected capacity change from 0 to 128 [ 126.750493][ T6107] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 126.803432][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 126.870490][ T6114] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.887038][ T6114] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.940830][ T6118] loop0: detected capacity change from 0 to 256 [ 126.991546][ T4305] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 127.018513][ T6118] loop0: detected capacity change from 0 to 1764 [ 128.402909][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 128.406872][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 128.614550][ T6144] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 128.625425][ T6144] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 128.628101][ T6144] vhci_hcd: invalid port number 9 [ 128.629416][ T6144] vhci_hcd: default hub control req: 8014 v0008 i0009 l0 [ 128.776007][ T6153] loop2: detected capacity change from 0 to 16 [ 128.779597][ T6153] erofs: (device loop2): mounted with root inode @ nid 36. [ 128.850628][ T6155] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 129.198059][ T6168] loop3: detected capacity change from 0 to 32768 [ 129.204314][ T6168] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.633 (6168) [ 129.217404][ T6168] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 129.219977][ T6168] BTRFS info (device loop3): using crc32c (crc32c-generic) checksum algorithm [ 129.222015][ T6168] BTRFS info (device loop3): force clearing of disk cache [ 129.223595][ T6168] BTRFS info (device loop3): setting nodatacow, compression disabled [ 129.225581][ T6168] BTRFS info (device loop3): turning off barriers [ 129.227068][ T6168] BTRFS info (device loop3): turning on sync discard [ 129.228793][ T6168] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 129.231251][ T6168] BTRFS info (device loop3): trying to use backup root at mount time [ 129.233134][ T6168] BTRFS info (device loop3): using free space tree [ 129.267042][ T5491] BTRFS warning (device loop3): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0 [ 129.271325][ T6168] BTRFS warning (device loop3): couldn't read tree root [ 129.273102][ T6168] BTRFS warning (device loop3): try to load backup roots slot 1 [ 129.275090][ T5491] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0 [ 129.284634][ T6168] BTRFS warning (device loop3): couldn't read tree root [ 129.286453][ T6168] BTRFS warning (device loop3): try to load backup roots slot 2 [ 129.291744][ T6168] BTRFS error (device loop3): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7 [ 129.294753][ T6168] BTRFS warning (device loop3): couldn't read tree root [ 129.296413][ T6168] BTRFS warning (device loop3): try to load backup roots slot 3 [ 129.305712][ T6168] BTRFS info (device loop3): enabling ssd optimizations [ 129.309174][ T6168] BTRFS info (device loop3): rebuilding free space tree [ 129.333970][ T6168] BTRFS info (device loop3): checking UUID tree [ 129.362514][ T4298] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 129.628769][ T6200] loop3: detected capacity change from 0 to 256 [ 129.692956][ T6200] loop3: detected capacity change from 0 to 1764 [ 132.875959][ T6253] loop4: detected capacity change from 0 to 256 [ 132.932889][ T6253] loop4: detected capacity change from 0 to 1764 [ 134.011633][ T6275] loop1: detected capacity change from 0 to 512 [ 134.030090][ T6275] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 134.073761][ T6275] EXT4-fs (loop1): 1 truncate cleaned up [ 134.075203][ T6275] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 135.045567][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 135.090241][ T6291] netlink: 16 bytes leftover after parsing attributes in process `syz.2.664'. [ 137.896758][ T6312] loop2: detected capacity change from 0 to 256 [ 137.960333][ T6312] loop2: detected capacity change from 0 to 1764 [ 138.228942][ T6318] cifs: Unknown parameter 'mode' [ 139.336061][ T6325] loop1: detected capacity change from 0 to 512 [ 139.377050][ T6325] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 139.403072][ T6325] EXT4-fs (loop1): 1 truncate cleaned up [ 139.404534][ T6325] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 140.987396][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 141.290566][ T6339] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.293694][ T6339] team0: Port device bond0 added [ 141.332685][ T6341] bridge0: port 3(team0) entered blocking state [ 141.341022][ T6341] bridge0: port 3(team0) entered disabled state [ 141.357714][ T6341] device team0 entered promiscuous mode [ 141.367240][ T6341] device team_slave_0 entered promiscuous mode [ 141.396031][ T6341] device team_slave_1 entered promiscuous mode [ 141.418534][ T6341] device bond0 entered promiscuous mode [ 141.421266][ T6341] device bond_slave_0 entered promiscuous mode [ 141.440897][ T6341] device bond_slave_1 entered promiscuous mode [ 141.514384][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.679'. [ 141.516569][ T6347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.679'. [ 142.082903][ T6358] loop1: detected capacity change from 0 to 256 [ 142.141043][ T6364] loop4: detected capacity change from 0 to 512 [ 142.148471][ T6364] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 142.288985][ T6364] EXT4-fs (loop4): 1 truncate cleaned up [ 142.290417][ T6364] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 144.132968][ T6358] loop1: detected capacity change from 0 to 1764 [ 144.317346][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 144.528661][ T27] audit: type=1326 audit(141.772:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.539130][ T27] audit: type=1326 audit(141.782:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.554423][ T6383] mmap: syz.2.692 (6383) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 144.568431][ T27] audit: type=1326 audit(141.791:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.611617][ T27] audit: type=1326 audit(141.791:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.616879][ T27] audit: type=1326 audit(141.791:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.674280][ T27] audit: type=1326 audit(141.791:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=234 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.729558][ T27] audit: type=1326 audit(141.847:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.734915][ T27] audit: type=1326 audit(141.847:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.2.692" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa495bce8 code=0x7ffc0000 [ 144.934190][ T6398] netlink: 8 bytes leftover after parsing attributes in process `syz.2.698'. [ 144.936255][ T6398] netlink: 8 bytes leftover after parsing attributes in process `syz.2.698'. [ 144.958292][ T6401] loop0: detected capacity change from 0 to 512 [ 144.963144][ T6401] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 144.968832][ T6401] EXT4-fs (loop0): 1 truncate cleaned up [ 144.970960][ T6401] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 146.020226][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 148.180374][ T6428] loop4: detected capacity change from 0 to 256 [ 148.323552][ T6428] loop4: detected capacity change from 0 to 1764 [ 148.962952][ T6457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.712'. [ 148.965431][ T6457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.712'. [ 150.016924][ T6462] loop4: detected capacity change from 0 to 512 [ 150.019609][ T6462] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 150.024742][ T6462] EXT4-fs (loop4): 1 truncate cleaned up [ 150.026148][ T6462] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 151.038157][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 152.155415][ T6500] loop0: detected capacity change from 0 to 256 [ 152.230147][ T6500] loop0: detected capacity change from 0 to 1764 [ 153.817890][ T6525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.727'. [ 153.820115][ T6525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.727'. [ 154.456826][ T6526] loop2: detected capacity change from 0 to 512 [ 154.472597][ T6526] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 154.537438][ T6526] EXT4-fs (loop2): 1 truncate cleaned up [ 154.539080][ T6526] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 155.510117][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 155.665532][ T6558] loop0: detected capacity change from 0 to 256 [ 156.405630][ T6569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.748'. [ 157.569278][ T6578] cifs: Unknown parameter 'mode' [ 158.091677][ T6589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.740'. [ 158.093909][ T6589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.740'. [ 158.706641][ T6592] loop2: detected capacity change from 0 to 512 [ 158.724898][ T6592] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 158.814568][ T6592] EXT4-fs (loop2): 1 truncate cleaned up [ 158.816212][ T6592] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 158.993757][ T6600] loop0: detected capacity change from 0 to 512 [ 159.004525][ T6600] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 159.019107][ T6600] EXT4-fs (loop0): 1 truncate cleaned up [ 159.026959][ T6600] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 159.979051][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 160.278089][ T6613] loop2: detected capacity change from 0 to 256 [ 160.641496][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 161.570622][ T1516] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 161.787755][ T6636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.758'. [ 161.843822][ T1516] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 161.846339][ T1516] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 161.849432][ T1516] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 161.864459][ T1516] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.518672][ T1516] usb 1-1: usb_control_msg returned -32 [ 162.520317][ T1516] usbtmc 1-1:16.0: can't read capabilities [ 162.691561][ T6648] loop3: detected capacity change from 0 to 512 [ 163.392538][ T6648] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 163.401015][ T6652] loop2: detected capacity change from 0 to 512 [ 163.433972][ T6652] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 163.953242][ T4341] usb 1-1: USB disconnect, device number 7 [ 164.036982][ T6648] EXT4-fs (loop3): 1 truncate cleaned up [ 164.038566][ T6648] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 164.053589][ T6660] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 164.206487][ T6652] EXT4-fs (loop2): 1 truncate cleaned up [ 164.207997][ T6652] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 164.372193][ T6665] loop4: detected capacity change from 0 to 256 [ 165.316407][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 165.337080][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 165.455342][ T6673] loop3: detected capacity change from 0 to 1024 [ 165.623942][ T6673] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 165.637021][ T4288] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 165.677855][ T6665] loop4: detected capacity change from 0 to 1764 [ 166.550473][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 169.513349][ T6717] loop2: detected capacity change from 0 to 512 [ 169.527291][ T6717] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 169.530298][ T6714] loop3: detected capacity change from 0 to 512 [ 169.534970][ T6714] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 170.213544][ T6714] EXT4-fs (loop3): 1 truncate cleaned up [ 170.218360][ T6717] EXT4-fs (loop2): 1 truncate cleaned up [ 170.225572][ T6714] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 170.237674][ T6717] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 170.485539][ T6727] random: crng reseeded on system resumption [ 171.678926][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 171.782491][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 171.793728][ T6743] loop2: detected capacity change from 0 to 256 [ 171.810394][ T6739] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 171.878844][ T6745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 171.907292][ T6745] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 171.928749][ T6743] loop2: detected capacity change from 0 to 1764 [ 173.117963][ T6767] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 173.141804][ T6767] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 173.157648][ T6771] netlink: 'syz.0.788': attribute type 1 has an invalid length. [ 173.201162][ T6771] 8021q: adding VLAN 0 to HW filter on device bond1 [ 173.254614][ T6771] 8021q: adding VLAN 0 to HW filter on device bond1 [ 173.256610][ T6771] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 173.260545][ T6771] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 173.296400][ T6780] device ip6erspan0 entered promiscuous mode [ 173.308828][ T6780] bond1: (slave ip6erspan0): making interface the new active one [ 173.311755][ T6780] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 174.409051][ T6800] loop2: detected capacity change from 0 to 512 [ 174.419305][ T6800] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 174.460174][ T6800] EXT4-fs (loop2): 1 truncate cleaned up [ 174.463570][ T6800] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 174.479997][ T6808] fuse: Bad value for 'fd' [ 174.494487][ T6809] loop0: detected capacity change from 0 to 256 [ 176.440990][ T4305] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 176.466618][ T6809] loop0: detected capacity change from 0 to 1764 [ 176.475056][ T6815] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 176.870217][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 178.273080][ T6195] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 178.371626][ T6195] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 178.668264][ T6839] dccp_close: ABORT with 25 bytes unread [ 180.510545][ T6862] fuse: Bad value for 'fd' [ 180.568131][ T6866] loop0: detected capacity change from 0 to 512 [ 180.570486][ T6866] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 180.644122][ T6871] loop2: detected capacity change from 0 to 256 [ 180.692626][ T6866] EXT4-fs (loop0): 1 truncate cleaned up [ 180.694129][ T6866] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 180.715482][ T4305] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 182.282648][ T6871] loop2: detected capacity change from 0 to 1764 [ 182.519341][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 184.023632][ T6901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 184.051221][ T6901] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 184.143405][ T6907] loop4: detected capacity change from 0 to 512 [ 184.146014][ T6907] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 184.165720][ T6907] EXT4-fs (loop4): 1 truncate cleaned up [ 184.174286][ T6907] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 185.107298][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 185.849019][ T6929] loop3: detected capacity change from 0 to 256 [ 186.590619][ T6929] loop3: detected capacity change from 0 to 1764 [ 187.118119][ T6946] loop1: detected capacity change from 0 to 1024 [ 187.304234][ T6952] loop4: detected capacity change from 0 to 512 [ 187.327882][ T6952] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 187.399342][ T6952] EXT4-fs (loop4): 1 truncate cleaned up [ 187.400990][ T6952] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 188.201560][ T6961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 188.203682][ T6961] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 188.634158][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 189.205892][ T6975] loop0: detected capacity change from 0 to 256 [ 189.235602][ T4305] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 189.401483][ T6975] loop0: detected capacity change from 0 to 1764 [ 190.120212][ T11] hfsplus: b-tree write err: -5, ino 4 [ 190.318657][ T6992] loop0: detected capacity change from 0 to 512 [ 190.358334][ T6992] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 190.437573][ T6996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 190.445554][ T6996] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.454348][ T6992] EXT4-fs (loop0): 1 truncate cleaned up [ 190.455986][ T6992] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 191.183391][ T7002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 191.187615][ T7002] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 191.298436][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 191.349065][ T7006] loop3: detected capacity change from 0 to 1024 [ 191.480584][ T7012] fuse: Bad value for 'fd' [ 191.785807][ T7019] loop0: detected capacity change from 0 to 256 [ 191.838311][ T4305] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 191.881849][ T7019] loop0: detected capacity change from 0 to 1764 [ 192.137805][ T7028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 192.153645][ T7028] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 192.167137][ T47] Bluetooth: hci5: sending frame failed (-49) [ 192.173846][ T4295] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 192.400301][ T4688] hfsplus: b-tree write err: -5, ino 4 [ 192.500113][ T7036] loop3: detected capacity change from 0 to 512 [ 192.516182][ T7036] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 192.543881][ T7036] EXT4-fs (loop3): 1 truncate cleaned up [ 192.545529][ T7036] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 192.604035][ T7042] fuse: Bad value for 'fd' [ 193.606817][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.619627][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.809046][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 194.476810][ T7059] loop0: detected capacity change from 0 to 1024 [ 194.494856][ T7062] loop3: detected capacity change from 0 to 256 [ 194.616270][ T4305] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 194.629426][ T7062] loop3: detected capacity change from 0 to 1764 [ 194.949707][ T7080] loop2: detected capacity change from 0 to 512 [ 194.955997][ T7080] EXT4-fs: Ignoring removed oldalloc option [ 194.960208][ T7081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.962880][ T7081] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 194.968688][ T7080] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 195.001747][ T7080] EXT4-fs (loop2): 1 truncate cleaned up [ 195.003201][ T7080] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 195.188285][ T7088] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 195.191132][ T7090] loop1: detected capacity change from 0 to 512 [ 195.193630][ T7090] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 195.395020][ T7092] netlink: 40 bytes leftover after parsing attributes in process `syz.2.886'. [ 195.929507][ T7090] EXT4-fs (loop1): 1 truncate cleaned up [ 195.931200][ T7090] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 196.135804][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 196.145288][ T7101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 196.166721][ T7101] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 196.199125][ T4419] hfsplus: b-tree write err: -5, ino 4 [ 196.327272][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 196.476855][ T7106] loop0: detected capacity change from 0 to 256 [ 196.575213][ T7106] loop0: detected capacity change from 0 to 1764 [ 197.826583][ T7126] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 197.828920][ T7126] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 197.950503][ T7128] loop0: detected capacity change from 0 to 512 [ 197.960662][ T7130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 197.963011][ T7130] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 197.974043][ T7128] EXT4-fs: Ignoring removed oldalloc option [ 197.977318][ T7128] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 197.987591][ T7128] EXT4-fs (loop0): 1 truncate cleaned up [ 197.989067][ T7128] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 198.086398][ T7134] loop4: detected capacity change from 0 to 1024 [ 198.294588][ T7136] netlink: 40 bytes leftover after parsing attributes in process `syz.0.902'. [ 199.045687][ T7142] loop1: detected capacity change from 0 to 512 [ 199.053181][ T7142] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 199.056853][ T7143] loop2: detected capacity change from 0 to 256 [ 199.062226][ T7142] EXT4-fs (loop1): 1 truncate cleaned up [ 199.065046][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 199.077241][ T7142] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 199.104122][ T7139] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 199.143262][ T7143] loop2: detected capacity change from 0 to 1764 [ 199.760075][ T4420] hfsplus: b-tree write err: -5, ino 4 [ 201.390462][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 202.142056][ T7177] input: syz0 as /devices/virtual/input/input12 [ 203.234300][ T7202] loop0: detected capacity change from 0 to 512 [ 203.260095][ T7201] loop4: detected capacity change from 0 to 1024 [ 203.261841][ T7202] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 203.284912][ T7202] EXT4-fs (loop0): 1 truncate cleaned up [ 203.286384][ T7202] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 203.646516][ T7183] loop3: detected capacity change from 0 to 40427 [ 203.664620][ T7183] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 203.666554][ T7183] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 203.673115][ T7183] F2FS-fs (loop3): build fault injection attr: rate: 17008, type: 0x3ffff [ 203.675490][ T7183] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x1f8 [ 203.685936][ T7183] F2FS-fs (loop3): invalid crc value [ 203.711819][ T7183] F2FS-fs (loop3): Found nat_bits in checkpoint [ 203.729202][ T7183] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 203.731153][ T7183] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 203.774154][ T4298] syz-executor: attempt to access beyond end of device [ 203.774154][ T4298] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 205.076164][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 206.361581][ T7225] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 206.363799][ T7225] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 206.401650][ T4419] hfsplus: b-tree write err: -5, ino 4 [ 207.917071][ T7251] loop0: detected capacity change from 0 to 512 [ 207.928877][ T7251] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 208.107766][ T7240] loop1: detected capacity change from 0 to 40427 [ 208.111340][ T7251] EXT4-fs (loop0): 1 truncate cleaned up [ 208.112797][ T7251] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 208.702502][ T7240] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 208.704623][ T7240] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 208.716357][ T7240] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3ffff [ 208.723332][ T7240] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8 [ 208.726832][ T7240] F2FS-fs (loop1): invalid crc value [ 208.733266][ T7240] F2FS-fs (loop1): Found nat_bits in checkpoint [ 208.759623][ T7240] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 208.761583][ T7240] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 208.792714][ T4302] syz-executor: attempt to access beyond end of device [ 208.792714][ T4302] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 208.871176][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 208.932018][ T7271] loop2: detected capacity change from 0 to 1024 [ 209.271659][ T7280] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 210.639854][ T4523] hfsplus: b-tree write err: -5, ino 4 [ 211.848963][ T7308] ptrace attach of "./syz-executor exec"[4302] was attempted by "./syz-executor exec"[7308] [ 212.623505][ T7314] loop0: detected capacity change from 0 to 512 [ 212.625837][ T7314] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 212.731704][ T7314] EXT4-fs (loop0): 1 truncate cleaned up [ 212.733222][ T7314] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 213.578372][ T7302] loop2: detected capacity change from 0 to 40427 [ 213.581000][ T7302] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 213.582951][ T7302] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 213.589440][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 213.622938][ T7302] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x3ffff [ 213.643197][ T7302] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x1f8 [ 213.665375][ T7302] F2FS-fs (loop2): invalid crc value [ 213.776115][ T7340] loop0: detected capacity change from 0 to 1024 [ 213.894604][ T7302] F2FS-fs (loop2): Found nat_bits in checkpoint [ 216.025507][ T4419] hfsplus: b-tree write err: -5, ino 4 [ 216.520620][ T7372] delete_channel: no stack [ 216.571243][ T7374] delete_channel: no stack [ 216.666396][ T7377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 216.670844][ T7377] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 216.792780][ T7378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 216.795124][ T7378] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 216.801213][ T7381] loop2: detected capacity change from 0 to 512 [ 216.866222][ T7381] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 216.901429][ T7381] EXT4-fs (loop2): 1 truncate cleaned up [ 216.902866][ T7381] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 217.541454][ T7374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 217.548398][ T7374] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 217.728848][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 218.796050][ T7417] loop2: detected capacity change from 0 to 1024 [ 218.924995][ T7422] bridge0: port 3(team0) entered blocking state [ 218.929665][ T7422] bridge0: port 3(team0) entered disabled state [ 218.932159][ T7422] device team0 entered promiscuous mode [ 218.933582][ T7422] device team_slave_0 entered promiscuous mode [ 218.935341][ T7422] device team_slave_1 entered promiscuous mode [ 219.086812][ T4420] hfsplus: b-tree write err: -5, ino 4 [ 220.327351][ T7444] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 221.298608][ T7464] loop2: detected capacity change from 0 to 512 [ 221.301139][ T7464] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 221.330407][ T5491] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 221.356914][ T7464] EXT4-fs (loop2): 1 truncate cleaned up [ 221.361097][ T7464] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 221.718786][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 221.795489][ T7487] loop3: detected capacity change from 0 to 1024 [ 223.097670][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 225.020082][ T7519] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 225.062413][ T7527] loop1: detected capacity change from 0 to 512 [ 225.070901][ T7527] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 225.076344][ T7527] EXT4-fs (loop1): 1 truncate cleaned up [ 225.078468][ T7527] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 225.300811][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 225.435100][ T7546] loop4: detected capacity change from 0 to 1024 [ 226.711381][ T5492] hfsplus: b-tree write err: -5, ino 4 [ 229.127891][ T7581] loop0: detected capacity change from 0 to 512 [ 229.203157][ T7581] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 229.233302][ T7581] EXT4-fs (loop0): 1 truncate cleaned up [ 229.234830][ T7581] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 229.411258][ T7584] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 229.920475][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 230.356294][ T7608] loop1: detected capacity change from 0 to 1024 [ 231.310986][ T5492] hfsplus: b-tree write err: -5, ino 4 [ 233.632358][ T7659] loop1: detected capacity change from 0 to 1024 [ 234.079086][ T5492] hfsplus: b-tree write err: -5, ino 4 [ 238.032700][ T7724] loop4: detected capacity change from 0 to 1024 [ 238.325417][ T4687] hfsplus: b-tree write err: -5, ino 4 [ 241.478983][ T7799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 241.481230][ T7799] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 241.511983][ T7797] loop2: detected capacity change from 0 to 1024 [ 241.514411][ T7801] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 241.764283][ T4419] hfsplus: b-tree write err: -5, ino 4 [ 244.441668][ T7881] loop2: detected capacity change from 0 to 1024 [ 245.535428][ T7895] loop1: detected capacity change from 0 to 1024 [ 245.544790][ T5492] hfsplus: b-tree write err: -5, ino 4 [ 245.583923][ T7895] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 246.024743][ T7910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 246.028292][ T7910] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 248.935764][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 249.010152][ T7959] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 249.025915][ T7962] loop1: detected capacity change from 0 to 1024 [ 249.756179][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 251.264942][ T8001] loop1: detected capacity change from 0 to 1024 [ 252.270796][ T8001] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 252.378653][ T8014] loop3: detected capacity change from 0 to 1024 [ 252.876610][ T8017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 252.881396][ T8017] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 253.164997][ T5491] hfsplus: b-tree write err: -5, ino 4 [ 253.198313][ T8016] debugfs: Directory 'ptm1' with parent 'caif_serial' already present! [ 254.738459][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 257.112783][ T8076] loop1: detected capacity change from 0 to 1024 [ 257.343923][ T8081] debugfs: Directory 'ptm0' with parent 'caif_serial' already present! [ 257.387299][ T5491] hfsplus: b-tree write err: -5, ino 4 [ 257.625414][ T8100] loop0: detected capacity change from 0 to 1024 [ 258.423229][ T8100] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 258.935364][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 258.937287][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.190482][ T4339] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 259.382854][ T4339] usb 1-1: Using ep0 maxpacket: 16 [ 259.387400][ T4339] usb 1-1: config 64 has an invalid descriptor of length 0, skipping remainder of the config [ 259.392036][ T4339] usb 1-1: New USB device found, idVendor=9e88, idProduct=9e8f, bcdDevice=9b.e4 [ 259.409634][ T4339] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 259.411652][ T4339] usb 1-1: Product: syz [ 259.412677][ T4339] usb 1-1: Manufacturer: syz [ 259.439886][ T4339] usb 1-1: SerialNumber: syz [ 259.521155][ T8126] fuse: Bad value for 'fd' [ 260.479332][ T8131] loop4: detected capacity change from 0 to 1024 [ 260.810935][ T4339] ftdi_sio 1-1:64.0: Ignoring interface reserved for JTAG [ 260.814941][ T4339] usb 1-1: USB disconnect, device number 8 [ 260.995716][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 261.003233][ T4986] hfsplus: b-tree write err: -5, ino 4 [ 264.377716][ T8164] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 264.781609][ T8175] loop3: detected capacity change from 0 to 1024 [ 265.162549][ T8178] loop2: detected capacity change from 0 to 1024 [ 265.215333][ T8178] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 265.508702][ T4419] hfsplus: b-tree write err: -5, ino 4 [ 266.149307][ T8195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 266.152052][ T8195] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 266.832932][ T8203] tipc: New replicast peer: 10.1.1.2 [ 266.840938][ T8203] tipc: Enabled bearer , priority 10 [ 269.606020][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 269.680275][ T8231] loop0: detected capacity change from 0 to 1024 [ 269.910577][ T8238] loop2: detected capacity change from 0 to 512 [ 269.912707][ T8238] EXT4-fs: Ignoring removed oldalloc option [ 269.928444][ T8238] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 270.039723][ T8238] EXT4-fs (loop2): 1 truncate cleaned up [ 270.041663][ T8238] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 270.073770][ T177] hfsplus: b-tree write err: -5, ino 4 [ 271.690517][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 271.808099][ T8256] loop3: detected capacity change from 0 to 512 [ 271.810779][ T8256] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 271.818107][ T8256] EXT4-fs (loop3): 1 truncate cleaned up [ 271.819645][ T8256] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 272.301894][ T8276] loop2: detected capacity change from 0 to 1024 [ 273.021493][ T8276] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 273.986921][ T8286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 273.989375][ T8286] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 274.735189][ T6193] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 275.299764][ T8309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1180'. [ 275.472245][ T6193] usb 1-1: Using ep0 maxpacket: 16 [ 275.564622][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 276.017757][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 276.405943][ T8323] loop3: detected capacity change from 0 to 1024 [ 276.654914][ T11] hfsplus: b-tree write err: -5, ino 4 [ 277.600311][ T8337] xt_cgroup: path and classid specified [ 278.431258][ T8341] loop1: detected capacity change from 0 to 1024 [ 278.478702][ T8341] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 278.697415][ T8352] loop4: detected capacity change from 0 to 512 [ 278.700059][ T8352] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 278.958014][ T8355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 278.963296][ T8355] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 279.656011][ T8352] EXT4-fs (loop4): 1 truncate cleaned up [ 279.663137][ T8352] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 279.933279][ T6193] usb 1-1: unable to get BOS descriptor or descriptor too short [ 279.936302][ T6193] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 279.938792][ T6193] usb 1-1: can't read configurations, error -71 [ 279.975057][ T8363] loop0: detected capacity change from 0 to 1024 [ 280.268139][ T4992] hfsplus: b-tree write err: -5, ino 4 [ 281.436808][ T8385] 9p: Unknown Cache mode readahead [ 281.613536][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 281.836078][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 282.973064][ T8402] loop2: detected capacity change from 0 to 1024 [ 283.513323][ T4523] hfsplus: b-tree write err: -5, ino 4 [ 284.627790][ T8425] loop4: detected capacity change from 0 to 1024 [ 284.677330][ T8425] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 285.099603][ T8436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 285.101762][ T8436] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 285.490170][ T8438] loop2: detected capacity change from 0 to 512 [ 285.499546][ T8438] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 285.743901][ T8438] EXT4-fs (loop2): 1 truncate cleaned up [ 285.745691][ T8438] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 286.090739][ T8444] loop0: detected capacity change from 0 to 1024 [ 286.329949][ T4992] hfsplus: b-tree write err: -5, ino 4 [ 287.650913][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 287.920140][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 289.283433][ T8488] loop0: detected capacity change from 0 to 1024 [ 289.613781][ T4523] hfsplus: b-tree write err: -5, ino 4 [ 289.615069][ T8489] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 289.621827][ T8489] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 290.539325][ T8503] loop0: detected capacity change from 0 to 512 [ 290.585733][ T8503] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 290.691754][ T8510] loop1: detected capacity change from 0 to 1024 [ 290.735783][ T8503] EXT4-fs (loop0): 1 truncate cleaned up [ 290.737329][ T8503] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 290.765584][ T8510] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 291.079690][ T8518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 291.083710][ T8518] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 292.386862][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 292.521738][ T8541] loop4: detected capacity change from 0 to 1024 [ 292.743801][ T4523] hfsplus: b-tree write err: -5, ino 4 [ 292.913886][ T8548] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 292.924342][ T8548] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 293.692500][ T8565] loop3: detected capacity change from 0 to 512 [ 293.695788][ T8565] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 293.702073][ T8565] EXT4-fs (loop3): 1 truncate cleaned up [ 293.703791][ T8565] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 293.872019][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 294.032221][ T8569] loop4: detected capacity change from 0 to 1024 [ 295.036620][ T4350] hfsplus: b-tree write err: -5, ino 4 [ 295.440596][ T8592] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1265'. [ 296.398458][ T8600] loop1: detected capacity change from 0 to 1024 [ 296.497905][ T8600] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 296.644099][ T8610] loop2: detected capacity change from 0 to 1024 [ 296.816238][ T8613] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 296.819764][ T8613] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 297.450623][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 297.708074][ T9] hfsplus: b-tree write err: -5, ino 4 [ 299.256084][ T8630] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1275'. [ 299.259453][ T8630] netlink: 59 bytes leftover after parsing attributes in process `syz.4.1275'. [ 299.270121][ T8630] netlink: 59 bytes leftover after parsing attributes in process `syz.4.1275'. [ 299.380139][ T8633] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1278'. [ 299.394034][ T8633] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1278'. [ 299.588615][ T8641] loop2: detected capacity change from 0 to 512 [ 299.604373][ T8641] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 299.625009][ T8641] EXT4-fs (loop2): 1 truncate cleaned up [ 299.626657][ T8641] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 299.650456][ T4302] EXT4-fs (loop1): unmounting filesystem. [ 300.418751][ T8659] loop3: detected capacity change from 0 to 1024 [ 300.762327][ T9] hfsplus: b-tree write err: -5, ino 4 [ 302.821629][ T8672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 302.841957][ T8672] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 302.957460][ T8683] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1292'. [ 302.965664][ T8683] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1292'. [ 303.022212][ T8685] loop3: detected capacity change from 0 to 1024 [ 303.206349][ T8685] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 303.224661][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 303.950553][ T8700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 303.952920][ T8700] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 304.142002][ T8707] loop4: detected capacity change from 0 to 1024 [ 304.382564][ T4420] hfsplus: b-tree write err: -5, ino 4 [ 306.082220][ T8732] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1304'. [ 306.085564][ T8732] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1304'. [ 306.799223][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 306.810852][ T8736] loop0: detected capacity change from 0 to 512 [ 306.814251][ T8736] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 307.148909][ T8736] EXT4-fs (loop0): 1 truncate cleaned up [ 307.150535][ T8736] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 307.735700][ T8755] loop4: detected capacity change from 0 to 1024 [ 308.686684][ T4687] hfsplus: b-tree write err: -5, ino 4 [ 308.985472][ T4294] EXT4-fs (loop0): unmounting filesystem. [ 309.000360][ T8772] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1316'. [ 309.003746][ T8772] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1316'. [ 309.142436][ T8773] ubi31: attaching mtd0 [ 309.152463][ T8773] ubi31: scanning is finished [ 309.153743][ T8773] ubi31: empty MTD device detected [ 309.587620][ T8773] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 309.589700][ T8773] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 309.591503][ T8773] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 309.593197][ T8773] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 309.595027][ T8773] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 309.596965][ T8773] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 309.598950][ T8773] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2996497978 [ 309.601510][ T8773] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 309.645229][ T8775] ubi31: background thread "ubi_bgt31d" started, PID 8775 [ 309.731843][ T8777] loop3: detected capacity change from 0 to 1024 [ 309.849624][ T8777] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 311.125963][ T8788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.128494][ T8788] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 312.059244][ T8805] loop1: detected capacity change from 0 to 1024 [ 312.343243][ T9] hfsplus: b-tree write err: -5, ino 4 [ 313.716762][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 313.749779][ T8819] loop2: detected capacity change from 0 to 512 [ 313.771442][ T8819] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 313.786260][ T8823] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1329'. [ 313.792354][ T8819] EXT4-fs (loop2): 1 truncate cleaned up [ 313.794021][ T8819] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 313.914719][ T8823] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1329'. [ 315.540588][ T4340] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 315.733332][ T4340] usb 1-1: Using ep0 maxpacket: 32 [ 315.752176][ T4340] usb 1-1: config 1 has an invalid interface number: 42 but max is 0 [ 315.755253][ T4340] usb 1-1: config 1 has no interface number 0 [ 315.756989][ T4340] usb 1-1: config 1 interface 42 has no altsetting 0 [ 315.775890][ T4340] usb 1-1: New USB device found, idVendor=085a, idProduct=0026, bcdDevice= 1.25 [ 315.778546][ T4340] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.789924][ T4340] usb 1-1: Product: syz [ 315.810167][ T4340] usb 1-1: Manufacturer: syz [ 315.819278][ T4340] usb 1-1: SerialNumber: syz [ 317.087135][ T8889] loop3: detected capacity change from 0 to 1024 [ 317.183627][ T8889] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 318.048971][ T8897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 318.051093][ T8897] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 318.199691][ T4340] usb-storage 1-1:1.42: USB Mass Storage device detected [ 318.365031][ T4340] usb-storage 1-1:1.42: Quirks match for vid 085a pid 0026: 4 [ 319.067836][ T4340] usb 1-1: USB disconnect, device number 11 [ 319.248543][ T8908] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1344'. [ 319.266731][ T8908] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1344'. [ 319.317392][ T4307] EXT4-fs (loop2): unmounting filesystem. [ 320.396760][ T4298] EXT4-fs (loop3): unmounting filesystem. [ 321.970632][ T22] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 322.275678][ T22] usb 1-1: Using ep0 maxpacket: 16 [ 322.278456][ T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 322.281188][ T22] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 322.283239][ T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.289157][ T8985] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1358'. [ 322.298114][ T22] usb 1-1: config 0 descriptor?? [ 322.408513][ T8988] loop4: detected capacity change from 0 to 128 [ 322.413771][ T8988] EXT4-fs: Ignoring removed nobh option [ 322.750058][ T8988] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 322.947038][ T8985] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1358'. [ 323.082621][ T4304] EXT4-fs (loop4): unmounting filesystem. [ 323.129206][ T8992] loop3: detected capacity change from 0 to 1024 [ 323.172660][ T22] mcp2221 0003:04D8:00DD.0004: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 323.234604][ T8992] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 324.452194][ T9001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 324.455885][ T9001] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 324.633572][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 324.635469][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.887276][ T22] Unable to handle kernel paging request at virtual address dfff800000000000 [ 324.889591][ T22] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 324.891726][ T22] Mem abort info: [ 324.892630][ T22] ESR = 0x0000000096000006 [ 324.893780][ T22] EC = 0x25: DABT (current EL), IL = 32 bits [ 324.896021][ T22] SET = 0, FnV = 0 [ 324.896983][ T22] EA = 0, S1PTW = 0 [ 324.897991][ T22] FSC = 0x06: level 2 translation fault [ 324.899397][ T22] Data abort info: [ 324.900303][ T22] ISV = 0, ISS = 0x00000006 [ 324.901475][ T22] CM = 0, WnR = 0 SYZFAIL: failed to send rpc [ 324.902474][ T22] [dfff800000000000] address between user and kernel address ranges [ 324.904547][ T22] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP [ 324.906412][ T22] Modules linked in: fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 324.907405][ T22] CPU: 1 PID: 22 Comm: kworker/1:0 Not tainted 6.1.134-syzkaller #0 [ 324.909356][ T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 324.911964][ T22] Workqueue: usb_hub_wq hub_event [ 324.913249][ T22] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 324.915223][ T22] pc : mcp_smbus_xfer+0x68/0x1d5c [ 324.916584][ T22] lr : mcp_smbus_xfer+0x48/0x1d5c [ 324.917835][ T22] sp : ffff80001d3a5ed0 [ 324.918890][ T22] x29: ffff80001d3a5ee0 x28: 0000000000000000 x27: dfff800000000000 [ 324.921112][ T22] x26: 1fffe0001e4a5036 x25: 0000000000000000 x24: 0000000000000000 [ 324.923225][ T22] x23: 0000000000000000 x22: 0000000000000018 x21: 0000000000000000 [ 324.925196][ T22] x20: 1ffff00002b4fe40 x19: 0000000000000000 x18: ffff80001d3a5ce0 [ 324.927208][ T22] x17: ffff800018c59000 x16: ffff80001232ab6c x15: ffff800018739f80 [ 324.929210][ T22] x14: 00000000f57522c2 x13: dfff800000000000 x12: 0000000000100000 [ 324.931306][ T22] x11: 00000000000dd631 x10: ffff8000328ba000 x9 : ffff80000fa9c414 [ 324.933280][ T22] x8 : 0000000000000000 x7 : 1111111111111111 x6 : 0000000000000000 [ 324.935355][ T22] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 324.937424][ T22] x2 : 0000000000000000 x1 : 0000000000000018 x0 : ffff0000f2528088 [ 324.939401][ T22] Call trace: [ 324.940307][ T22] mcp_smbus_xfer+0x68/0x1d5c [ 324.941409][ T22] __i2c_smbus_xfer+0x5b4/0x2dec [ 324.942715][ T22] i2c_smbus_xfer+0x210/0x31c [ 324.943977][ T22] i2c_default_probe+0x1c0/0x248 [ 324.945230][ T22] i2c_do_add_adapter+0x3c4/0x8d4 [ 324.946564][ T22] __process_new_adapter+0x28/0x3c [ 324.947885][ T22] bus_for_each_drv+0x158/0x1e0 [ 324.949187][ T22] i2c_register_adapter+0xde0/0x10e0 [ 324.950595][ T22] i2c_add_adapter+0x170/0x250 [ 324.951837][ T22] mcp2221_probe+0x240/0x56c [ 324.953007][ T22] hid_device_probe+0x238/0x328 [ 324.954286][ T22] really_probe+0x394/0xacc [ 324.955447][ T22] __driver_probe_device+0x194/0x3b4 [ 324.956846][ T22] driver_probe_device+0x78/0x330 [ 324.958193][ T22] __device_attach_driver+0x2a8/0x4f4 [ 324.959594][ T22] bus_for_each_drv+0x158/0x1e0 [ 324.960811][ T22] __device_attach+0x2f0/0x480 [ 324.962075][ T22] device_initial_probe+0x24/0x34 [ 324.963402][ T22] bus_probe_device+0xbc/0x1c8 [ 324.964646][ T22] device_add+0xae0/0xef4 [ 324.965762][ T22] hid_add_device+0x318/0x4a8 [ 324.967001][ T22] usbhid_probe+0x8f0/0xc70 [ 324.968202][ T22] usb_probe_interface+0x500/0x984 [ 324.969520][ T22] really_probe+0x394/0xacc [ 324.970639][ T22] __driver_probe_device+0x194/0x3b4 [ 324.971927][ T22] driver_probe_device+0x78/0x330 [ 324.973305][ T22] __device_attach_driver+0x2a8/0x4f4 [ 324.974654][ T22] bus_for_each_drv+0x158/0x1e0 [ 324.975916][ T22] __device_attach+0x2f0/0x480 [ 324.977193][ T22] device_initial_probe+0x24/0x34 [ 324.978468][ T22] bus_probe_device+0xbc/0x1c8 [ 324.979700][ T22] device_add+0xae0/0xef4 [ 324.980812][ T22] usb_set_configuration+0x15c0/0x1b40 [ 324.982209][ T22] usb_generic_driver_probe+0x8c/0x148 [ 324.983613][ T22] usb_probe_device+0x120/0x25c [ 324.984885][ T22] really_probe+0x394/0xacc [ 324.986094][ T22] __driver_probe_device+0x194/0x3b4 [ 324.987468][ T22] driver_probe_device+0x78/0x330 [ 324.988760][ T22] __device_attach_driver+0x2a8/0x4f4 [ 324.990236][ T22] bus_for_each_drv+0x158/0x1e0 [ 324.991377][ T22] __device_attach+0x2f0/0x480 [ 324.992613][ T22] device_initial_probe+0x24/0x34 [ 324.993927][ T22] bus_probe_device+0xbc/0x1c8 [ 324.995162][ T22] device_add+0xae0/0xef4 [ 324.996296][ T22] usb_new_device+0x908/0x144c [ 324.997538][ T22] hub_event+0x243c/0x42e4 [ 324.998605][ T22] process_one_work+0x804/0x1484 [ 324.999821][ T22] worker_thread+0x8e4/0xfec [ 325.000995][ T22] kthread+0x250/0x2d8 [ 325.002015][ T22] ret_from_fork+0x10/0x20 [ 325.003171][ T22] Code: aa1303e0 963b6617 f9400273 d343fe7c (387b6b88) [ 325.005001][ T22] ---[ end trace 0000000000000000 ]--- [ 325.514628][ T22] Kernel panic - not syncing: Oops: Fatal exception [ 325.516466][ T22] SMP: stopping secondary CPUs [ 325.517758][ T22] Kernel Offset: disabled [ 325.518862][ T22] CPU features: 0x080000,02070084,26017203 [ 325.520264][ T22] Memory Limit: none [ 326.039475][ T22] Rebooting in 86400 seconds..