last executing test programs: 20.616815857s ago: executing program 0 (id=2434): syz_mount_image$vfat(&(0x7f0000000500), &(0x7f0000000040)='./file0\x00', 0x4, &(0x7f0000000700)=ANY=[@ANYRESOCT, @ANYRESDEC, @ANYRESOCT], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x1000000, &(0x7f0000000f40)=ANY=[@ANYBLOB="696f636861727365743d617363696900f1652c696f1e716b917365743d757466382c6e6f7672732c74000020acdc6ccf12fc2289215e4cf0690f9e7a280306dca93a9e0c471dcca261ecbfef7d2c689c923248fa9b4088a7ae1c236c0610e0d94663276aaad729233c1b8662d91bda299ad42d27bce2aaf403b00e01f9b18db781ff3c0e179108254e55b32dbedc4116bf5bf3179d05c6725190d783d5d996242d8e14ddb0d65017e6819f0264081c08d474216c5976e81757a9521f170a4fda7988bef80456155b5c7874a0806025ff017cc12aa9f4022ffb459047d400b694f592011b0a434741ebe55eb13ee21c2b4d6012211be0be85440646438465f71ba617c3cdf70e2436ac56ee186c66dff01181bf5bbecb2b386676fa6691ca7ad5276878e264f82cbcb33e48949bb7a132bbbe11cb4a7f2f0eb6fe1744f39baab9cd2eefc26500d0fc199810cd3dfdde4a37ef0bdc0d0f72baa7093d5e8e02f9f68e6d0d6ec9f15247880affc233ffcd9fb5168e62a3eeae33a1058afc2fff1216bcb998bc736307324ab146be1c2e5df28280b4e33e69c89f28e0ed16a470d41354698bf8bcfb0facce28c75ef863bf59210be9d4b1d2c2b623ec67e408fc872f5bef51c9d8d41f45b0cd1ff0787c29a4e0eb2ca772757e5f40a8c1988b514214217b5aa93f3f92d0db4a8b05364e5c5fe1692519d7e25ea9f3e40724b5de8e1649946162d3e77c09530e4277d5a392f5e2ac0493dc8fc120618c1166b24d865240c27551a349cc001ae3a56e522b1b3e4a2045075dff6f9514b24a000000000000000000", @ANYRESOCT, @ANYBLOB="0700000000000000bfd2696e6963622c7569643da02afa50cfaf7ef0b1136bb846c3dca93e00005965802071679add0000000000000000d1c3122f42ea96037a96b9522cba05114b1d06b523f39b61b9cf307b30998e0bf0d34de32a48605911737fe408577290a186e912c59fd4492df747f495da7617c456798a622dae5e5631a46fe76111dc37855e0295a34c646f4c3e54f149b16b056083c35865aa5d932539f0b4c9d952c2306bd4d41812d8d8f95b8eefb320bdfe0b82196d0208cd4a08f03410cf89160f62f28c8b77a10455ab7f06978896198c9c078dc983a02f769dc808dbe3c9443d0eb3ef9330d01d5d26e6672da4fcf4493833090c0dd12f35385f05c649716b76aada5a024358b6914c7fc1220b0bfb1a7ee91dab5cadd65fac8166ff005a56364fa5f4dcc9de1e0d78c5a30c57ba77ab113069b628ff5855abb3d1859bfcf71df7b1f734216f68479dee950c61b5177edafdb456f31e7365a6e26635d25fc2b7f38bf798d0ba69b1c871ea1a2c1c59a9ff24095410e61080ebd36bed60cb9438b9602aa1d46de30be0924278c8ca4acb4351f5221dfe3c2daceb15ebed45f3b477a42a53dbd58d1c2a4236a3f3a0ca0553a66645e00322bdbb29746c2bcd58f9e6fce46d46559d3865971a2cdec16fee7632907ac72cef45f95b74dcea95dfda5c83eb34385bc0b707639752eb7b0ede35acb809a2883236681ed543ab7fbff198511bcbf4df8ae460a958e4204f0500bf23676dfb0d8b7075219e8b79ede316e583cf69475f0d583ca73f62d019d49166605880d233eb3940327e265ecaf15fe74ab31a5f8f253de901881791e7589a9252b9", @ANYRES8, @ANYRESHEX], 0x9, 0xc56, &(0x7f0000001bc0)="$eJzs3U9sHNd9B/DfGy3FldzWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spC3TSw89BC2KHnIpgdYokKKB0RRBj0zrAsnFhyKnntgWNoKiB7YIEKBAwGJm34pLirRlkZQo+fOxqe/szHsz782sZ2RBb14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG/9fKFk6fSNhsOPYDGAAD3xaWxL588vd3zHwB4ZF3e6f//AQAAAAAAAAAAAACAgyJFEU9EirlLa2mi+txRv9juu3lrfHhk+2pHUlXzUFW+/KmfOn3m7BeeHzrXzYvtmfepv9c+Fa+OXb7QeGn2xtz81MLC1GRjfKZ9dXZy6q73sNv6Ww1WJ6Bx47Wbk9euLTROP3dm0+ZbA+/1P3Zs4PzQMyee7pYdHx4ZGdsoUu8tX7vnhnTsNMLjcBRxIlI8+50fp1ZEFLH7c1G/v9d+qyNVJwarTowPj1QdmW63ZhbLjaPdE1FENHoqNbvnaPtrEbW++9qHnTUjlsrmlw0eLLs3Nteab12ZnmqMtuYX24vt2ZnR1Glt2Z9GFHEuRSxHxGr/nbvriyJqkeJbj6+lK/mtH9V5+Hw1MHjndhT72Me7ULaz0RexXDwE1+wA648iXokUP3n7eFzN95nqXvO5iFfK/F7Em2W+GJHKL8bZiHe3+R7xcKpFEX9SXv/za2myuh907ysXv9L40sy12Z6y3fvKh3w+3HGneEDPhyNb8v444PemehTRqu74a+nef7MDAAAAAAAAAAAAAAAAwF47EkV8MlK8/K+/V40rjmpc+uPnh3574Od7x4w/9QH7Kcs+FxFLxd2NyT2cBwaOptGUdhxL/Kf/vunjARkz9yipRxG/n8f/feNBNwYAAAAAAAAAAAAAAAAAAOAjrYgfRYoX3jmelqN3TvH2zPXG5daV6c6ssN25f7tzpq+vr683UiebOSdyLuVczrmSczVnFLl+zmbOiZxLOZdzruRczRmHcv2czZwTOZdyLudcybmaM2q5fs5mzomcSzmXc67kXM3pPQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHuviCJ+Fim++bW1FCkimhET0cmV/gfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+G6kaPxO8/a6WkSk6t+O4+UvZ6N5uMyPR3OozBejeSFnq8pa8xsPoP3sTl8q4oeRor/+1u0Lnq9/X+fT7a9BvPn1jU+fqnXyUHfjwHv9jx17/PzQyGee2mk5bdeAwYvtmZu3GuPDIyNjPatr+egf71k3kI9b7E3XiYiF1994rTU9PTV/7wvlV2AX1R+ihVT7qPTUQrUQtQPRjAfT903qD+oGxb4qn//vRopff+ffug/8zvO/Hj/X+XT7CR8//YOItNJZfmHrju7y+V/bWi8//8tn+nbP/yd61r2QfzfSV4uoL96Y6zsWUV94/Y0T7Rut61PXp2bOnjz5xaGhL5452Xc4on6tPT3Vs7Q35wsAAAAAAAAAAAAAAADgvklF/GakaP1wLTUi4lY1Xmvg/NAzJ54+FIeq8Vabxm2/Onb5QuOl2Rtz81MLC1OTjfGZ9tXZyam7PVy9Gu41PjyyL535QEf2uf1H6i/Nzr0+377+u4vbbj9av3BlYXG+dXX7zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/vL5UxH9EiqtnG+mzeV0e/791hP+m8f9LW3e0h+P/P3N0Y/zfx3qKlsdMqYifRopf+7On4rNVO4/GHecsl/vrSDF47tO5XBwuy3Xb0HmvQGdkYFn2fyLF3/9sc9nueMgnNsqe+lAn9yFQXv/HI8V3//jb8ct53eb3P2x//Y9u3dE+vf/hyZ51Rze9r2DXXSdf/xOR4sUn3opfqdb83/u+/6P77o3jncIb7+fYp+v/iz3rBvJxf3WvOg8AAAAAAAAAAPAQ60tF/E2k+P5ILT2f193N3/+b3Lqjffr7X5/oWTe5N/MVfeDCrk8qAAAAABwQfamIH0WK64tv3R5DvXn8d8/4z9/YGP85nLZsrf6c7xeq9wbs5Z//9RrIx53YfbcBAAAAAAAAAAAAAAAAAADgQEmpiOfzfOoT3bd97jCf+kqkePm/nq3KpUjHynLdeeAHql/rl2ZnTlyYnp6tx2LryvRUY2yudXWqrPtkpFj7q0/nukU1v3p3vvnOHO8bc7HPR4qRv+2W7czF3p2b/MmNsqfKsh+LFP/5d5vL5qmp89zRVdnTZdm/iBRf/cftyx7bKHumLPvtSPGDrza6ZY+WZbvvR/3ERtnnrq6vr//h3l8WAAAAAAAAAAAAAAAAAAAAPmL6UhF/FCn++8ZyHsu/3t/dlLPWLfvm13vm+9/iVjXP/0A1//+tv4yI7nLP+nuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHU4oi3ogUc5fW0kp/+bmjfrE9c/PW+PDI9tWOpKrmoap8+VM/dfrM2S88P3Sum+9ff699Ml4du3yh8dLsjbn5qYWFqcnG+Ez76uzk1F3vYbf1txqsTkDjxms3J69dW2icfu7Mps23Bt7rf+zYwPmhZ0483S07PjwyMtZTptZ3z0e/Q9ph/eEo4s8jxbPf+XH6fn9EEbs/Fx/w3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RfbgWu9KMWCqbXzZ4sOze2FxrvnVleqox2ppfbC+2Z2dGU6e1ZX8aUcS5FLEcEav9d+6uL4p4LVJ86/G19E/9EYe65+Hzl8a+fPL0zu0o9rGPd6FsZ6MvYrl4CK7ZAdYfRfxDpPjJ28fjn/sjatH5ic9FvFLm9yLejM71TuUX42zEu9t8j3g41aKI/y2v//m19HZ/eT/o3lcufqXxpZlrsz1lu/eVh/75cD8d8HtTPYr4QXXHX0v/4r9rAAAAAAAAAAAAAAAAgAOkiF+KFC+8czxV44Nvjyluz1xvXG5dme4M6+uO/euOmV5fX19vpE42c07kXMq5nHMl52rOKHL9nM0y6+vrE/nzUs7lnCs5V3PGoVw/ZzPnRM6lnMs5V3Ku5oxarp+zmXMi51LO5ZwrOVdzxgEZuwcAAAAAAAAAAAAAAAAAADxaiuqfFN/82lpa7+/MLz0RnVwxH+gj7/8DAAD//6hz/pQ=") syz_mount_image$ext4(&(0x7f0000000240)='ext2\x00', &(0x7f00000002c0)='./mnt\x00', 0x40, &(0x7f0000000640)={[{@noblock_validity}, {@commit={'commit', 0x3d, 0xff}}, {@nodiscard}, {@dioread_nolock}, {@noblock_validity}, {@quota}, {@jqfmt_vfsv1}, {@block_validity}]}, 0x3, 0x26a, &(0x7f0000000a80)="$eJzs3T+IHGUcBuB3Zmc8L1nk1EYQVBARPTi0E2wujUJAQhARVIiI2CiJEBPsclY2FlqrpLIRsTNahjTBRhGsoqaIjaBBwcPCZmX/nGwuq5fb3ds5bp4HZm5m7pv5vmHm/U2zsxugtVaSrCfpJFlNUicpxhs8MJxWRqvnly+fSHq9Z38vBu2G60Nb+x1OspHkiSSXyiKvV8nZCy9e++vK0w+/d6Z+6JMLLywv9CRHrl+7+szmx8fe/eLo42e//f7XY0XW073hvOavmLCtKpK79qKzfaKomh4Bt+L425//0M/93UkeHOS/TpnhxXv/9G2X6jz60X/t+8Fv3927yLEC89fr1f1n4EYPaJ0ySTdFuZZkuFzWW7Xhx86h8o1Tp99afe3UmZOvNlungPnpJlef+mrpy8Pb8v9LpyzX1poeHbCX+vl/7vinP/WXNztNjwZYpH7+V18+90h2kX9lAg6GafIPHAzddfmHtvL8hwNm/dabyj+0l/xDC1389xPpU+dfuYD9YtIbJv9naTD3/If2kn9oL/mH9hrPPwDQLr2lpt9ABprSdP0BAAAAAAAAAAAAAAAAAABudn758omtaVF9fv1hcv1I6lTFhP47g98jTm4fzA/9WaQa27dIblifxkv3z3iA7f7YXfPPGn77+o6f9/LoK5s7tfjmvvn2WG/fsMP32p07mWy8k+Sxqrr5/itG99/07tzh//UrM3Ywoyefb7b/RlXJ0SvJxSP96z9e/5ZHDcrcM/g7uf50J91vu/Tm3zMeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIX5JwAA///IeG1M") mount$bind(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x3002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0xa, 0x2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioperm(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x1301e243a0d1137b) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kvm_set_spte_hva\x00'}, 0x10) openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x21408, 0x0, 0x1, 0x0, &(0x7f0000006380)) ioctl$TIOCPKT(r3, 0x5420, &(0x7f0000000580)=0x2) 17.020657811s ago: executing program 0 (id=2436): socket$inet_sctp(0x2, 0x5, 0x84) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x7, &(0x7f00000001c0), 0x4) vmsplice(r0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) socket$xdp(0x2c, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'vlan1\x00', 0x0}) sendto$packet(r3, &(0x7f00000003c0)="02030e00d3fc02000000ab5d71acedd7c9560385dcb188a8", 0x18, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r6, &(0x7f0000000300)='1\x00', 0xffffff4a) write$sysctl(r6, &(0x7f0000000000)='2\x00', 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r7 = syz_open_dev$media(&(0x7f0000000400), 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r7, 0xc0487c04, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 14.443284651s ago: executing program 0 (id=2440): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x8052, &(0x7f0000000040)={[{@block_validity}, {@noblock_validity}, {@quota}]}, 0x1, 0x4d3, &(0x7f0000000600)="$eJzs3E1sVNUeAPD/nXZo+XrM4/F4D0QtorGR2EJBYeEGo4kLTYy40GXTFoIUamhNhKAZEoNLQ+LeuHTrwq26McaViVtcmhgSYtgAbhxzZ+7tTKczU6addmz6+yXDnHO/zjlz7rlzPjoEsGWNpP8ktfDtiNgTEYXmA0Zqbw/uXZ96eO/6VJQrlbN/JNXT7qfxTHaZ2JlFRgsRhU+S+o4G81evXZycnZ25ksXHFy69Pz5/9drzFy5Nnp85P3N54vTpkyeOn3px4oXuC9UivbRc9w9+PHfowGvv3npjajDfPpy9N5ajV0ZipFVWqp7pdWJ9trshnAz2MSN0Jb3/0+oqVtv/nhgIlQdbRaVSqQy1312uNLuxbAuwaSXR7xwA/ZF/0afj3/zVqiOwbX26H31390xtAJSW+0H2iniyujGfByk2jW97aSQi3in/+UX6inWahwAAaPTdmbwn2NT/Kw0vOe5f2RpKKSL+HRF7I+I/EbEvIv4bEfsj4n8R8f+m6w9ERKVD+iP1YHWpZHn/p3BnrWXsJO3/vZStbdX7f9G4ClYayGK7I/IO88yx7DMZjeLQuQuzM8c7pPH9K7981m5fY/8vfaXp533BLB93Bpsm6KYnFyZXXeAmd29EHBxsLn8ymFZHvhKQVsyBiDjYxXVLDeELz311aDFSXHrcyuWvqrRcR+vBUkXly4hna/VfjiX1X08x6bw+OT4cszPHxtO74FjLNH76+eab7dJfsfzf/NZ8yqunvj2btay1S+t/R8P9H/n6bb38pSQiWVyvne8+jZu/ftp2TLPa+39b8nY1nI9LP5xcWLhyPGJb8vry7RP1c/N4+h7lWvlHj7Ru/3uzc9JP4rGISG/ixyPiiaiNENO8H46IpyLiSIfy//jy0++tvvzrKy3/dMvn35L6r6/Xtwsk5drRLXYNXDx8+2Gbh8ej1f/Jamg029L6+ZcseUS0y2n+bZdu+WutHx4AAABsEoWI2NUwl7QrCoWxsdoc0L7YUZidm184em7ug8vT6b6IUhQL+UxXbT64mOTzn6WG+ERT/EQ2b/z5wPZqfGxqbna6ryUHdlbbfFIYW3wW1Np/6vfeTDED/2R+8gNb10rtf/+tDcoIsOEe/fv/h4/WNSPAhmto/+U2h5RX8XdfwCZg/A9b1/L2364b0OkcYLOpPHpbLq53XoCN19V3+dGV+wbA5jEYby2GC33NCbDRjOVhS1rxd/1rClSGWu8ajuUHx3DnCw7E6rKxvUVafQmkPau+pL59NWfl/5tC22Oi0N0Fh6I3dXqu2w/h8I7mLef39/zmr2R/K9/rGvx6Q9ppq0BfHkcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA993cAAAD//5Aw31k=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000440)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x3, 0x431, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000100)={0x2, 'macvlan1\x00', {0x8001}, 0xcb6a}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='cgroup.controllers\x00', 0x275a, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r5}, 0x10) dup3(0xffffffffffffffff, r3, 0x80000) ioctl$FS_IOC_RESVSP(r4, 0x4030582b, &(0x7f0000000040)={0x0, 0x0, 0x92b, 0x0, 0x91, 0xf0}) shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x5000) mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x5, &(0x7f0000000000)=0x101, 0x29, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x3) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0) 13.076086623s ago: executing program 0 (id=2452): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x1000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r2 = gettid() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000240)={r4, r0, 0xffffffff}) mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000000)='./file0/../file0/file0\x00', 0x0, 0x2879c03, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1adc51, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000400)='./file0/../file0/file0\x00', 0x0, 0x2885013, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a10716, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@mblk_io_submit}, {@grpjquota_path}, {@resuid}, {@jqfmt_vfsv0}, {@usrjquota}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x100409e}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xff, 0x46d, &(0x7f0000001bc0)="$eJzs289vVEUcAPDve7sFBGUrIgqCVNGk8UdLCyoHE6PRxIMmJnrAY20LQRZqaE2ENFqNwaMh8W48mvgXePJk1JOJVzyaGBKixAT04pq3+17pLrullYXddD+fZGFm3+zMfPvevJ2d2Q1gYI1k/yQRd0fExYioNLLNBUYa/127sjj995XF6SRqtTf/SOrlrl5ZnK7litdty+scTSPST5O8kRhaWe382XMnp6rV2TN5fnzh1Hvj82fPPX3i1NTx2eOzpyePHDl8aOK5ZyefadPr3y6sN84svqt7Ppzbu/vVty+8Pn30wjs/fpP1d9e+xvEsjvXWeTMjWeB/Nv42rcce73ZjPfZv7XqcSbnXvWGtShFRzgfnxahEKa6fvEq88klPOwfcVtk9e3Pnw0s1YANLotc9AHqjeKPPPv8Wjzs09egLl19sfADK4r6WPxpHypE2Pho1L1x02UhEHF3658vsES3rELU26wYAALfqu2z+81S7+V8au1aU257vDQ1HxL0RsSMi7ouInRFxf0S97AMR8WCnhjpMokZa8jfOP9NL/zu4Ncjmf8/ne1vN87+0KDJcynP31OMfSo6dqM4ezP8mozG0OctPtKu8qOLlXz7v1P7K+V/2yNov5oJ5JZfKjQW6LcUzM1MLU92alF7+OGJPuV38yfJOQBIRuyNiz/qq3l4kTjzx9d5OhW4e/yq6sM9U+6qoZHEpWuIvJKvvT45vierswfHiqrjRTz+ff6NT+7cUfxdk539r8/XfUqLyV7Jyv3Z++cALa23j/K+fdfxMWV779b8su/43JW/V93Q35c99MLWwcGYiYlPyWj3f9Pzk9dcW+aJ8Fv/ogfbjf0f+miz+hyIiu4j3RcTDEbE/P3ePRMSjEXFglfh/eOmxdzsd64fzP9P2/rd8/Q83n//1J0onv/+2U/tru/8drqdG82fq97+b6Nyd4jbacjUDAADABpbWvxufpGPL6TQdG2t8h39nbE2rc/MLTx6be//0TOM79MMxlBYrXZUV66ETyVJeYyM/ma8VF8cP5evGX5TuqufHpueqMz2OHQbdtg7jP/N7qde9A247v9eCwdU6/tMe9QO487z/w+Ay/mFwGf8wuNqN/49a8vYCYCOqVXrdA6B3zP9hcBn/MLiMfxhIt/K7/tuVKK/y632JfklE2hfd6JvE/j4aTeUujO4e35gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65L8AAAD///Uk+Ss=") read$FUSE(r5, &(0x7f0000004680)={0x2020}, 0x204f) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=ANY=[@ANYBLOB="200000001300290a000000000000000007000000", @ANYRES32=r7, @ANYBLOB], 0x20}}, 0x0) r9 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000540)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc}, 0x0) ioctl$KVM_RUN(r10, 0xae80, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) timerfd_create(0x0, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x1c5c7e, 0x0) r11 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) close(r11) 12.739719381s ago: executing program 0 (id=2459): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r0, &(0x7f0000000000), 0x100000008) ioctl$EVIOCGABS2F(r0, 0x8018456f, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(0xffffffffffffffff, 0x80004519, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 12.358756782s ago: executing program 0 (id=2463): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x8052, &(0x7f0000000040)={[{@block_validity}, {@noblock_validity}, {@quota}]}, 0x1, 0x4d3, &(0x7f0000000600)="$eJzs3E1sVNUeAPD/nXZo+XrM4/F4D0QtorGR2EJBYeEGo4kLTYy40GXTFoIUamhNhKAZEoNLQ+LeuHTrwq26McaViVtcmhgSYtgAbhxzZ+7tTKczU6addmz6+yXDnHO/zjlz7rlzPjoEsGWNpP8ktfDtiNgTEYXmA0Zqbw/uXZ96eO/6VJQrlbN/JNXT7qfxTHaZ2JlFRgsRhU+S+o4G81evXZycnZ25ksXHFy69Pz5/9drzFy5Nnp85P3N54vTpkyeOn3px4oXuC9UivbRc9w9+PHfowGvv3npjajDfPpy9N5ajV0ZipFVWqp7pdWJ9trshnAz2MSN0Jb3/0+oqVtv/nhgIlQdbRaVSqQy1312uNLuxbAuwaSXR7xwA/ZF/0afj3/zVqiOwbX26H31390xtAJSW+0H2iniyujGfByk2jW97aSQi3in/+UX6inWahwAAaPTdmbwn2NT/Kw0vOe5f2RpKKSL+HRF7I+I/EbEvIv4bEfsj4n8R8f+m6w9ERKVD+iP1YHWpZHn/p3BnrWXsJO3/vZStbdX7f9G4ClYayGK7I/IO88yx7DMZjeLQuQuzM8c7pPH9K7981m5fY/8vfaXp533BLB93Bpsm6KYnFyZXXeAmd29EHBxsLn8ymFZHvhKQVsyBiDjYxXVLDeELz311aDFSXHrcyuWvqrRcR+vBUkXly4hna/VfjiX1X08x6bw+OT4cszPHxtO74FjLNH76+eab7dJfsfzf/NZ8yqunvj2btay1S+t/R8P9H/n6bb38pSQiWVyvne8+jZu/ftp2TLPa+39b8nY1nI9LP5xcWLhyPGJb8vry7RP1c/N4+h7lWvlHj7Ru/3uzc9JP4rGISG/ixyPiiaiNENO8H46IpyLiSIfy//jy0++tvvzrKy3/dMvn35L6r6/Xtwsk5drRLXYNXDx8+2Gbh8ej1f/Jamg029L6+ZcseUS0y2n+bZdu+WutHx4AAABsEoWI2NUwl7QrCoWxsdoc0L7YUZidm184em7ug8vT6b6IUhQL+UxXbT64mOTzn6WG+ERT/EQ2b/z5wPZqfGxqbna6ryUHdlbbfFIYW3wW1Np/6vfeTDED/2R+8gNb10rtf/+tDcoIsOEe/fv/h4/WNSPAhmto/+U2h5RX8XdfwCZg/A9b1/L2364b0OkcYLOpPHpbLq53XoCN19V3+dGV+wbA5jEYby2GC33NCbDRjOVhS1rxd/1rClSGWu8ajuUHx3DnCw7E6rKxvUVafQmkPau+pL59NWfl/5tC22Oi0N0Fh6I3dXqu2w/h8I7mLef39/zmr2R/K9/rGvx6Q9ppq0BfHkcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA993cAAAD//5Aw31k=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000440)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x3, 0x431, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000100)={0x2, 'macvlan1\x00', {0x8001}, 0xcb6a}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='cgroup.controllers\x00', 0x275a, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r5}, 0x10) dup3(0xffffffffffffffff, r3, 0x80000) ioctl$FS_IOC_RESVSP(r4, 0x4030582b, &(0x7f0000000040)={0x0, 0x0, 0x92b, 0x0, 0x91, 0xf0}) shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x5000) mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x5, &(0x7f0000000000)=0x101, 0x29, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x3) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0) 6.61926854s ago: executing program 3 (id=2480): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x4008031, 0xffffffffffffffff, 0x20000000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) io_getevents(0x0, 0x6, 0x0, 0x0, 0x0) 5.306907267s ago: executing program 3 (id=2483): bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x5, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8) setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000000)=0x7f, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 4.834229786s ago: executing program 3 (id=2486): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, r1, 0x1}, 0x1c}}, 0x0) 4.750544713s ago: executing program 4 (id=2487): syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x21000e, &(0x7f0000000080), 0x1, 0x4f4, &(0x7f0000000540)="$eJzs3V9rHGsZAPBnNtljeppjctSL44FzPHiOpEW7mzS2DV60FcS7glLva0g2IWSTDdlN24QiKX4AQUQLXnnljeAHEKQfQQoFvRcVRbTVCy/UkZmdtMmy26SY3S2b3w/enXdmd+Z53t3s7Px5MxPAmfVRRNyMiLGIuBgRU8X0UlFiv12y1z1/9mApK0mk6e2/JZEU0yKvHTxGnC9mm2gPumru7q0v1uu17WK82trYqjZ39y6tbSyu1lZrm/Pzc1cXri1cWZg9lXZm7br+jT/9+Ac//+b1X3/l3u/v/OXC97J8J4vn2+04fe33pJy9Fy+MR8R2P4INwVjRnvKwEwEA4ESy7bfPRMQX8+3/qRjLt+ZyNukAAABgRKQ3JuPfSUQKAAAAjKwbeR/YpFQp+vtORqlUqbT78H4u3i7VG83Wl1caO5vL7b6y01EurazVa7NFn9rpKCfZ+Fxefzl+uWN8PiLejYgfTZ3LxytLjfrysA9+AAAAwBlxvmP//59T7f1/AAAAYMRMDzsBAAAAoO967f8nA84DAAAA6B/n/wEAAGCkfevWraykB/e/Xr67u7PeuHtpudZcr2zsLFWWGttbldVGYzW/Zt/GccurNxpbX43NnfvVVq3ZqjZ39+5sNHY2W3fWjtwCGwAAABigd7/w+HdJROx/7VxeMm9lD2M9ZtBXAEZG6XVe/Mf+5QEMXq+feWD0jQ87AWB49oedADBsRy710WWj4HDnnSPHDH7Tv5wAAIDTNfP57uf/s12A8rCTA/rqtc7/AyPF+X84u17z/P+TfuUBDF7ZFgCcecfd6qPnxTtOfP4/TY9dFgAA0FeTeUlKleJc4GSUSpVKxDv5v/qXk5W1em02Ij4dEb+dKn8qG5/L50zcHhAAAAAAAAAAAAAAAAAAAAAAAAAATihNk0gBAACAkRZR+nNS3P9rZuqTyc7jA28l/5rKhxFx76e3f3J/sdXansum//3F9NajYvrlYRzBAAAAADod7Kcf7McDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGl6/uzB0kEZZNy/fj0iprvFH4+JfDgR5Yh4+x9JjB+aL4mIsVOIv/8wIt7rFj/J0orpIovO+KWIODeY+B+kado1/vlTiA9n2eNs/XOz2/evFB/lw+7f//Gi/L96r/9KL9Z/Yz3Wf++cMMb7T39Z7Rn/YcT7493XPwfxkx7xP+62wC5vyne/s7fXK376s4iZrr8/yZFY1dbGVrW5u3dpbWNxtbZa25yfn7u6cG3hysJsdWWtXiseu8b44Qe/+m/HpP+kbXn7o0f86WPa/0lWKR9uTGeYItjT+88+266WOxaRx7/wcffP/71XxM/+Jr5U/A5kz88c1Pfb9cM+/MWTD7smVsRf7tH+4z7/C70W2uHit7//hxO+FAAYgObu3vpivV7b7nvlUZqmg4ql8gZWJt6MNFSOr5zGkS0AAOBN83Kjf9iZAAAAAAAAAAAAAAAAAAAAwNnV3I1Svy8n1hlzfzhNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4pf8FAAD//0KX4lI=") timer_create(0x2, 0x0, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x0) 4.727480984s ago: executing program 3 (id=2488): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x40000) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002ac0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_clone(0x0, &(0x7f0000000340)="46f0ddfd897621347ca473b5d3963d4f5f54fffe9ced29d03366f2fe3cfe4ae59214d1539889e11fa9ef36911adc58d04ada60089d3ec3294204b8a43e4aebc3365f521630938881b5f5b2ebfeb0d61085d7e559f9", 0x55, &(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000580)="7dcafc4800a8995a95d0903eae148256688268c18c3ea7a9265c9824e2d83865930f143f6589e0b31f547e2dcde29193b0cca40965c964061b5f7e9d6d8772c6225ce0146e4cf75709bb94c43dfb67f34de613d02a6b6375fd2f0ecc619a39f4de1a01e8fc546a112479e96d8e5b927d676f2adea4b373df51c34a24f2d8a89d2f5444bc1c3938d23229b9b4487b506b9a5c2f2f5bb9d2b624cf6840764d0c291a66282001dc2f5b812d") preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102376, 0x18fe8}], 0x1, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) socket$inet6(0xa, 0x0, 0x7f) 3.765176423s ago: executing program 3 (id=2489): r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x800000003, 0x0) bind(r2, &(0x7f0000000100)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r2, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000780)=0x14) r4 = socket(0xa, 0x1, 0x0) ioctl(r4, 0x8916, &(0x7f0000000240)) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="400000001400210100000000000000000a000000", @ANYRES32=r3, @ANYBLOB="14000200fe"], 0x40}}, 0x0) writev(r0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000300010000004500000025000000190011000600ad000200000000000006040000000000000000", 0x39}], 0x1) 3.707028728s ago: executing program 2 (id=2490): r0 = epoll_create(0x6) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000140)={0x0, 0x2, 0x4}) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000200)={0x80000000, 0x2, 0x1}) r2 = epoll_create(0x20) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000280)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000300)) epoll_pwait(r0, &(0x7f0000000380)=[{}], 0x1, 0x0, 0x0, 0x0) 3.698441108s ago: executing program 1 (id=2491): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) connect$inet6(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000680), &(0x7f0000000800)='./file0\x00', 0x1480e, &(0x7f00000003c0)=ANY=[@ANYBLOB="6d61703d6f66662c6d61703d61636f726e006e6f726f636b2c73657373696f6e3d307830203030303030303030332c636865636b3d72656c617865642c6e6f726f636b416e0400000000000000c86b2c6d6f44653d30783030303030303090cf5cee73e4fdbccf1ad8f6238d714830303030303030756e686964652c6d61703d61636f726e2c6f76657272696465726f636b706572916964652c00add51ea29069028397e9808a385f6e0c9ab44fb55e327ad812fe293a6347f7f502634dfa74f42b394b1587068ecfa5acd459ae5a7dce3d2ca29a5d67adb9bfb87ce6ccb85cb98b2b7a0c5bae05ac8cfd1895938b2910b1498c0d61c80000"], 0x1, 0x69b, &(0x7f0000000840)="$eJzs3Vtv2+Ydx/Ef5YNkdwiCbQiCII2fJCvgYJkiyY0DIwNWjaJsbpIokPJmAwOKrLGLIHK6JRmw+KbzzQ5A9wZ215td7EUU2HXfxXa1AcV2N2DAwIEHnayDrUR22ub7MVpR5J8P/3yo8G9a4iMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABZdqVQKFqquY3tHTOeXfG9+oTlSWsLupVM3Dpxu5IV/adcTpeTWZe/3Vt8KfrfDV1Nnl1VLnrI6fCtSxfvf2s+01l/QkIvQ9M2+OzF4eMH7fbe01PEzmnq5l8nZU4RtOk03MBz6+VNx7iBZzbW1wt3tqqBqbo1J9gNWk7d2L6TaXm+WbVvmeLGxppx8rvedmOzUq45nZn3vlcqFNbNj7LJgZaUD+wtt1ZzG5txTLQ4irlnPvlZEuCU68bsP2rvrZ2UZBRUPE1Q6aSgUqFUKhZLpeL63Y279wqF+aEZhYhV6NJQxMxftPiKmd3JG3hFmaj+/82SasqpoW3tyIz8sVWRL0/1MctTnfr/zh1n4nb763+nyl+WfpAuvqK4/l9Lnl0bV//H5GJk4hVGLbHGzJ/uZyHOyOiZXuhQj/VAbbW1p6czaNvIrMyklXP42ZSjhlwF8uSqrnI8x6RzjDa0rnUV9L62VFUgo6pc1eQo0K4CteTEryhbvhyV1ZInX0arsnVLRkVtaENrMnKU1648bauhTVVU1n/CMNzXo7jf1ybkqE5QcUxAtj+oNKGlcfX/5x8nr9O0/heo/2+q5HWQTR4+nxQDfAmE6fX/lFbOJhsAAAAAAHAWrPiv71b83v3bkkJV3ZpTeN1pAQAAAACAGbIUZnVVVnT9L+ltWVz/AwAAAADwdWPF99hZkpbjD/VbvTuhTvNHgLlzSBEAAAAAALyi+M7/a4tSGA9asSJrqut/AAAAAADwFfD7vjH25ztj7Iadt/Uzklb+nrU++1dW/oJ11Nz5jnVQjpaUD9KYoU8AtKpXrAvpQL3xw6Kk+JntXLXSraWDYHbHHfxi/6Sx/i3/WAKLc/0NjEnAira8Pp8+0ye6nqxyPR1n/uFhRvGSZCvLVbfm5G2vdr+ocvlCpuXstH715NGvJb+7n/uP2nv5Dz5qP4xzOYpmHR1EjX48kE5mdGf0cnkej7cQ33Mxao+XVO1s8g+N+rIVb7fQ2f85lQ8y/RuadAB62/ytbiTH7MZyErt82B1xP9r/XLT/xXx8yAb23l+welkUj+/5qAMxJotcnMXNJObm6s3koZNf1E7Gyn13Tirlh4/BQBal/ixO7gvr30N9MSmLtC/Woiz+GjV0LIuffpasvDZdFkNHBABel/1eFYoHMR+qu53y0DmpvVTdSat7dnx1f2+wuj//UxjGjc5J8+l7ExO3klN0Rl+14jq0qPjEOn9lxBm9kNaVnPrP6P8LE90ae7rqdhSG4fF9/UvvO5DStIey+G8YhveLcSX547Gq+mm0wqdjtxvUSnNRF955fvCLeAD8yId7H+49KZXW1gvvFgp3S1qIf1VIH+ZE7QEADDn5O3biiMyECOtdXU/auP7wn+8kUwMV75vdjxTk9YE+UlsPdbvzFQIro1td7vsYwu3kqlV9V63m0sX7S9Lx2KJuj72qi2tpX2ypG7ugziqDlboXu3b2BwIAgHN044Q6bI38DSE3UP9vazWJWL0y8rp7sJanV8fdS/pxscWTk39v1r0BAMCbwfG/sJZbv7N8322+X9zYKJZbW47xPfvHxncrm45xGy3Ht7fKjU3HNH2v5dlezTR9Zd2KE5hgu9n0/Japer5peoG7E3/zu0m/+j1w6uVGy7WDZs0pB46xvUarbLdMxQ1s09z+Yc0Nthw/XjloOrZbde1yy/UaJvC2fdvJGxM4Tl+gW3EaLbfqRpMN0/TdetnfNT/xatt1x1ScwPbdZstLGuxsy21UPb8eN5tXOPUXHQIA8HX07MXh4wft9t7T4xNL0aV5MudIY2KGJxZHNMgYQQAAfMn0yvXkuIFP++XOOCkAAAAAAAAAAAAAAAAAAAAAADDg5Fv6ppxYGHWzoNSd88sL6Rz9Rr1bDIfasTTrxKaZyEy7VueWiMPHn08IXurO6XR/f8zRNBvVRemld/Af35DeiucomTM/+z5cmnBwz2Li+/tJj47vMY3psWz3WMzP/p9DNPHkz2MWhWEYTl49O9iHi5N2cHBiXtLTxVc4BOd/LgJwvv4fAAD//8bUPmw=") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/178, 0xb2) 3.661157872s ago: executing program 4 (id=2492): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x38, r1, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x5, 0x4, @multicast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_team\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x5, 0x5, @multicast1}]}, 0x38}}, 0x0) 3.466992257s ago: executing program 4 (id=2493): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000080), 0x1, 0x52e, &(0x7f0000000a80)="$eJzs3c9vI1cdAPDvTH52mza70ANUwC5QWNBq7Y23XVW9tHsBoaoSouKAOGxD4o1C7DjETmlCJNK/ASSQOMGfwAGJA1JPHLhxROKAkMoBaYEItEECyWjGk9RNnMY0jg3x5yONZt48+33fW+/Mm3l25gUwtm5ExF5ETEfEGxExX+xPiiVe6SzZ6x7v7y4d7O8uJdFuv/7XJM/P9kXXezJPFmXORsTXvhzxreRk3Ob2ztpirVbdLNLlVn2j3Nzeub1aX1yprlTXK5V7C/fuvHj3hcrA2nq9/vNHX1p99eu/+uUn3/3t3he/l1VrrsjrbscgdZo+dRQnMxkRr15EsBGYKNbTI64HH04aER+JiM/kx/98TOT/OwGAy6zdno/2fHcaALjs0nwMLElLxVjAXKRpqdQZw3smrqS1RrN162Fja325M1Z2NabSh6u16p1rM7//Tn7FMJVk6YU8L8/P05Vj6bsRcS0ifjjzRJ4uLTVqy6O77AGAsfbksf7/HzOd/r8PPb7VAwD+b8yOugIAwNDp/wFg/Oj/AWD89NH/F1/27114XQCA4XD/DwDjR/8PAONH/w8AY+Wrr72WLe2D4vnXy29ub6013ry9XG2ulepbS6WlxuZGaaXRWMmf2VM/q7xao7Gx8HxsvVVuVZutcnN750G9sbXeepA/1/tBdWoorQIAPsi16+/8LomIvZeeyJfomstBXw2XWzrqCgAjMzHqCgAjY7YvGF/93+P/5kLrAYxOz4d5z/bcfL8f/xdB/M4I/qfc/Hj/4//meIbLxfg/jK8PN/7/8sDrAQyf8X8YX+12cnzO/+mjLADgUjrHb/zb3x/URQgwUmdN5j2Q7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkpmLiG9HkpaKucDnIk1LpYinIuJqTCUPV2vVOxHxdFyPiKmZLL0w6koDAOeU/jkp5v+6Of/c3PHc6eSfM/k6Ir77k9d/9NZiq7W5kO3/29H+mcPpwyrvve8c8woCAAOW99+VYt11I/94f3fpcBlmfR7dj38XUxEvHezv5ksnZzIm8/Vsfi1x5e9Jke7MRfpsREwMIP7e2xHxsV7tT/KxkavFzKfd8aOI/dRQ46fvi5/meZ11dvH10QHUBcbNO/cj4pVex18aN/J17+N/Nj9Dnd+j+53CDs99B13xD89/Ez3iZ8f8jX5jPP/rr5zY2Z7v5L0d8exkr/jJUfzklPjP9Rn/D5/41A9ePiWv/dOIm9E7fnescqu+UW5u79xerS+uVFeq65XKvYV7d168+0KlnI9Rlw9Hqk/6y0u3nj6tbln7r5wSf7Zn+6eP3vu5Ptv/s3+98c1Pf0D8L3y29+f/TM/4HVmf+Pk+4y9e+cWp03dn8ZdPaf9Zn/+tPuO/+6ed5T5fCgAMQXN7Z22xVqtunmsjuwsdRDknNrIqDrTAMzb+GMOLdebG1EX9q174xuTRteJgS/5GVuKQm5MOvBXn2ng8rFijPS8BF++9g37UNQEAAAAAAAAAAAAAAE4zjD9dGnUbAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLz+EwAA//+2KMyN") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2401}) 3.358160577s ago: executing program 4 (id=2494): syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f00000000c0)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@user_xattr}, {@grpjquota_path}, {@bh}, {@prjquota}, {@usrjquota}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x409e}}, {@nodiscard}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki") fsetxattr(0xffffffffffffffff, &(0x7f0000000100)=@known='security.selinux\x00', &(0x7f00000001c0)='\x00\x00o;\xc8\xdd1\xa4lB&\xa9\xb6\x06\x06\x99\t\xf5\x10\x17\'\xcaV\xab\\rw9+\xba\tl|\xde\x93\xea\x95A}\x89\x82\x8c\nN\x97\xbf\xab\xa4_\xc2\x17\xe7+\xc5\xfe\x16-\xdd\xa7\x00\xfe\xa0\xa2\xbdUw\x01\x80\x92\xea\x15\xc2opg\xee\xbd\t\xba\x9d\x98\x983\xfd\v\xc1\xbd\x1e\xd5h\xc3@\xda\xee\x97\xd5~\xee\xd6$\xc6\x8c\x01l\x1e\xd3\x1f\xe4<\xee\b\xe4\x16\xc3Ku\x84\xcd\x89\xb8\x1bF\xcd\r\xbc\xc0\xbb\xf5Q\x06\xb71>\xcd\xdb\x0f\x8c\x14\xc5\t\x92m/u,^\xe6\xc7V\xca|;j\xc1\xf4$\xe1A\x17\xeb\xf1M\x8c\x82\\\x89\x89\x00\x98\xadr\xd4\x86;\xed+\x899\x8a\xe9\x18\xb4]a\xd2\x15\x93\x84\x8b\x85\xae\'\xf4\xc9\xcb\x8c\'\x88\xff\x02\b\xaf\xe9vc\x9au\xba\xce]\x85\x98>\xa6\xe1\xc0)\xff`\xdepJ\x95E\x98\xa6pu\xbdh\xa2\xe3\x9d\x85\x19El\xf4aO\xb7\xcd\x15', 0x7c8, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r4 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xac \xe8\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6)\x9f\x9cR\xae\x12G\xd8\xa4y\xef\x02?\xf2\xe7}\ra\x97F', 0x0) r5 = creat(&(0x7f0000000080)='./file1\x00', 0x0) copy_file_range(r4, 0x0, r5, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10) r7 = socket(0x10, 0x3, 0x0) write(r7, &(0x7f00000000c0)="240000001e005f0214fffffffffffff807000000b800000000000000080008000d000000", 0x24) syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) 3.357375097s ago: executing program 1 (id=2503): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18) syz_emit_ethernet(0xbe, &(0x7f0000000280)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @dev, {[@cipso={0x86, 0x71, 0x0, [{0x0, 0xc, "e256b28c599d1681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "73bc2300ad9d19a30000000000000000"}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0) 3.152239403s ago: executing program 1 (id=2495): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff) write$binfmt_misc(r0, &(0x7f0000000240)=ANY=[], 0xfffffecc) 2.708226699s ago: executing program 2 (id=2496): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x4c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_RENAME(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x34, 0x5, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x34}}, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) unshare(0x0) ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x1ffffc, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x2352a000) mmap(&(0x7f00000cb000/0x1000)=nil, 0x1000, 0x6, 0x10, r2, 0x841ea000) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000), 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$ttyS3(0xffffffffffffff9c, 0x0, 0xa4200, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) 2.46197157s ago: executing program 2 (id=2497): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$udf(&(0x7f00000002c0), &(0x7f0000000080)='./file0\x00', 0x4006, &(0x7f0000002440)=ANY=[], 0xff, 0xc0c, &(0x7f0000001500)="$eJzs3V9sHVdaAPDvjO3YSdHupduk3aVa3RapG7JssJ1t08or0VBjsWy2NXW8C5SH3sROuMS5vrKdblrBbnjqA0iYReKFRUJCiyoeVkZoH+BpkZB4tdC+IaSwLKUIId2HrfqCajRzz42vHacJdRznz+8nJd/cme/MnDlnMjN3zh0lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIX/rlU6Njab9rAQDcTS/PvDo67voPAA+VM77/AwAAAAAAAAAAAADAvS5FEe9Fim882UmvV5+7Rk43W5evzE5O7VzsYKpKDlT55Z+RsfETX3z2uZPP9+JHl7/TPh2vzJw5VX9p8VJ7aX55eX6uPttqnlucm7/tNey2/HbHqgaoX7p4ee78+eX6+PETWxZfqb07/MiR2sTJsdcO93JnJ6emZvpyBoc+9tZvcLM3PA5EEecjxcV33kuNiChi921xi2Nnrx2sduJYtROzk1PVjiw0G62VcuF0ryGKiFpfoRd7bXQX+mJX6hFXy+qXFT5W7t5Mu7HUOLswX59uLK00V5qLrenUrW2q0ot4PkW0I6IzfOPqhqKIb0aKt7/TSWcjYqDXDp+vXgy+dX2KPdjH2zAYEbWhiPXiPuize9hwFPG9SPHtb43GudyuVbM9E/HVMh6JuFzGaxGrZfxsRCoPkMci3t/heOL+MhhF/EGk+MlEJ831+r46r5z+Wv3LrfOLfbm988p9f324m+7xc9NIFNGozvid9PFvdgAAAAAAuPcU8ceR4qkfHk3t6B9TbLYu1M80zi50nwr3nv3Xc6mNjY2NWurG0Rync2znuJrjWo7rZYzNFdSKXD7H6RzbOa7muJbjeo6dHGsDuXyO0zm2c1zNcS3H9Rw7OdYGc/kcpwerml1t58+rOa7luJ5jZ3A/+gkAAAAAAAAAbu5gFPH1SPHML7xRvVcc1Xvpn5w4+erxX+1/Z/yJW6ynzD0eEWvF7b2TeyC/OjydplPap3eI6b7/93v5/b/f3+/KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+6qIIp6OFG98v5MiRUQ94vXoxmvD+107AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgThhJRbwfKf70KyPV5/Ui4jcj4sONDzci4tqHG3fafu8xAAAAAAAAADyAUhFvRoqnX+2kWkRcqb07/MiR2sTJsdcOD8RApDKlP/+VmTOn6i8tXmovzS8vz8/VZ1vNc4tz87e7uZHTzdblK7OTU3uyM7d0cI/rf3DkpcX2m0vNC7+9suPyQyOnzi6vLDXO7bw4DkYRUe+fc6yq8OzkVFXphWajVRWdTrdbYwAAAAAAAAAeBkOpiA8jxdt/9c71cefB7pj/4Pbc734posjTk3n8+fowdPW7gU9UvxvoTn9y4uSvjX+mf3rHIetj1YB6fXZyamqmb/bg0I2pI3m7o7vbZfqU/b8SKf7wz+vpqTxva/8PXM/97u9u9vfV7Su6SZ//P/p/S4/3+v+n++aV20ypiL+JFD/z60/EU1U9D8UNv5nIeV+JFL+x9mTOiwNl3tN5+aPV3yPnmwvzo2XulUjxD5e35j6Tcz+1mTt2u+16vyj7/+lI8d+/tXa9bXL/5x7Y7LX+/v/M9qNj9/2/47//R/vm1fJ2f/bO7DoRsfzmWxcbCwvzSw/jxMC9UQ0TJnaeiKv7t/X9PjNxN5TX/69Hir//k3+5fr+Tr/8/FdVt1eb93wff3Lz+T2xf0R5d/z/VN28i340MDUaMrFxqDz0eMbL85ltfaF5qXJi/MN86cfKF58ZHXxgbPTF0oHdztzm1fcs3fL95GJX9/zuR4ns/+uv4XJ639f5v5/v/Q9tXtEf9/1jfvENb7ld2vevk/v/fSPFPkz+Io3neR93/977/H8034dfvz/eo/w/3zau+430i4uf65h09HPHAfSkDAACAOyylIn6Qx1NHbzGe+o+R4q3/+vmcl46UeS/m5bXq75GXF1tfOLWwsHiusdI4uzBfn2k3zs2XZX8cKTp/+WQuW1Tjq73x5u4Y7+ZY7D9Hihd+pZfbHYvtPZt6bDN3rMw9Hin+6OWtub3nGIc3c8fL3H+NFGOv7Zx7ZDP3RJn7n5Higz+r93IPlblfyrmPb+YeP7e4MLcH3QIAAAAAALsylIp4LlL83YnB1Hu+fTu//7zhofce/f7v8b55c3fpfZVdNyoA3OPK6//R8qr+i39xfSx/6/V/8z2Z/uv/dv3/b8DNpj/O9b92Z3YTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KGToojFSPGNJzvp2nD5uWvkdLN1+crs5NTOxQ6mquRAlV/+GRkbP/HFZ587+XwvfnT5O+3T8crMmVP1lxYvtZfml5fn5+qzrea5xbn5217Dbstvd6xqgPqli5fnzp+PGD9+YsviK7V3hx85Ups4Ofba4V7u7OTU1ExfzuDQx976DXr9WmybfyCK+J9IcfGd99K/Deflu2yLWxw7e+1gFPG3EVHuxOzkVLUjC81Ga6VcON3XELW+Qi/22ugu9MWu1COultUvK3ys3L2ZdmOpcXZhvj7dWFpprjQXW9OpW9tUpRfxfIpoR0Rn+MbVDUURQ5Hi7e900o+GIwZ67fD5l2deHR2/SSVGNie3H1B3yWBE1IYi1ov7oM/uYcNRxLOR4tvfGo1/H+62a9Vsz0R8tYxHIi6X8VrEahk/G5HKA+SxiPd3OJ64vwxGEY9Gip9MdNKPh3PfV+eV01+rf7l1frEvt3deue+vD3fTPX5uGoki3qvO+J30H/49AwAAAAA8QIp4IlI89cOjqRofvD6m2GxdqJ9pnF3oPtbvPfuv51IbGxsbtdSNozlO59jOcTXHtRzXc+zkWCty+Rync2znuJrjWo7rOXZyrA3k8jlO59jOcTXHtRzXc+zkWBvM5XOczrGd42qOazmu59gZ3M/+AgAAAAAAANhZEUV8LlK88f1O2hjuDvC+Ht14zftAD7z/CwAA//9v9lF3") r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x84000c12) openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x140, 0x0) inotify_add_watch(r1, &(0x7f0000000080)='./bus\x00', 0x400) unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2.342967039s ago: executing program 3 (id=2498): openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) mlockall(0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$eventfd(r0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000140)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) r2 = dup(r1) write$FUSE_WRITE(r2, &(0x7f0000000100)={0xfffffeec}, 0xffffffd1) write$FUSE_ENTRY(r2, &(0x7f0000000380)={0x90}, 0x90) close(r2) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00') timer_settime(r3, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) syz_clone(0x0, 0x0, 0xffffffffffffff66, 0x0, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r4, 0x6, 0x0, 0x0, &(0x7f0000000100)) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) setgroups(0x1, &(0x7f0000000140)=[0x0]) getgroups(0xfe99, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000040)=0x6, 0x4) bind$inet(0xffffffffffffffff, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) 2.124597917s ago: executing program 1 (id=2499): syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009980708b5192100c7980000000109021b00012000ac00090400000107000009090585cf"], 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000080000085000000060000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r2, r3, 0x25, 0x4, @void}, 0x10) setregid(0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) 1.373713268s ago: executing program 2 (id=2500): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r2, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0) read$nci(r0, &(0x7f0000000200)=""/100, 0x64) write$nci(r0, &(0x7f0000000000)=@NCI_OP_CORE_RESET_RSP={0x0, 0x0, 0x2, 0x0, 0x0, {0x0, 0x0, 0x40}}, 0x6) read$nci(r0, &(0x7f00000002c0)=""/100, 0x64) write$nci(r0, &(0x7f0000000340)=@NCI_OP_CORE_INIT_RSP, 0x14) read$nci(r0, &(0x7f0000000380)=""/100, 0x64) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x20000008b}, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x54}}, 0x0) write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4) sendmsg$NFC_CMD_START_POLL(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000900)={0x44, r2, 0x1, 0x123, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0xb2}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0xbeff75b0beda36a4}, @NFC_ATTR_PROTOCOLS={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x90}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x50}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0) read$nci(r0, &(0x7f0000000500)=""/100, 0x64) write$nci(r0, &(0x7f0000000580)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5) read$nci(0xffffffffffffffff, &(0x7f00000005c0)=""/100, 0x4) write$nci(r0, 0x0, 0x0) read$nci(r0, &(0x7f0000000680)=""/100, 0x64) write$nci(0xffffffffffffffff, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4) write$nci(r0, &(0x7f0000000980)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @f={0x9, 0x5, 0x2, 0x1, {0xa, 0xd3, "4490a08ab9adf3d79e5552c6c48c5a46a0ce1ca22ea25cf0103139993469561ee361b2879f498d2f73aeedfb27ef44c0da6631f92bbb9fa8f3bfaf3b551f9684f4d8800095fb8295fa30ff60e5eca3117984630038cb0a36d3858ba375776b97c834adcf527e62b75017114ad6373c27f743f3963028f6ff4876e88a7490e34724fba63e7ab49eae583158f33ba764779424e22d8a4bcd93f8691ca50288da78da51b4bedceabcf3af31d2522a484c9a0642d4156b370f7da80fe1524a97e1b11ad93ef5cfc2c82eb752e5e4887f4a66e861b9"}, 0x1}}, 0xdd) sendmsg$NFC_CMD_ACTIVATE_TARGET(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x2c, r2, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0) read$nci(r0, &(0x7f0000000840)=""/100, 0x64) write$nci(r0, &(0x7f00000008c0)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x0, 0x2, 0x4, 0x0, {0x0, 0x0, 0x0, 0x1}}, 0x7) 774.975317ms ago: executing program 4 (id=2501): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setns(0xffffffffffffffff, 0x0) syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000100)='./file2\x00', 0x1000b, &(0x7f00000000c0)=ANY=[], 0x21, 0x1cb, &(0x7f0000000ac0)="$eJzsVc2rUkEU/41O149FtY7ARVK2SK/XijaRq/APaBslaiXdvrxCKUK3lf9HG/+NFu3bBAVBm1pU0MJoKz7OzBkdn4Lv+XxfMD+4njlfv5kzR848iV5FADAZDxqoQsHDWXwTAhJATmjb3ZSWfzwti6z/klpeZft7llNG1Os/rYdhq6MXGQCLli0sVvsS+iDYDyPF73Z9Ht8/t4pHyPWEX4lvm6UexkJscFFrF4g16Uko8IgWD5KmZCr+oIT/t3WwHDbsu9xDl7Hc5fRx/efFsmuu3nmXwF9V8ZfxoEGLhzylyNbUn7BjqJsfrZgLUn0iiekshoYfKVcAlLrPXpaiXv9aW8TA49bzIKjc9K/7/o2g9Kgdtnz9K6wtzIgiWb2dAs3UjOU/A+C7zKqYLCz81tuao7Ff2Lk0h6c8pAuXsICElWukwIdZLqeBruAeLoNa+joWljWvWCRUSTUIJJXCQ/8tX4veK62iio0XYXMIofZTaSNIzTHhNFK8+Rk1e+VWbExDlnmWNZYjlj9YmjfLvEVSMfxkrRBT197Uu91O2fvEKWV69ZQt8Iw3OB/bF0a7/mMOU9zFFBwcHBwcHBwcThl2AgAA//+TS1cL") creat(0x0, 0x0) fanotify_init(0x0, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0xfffffffffffffffc}) creat(0x0, 0x0) mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000) mremap(&(0x7f0000e95000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, 0x0) 490.96858ms ago: executing program 4 (id=2502): open(&(0x7f0000000300)='.\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) socket$inet6(0xa, 0x3, 0x7) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x10, &(0x7f0000000e40), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) socket(0x1, 0x803, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) socket$nl_route(0x10, 0x3, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'}) 263.085109ms ago: executing program 2 (id=2504): socket$inet_udplite(0x2, 0x2, 0x88) socket$igmp(0x2, 0x3, 0x2) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000500)=[{{&(0x7f0000000280)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000000000000290000000b00000000000000000000002400000000000000290000003200000000000000000000000000ffffac141400", @ANYRES32=r0], 0x40}}], 0x1, 0x0) 148.478418ms ago: executing program 1 (id=2505): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, 0x0, &(0x7f0000000080)) 46.858276ms ago: executing program 2 (id=2506): r0 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010008020d00000904010102020d0000090582020002000000090503020002000000bc94ef907df247d46eaa274c8f51e61fb4cfc6664d5c9315a37e6e4eae4cdd654f17856753d01b00310244243631e819a05df18c7f"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000007c0)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x401}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000080)='./file2\x00', 0x100080d, &(0x7f0000000a80)=ANY=[@ANYRES32=0x0, @ANYBLOB="de60d8dc536d5258d6a94ad55604a34dc65b7ef79c1a1754e4cadfe21823d0c10a15d53dba5f2d2bc67ef2477d0412534e2f5151c7a60c8f5d6c634d173fecb5de9207a7090d302229cd3f210d34e4584c824c9dda7d35e0d7a06cd667bf9cced32944ca27d8a80e62cf6310db869ee250fb65467e3b11ad5042d600c6b8f18454d57df621e578fef0a3a93c14609231", @ANYRES8, @ANYRESDEC, @ANYBLOB="215aa15bf29ed2ff6f9241ff60693d298a3d41143bfc9091146111b4930c37eddcf542d641b821af229e7d8780d50b6f47fa3e5928555eb4d6d507d92b87b0b01c19c789895e02891afc082bb85a47087f168a6aa2c2bc51a3f3a404a4a1e6e2fbad00d592df65bd2a593f488bf41dbc7ea43fe2554fbe34e4a77f606f35e445aff55aaa19f7ffffffffffffff19bd4739c80c9e6681229c48e0c6de634c35c029c4eb3b4341ffff089416a3d63f08577a303758410658a4ec52e5b778eda9cd1bd8834e145c111690b0da927087e805000000000000008fd8b9bdfbdaa777db54127463a589eed325c34b6459505702f3a45f285c53c1b25bab2eef6324d67ad8d7e247317d80ff3ad9120b4e2294e67de9adaab76fa991571a187cd8f7fbc49bf45d6f8dbf69ef0d765a02ad98e802b1688148a8c017e3af238f82c49bbd8ba542fbfec5693d82158e3216b95656986f9d7eec7244a27dfaf8623fc76943bf142a61d9d6c622dbcac3d324d07be5a5cc88f85a857ff9d45924d5d82a04424d3453c96fafa37d952940f3147d5af234b39c3ff742a2e5300e10ee692a32f5c3321d44eadaa8c44bf9d534b52fe758082299e04f839e529a6d0293bf12770ac948730a0c367e117137c6fd930b1f306138163b7180e111d6926255a71bd227b1d27f2897721e3bda884b0792a81134d8fbc9aafc732b15aee5c9e0a835ac17b457efa36ce1095a3196d278207846ea81172826d49b87aac6e662bb824f16b0b65fc6989395ba022bd6af2f1830375c311bdf55f15d9830564e65dc76e5b7c9a91e857dbcef3909cfd628649337de6ff04a398f4325a430467aee51d7fa12ef61bc0b67d1e18e62754d8a2b65fb", @ANYRESOCT, @ANYRESOCT=0x0, @ANYRES32, @ANYRESDEC, @ANYRESOCT, @ANYRES64, @ANYRES8, @ANYBLOB="3dea3f"], 0xff, 0x1fc, &(0x7f0000002c80)="$eJzsmb+LE0EUx78zu5c9DxFsLGwsPPBEb39F5ZorThArQYiilsFsQnCTSLJCEhANNjaWIoKt/4CFRSoLOztbLVQQLEwpWAgjMztuJokbExQN+D5wc995M/PmzbD7TbEgCOK/5cP7L+8enN25dBLAfmzC0fFP1ngOB7Le28e3TjzcPffk2ZunL5sHbg+n860DEGLx/WXiF3sWEtUTQtyZHN+UzaPJ2GVwHNf6Chhc3JXym1Ck8QgM15SygUwDrX1axJF7vRVXqvU48mUTyCaUTdHcS64eDRgq2dmEYMZ4p9e/UY7jqD0t1sSPfWaGlhXz7k/Vt8exq/uyPg7g6v17A9l3ddwHT+8SQACOQOsiGEpa78CB67rjKzHOf9ge57cWOf+/Euxr+hjIyMHtP5hZXsAqHPDvC/kC/XqycFag1IUEm47IFzqLHBoNX82u+rgqxecLhhzHUcZlPr3n9ZzXG3F84Tc2LegdZ4cs05+YDRwz/MmGnfmHlzRuep1ef7veKNeiWtQMw+IZ/5Tvnw69at2B7yk7muN/68qfNoz8a+YE4welwArolpOkHXSBpB1k/TBtDcctPW99Vmu48j+OraNpDnnJ6tjOz+th+o+r/1JtWbnFEwRBEARBEARBEARBEARBLMURMKSfQNSHKpFDeFHN/h4AAP//g4dqzQ==") stat(&(0x7f0000005280)='./file0\x00', 0x0) dup(0xffffffffffffffff) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000071122700000000009500c9df00000000de54efd337d35285c161c5277edb8ebb15b58f91a5ee2dfc464680aaeda509f80db720be849cfad349052a513d731f3e1ab1616de782ebeab3fad78b022a9488de94c51041787406824c841f2e132d053e63230d79544561215df07865865ca3b1d4cd0ca39c621b8bcb16c583a7d45d18615d25d7189e29edf825cc4555d6357089204333610ca3ad8e0bd555a1a819abd1c3df59e861ad355c8b4c483a06d01b"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$unix(0xffffffffffffffff, 0x0, 0x0) r2 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r2, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x11}}}, 0x1e) connect$pptp(r2, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000380)={0x14, &(0x7f00000006c0)={0x40, 0xd, 0xe7, {0xe7, 0x6, "173f3627f5404b6e6b6c7a5fe4db5a83630cce986a9b1b8a213f109c098e8fa8145a0c4d58bc15a92772afcb3cfa4d7e2a7522c1533c1654ae91d1ed9de1c4490488ed11953d195bfb6fd8238a0181bbcfe27e1ecaa79793ff27645914aaafa1312a1815193dcd7af2a7e1384c1c2b6a67c06d1bfd5e0591667a0e0cde45d7c90c09c32d950001ec07e82416c5f44e5e3746131bdd4e6fc9fcf839363c206f78edd1af9a3f17023f8844259347671b4826d8ab8d8fda1b2f6e5a420cf6744f519e6dbc730ec5c9d4f667f6b22dd1f256194a5f8a1e65342d2a3c38064047d914f2a96d173e"}}, &(0x7f0000000340)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000009c0)={0x44, &(0x7f0000000840)={0x20, 0x15, 0x98, "84bc90b51cd0cb9125a6e7ba8536532aa552e796d0962066dee140dc9098b68befdd1267ba1f3eb407d3414e363973a826bb58e6efa2124724fd15d9afcd8dc6ac33773032108a40e2ffca9b1cf6684a798b15c0a0e93352db7d01990f426d36904824d54395d1de1f39c411d16c7ff82b9709c5fa556c756296de1b1eb5c358f36ef7a5742a2f18151234126a99b7bdf4488555dff410dd"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000000500)={0x20, 0x80, 0x1c, {0x7, 0x8a, 0x2, 0x3, 0x5, 0x1, 0x80, 0xa455, 0x400, 0xb6, 0xffff, 0x8}}, &(0x7f0000000640)={0x20, 0x85, 0x4, 0xffffffc0}, &(0x7f0000000900)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000940)={0x20, 0x87, 0x2, 0x3bf3}, &(0x7f0000000980)={0x20, 0x89, 0x2}}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x90) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, &(0x7f0000000180)=""/246) writev(r4, &(0x7f0000000680)=[{&(0x7f00000002c0)="2614", 0xf00}], 0x1) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000000)={0x1, 0x40, 0xeb, 0x101, 0x1a, "3e450f5726b4412a3327c17f177f7b72f19409"}) 0s ago: executing program 1 (id=2507): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) unshare(0x0) r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x802442, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$FICLONE(r4, 0x40049409, r4) r5 = syz_open_procfs(0xffffffffffffffff, 0x0) lseek(r5, 0x300000002, 0x0) kernel console output (not intermixed with test programs): 2236][ T3679] usb 1-1: USB disconnect, device number 35 [ 556.085177][T10858] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 556.093615][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 556.110431][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 556.291407][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 556.300689][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 556.314582][T10858] device veth0_vlan entered promiscuous mode [ 556.324613][ T5506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 556.332962][ T5506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 556.345654][T10858] device veth1_vlan entered promiscuous mode [ 556.353986][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 556.361800][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 556.369643][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 556.393105][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 556.401682][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 556.410234][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 556.421871][T10858] device veth0_macvtap entered promiscuous mode [ 556.435088][T10858] device veth1_macvtap entered promiscuous mode [ 556.451590][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.462161][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.472071][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.483073][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.493042][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.506316][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.516172][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.526618][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.536440][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.547604][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.557455][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.567952][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.577760][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.588211][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.598071][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.608517][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.618349][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 556.628994][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.641463][T10858] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 556.651137][ T5506] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 556.660035][ T5506] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 556.668436][ T5506] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 556.677332][ T5506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 556.690826][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.702272][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.713752][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.724990][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.735095][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.748444][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.758320][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.769745][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.779708][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.790160][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.800003][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.810442][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.820306][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.830760][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.840699][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.851136][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.863645][T10858] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 556.874543][T10858] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 556.886318][T10858] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 556.894035][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 556.902775][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 556.914662][T10858] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.923370][T10858] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.932400][T10858] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 556.941723][T10858] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 557.021164][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 557.032762][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 557.035911][ T3706] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 557.050709][ T3706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 557.064657][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 557.078481][T10308] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 557.183761][T10893] x_tables: duplicate underflow at hook 4 [ 557.618990][T10907] loop2: detected capacity change from 0 to 32768 [ 557.626475][T10907] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2008 (10907) [ 557.643041][T10907] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 557.653267][T10907] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 557.662480][T10907] BTRFS info (device loop2): using free space tree [ 558.438511][ T3644] Bluetooth: hci5: command tx timeout [ 558.515773][T10891] loop1: detected capacity change from 0 to 32768 [ 558.543535][T10891] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.2017 (10891) [ 558.574309][T10891] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 558.587291][T10891] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 558.596614][T10891] BTRFS info (device loop1): using free space tree [ 558.713195][T10907] BTRFS info (device loop2): enabling ssd optimizations [ 558.892898][T10952] input: syz0 as /devices/virtual/input/input29 [ 558.919563][T10891] BTRFS info (device loop1): enabling ssd optimizations [ 559.549084][ T8404] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 559.601776][T10891] loop1: detected capacity change from 32768 to 0 [ 559.880450][T10967] loop0: detected capacity change from 0 to 512 [ 559.913809][T10967] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 559.922332][T10967] System zones: 1-12 [ 559.927221][T10967] EXT4-fs (loop0): orphan cleanup on readonly fs [ 559.939359][T10967] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 33619980: comm syz.0.2014: invalid block [ 559.995563][T10967] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2014: invalid indirect mapped block 1819239214 (level 1) [ 560.018503][ T9402] loop: Write error at byte offset 9223372036860125183, length 4096. [ 560.045746][ C0] I/O error, dev loop1, sector 10448 op 0x1:(WRITE) flags 0x1800 phys_seg 1 prio class 2 [ 560.055929][ C0] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0 [ 560.066007][ T9402] loop: Write error at byte offset 9223372036860137471, length 4096. [ 560.088935][ C0] I/O error, dev loop1, sector 10472 op 0x1:(WRITE) flags 0x1800 phys_seg 1 prio class 2 [ 560.098812][ C0] BTRFS error (device loop1): bdev /dev/loop1 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0 [ 560.112308][ T9701] BTRFS: error (device loop1: state A) in do_free_extent_accounting:2847: errno=-5 IO failure [ 560.137672][T10967] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2014: bg 0: block 361: padding at end of block bitmap is not set [ 560.159881][ T9701] BTRFS info (device loop1: state EA): forced readonly [ 560.169145][ T9701] BTRFS error (device loop1: state EA): failed to run delayed ref for logical 5296128 num_bytes 12288 type 178 action 2 ref_mod 1: -5 [ 560.183624][ T9701] BTRFS: error (device loop1: state EA) in btrfs_run_delayed_refs:2150: errno=-5 IO failure [ 560.203476][ T9701] BTRFS info (device loop1: state EA): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 560.216416][T10967] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 560.262364][T10967] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.2014: attempt to clear invalid blocks 33619980 len 1 [ 560.318262][T10967] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2014: invalid indirect mapped block 1819239214 (level 0) [ 560.355130][T10967] EXT4-fs (loop0): 1 truncate cleaned up [ 560.376411][T10967] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 560.576655][ T5769] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 560.693875][ T3644] Bluetooth: hci5: command tx timeout [ 560.820940][T10967] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.2014: Directory hole found for htree index block 0 [ 560.846361][T10967] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.2014: Directory hole found for htree index block 0 [ 561.021382][ T5769] usb 3-1: config 0 has no interfaces? [ 561.027108][ T5769] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 561.096128][ T5769] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 561.153450][ T5769] usb 3-1: config 0 descriptor?? [ 561.811221][T10455] EXT4-fs (loop0): unmounting filesystem. [ 562.084689][T10992] netlink: 'syz.4.2029': attribute type 17 has an invalid length. [ 562.096633][ T5770] usb 3-1: USB disconnect, device number 34 [ 562.128485][T10992] device vlan2 entered promiscuous mode [ 562.134074][T10992] device macvtap0 entered promiscuous mode [ 562.177355][T10992] device macvtap0 left promiscuous mode [ 562.244239][T10996] loop0: detected capacity change from 0 to 4096 [ 562.260456][T10994] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2031'. [ 562.265868][T10996] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 562.378353][T10996] ntfs: volume version 3.1. [ 563.042364][ T3644] Bluetooth: hci5: command tx timeout [ 563.992265][T11020] loop2: detected capacity change from 0 to 128 [ 564.001597][T11018] loop1: detected capacity change from 0 to 512 [ 564.062703][T11018] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 564.069352][T11020] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 564.071969][T11018] System zones: 1-12 [ 564.084060][T11018] EXT4-fs (loop1): orphan cleanup on readonly fs [ 564.098898][T11018] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 33619980: comm syz.1.2037: invalid block [ 564.110603][T11020] ext4 filesystem being mounted at /146/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 564.138793][T11018] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2037: invalid indirect mapped block 1819239214 (level 1) [ 564.171616][T11018] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.2037: bg 0: block 361: padding at end of block bitmap is not set [ 564.186562][T11018] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 564.204876][T11018] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.2037: attempt to clear invalid blocks 33619980 len 1 [ 564.233836][T11018] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.2037: invalid indirect mapped block 1819239214 (level 0) [ 564.312050][T11018] EXT4-fs (loop1): 1 truncate cleaned up [ 564.358784][T11018] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 564.433838][ T8404] EXT4-fs (loop2): unmounting filesystem. [ 564.682830][ T5142] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 565.935545][T11040] IPVS: sync thread started: state = MASTER, mcast_ifn = pimreg, syncid = 0, id = 0 [ 565.945696][ T5142] usb 1-1: Using ep0 maxpacket: 8 [ 566.026593][T11018] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.2037: Directory hole found for htree index block 0 [ 566.105097][T11043] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.2037: Directory hole found for htree index block 0 [ 566.189977][ T5142] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 566.369284][ T9701] EXT4-fs (loop1): unmounting filesystem. [ 566.383901][ T5142] usb 1-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 566.400244][ T5142] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 566.419727][ T5142] usb 1-1: Product: syz [ 566.446108][ T5142] usb 1-1: Manufacturer: syz [ 566.474836][ T5142] usb 1-1: SerialNumber: syz [ 566.514647][ T5142] usb 1-1: config 0 descriptor?? [ 566.557919][T11051] loop1: detected capacity change from 0 to 2048 [ 566.569374][ T5142] imon_raw 1-1:0.0: IR endpoint missing [ 566.681093][T11051] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 567.401647][ T3636] usb 1-1: USB disconnect, device number 36 [ 567.483579][ T9701] EXT4-fs (loop1): unmounting filesystem. [ 568.186046][T11075] block device autoloading is deprecated and will be removed. [ 568.793030][T11085] xt_HMARK: spi-set and port-set can't be combined [ 568.958785][ C1] eth0: bad gso: type: 1, size: 1408 [ 568.975552][T11069] loop1: detected capacity change from 0 to 32768 [ 569.026774][T11091] loop0: detected capacity change from 0 to 512 [ 569.087407][T11091] ext4: Unknown parameter 'fowner<00000000000000000000' [ 569.096464][T11069] XFS (loop1): Mounting V5 Filesystem [ 569.277444][T11069] XFS (loop1): Ending clean mount [ 569.303891][T11069] XFS (loop1): Quotacheck needed: Please wait. [ 569.454554][T11069] XFS (loop1): Quotacheck: Done. [ 569.491723][T11110] loop2: detected capacity change from 0 to 512 [ 569.543602][T11110] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 569.640932][ T9701] XFS (loop1): Unmounting Filesystem [ 569.706064][T11111] loop2: detected capacity change from 0 to 16 [ 569.733375][T11111] erofs: Unknown parameter '' [ 569.808827][T11107] loop0: detected capacity change from 0 to 32768 [ 569.847912][T11110] loop2: detected capacity change from 0 to 512 [ 570.025220][T11110] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.2066: iget: bad i_size value: -67835469387268086 [ 570.858175][T11110] EXT4-fs (loop2): Remounting filesystem read-only [ 570.887420][T11110] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.2066: couldn't read orphan inode 15 (err -117) [ 570.923855][T11110] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 571.070528][T11110] ext4 filesystem being mounted at /158/bus supports timestamps until 2038 (0x7fffffff) [ 571.217262][ T8404] EXT4-fs (loop2): unmounting filesystem. [ 575.873549][T11143] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2075'. [ 575.901680][T11145] loop0: detected capacity change from 0 to 512 [ 575.928505][T11145] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 575.939657][T11140] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 575.943771][T11145] System zones: 1-12 [ 575.973348][T11145] EXT4-fs (loop0): orphan cleanup on readonly fs [ 576.028099][T11145] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 33619980: comm syz.0.2076: invalid block [ 576.091282][T11145] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2076: invalid indirect mapped block 1819239214 (level 1) [ 576.139149][T11145] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2076: bg 0: block 361: padding at end of block bitmap is not set [ 576.182487][T11145] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 576.202938][T11145] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.2076: attempt to clear invalid blocks 33619980 len 1 [ 576.213094][T11157] loop2: detected capacity change from 0 to 512 [ 576.236009][T11159] sp0: Synchronizing with TNC [ 576.258706][T11157] EXT4-fs (loop2): unsupported inode size: 264 [ 576.265143][T11145] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2076: invalid indirect mapped block 1819239214 (level 0) [ 576.296337][T11157] EXT4-fs (loop2): blocksize: 1024 [ 576.309387][T11145] EXT4-fs (loop0): 1 truncate cleaned up [ 576.318883][T11145] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 577.304598][ T5769] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 577.586535][ T5769] usb 4-1: Using ep0 maxpacket: 8 [ 577.738145][ T5769] usb 4-1: New USB device found, idVendor=10d2, idProduct=2865, bcdDevice=a4.c9 [ 577.759924][ T5769] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 577.791844][ T5769] usb 4-1: config 0 descriptor?? [ 577.836882][ T5769] usblcd 4-1:0.0: USBLCD model not supported. [ 577.878320][T11145] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.2076: Directory hole found for htree index block 0 [ 577.963281][T11152] loop1: detected capacity change from 0 to 40427 [ 577.977158][T11166] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.2076: Directory hole found for htree index block 0 [ 578.009599][T11152] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 578.030716][T11152] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 578.071947][ T3636] usb 4-1: USB disconnect, device number 29 [ 578.099878][T11152] F2FS-fs (loop1): Found nat_bits in checkpoint [ 578.251216][T11152] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 578.272525][T11152] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 578.275787][T10455] EXT4-fs (loop0): unmounting filesystem. [ 578.335920][T11165] loop2: detected capacity change from 0 to 32768 [ 578.459395][T11165] XFS (loop2): Mounting V5 Filesystem [ 578.553633][T11165] XFS (loop2): Ending clean mount [ 578.559944][ T9701] syz-executor: attempt to access beyond end of device [ 578.559944][ T9701] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 578.589134][T11165] XFS (loop2): Quotacheck needed: Please wait. [ 578.693082][T11165] XFS (loop2): Quotacheck: Done. [ 579.103228][ T3636] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 579.105363][ T8404] XFS (loop2): Unmounting Filesystem [ 579.373963][ T3636] usb 4-1: Using ep0 maxpacket: 32 [ 579.431803][T11200] loop0: detected capacity change from 0 to 164 [ 579.457582][T11200] rock: directory entry would overflow storage [ 579.472407][T11200] rock: sig=0x4f50, size=4, remaining=3 [ 579.482482][T11200] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 579.504167][ T3636] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 579.517381][T11200] rock: directory entry would overflow storage [ 579.523553][T11200] rock: sig=0x4f50, size=4, remaining=3 [ 579.536434][ T3636] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 579.538859][T11200] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 579.554319][ T3636] usb 4-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 579.576148][ T3636] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 579.610546][ T3636] usb 4-1: config 0 descriptor?? [ 579.723142][T11195] loop1: detected capacity change from 0 to 32768 [ 579.742715][T11195] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2087 (11195) [ 579.760825][T11195] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 579.771665][T11195] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 579.780650][T11195] BTRFS info (device loop1): metadata ratio 2 [ 579.787118][T11195] BTRFS info (device loop1): force zlib compression, level 3 [ 579.794519][T11195] BTRFS info (device loop1): use zlib compression, level 3 [ 579.801972][T11195] BTRFS info (device loop1): enabling auto defrag [ 579.823876][T11195] BTRFS info (device loop1): max_inline at 0 [ 579.838790][T11195] BTRFS info (device loop1): using free space tree [ 579.845094][T11203] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2094'. [ 579.963955][T11195] BTRFS info (device loop1): enabling ssd optimizations [ 579.999315][ T26] audit: type=1800 audit(1723378426.497:517): pid=11195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2087" name="bus" dev="loop1" ino=263 res=0 errno=0 [ 580.101981][ T26] audit: type=1804 audit(1723378426.589:518): pid=11225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2087" name="/newroot/71/file1/bus" dev="loop1" ino=263 res=1 errno=0 [ 580.144690][ T3636] hkems 0003:2006:0118.001D: unbalanced delimiter at end of report description [ 580.178203][ T3636] hkems 0003:2006:0118.001D: parse failed [ 580.184008][ T3636] hkems: probe of 0003:2006:0118.001D failed with error -22 [ 580.309504][ T26] audit: type=1804 audit(1723378426.792:519): pid=11195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2087" name="/newroot/71/file1/bus" dev="loop1" ino=263 res=1 errno=0 [ 580.539091][ T9701] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 580.547829][ T5039] usb 4-1: USB disconnect, device number 30 [ 581.563239][T11247] loop0: detected capacity change from 0 to 1024 [ 581.673793][T11248] input: syz0 as /devices/virtual/input/input30 [ 582.036677][T11260] loop1: detected capacity change from 0 to 256 [ 582.365286][T11264] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2106'. [ 582.520980][T11265] loop1: detected capacity change from 0 to 4096 [ 582.557171][T11265] ntfs: (device loop1): parse_options(): Unrecognized mount option BӃVJnx ﺃGBbyu׫n@Ր. [ 582.570104][T11265] ntfs: (device loop1): parse_options(): Unrecognized mount option +-hg/R\D쿍Msg/!ҁ;fx1g >^ރNsHU#W!U1ـs˂׷P [ 582.570104][T11265] zEi>$׽7s. [ 582.634327][T11265] ntfs: (device loop1): parse_options(): Unrecognized mount option . [ 582.766689][T11267] xt_CT: You must specify a L4 protocol and not use inversions on it [ 582.990289][T11269] loop0: detected capacity change from 0 to 512 [ 583.005246][T11272] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2119'. [ 583.036132][T11269] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 583.235314][T11269] loop0: detected capacity change from 0 to 16 [ 583.281726][T11269] erofs: Unknown parameter '' [ 584.050339][T11269] loop0: detected capacity change from 0 to 512 [ 584.196024][T11269] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz.0.2108: iget: bad i_size value: -67835469387268086 [ 584.220373][T11269] EXT4-fs (loop0): Remounting filesystem read-only [ 584.226960][T11269] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.2108: couldn't read orphan inode 15 (err -117) [ 584.487784][T11269] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 584.503465][T11269] ext4 filesystem being mounted at /36/bus supports timestamps until 2038 (0x7fffffff) [ 585.260544][T11275] loop2: detected capacity change from 0 to 32768 [ 585.301368][T11275] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2109 (11275) [ 585.401912][T11275] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 585.433094][T10455] EXT4-fs (loop0): unmounting filesystem. [ 585.447019][T11275] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 585.465245][T11275] BTRFS info (device loop2): metadata ratio 2 [ 585.476139][T11275] BTRFS info (device loop2): force zlib compression, level 3 [ 585.500259][T11275] BTRFS info (device loop2): use zlib compression, level 3 [ 585.528161][T11275] BTRFS info (device loop2): enabling auto defrag [ 585.546973][T11275] BTRFS info (device loop2): max_inline at 0 [ 585.560431][T11275] BTRFS info (device loop2): using free space tree [ 585.622554][T11278] loop1: detected capacity change from 0 to 32768 [ 585.630938][T11278] XFS: noikeep mount option is deprecated. [ 585.703106][T11278] XFS (loop1): Mounting V5 Filesystem [ 585.767955][T11275] BTRFS info (device loop2): enabling ssd optimizations [ 585.777524][T11278] XFS (loop1): Ending clean mount [ 585.786964][T11278] XFS (loop1): Quotacheck needed: Please wait. [ 585.814343][ T26] audit: type=1800 audit(1723378431.869:520): pid=11275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2109" name="bus" dev="loop2" ino=263 res=0 errno=0 [ 585.821318][ T153] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 585.907922][T11278] XFS (loop1): Quotacheck: Done. [ 585.941257][ T26] audit: type=1804 audit(1723378431.989:521): pid=11338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2109" name="/newroot/165/file1/bus" dev="loop2" ino=263 res=1 errno=0 [ 586.018544][ T26] audit: type=1804 audit(1723378432.063:522): pid=11275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2109" name="/newroot/165/file1/bus" dev="loop2" ino=263 res=1 errno=0 [ 586.074901][ T9701] XFS (loop1): Unmounting Filesystem [ 586.100557][ T26] audit: type=1326 audit(1723378432.137:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11339 comm="syz.4.2132" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ced5779f9 code=0x0 [ 586.110944][ T153] usb 4-1: Using ep0 maxpacket: 8 [ 586.169853][ T8404] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 586.264856][ T153] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 586.273201][ T153] usb 4-1: config 179 has no interface number 0 [ 586.334900][ T153] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 586.363974][ T153] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 586.375699][ T153] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 586.387555][ T153] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 586.400383][ T153] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 586.415953][ T153] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 586.459623][ T153] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 586.503133][T11308] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 586.573734][T11342] loop0: detected capacity change from 0 to 32768 [ 586.626272][T11342] XFS (loop0): Mounting V5 Filesystem [ 586.821729][T11342] XFS (loop0): Ending clean mount [ 586.838544][T10312] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input31 [ 586.869876][T11342] XFS (loop0): Quotacheck needed: Please wait. [ 586.990510][T11342] XFS (loop0): Quotacheck: Done. [ 587.009695][T11355] tipc: Started in network mode [ 587.036600][T11355] tipc: Node identity f7, cluster identity 4711 [ 587.045707][ T3682] usb 4-1: USB disconnect, device number 31 [ 587.066230][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 587.078204][ T3682] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 587.090500][T11355] tipc: Node number set to 247 [ 587.496004][T11364] loop2: detected capacity change from 0 to 2048 [ 587.868070][T10312] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 587.950995][T11364] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 587.967318][T10455] XFS (loop0): Unmounting Filesystem [ 587.986604][T11364] ext4 filesystem being mounted at /167/file0 supports timestamps until 2038 (0x7fffffff) [ 588.238794][ T8404] EXT4-fs (loop2): unmounting filesystem. [ 589.082823][T10312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 589.124742][T10312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7 [ 589.153831][T10312] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=3a.9e [ 589.190350][T10312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 589.234919][T10312] usb 5-1: config 0 descriptor?? [ 590.129849][T10312] usb 5-1: string descriptor 0 read error: -71 [ 590.186705][T10312] ath6kl: Failed to submit usb control message: -71 [ 590.193351][T10312] ath6kl: unable to send the bmi data to the device: -71 [ 590.244277][T10312] ath6kl: Unable to send get target info: -71 [ 590.284411][T10312] ath6kl: Failed to init ath6kl core: -71 [ 590.343959][T11392] loop0: detected capacity change from 0 to 512 [ 590.396691][T10312] ath6kl_usb: probe of 5-1:0.0 failed with error -71 [ 590.426396][T10312] usb 5-1: USB disconnect, device number 31 [ 591.562899][T11402] tipc: Started in network mode [ 591.567893][T11402] tipc: Node identity f7, cluster identity 4711 [ 591.595664][T11402] tipc: Node number set to 247 [ 592.322312][ T120] block nbd4: Attempted send on invalid socket [ 592.328516][ T120] I/O error, dev nbd4, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1 [ 592.337840][T11413] qnx4: unable to read the superblock [ 592.718464][T11430] sp0: Synchronizing with TNC [ 593.213127][T11416] loop0: detected capacity change from 0 to 32768 [ 593.275767][T11439] tipc: Started in network mode [ 593.309510][T11439] tipc: Node identity f7, cluster identity 4711 [ 593.315789][T11439] tipc: Node number set to 247 [ 593.411907][T11442] loop2: detected capacity change from 0 to 512 [ 593.453001][T11442] ext4: Bad value for 'max_batch_time' [ 593.619900][T11416] XFS (loop0): Mounting V5 Filesystem [ 593.768285][T11454] device team0 entered promiscuous mode [ 593.786045][T11454] device team_slave_0 entered promiscuous mode [ 593.792356][T11454] device team_slave_1 entered promiscuous mode [ 593.843536][T11416] XFS (loop0): Ending clean mount [ 593.860472][T11451] device team0 left promiscuous mode [ 593.871339][T11416] XFS (loop0): Quotacheck needed: Please wait. [ 593.897457][T11451] device team_slave_0 left promiscuous mode [ 593.928850][T11451] device team_slave_1 left promiscuous mode [ 593.946253][T11416] XFS (loop0): Quotacheck: Done. [ 595.043876][T10455] XFS (loop0): Unmounting Filesystem [ 596.107335][T11462] overlayfs: missing 'lowerdir' [ 597.218177][ T5771] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 597.577054][T11475] loop1: detected capacity change from 0 to 1024 [ 597.625727][T11475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2160'. [ 597.662514][ T5771] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 597.695064][ T5771] usb 4-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 597.704541][ T5771] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 597.731561][ T5771] usb 4-1: config 0 descriptor?? [ 597.739272][T10029] hfsplus: b-tree write err: -5, ino 4 [ 597.804729][ T5771] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 598.224096][T11477] loop0: detected capacity change from 0 to 32768 [ 598.235450][T11477] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2156 (11477) [ 598.249467][T11478] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 598.250111][T11477] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 598.270608][T11477] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 598.279363][T11477] BTRFS info (device loop0): metadata ratio 2 [ 598.285689][T11477] BTRFS info (device loop0): force zlib compression, level 3 [ 598.297537][T11477] BTRFS info (device loop0): use zlib compression, level 3 [ 598.306290][T11477] BTRFS info (device loop0): enabling auto defrag [ 598.313706][T11477] BTRFS info (device loop0): max_inline at 0 [ 598.319775][T11477] BTRFS info (device loop0): using free space tree [ 598.372109][T11487] loop2: detected capacity change from 0 to 256 [ 598.458557][T11487] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 599.244122][T11477] BTRFS info (device loop0): enabling ssd optimizations [ 599.273255][T11505] sp0: Synchronizing with TNC [ 600.219140][ T26] audit: type=1800 audit(1723378445.160:524): pid=11477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2156" name="bus" dev="loop0" ino=263 res=0 errno=0 [ 601.163955][ T5040] usb 4-1: USB disconnect, device number 32 [ 601.269294][ T26] audit: type=1804 audit(1723378446.120:525): pid=11477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2156" name="/newroot/44/file1/bus" dev="loop0" ino=263 res=1 errno=0 [ 601.342625][ T26] audit: type=1804 audit(1723378446.185:526): pid=11477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2156" name="/newroot/44/file1/bus" dev="loop0" ino=263 res=1 errno=0 [ 601.549432][ T26] audit: type=1326 audit(1723378446.388:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11515 comm="syz.1.2167" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6be7f779f9 code=0x0 [ 601.566063][T10455] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 601.664432][T11522] loop1: detected capacity change from 0 to 2048 [ 601.682546][T11523] fuse: Bad value for 'rootmode' [ 601.688958][T11522] UDF-fs: bad mount option "gid=00000000000000060929" or missing value [ 601.707742][T11523] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2168'. [ 601.863754][T11525] loop1: detected capacity change from 0 to 256 [ 601.918648][T11525] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 602.026274][ T26] audit: type=1800 audit(1723378446.840:528): pid=11525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2167" name="file0" dev="loop1" ino=1048749 res=0 errno=0 [ 602.655409][T11531] loop1: detected capacity change from 0 to 512 [ 603.850694][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.857097][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.904375][T11545] loop1: detected capacity change from 0 to 512 [ 605.139493][T11548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 605.149474][ C1] eth0: bad gso: type: 1, size: 1408 [ 605.202014][T11561] loop1: detected capacity change from 0 to 512 [ 605.234945][T11561] ext4: Bad value for 'max_batch_time' [ 605.977354][T11562] sp0: Synchronizing with TNC [ 606.546953][T11568] overlayfs: missing 'lowerdir' [ 606.730909][ T26] audit: type=1326 audit(1723378451.169:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11567 comm="syz.2.2184" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3baa7779f9 code=0x0 [ 607.035244][T11575] loop2: detected capacity change from 0 to 2048 [ 607.050045][T11575] UDF-fs: bad mount option "gid=00000000000000060929" or missing value [ 607.149423][T11580] loop0: detected capacity change from 0 to 512 [ 607.186205][T11580] EXT4-fs (loop0): unsupported inode size: 264 [ 607.192493][T11580] EXT4-fs (loop0): blocksize: 1024 [ 607.200982][T11577] loop1: detected capacity change from 0 to 256 [ 607.237620][T11577] FAT-fs (loop1): Unrecognized mount option "" or missing value [ 607.277732][ T26] audit: type=1400 audit(1723378451.677:530): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=11581 comm="syz.3.2190" [ 607.457444][T11584] loop2: detected capacity change from 0 to 256 [ 607.497070][T11577] loop1: detected capacity change from 0 to 512 [ 608.274336][T11584] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 608.373758][T11590] loop0: detected capacity change from 0 to 128 [ 608.381436][T11577] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 608.396834][T11577] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038 (0x7fffffff) [ 608.421415][ T26] audit: type=1800 audit(1723378452.738:531): pid=11593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2184" name="file0" dev="loop2" ino=1048751 res=0 errno=0 [ 608.638160][ T9701] EXT4-fs (loop1): unmounting filesystem. [ 608.976851][T11595] syz.0.2192: attempt to access beyond end of device [ 608.976851][T11595] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128 [ 610.078220][ T5039] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 610.522796][ T5039] usb 1-1: config 0 has no interfaces? [ 610.528320][ T5039] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 610.566338][ T5039] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 610.598102][ T5039] usb 1-1: config 0 descriptor?? [ 612.452938][T10311] usb 1-1: USB disconnect, device number 37 [ 612.530195][T11626] sp0: Synchronizing with TNC [ 613.153494][T11634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2207'. [ 613.195853][T11638] loop1: detected capacity change from 0 to 128 [ 613.261686][T11641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2211'. [ 613.360307][ T26] audit: type=1326 audit(1723378457.288:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11643 comm="syz.0.2209" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd847d779f9 code=0x0 [ 614.258107][T11652] syz.1.2208: attempt to access beyond end of device [ 614.258107][T11652] loop1: rw=2049, sector=145, nr_sectors = 456 limit=128 [ 615.271465][T11653] random: crng reseeded on system resumption [ 615.526404][ T102] kworker/u4:4: attempt to access beyond end of device [ 615.526404][ T102] loop1: rw=1, sector=601, nr_sectors = 440 limit=128 [ 615.577395][T11650] loop0: detected capacity change from 0 to 2048 [ 615.587575][T11650] UDF-fs: bad mount option "gid=00000000000000060929" or missing value [ 615.790164][T11655] loop0: detected capacity change from 0 to 256 [ 615.828291][T11655] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 615.930545][ T5770] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 616.495922][ T26] audit: type=1800 audit(1723378460.187:533): pid=11655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2209" name="file0" dev="loop0" ino=1048755 res=0 errno=0 [ 616.535660][ T5770] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 616.558902][ T5770] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 616.662774][ T5770] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 616.675360][T11667] loop1: detected capacity change from 0 to 512 [ 616.681943][ T5770] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 616.692791][ T5770] usb 4-1: config 0 descriptor?? [ 616.715415][T11667] EXT4-fs (loop1): unsupported inode size: 264 [ 616.744209][T11667] EXT4-fs (loop1): blocksize: 1024 [ 616.753313][ T26] audit: type=1400 audit(1723378460.427:534): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=11665 comm="syz.4.2218" [ 616.770068][ T5770] usb 4-1: can't set config #0, error -71 [ 616.782040][ T5770] usb 4-1: USB disconnect, device number 33 [ 618.028822][T11674] loop1: detected capacity change from 0 to 32768 [ 618.044041][T11674] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.2230 (11674) [ 618.062536][T11674] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 618.073423][T11674] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 618.082165][T11674] BTRFS info (device loop1): using free space tree [ 618.178200][T11684] sp0: Synchronizing with TNC [ 618.295934][T11674] BTRFS info (device loop1): enabling ssd optimizations [ 618.558063][ T26] audit: type=1326 audit(1723378462.088:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11700 comm="syz.4.2223" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ced5779f9 code=0x0 [ 619.363582][ T9701] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 619.557650][T11713] loop0: detected capacity change from 0 to 1024 [ 619.637977][T11713] EXT4-fs: Ignoring removed nomblk_io_submit option [ 619.860328][T11713] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 621.840561][T11713] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 622.265064][T10455] EXT4-fs (loop0): unmounting filesystem. [ 622.299369][ T5039] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 622.765388][ T5039] usb 2-1: config 0 has no interfaces? [ 622.770896][ T5039] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 622.819397][ T5039] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 623.040081][ T26] audit: type=1400 audit(1723378466.232:536): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=11738 comm="syz.2.2233" [ 624.236019][T11743] overlayfs: missing 'lowerdir' [ 624.275736][ T5039] usb 2-1: config 0 descriptor?? [ 624.790458][ T5770] usb 2-1: USB disconnect, device number 35 [ 625.308426][T11736] loop0: detected capacity change from 0 to 32768 [ 625.448445][T11736] XFS (loop0): Mounting V5 Filesystem [ 625.555269][T11736] XFS (loop0): Ending clean mount [ 625.563057][T11736] XFS (loop0): Quotacheck needed: Please wait. [ 625.575744][ T102] XFS (loop0): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 [ 625.614403][ T102] XFS (loop0): Unmount and run xfs_repair [ 625.644099][ T102] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 625.653046][ T102] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed XAF.......G...N. [ 625.674023][ T102] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00 .b..1........... [ 625.687917][ T102] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08 .;.............. [ 625.703379][ T102] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c ................ [ 625.718628][ T102] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 625.727636][ T102] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 625.736814][ T102] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 625.745783][ T102] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 625.754668][ T102] XFS (loop0): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74 [ 625.782834][T11736] XFS (loop0): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 625.841656][ T26] audit: type=1800 audit(1723378468.807:537): pid=11736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2243" name="file1" dev="loop0" ino=9286 res=0 errno=0 [ 625.929040][ T26] audit: type=1800 audit(1723378468.844:538): pid=11736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2243" name="file1" dev="loop0" ino=9286 res=0 errno=0 [ 625.989161][ T26] audit: type=1800 audit(1723378468.955:539): pid=11736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2243" name="file1" dev="loop0" ino=9286 res=0 errno=0 [ 626.004338][T11736] XFS (loop0): Metadata CRC error detected at xfs_agfl_read_verify+0x1ca/0x290, xfs_agfl block 0x3 [ 626.023033][T11736] XFS (loop0): Unmount and run xfs_repair [ 626.029325][T11736] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 626.036719][T11736] 00000000: 58 41 46 ff 07 00 00 00 bf dc 47 fc 10 d8 4e ed XAF.......G...N. [ 626.056828][T11736] 00000010: a5 62 11 a8 31 b3 f7 91 00 00 00 00 00 00 00 00 .b..1........... [ 626.065950][T11736] 00000020: a5 3b c8 8a ff ff ff ff 00 00 00 07 00 00 00 08 .;.............. [ 626.075125][T11736] 00000030: 00 00 00 09 00 00 00 0a 00 00 00 0b 00 00 00 0c ................ [ 626.084335][T11736] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 626.093818][T11736] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 626.103470][T11736] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 626.112942][T11736] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ [ 626.126436][T11736] XFS (loop0): metadata I/O error in "xfs_alloc_read_agfl+0x250/0x430" at daddr 0x3 len 1 error 74 [ 626.151643][T11736] XFS (loop0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x6a5/0xb80 (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 626.166321][T11736] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 626.184060][T11753] loop0: writeback error on inode 9286, offset 0, sector 18692 [ 626.220195][T11753] syz.0.2243 (11753) used greatest stack depth: 19040 bytes left [ 626.268058][T10455] XFS (loop0): Unmounting Filesystem [ 626.295124][ T26] audit: type=1326 audit(1723378469.232:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11759 comm="syz.1.2236" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6be7f779f9 code=0x0 [ 626.480618][T11762] loop1: detected capacity change from 0 to 2048 [ 626.501134][T11762] UDF-fs: bad mount option "gid=00000000000000060929" or missing value [ 626.656856][T11767] random: crng reseeded on system resumption [ 627.977286][ T26] audit: type=1326 audit(1723378470.792:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11771 comm="syz.2.2240" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3baa7779f9 code=0x0 [ 628.021432][T11773] loop1: detected capacity change from 0 to 256 [ 628.157378][T11773] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 628.273591][ T26] audit: type=1800 audit(1723378471.060:542): pid=11773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2236" name="file0" dev="loop1" ino=1048757 res=0 errno=0 [ 628.523395][T11778] loop0: detected capacity change from 0 to 1024 [ 628.549798][T11778] EXT4-fs: Ignoring removed mblk_io_submit option [ 628.643340][T11778] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 629.170757][T10455] EXT4-fs (loop0): unmounting filesystem. [ 631.264121][T11792] loop1: detected capacity change from 0 to 1024 [ 631.302711][T11792] EXT4-fs: Ignoring removed nomblk_io_submit option [ 631.331170][T11792] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 631.563406][T11801] loop0: detected capacity change from 0 to 32768 [ 631.571642][T11801] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.2246 (11801) [ 631.577823][T11792] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 631.625477][T11801] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 631.635802][T11801] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 631.644534][T11801] BTRFS info (device loop0): using free space tree [ 631.869497][ T9701] EXT4-fs (loop1): unmounting filesystem. [ 631.909130][T10312] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 631.973848][T11801] BTRFS info (device loop0): enabling ssd optimizations [ 633.805511][T10455] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 634.015896][T10312] usb 5-1: config 0 has no interfaces? [ 634.021438][T10312] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 634.042703][T10312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 634.085193][T10312] usb 5-1: config 0 descriptor?? [ 634.227691][ T27] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 634.327629][T11839] loop0: detected capacity change from 0 to 1024 [ 634.358313][T11839] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2252'. [ 634.402813][T10029] hfsplus: b-tree write err: -5, ino 4 [ 634.483428][T10312] usb 5-1: USB disconnect, device number 32 [ 634.498628][ T27] usb 2-1: Using ep0 maxpacket: 16 [ 634.518088][T10029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.529037][T10029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 634.601685][T11847] random: crng reseeded on system resumption [ 635.444515][ T3683] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 635.658223][ T27] usb 2-1: config 0 has an invalid interface number: 2 but max is 0 [ 635.670961][ T27] usb 2-1: config 0 has no interface number 0 [ 635.677298][ T27] usb 2-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 635.885854][ T27] usb 2-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 635.902207][ T27] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 635.927869][ T27] usb 2-1: Product: syz [ 635.941713][ T27] usb 2-1: SerialNumber: syz [ 635.965903][ T27] usb 2-1: config 0 descriptor?? [ 636.006056][T11835] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 636.631343][T11835] tipc: Started in network mode [ 636.643963][T11835] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 636.669774][T11835] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 636.688290][T11835] tipc: Enabled bearer , priority 10 [ 636.695607][T11848] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 636.704357][T11848] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 636.775663][ T27] usb 2-1: invalid MIDI in EP 0 [ 636.824435][ T27] snd-usb-audio: probe of 2-1:0.2 failed with error -22 [ 636.854199][ T27] usb 2-1: USB disconnect, device number 36 [ 636.902294][T11857] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 636.912197][ T26] audit: type=1326 audit(1723378479.034:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11856 comm="syz.0.2257" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd847d779f9 code=0x0 [ 638.178735][ T14] tipc: Node number set to 1 [ 638.215453][T11873] fuse: Bad value for 'rootmode' [ 638.555212][ T26] audit: type=1326 audit(1723378480.539:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11882 comm="syz.3.2269" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7e22b779f9 code=0x0 [ 638.583044][T11881] IPVS: sync thread started: state = MASTER, mcast_ifn = pimreg, syncid = 0, id = 0 [ 639.213376][T11873] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2263'. [ 640.262840][ T3683] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 640.713878][T11911] random: crng reseeded on system resumption [ 641.310964][ T3683] usb 4-1: config 0 has no interfaces? [ 641.321300][ T3683] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 641.383874][ T3683] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 641.570106][ T3683] usb 4-1: config 0 descriptor?? [ 642.834028][T11933] loop1: detected capacity change from 0 to 512 [ 643.673867][T11933] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.2284: invalid block [ 643.719660][ T5771] usb 4-1: USB disconnect, device number 34 [ 643.732620][T11933] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2284: invalid indirect mapped block 4294967295 (level 1) [ 643.881831][T11933] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2284: invalid indirect mapped block 4294967295 (level 1) [ 643.926893][T11933] EXT4-fs (loop1): 2 truncates cleaned up [ 643.935507][T11933] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 644.271686][T11941] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 644.895737][ T9701] EXT4-fs error (device loop1): ext4_lookup:1856: inode #17: comm syz-executor: iget: bad extended attribute block 6904 [ 644.954220][ T9701] EXT4-fs error (device loop1): ext4_lookup:1856: inode #17: comm syz-executor: iget: bad extended attribute block 6904 [ 645.083372][ T26] audit: type=1800 audit(1723378486.575:545): pid=11953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2287" name="/" dev="fuse" ino=1 res=0 errno=0 [ 645.267890][ T5771] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 645.424460][ T9701] EXT4-fs (loop1): unmounting filesystem. [ 645.657974][ T5771] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 645.666751][ T5771] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 645.710286][ T5771] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 645.896380][ T5771] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 645.905445][ T5771] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 645.928615][ T5771] usb 4-1: Product: syz [ 645.932826][ T5771] usb 4-1: Manufacturer: 䀶ל磩或ਙร仒Ⲫ驁쪝縨阵塩鑤Ჱ勩䤕앗籰輯馱唳읻ꥋ泿겜⓫誾芔对䗅薐㽑萳᳕ᢄᴫ頲ᨌ煣⟬煺ț⊗⫙ꥲ渔ਧ澳矂诵巡焮窗쏻쾏瓖퇜첲䭊匊ꔼ䯇࠰ [ 645.955886][ T5771] usb 4-1: SerialNumber: syz [ 646.011122][ T3650] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 646.023350][ T3650] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 646.029832][ T5862] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.041435][ T3649] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 646.049671][ T3650] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 646.061051][ T3650] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 646.068396][ T3650] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 646.123703][T10312] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 646.168225][ T5862] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.261828][ T5862] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.308657][T11961] chnl_net:caif_netlink_parms(): no params data found [ 646.356049][ T5862] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.392459][T11961] bridge0: port 1(bridge_slave_0) entered blocking state [ 646.399830][T11961] bridge0: port 1(bridge_slave_0) entered disabled state [ 646.410985][T11961] device bridge_slave_0 entered promiscuous mode [ 646.435169][T11961] bridge0: port 2(bridge_slave_1) entered blocking state [ 646.446435][T11961] bridge0: port 2(bridge_slave_1) entered disabled state [ 646.465746][T11961] device bridge_slave_1 entered promiscuous mode [ 646.473264][T11950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 646.491410][T11950] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 646.539726][T11961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 646.557719][T10312] usb 1-1: config 250 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 646.567258][T11961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 646.633307][T10312] usb 1-1: language id specifier not provided by device, defaulting to English [ 646.682913][ T5862] tipc: Disabling bearer [ 646.688717][ T5862] tipc: Left network mode [ 646.701653][T11961] team0: Port device team_slave_0 added [ 646.712736][T11961] team0: Port device team_slave_1 added [ 646.750226][T11961] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 646.761043][T11961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 646.787539][T11961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 646.795820][T10312] usb 1-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.40 [ 646.800198][T11961] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 646.814318][T11961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 646.817164][T10312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.842833][T11961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 646.860062][T10312] usb 1-1: Product: syz [ 646.881407][T10312] usb 1-1: Manufacturer: 靰ﻥ傖ᅅ㞴岼먊ߧᚨ筨鴴㝮렃舊陌睬ٶ寥淴駖켧ἲ㯩譅㯂֫凑ᶜ鎣䟒ᣇ邛྽ⰨꢅŦꂙ섾倞ࡢᅗ힋䒺⿰挱 [ 646.898517][ T4268] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 646.911720][T11961] device hsr_slave_0 entered promiscuous mode [ 646.918081][T10312] usb 1-1: SerialNumber: syz [ 646.927319][T11961] device hsr_slave_1 entered promiscuous mode [ 646.934023][T11961] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 646.941766][T11961] Cannot create hsr debugfs directory [ 646.947595][ T5771] usb 4-1: 0:2 : does not exist [ 646.959869][T10312] usbhid 1-1:250.0: couldn't find an input interrupt endpoint [ 646.968058][ T5771] usb 4-1: USB disconnect, device number 35 [ 647.304826][ T4268] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 647.326259][ T4268] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 647.346014][ T4268] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 647.357893][ T4268] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.384644][ T4268] usb 5-1: config 0 descriptor?? [ 647.411482][T11960] bridge0: port 1(bridge_slave_0) entered disabled state [ 648.171153][ T3644] Bluetooth: hci5: command tx timeout [ 648.211969][ T946] usb 1-1: USB disconnect, device number 38 [ 648.319888][ T3644] Bluetooth: hci0: command tx timeout [ 648.428992][T11961] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 648.438030][ T4268] cm6533_jd 0003:0D8C:0022.001E: unknown main item tag 0x0 [ 648.446182][ T4268] cm6533_jd 0003:0D8C:0022.001E: unknown main item tag 0x0 [ 648.455296][ T4268] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.001E/input/input32 [ 648.471182][ T4268] cm6533_jd 0003:0D8C:0022.001E: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0 [ 648.512637][T11961] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 648.522304][T11961] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 648.533158][T11961] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 648.635938][T11961] 8021q: adding VLAN 0 to HW filter on device bond0 [ 648.650455][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 648.658303][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 648.669937][T11961] 8021q: adding VLAN 0 to HW filter on device team0 [ 648.681288][ T5862] IPVS: stopping master sync thread 11881 ... [ 648.683426][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 648.691883][ T4268] usb 5-1: USB disconnect, device number 33 [ 648.697365][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 648.710732][ T946] bridge0: port 1(bridge_slave_0) entered blocking state [ 648.717845][ T946] bridge0: port 1(bridge_slave_0) entered forwarding state [ 648.830892][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 648.844313][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 648.861025][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 648.870440][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 648.877551][ T5771] bridge0: port 2(bridge_slave_1) entered forwarding state [ 648.891684][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 648.901028][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 648.926936][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 648.938734][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 648.947790][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 648.957742][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 648.966780][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 648.975376][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 649.031534][T11961] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 649.044674][T11961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 649.052123][ C1] eth0: bad gso: type: 1, size: 1408 [ 649.058635][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 649.066795][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 649.075638][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 649.127155][ T5862] device hsr_slave_0 left promiscuous mode [ 649.145208][ T5862] device hsr_slave_1 left promiscuous mode [ 649.152160][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 649.176754][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 649.186298][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 649.194406][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 649.202412][ T5862] device bridge_slave_1 left promiscuous mode [ 649.208588][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state [ 649.216987][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state [ 649.248291][ T5862] device veth1_macvtap left promiscuous mode [ 649.254384][ T5862] device veth0_macvtap left promiscuous mode [ 649.260657][ T5862] device veth1_vlan left promiscuous mode [ 649.267049][ T5862] device veth0_vlan left promiscuous mode [ 649.426222][T11978] loop0: detected capacity change from 0 to 2048 [ 651.073998][ T3644] Bluetooth: hci2: command 0x0406 tx timeout [ 651.080737][ T3644] Bluetooth: hci0: command tx timeout [ 651.137793][T11990] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 652.071968][ T3682] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 652.097644][T11999] loop0: detected capacity change from 0 to 1024 [ 652.119295][T11999] EXT4-fs: Ignoring removed mblk_io_submit option [ 652.135825][T11997] loop7: detected capacity change from 0 to 16384 [ 652.184622][T11999] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 652.353585][ T3682] usb 3-1: Using ep0 maxpacket: 32 [ 652.473713][T12007] relay: one or more items not logged [item size (56) > sub-buffer size (10)] [ 652.483818][ T3682] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 652.507516][ T3682] usb 3-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00 [ 652.522968][ T3682] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.560142][ T3682] usb 3-1: config 0 descriptor?? [ 652.560910][T10455] EXT4-fs (loop0): unmounting filesystem. [ 652.604762][ T3682] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 652.689782][T12011] loop0: detected capacity change from 0 to 1024 [ 652.697546][T12011] EXT4-fs: Ignoring removed mblk_io_submit option [ 652.737254][T12011] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 652.889421][T10455] EXT4-fs (loop0): unmounting filesystem. [ 652.927999][ T5862] team0 (unregistering): Port device team_slave_1 removed [ 652.993559][ T5862] team0 (unregistering): Port device team_slave_0 removed [ 653.000776][ T14] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 653.049067][ T5862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 653.109870][ T5862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 653.343137][ T3644] Bluetooth: hci0: command tx timeout [ 653.404487][ T14] usb 5-1: config 250 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 653.473265][ T14] usb 5-1: language id specifier not provided by device, defaulting to English [ 653.621261][ T14] usb 5-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.40 [ 653.643946][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 653.652058][ T14] usb 5-1: Product: syz [ 653.656630][ T14] usb 5-1: Manufacturer: 靰ﻥ傖ᅅ㞴岼먊ߧᚨ筨鴴㝮렃舊陌睬ٶ寥淴駖켧ἲ㯩譅㯂֫凑ᶜ鎣䟒ᣇ邛྽ⰨꢅŦꂙ섾倞ࡢᅗ힋䒺⿰挱 [ 653.659569][T12022] loop0: detected capacity change from 0 to 256 [ 653.673954][ T14] usb 5-1: SerialNumber: syz [ 653.705154][T12022] FAT-fs (loop0): Unrecognized mount option "" or missing value [ 653.734442][ T14] usbhid 5-1:250.0: couldn't find an input interrupt endpoint [ 653.908810][ T5862] bond0 (unregistering): Released all slaves [ 654.153033][T12009] bridge0: port 1(bridge_slave_0) entered disabled state [ 655.408706][ T4274] usb 3-1: USB disconnect, device number 35 [ 655.604393][ T3683] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 655.611935][ T3683] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 655.625403][ T3650] Bluetooth: hci0: command tx timeout [ 655.647099][T11961] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 655.745869][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 655.766014][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 655.851680][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 655.896273][T10312] usb 5-1: USB disconnect, device number 34 [ 655.904434][ T3646] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 655.933845][T11961] device veth0_vlan entered promiscuous mode [ 655.981681][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 656.001088][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 656.026161][ T3644] Bluetooth: hci1: command 0x0406 tx timeout [ 656.038766][T11961] device veth1_vlan entered promiscuous mode [ 656.117676][T11961] device veth0_macvtap entered promiscuous mode [ 656.146867][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 656.155792][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 656.186222][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 656.217907][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 656.322295][T11961] device veth1_macvtap entered promiscuous mode [ 656.345464][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 656.361163][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 657.380785][T12059] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2321'. [ 657.434707][T12059] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2321'. [ 657.492139][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.516620][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.541826][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.633440][T12066] loop0: detected capacity change from 0 to 512 [ 657.683991][T12066] EXT4-fs (loop0): unsupported inode size: 264 [ 657.690241][T12066] EXT4-fs (loop0): blocksize: 1024 [ 657.695773][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.724531][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.736458][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.746986][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.757485][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.767418][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.778105][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 657.788211][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 657.798892][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.099079][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.315759][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.429606][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.464267][ T5769] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 658.568623][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.684250][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 658.745565][ T5769] usb 4-1: Using ep0 maxpacket: 32 [ 658.770776][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.823276][T11961] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 658.853327][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.886180][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.928510][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 658.955261][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 658.998217][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 659.026881][ T5769] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 659.049033][ T5769] usb 4-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00 [ 659.058275][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.058297][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 659.058312][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.058326][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 659.058338][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.058353][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 659.058365][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.058380][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 659.058392][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.058405][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 659.058416][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.058571][ T5769] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 659.135617][T11961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 659.497739][T11961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 659.579800][T11961] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 659.640264][T10312] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 659.674803][T10312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 659.720496][T10312] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 659.779489][T10312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 660.157917][T11961] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.187476][T11961] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.219063][T11961] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.242502][ T5769] usb 4-1: config 0 descriptor?? [ 660.247807][T11961] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 660.286134][ T5769] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 660.487583][ T4296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 660.496519][ T3706] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 660.576636][ T4296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 660.582951][ T3706] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 660.598933][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 660.643326][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 661.985242][T10312] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 662.290014][ T14] usb 4-1: USB disconnect, device number 36 [ 662.384937][T12088] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 662.701456][T12088] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 662.711339][T12088] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 662.745043][T12088] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 662.925182][T12085] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 662.951644][T12085] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 662.977894][T12085] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 662.999652][T12085] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 663.033013][T10312] usb 3-1: config 250 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 663.133813][T10312] usb 3-1: language id specifier not provided by device, defaulting to English [ 663.168226][T12095] QAT: failed to copy from user cfg_data. [ 663.209536][ T14] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 663.239485][T12082] loop0: detected capacity change from 0 to 32768 [ 663.249876][T12096] loop1: detected capacity change from 0 to 2048 [ 663.285695][T10312] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.40 [ 663.294870][T10312] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 663.312940][T12096] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 663.314202][T10312] usb 3-1: Product: syz [ 663.332605][T10312] usb 3-1: Manufacturer: 靰ﻥ傖ᅅ㞴岼먊ߧᚨ筨鴴㝮렃舊陌睬ٶ寥淴駖켧ἲ㯩譅㯂֫凑ᶜ鎣䟒ᣇ邛྽ⰨꢅŦꂙ섾倞ࡢᅗ힋䒺⿰挱 [ 663.350152][T10312] usb 3-1: SerialNumber: syz [ 663.357560][T12082] read_mapping_page failed! [ 663.369324][T12082] bread failed! [ 663.377161][T12082] jfs_create: dtInsert returned -EIO [ 663.382760][T12082] ERROR: (device loop0): jfs_create: [ 663.382760][T12082] [ 663.392992][T12082] ERROR: (device loop0): remounting filesystem as read-only [ 663.405599][T12099] non-latin1 character 0xffff found in JFS file name [ 663.412305][T12099] mount with iocharset=utf8 to access [ 663.419767][T10312] usbhid 3-1:250.0: couldn't find an input interrupt endpoint [ 663.427476][T12099] ERROR: (device loop0): __get_metapage: using a discarded metapage [ 663.427476][T12099] [ 663.570132][ T3678] usb 3-1: USB disconnect, device number 36 [ 663.683968][ T14] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 663.847083][ T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 664.937338][T11961] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 664.960746][ T14] usb 4-1: config 0 descriptor?? [ 664.997057][T11961] UDF-fs: error (device loop1): udf_read_inode: (ino 1345) failed !bh [ 665.010690][ T14] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 665.517096][ T4270] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 665.690380][ T14] gspca_cpia1: usb_control_msg 01, error -32 [ 665.787902][ T4270] usb 5-1: Using ep0 maxpacket: 8 [ 665.892282][ T5862] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 665.963988][ T14] gspca_cpia1: usb_control_msg 02, error -71 [ 665.969980][ T14] cpia1 4-1:0.0: only firmware version 1 is supported (got: 4) [ 665.977943][ T4270] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 666.010808][ T4270] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 666.047164][ T14] usb 4-1: USB disconnect, device number 37 [ 666.050324][ T5862] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.056488][ T4270] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 666.088607][ T4270] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 666.201931][ T3644] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 666.214208][ T3644] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 666.224898][ T3644] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 666.235734][ T3644] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 666.236359][ T5862] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.256095][ T3644] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 666.263477][ T3644] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 666.297171][ T4270] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 666.317325][ T4270] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 666.327682][ T4270] usb 5-1: Product: syz [ 666.332008][ T4270] usb 5-1: Manufacturer: syz [ 666.336627][ T4270] usb 5-1: SerialNumber: syz [ 666.355637][ T5862] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.431449][T12125] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2342'. [ 666.563644][T12118] chnl_net:caif_netlink_parms(): no params data found [ 666.743673][ T4270] usb 5-1: USB disconnect, device number 35 [ 667.564778][T12118] bridge0: port 1(bridge_slave_0) entered blocking state [ 667.575634][T12118] bridge0: port 1(bridge_slave_0) entered disabled state [ 667.594869][T12118] device bridge_slave_0 entered promiscuous mode [ 667.620420][T12118] bridge0: port 2(bridge_slave_1) entered blocking state [ 667.636039][T12118] bridge0: port 2(bridge_slave_1) entered disabled state [ 667.653864][T12118] device bridge_slave_1 entered promiscuous mode [ 667.703491][T12118] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 667.716159][T12118] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 667.746589][T12118] team0: Port device team_slave_0 added [ 667.779007][T12118] team0: Port device team_slave_1 added [ 667.800529][T12118] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 667.807533][T12118] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 667.834344][T12118] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 667.864923][T12118] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 667.872127][T12118] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 667.898132][T12118] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 667.950565][T12118] device hsr_slave_0 entered promiscuous mode [ 667.957590][T12118] device hsr_slave_1 entered promiscuous mode [ 667.964010][T12118] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 667.973264][T12118] Cannot create hsr debugfs directory [ 669.744049][ T3649] Bluetooth: hci0: command tx timeout [ 669.858034][T12145] Bluetooth: MGMT ver 1.22 [ 670.420545][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 670.427019][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 670.835628][T10312] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 670.948634][T12149] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2347'. [ 671.169418][T10312] usb 5-1: Using ep0 maxpacket: 32 [ 671.304167][T12158] netlink: 1 bytes leftover after parsing attributes in process `syz.2.2352'. [ 671.376871][T10312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 671.394002][T10312] usb 5-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00 [ 671.413289][T10312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.423273][T10312] usb 5-1: config 0 descriptor?? [ 671.436898][ T5862] device hsr_slave_0 left promiscuous mode [ 671.458684][ T5862] device hsr_slave_1 left promiscuous mode [ 671.465580][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 671.477806][T10312] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 671.484085][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 671.499771][ T5862] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 671.512111][ T5862] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 671.520343][ T5862] device bridge_slave_1 left promiscuous mode [ 671.526601][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state [ 671.529576][ T3649] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 671.550642][ T3649] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 671.558288][ T5862] device bridge_slave_0 left promiscuous mode [ 671.564790][ T3650] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 671.572265][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state [ 671.649465][ T3649] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 671.656383][T10312] usb 5-1: USB disconnect, device number 36 [ 671.665202][ T3649] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 671.673194][ T3649] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 671.719532][ T5862] device veth1_macvtap left promiscuous mode [ 671.730441][ T5862] device veth0_macvtap left promiscuous mode [ 671.736758][ T5862] device veth1_vlan left promiscuous mode [ 671.736861][ T4270] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 671.742757][ T5862] device veth0_vlan left promiscuous mode [ 672.061402][ T4270] usb 3-1: Using ep0 maxpacket: 8 [ 672.188767][ C1] eth0: bad gso: type: 1, size: 1408 [ 672.215603][ T4270] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 672.238853][ T4270] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 672.261100][ T4270] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 672.283821][ T4270] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 672.488468][ T5862] team0 (unregistering): Port device team_slave_1 removed [ 672.494623][ T4270] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 672.509646][ T4270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 672.536955][ T4270] usb 3-1: Product: syz [ 672.541463][ T4270] usb 3-1: Manufacturer: syz [ 672.546159][ T4270] usb 3-1: SerialNumber: syz [ 672.557252][ T5862] team0 (unregistering): Port device team_slave_0 removed [ 672.616462][ T5862] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 672.676223][ T5862] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 672.959742][ T4270] usb 3-1: USB disconnect, device number 37 [ 673.270969][ T5862] bond0 (unregistering): Released all slaves [ 673.381968][T12165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2355'. [ 673.391374][T12165] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2355'. [ 673.841050][T12118] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 673.876294][T12118] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 673.894903][ T3649] Bluetooth: hci6: command tx timeout [ 673.970259][T12118] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 674.012088][T12118] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 674.026398][T12187] trusted_key: encrypted_key: master key parameter 'ecryptf' is invalid [ 674.069121][T12162] chnl_net:caif_netlink_parms(): no params data found [ 674.317414][T12162] bridge0: port 1(bridge_slave_0) entered blocking state [ 674.324546][T12162] bridge0: port 1(bridge_slave_0) entered disabled state [ 674.367539][T12162] device bridge_slave_0 entered promiscuous mode [ 674.391045][T12162] bridge0: port 2(bridge_slave_1) entered blocking state [ 674.401904][T12162] bridge0: port 2(bridge_slave_1) entered disabled state [ 674.410052][T12162] device bridge_slave_1 entered promiscuous mode [ 674.429142][T12118] 8021q: adding VLAN 0 to HW filter on device bond0 [ 674.478409][T12118] 8021q: adding VLAN 0 to HW filter on device team0 [ 674.485301][T10312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 674.494314][T10312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 674.504770][T12162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 674.517357][T12162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 674.548577][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 674.562138][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 674.579907][ T5143] bridge0: port 1(bridge_slave_0) entered blocking state [ 674.587081][ T5143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 674.633536][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 674.644176][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 674.653355][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 674.662368][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 674.669507][ T5771] bridge0: port 2(bridge_slave_1) entered forwarding state [ 674.688352][T12162] team0: Port device team_slave_0 added [ 674.715818][T12162] team0: Port device team_slave_1 added [ 674.776119][T12162] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 674.825797][T12162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 674.871850][T12162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 674.904067][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 674.926992][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 674.947012][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 674.961712][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 674.990337][T12162] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 675.011350][T12162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 675.052220][T12162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 675.085688][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 675.103147][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 675.116300][T10312] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 675.126100][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 675.145356][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 675.154605][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 675.203871][T12118] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 675.228451][T12118] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 675.246359][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 675.277284][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 675.327031][T12162] device hsr_slave_0 entered promiscuous mode [ 675.367739][T12162] device hsr_slave_1 entered promiscuous mode [ 675.389494][T12162] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 675.405383][T12162] Cannot create hsr debugfs directory [ 675.539238][T10312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 675.571347][T10312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 675.581680][T12213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2371'. [ 675.607063][T10312] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 675.625242][T10312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 675.653416][T10312] usb 5-1: config 0 descriptor?? [ 675.923866][ T3714] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 675.944516][ T3714] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 676.093258][T12162] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 676.134723][ T3649] Bluetooth: hci6: command tx timeout [ 676.144158][T12118] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 676.193195][T10312] lg-g15 0003:046D:C222.001F: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.4-1/input0 [ 676.280908][T12162] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 676.330531][ T3714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 676.352809][ T3714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 676.429475][ T4270] usb 5-1: USB disconnect, device number 37 [ 676.453348][T12162] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 676.518720][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 676.537028][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 676.557705][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 676.566837][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 676.675062][T12118] device veth0_vlan entered promiscuous mode [ 676.724766][T12162] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 677.536309][T12118] device veth1_vlan entered promiscuous mode [ 677.577147][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 677.587074][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 677.601428][T12118] device veth0_macvtap entered promiscuous mode [ 677.613721][T12118] device veth1_macvtap entered promiscuous mode [ 677.643419][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.655189][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.665091][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.675632][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.685592][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.697654][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.708253][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.718930][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.728893][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.739457][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.749452][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.760095][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.769907][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.780567][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.790952][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.803981][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.814801][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 677.825280][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.850860][T12118] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 677.862740][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.873288][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.883148][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.894009][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.904345][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.915481][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.926815][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.937373][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.947388][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.958233][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.968255][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.978816][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 677.988822][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 677.999639][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.009573][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 678.020181][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.031311][T12118] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 678.043325][T12118] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.055585][T12118] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 678.063679][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 678.078013][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 678.086632][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 678.095194][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 678.104328][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 678.112907][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 678.130825][T12118] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.142715][T12118] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.152973][T12118] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.162797][T12118] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.272545][ T9402] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 678.275527][T12162] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 678.287824][ T9402] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 678.300800][T12162] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 678.326409][T12162] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 678.340122][T10312] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 678.356412][T12162] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 678.372363][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 678.388250][ T3649] Bluetooth: hci6: command tx timeout [ 678.391299][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 678.428871][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 678.528651][T12162] 8021q: adding VLAN 0 to HW filter on device bond0 [ 678.574323][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 678.592401][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 678.622076][T12162] 8021q: adding VLAN 0 to HW filter on device team0 [ 678.644490][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 678.664362][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 678.675514][ T3682] bridge0: port 1(bridge_slave_0) entered blocking state [ 678.682667][ T3682] bridge0: port 1(bridge_slave_0) entered forwarding state [ 678.753471][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 678.768283][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 678.797404][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 678.816226][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state [ 678.823391][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 678.880157][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 678.890055][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 678.926875][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 678.942747][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 678.951759][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 678.967622][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 679.066955][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 679.075621][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 679.091389][T12162] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 679.107584][T12162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 679.118033][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 679.135186][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 680.447278][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 680.641839][ T3649] Bluetooth: hci6: command tx timeout [ 680.804817][T12272] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2387'. [ 680.874962][ T26] audit: type=1326 audit(1723378519.609:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12258 comm="syz.1.2385" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1523779f9 code=0x0 [ 681.988917][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 682.010952][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 682.030899][T12162] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 682.082134][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 682.092311][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 682.145292][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 682.159294][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 682.193021][T12162] device veth0_vlan entered promiscuous mode [ 682.200363][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 682.233486][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 682.283010][T12162] device veth1_vlan entered promiscuous mode [ 682.289923][ T3682] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 682.380664][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 682.398059][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 682.440921][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 682.473943][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 682.521075][T12162] device veth0_macvtap entered promiscuous mode [ 682.566050][T12162] device veth1_macvtap entered promiscuous mode [ 683.261537][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.929906][T12300] overlayfs: missing 'lowerdir' [ 685.333170][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.343496][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.362398][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.406529][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.419559][ T3682] usb 2-1: unable to read config index 0 descriptor/all [ 685.432899][ T3682] usb 2-1: can't read configurations, error -71 [ 685.440546][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.492126][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.527670][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.537972][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.559703][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.572897][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.593499][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.614462][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.624908][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.645389][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.657126][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.678212][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.692810][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.712536][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 685.733574][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 685.815771][T12162] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 685.855122][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 685.868177][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 685.894690][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 685.927897][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 686.126924][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.167797][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.370028][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.526832][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.666465][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.782067][ T4268] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 686.791418][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.823128][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.844515][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.865536][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.883016][T12325] libceph: resolve '0.0' (ret=-3): failed [ 686.892768][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.905247][T12328] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2409'. [ 686.905358][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.924883][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.934833][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.945355][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.955253][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.970929][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 686.983129][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 686.994096][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 687.004518][T12162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 687.016427][T12162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 687.033174][T12162] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 687.046761][T12162] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.060917][T12162] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.084881][T12162] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.093900][T12162] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.111700][ T4268] usb 5-1: Using ep0 maxpacket: 16 [ 687.128777][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 687.169002][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 687.284751][ T4268] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 687.310003][ T4268] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 687.359763][ T4268] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 687.369636][ T4268] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.460129][ T4268] usb 5-1: config 0 descriptor?? [ 688.659258][T12337] mmap: syz.3.2411 (12337) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 689.690246][ T4268] hid-steam 0003:28DE:1142.0020: unknown main item tag 0x0 [ 689.697668][ T4268] hid-steam 0003:28DE:1142.0020: unknown main item tag 0x0 [ 689.705139][ T4268] hid-steam 0003:28DE:1142.0020: unknown main item tag 0x0 [ 689.708816][ T3644] Bluetooth: hci5: command 0x0406 tx timeout [ 689.751999][ T4268] hid-steam 0003:28DE:1142.0020: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0 [ 689.887945][ T3734] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 689.934313][ T14] usb 5-1: USB disconnect, device number 38 [ 689.947698][ T3735] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 689.956525][ T3734] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 689.971573][ T3735] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 690.004334][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 690.035652][ T3682] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 691.237707][ T5771] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 691.627574][ T5771] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 691.637913][ T5771] usb 1-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=40.85 [ 691.647030][ T5771] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.657131][ T5771] usb 1-1: config 0 descriptor?? [ 691.709091][ T5771] comedi comedi0: Wrong number of endpoints [ 691.715665][ T5771] dt9812 1-1:0.0: driver 'dt9812' failed to auto-configure device. [ 691.937173][ T4270] usb 1-1: USB disconnect, device number 39 [ 694.953567][ T5771] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 698.626511][ T5771] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 698.634157][ T5771] usb 2-1: can't read configurations, error -71 [ 698.640537][T12417] serio: Serial port ptm0 [ 698.750175][T12421] loop1: detected capacity change from 0 to 128 [ 700.370154][T12431] overlayfs: missing 'lowerdir' [ 701.010331][ T3650] Bluetooth: hci6: command tx timeout [ 702.483461][ T4267] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 702.521172][T12461] rdma_rxe: rxe creation allowed on top of a real device only [ 702.917687][T12482] loop1: detected capacity change from 0 to 1024 [ 702.941515][T12482] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 702.960364][ T4267] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 702.970665][ T4267] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 702.988535][T12118] EXT4-fs (loop1): unmounting filesystem. [ 703.068645][ T4267] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 703.077899][ T4270] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 703.088903][ T4267] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 703.098466][ T4267] usb 4-1: SerialNumber: syz [ 703.223295][ T3734] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 703.325002][ T3734] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 703.633689][ T3734] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 703.655485][ T4270] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 706.303681][ T4270] usb 3-1: config 1 has no interface number 0 [ 706.318857][ T4270] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 706.340335][ T4270] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 706.408157][T12499] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 706.417539][T12499] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 706.425105][T12499] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 706.529437][ T4270] usb 3-1: string descriptor 0 read error: -71 [ 706.542382][ T4270] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 706.557780][ T4270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 706.599154][ T4270] usb 3-1: can't set config #1, error -71 [ 706.610487][ T4270] usb 3-1: USB disconnect, device number 38 [ 706.779971][ T4267] usb 4-1: 0:2 : does not exist [ 706.802968][ T4267] usb 4-1: USB disconnect, device number 38 [ 706.811474][ T3650] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 706.828066][ T3650] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 706.962826][ T3650] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 707.000102][ T3650] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 707.020499][ T3650] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 707.029027][ T3650] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 707.474616][ T3734] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.987245][ T5769] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 708.016392][T12537] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2475'. [ 708.194619][T12517] chnl_net:caif_netlink_parms(): no params data found [ 708.258088][ T5769] usb 2-1: Using ep0 maxpacket: 8 [ 708.388436][ T5769] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 708.417502][ T5769] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 708.438891][ T5769] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 708.517039][T12517] bridge0: port 1(bridge_slave_0) entered blocking state [ 708.535764][T12517] bridge0: port 1(bridge_slave_0) entered disabled state [ 708.551711][T12517] device bridge_slave_0 entered promiscuous mode [ 708.571656][T12517] bridge0: port 2(bridge_slave_1) entered blocking state [ 708.591443][T12517] bridge0: port 2(bridge_slave_1) entered disabled state [ 708.602376][T12517] device bridge_slave_1 entered promiscuous mode [ 708.627304][ T5769] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 708.658988][ T5769] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.668189][ T5769] usb 2-1: Product: syz [ 708.683666][ T5769] usb 2-1: Manufacturer: syz [ 708.688297][ T5769] usb 2-1: SerialNumber: syz [ 708.710426][T12546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2477'. [ 708.729097][T12517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 708.743824][T12517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 708.805247][T12517] team0: Port device team_slave_0 added [ 708.906003][T12517] team0: Port device team_slave_1 added [ 709.019667][T12517] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 709.037781][T12517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 709.081749][ T5769] usb 2-1: 2:1 : format type 0 is detected, processed as PCM [ 709.103781][ T5769] usb 2-1: 2:1 : invalid channels 0 [ 709.145634][T12517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 709.189143][T12517] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 709.211599][T12517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 709.299566][T12517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 709.330776][ T3650] Bluetooth: hci6: command tx timeout [ 709.509208][T12517] device hsr_slave_0 entered promiscuous mode [ 709.537930][T12517] device hsr_slave_1 entered promiscuous mode [ 709.577031][T12517] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 709.602108][T12517] Cannot create hsr debugfs directory [ 709.616633][ T5769] usb 2-1: USB disconnect, device number 41 [ 709.669114][T12552] loop1: detected capacity change from 0 to 512 [ 709.676150][T12552] EXT4-fs: Ignoring removed bh option [ 709.687972][T12552] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #12: comm syz.1.2481: inline data xattr refers to an external xattr inode [ 709.703787][T12552] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.2481: couldn't read orphan inode 12 (err -117) [ 709.755147][T12552] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 709.859663][ T4270] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 710.122101][T12561] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2481: Directory hole found for htree leaf block 0 [ 710.225911][T12562] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2481: Directory hole found for htree leaf block 0 [ 710.277095][T12561] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2481: Directory hole found for htree leaf block 0 [ 710.317950][T12561] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.2481: Directory hole found for htree leaf block 0 [ 710.674223][ T4270] usb 3-1: Using ep0 maxpacket: 32 [ 710.686845][T12118] EXT4-fs (loop1): unmounting filesystem. [ 711.743365][ T3650] Bluetooth: hci6: command tx timeout [ 711.876845][ T4270] usb 3-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice= d.2d [ 711.909237][ T4270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 711.949616][T12585] loop1: detected capacity change from 0 to 164 [ 711.952136][ T4270] usb 3-1: Product: syz [ 711.985152][ T4270] usb 3-1: can't set config #1, error -71 [ 711.993849][ T4270] usb 3-1: USB disconnect, device number 39 [ 712.286655][T12517] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 712.347559][T12517] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 712.476541][T12517] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 712.510162][T12517] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 712.817182][T12602] netlink: 'syz.3.2489': attribute type 4 has an invalid length. [ 712.916875][T12517] 8021q: adding VLAN 0 to HW filter on device bond0 [ 712.938245][T12602] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2489'. [ 712.967383][T12603] netlink: 'syz.3.2489': attribute type 17 has an invalid length. [ 713.010580][T12603] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 713.063915][T12517] 8021q: adding VLAN 0 to HW filter on device team0 [ 713.100161][ T5769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 713.115281][ T5769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 713.167532][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 713.185831][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 713.220673][ T946] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.227877][ T946] bridge0: port 1(bridge_slave_0) entered forwarding state [ 713.270778][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 713.300034][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 713.308794][ T26] audit: type=1326 audit(1723378549.459:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12606 comm="syz.2.2497" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3baa7779f9 code=0x0 [ 713.394097][ T946] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.401215][ T946] bridge0: port 2(bridge_slave_1) entered forwarding state [ 713.481805][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 713.502618][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 713.532184][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 713.561221][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 713.596014][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 713.641304][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 713.658032][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 713.690785][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 713.717036][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 713.745555][ T946] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 713.779228][T12517] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 713.822427][T12517] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 713.850268][ T5769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 713.869552][ T5769] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 713.924416][ T3650] Bluetooth: hci6: command tx timeout [ 713.957221][ T946] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 714.238526][ T946] usb 2-1: Using ep0 maxpacket: 8 [ 714.371710][ T946] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 714.415567][ T946] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 714.458820][ T946] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 714.491646][ T946] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.819193][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 714.833090][ T5771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 714.840761][ T946] usb 2-1: string descriptor 0 read error: -71 [ 714.848585][ T946] hub 2-1:32.0: USB hub found [ 714.871258][T12517] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 714.899888][ T3734] device hsr_slave_0 left promiscuous mode [ 714.906535][ T3734] device hsr_slave_1 left promiscuous mode [ 714.913784][ T3734] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 714.921579][ T946] hub 2-1:32.0: config failed, can't read hub descriptor (err -22) [ 714.929649][ T3734] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 714.944869][ T3734] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 714.965770][ T946] usb 2-1: USB disconnect, device number 42 [ 714.973063][ T3734] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 714.985881][ T3734] device bridge_slave_1 left promiscuous mode [ 715.009993][ T3734] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.019631][ T3734] device bridge_slave_0 left promiscuous mode [ 715.025887][ T3734] bridge0: port 1(bridge_slave_0) entered disabled state [ 715.118054][ T3734] device veth1_macvtap left promiscuous mode [ 715.125517][ T3734] device veth0_macvtap left promiscuous mode [ 715.147425][ T3734] device veth1_vlan left promiscuous mode [ 715.159686][ T3734] device veth0_vlan left promiscuous mode [ 716.178862][ T3650] Bluetooth: hci6: command tx timeout [ 716.190870][ T28] INFO: task syz.4.1971:10748 blocked for more than 143 seconds. [ 716.219134][ T28] Not tainted 6.1.104-syzkaller #0 [ 716.282385][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 716.353263][ T28] task:syz.4.1971 state:D stack:22136 pid:10748 ppid:10536 flags:0x00004004 [ 716.363522][ T28] Call Trace: [ 716.366844][ T28] [ 716.369791][ T28] __schedule+0x143f/0x4570 [ 716.383694][ T28] ? release_firmware_map_entry+0x186/0x186 [ 716.389724][ T28] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 716.395794][ T28] ? print_irqtrace_events+0x210/0x210 [ 716.405391][ T28] ? _raw_spin_lock_irq+0xdb/0x110 [ 716.410615][ T28] schedule+0xbf/0x180 [ 716.416223][ T4270] usb 3-1: new full-speed USB device number 40 using dummy_hcd [ 716.426267][ T28] io_schedule+0x88/0x100 [ 716.431987][ T28] folio_wait_bit_common+0x878/0x1290 [ 716.458583][ T28] ? folio_wait_bit+0x20/0x20 [ 716.470777][ T28] ? migration_entry_wait_on_locked+0x1160/0x1160 [ 716.484453][ T28] ? jfs_error+0x219/0x2e0 [ 716.493729][ T28] ? __get_metapage+0x551/0x1040 [ 716.503922][ T28] release_metapage+0x88/0x9b0 [ 716.508836][ T28] ? PageHeadHuge+0x8e/0x1c0 [ 716.524102][ T28] __get_metapage+0xb15/0x1040 [ 716.564869][ T28] jfs_readdir+0x2907/0x4620 [ 716.574387][ T28] ? dtInitRoot+0x690/0x690 [ 716.580357][ T28] ? end_current_label_crit_section+0x147/0x170 [ 716.586735][ T28] ? common_file_perm+0x17d/0x1d0 [ 716.591935][ T28] ? iterate_dir+0x131/0x560 [ 716.596604][ T28] iterate_dir+0x224/0x560 [ 716.601232][ T28] __se_sys_getdents64+0x209/0x4f0 [ 716.606435][ T28] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 716.612561][ T28] ? __x64_sys_getdents64+0x80/0x80 [ 716.617843][ T28] ? filldir+0x6f0/0x6f0 [ 716.622242][ T28] ? syscall_enter_from_user_mode+0x2e/0x230 [ 716.628349][ T28] ? lockdep_hardirqs_on+0x94/0x130 [ 716.633770][ T28] ? syscall_enter_from_user_mode+0x2e/0x230 [ 716.640759][ T28] do_syscall_64+0x3b/0xb0 [ 716.645336][ T28] ? clear_bhb_loop+0x45/0xa0 [ 716.650101][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 716.661609][ T28] RIP: 0033:0x7fc80d3779f9 [ 716.668528][ T28] RSP: 002b:00007fc80e19e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 716.680609][ T28] RAX: ffffffffffffffda RBX: 00007fc80d505f80 RCX: 00007fc80d3779f9 [ 716.692376][ T28] RDX: 0000000000001000 RSI: 0000000020000f80 RDI: 0000000000000006 [ 716.705439][ T28] RBP: 00007fc80d3e58ee R08: 0000000000000000 R09: 0000000000000000 [ 716.718862][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.730578][ T28] R13: 0000000000000000 R14: 00007fc80d505f80 R15: 00007ffe8ce4af08 [ 716.738709][ T28] [ 716.742282][ T28] [ 716.742282][ T28] Showing all locks held in the system: [ 716.751201][ T28] 1 lock held by rcu_tasks_kthre/12: [ 716.758022][ T28] #0: ffffffff8d32b190 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 716.782269][ T28] 1 lock held by rcu_tasks_trace/13: [ 716.788081][ T28] #0: ffffffff8d32b990 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 716.799270][ T28] 1 lock held by khungtaskd/28: [ 716.804198][ T28] #0: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 716.814566][ T28] 2 locks held by kworker/u4:4/102: [ 716.821510][ T28] 3 locks held by kworker/1:2/946: [ 716.826735][ T28] #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 716.837496][ T4270] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 716.848628][ T28] #1: ffffc9000471fd20 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 716.860224][ T4270] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 716.871273][ T28] #2: ffffffff8e4f7ce8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50 [ 716.880496][ T4270] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8 [ 716.903789][ T28] 2 locks held by getty/3388: [ 716.911327][ T28] #0: ffff88814b665098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 716.927760][ T4270] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 716.938947][ T28] #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 716.949242][ T4270] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 716.960123][ T28] 5 locks held by kworker/u4:6/3734: [ 716.965482][ T28] #0: ffff888012a1e938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 716.977622][ T28] #1: ffffc900047efd20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 716.987810][ T28] #2: ffffffff8e4eb990 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60 [ 716.997527][ T28] #3: ffffffff8e4f7ce8 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe5/0x9d0 [ 717.007745][ T28] #4: ffffffff8d3305b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930 [ 717.031943][ T28] 2 locks held by kworker/0:8/4267: [ 717.040581][ T28] #0: ffff888012872138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.057886][ T28] #1: ffffc9001678fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.083532][ T28] 3 locks held by kworker/0:10/4270: [ 717.093545][ T28] #0: ffff888141e85138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.108001][ T28] #1: ffffc90016697d20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.120613][ T28] #2: ffff888144bfe190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5730 [ 717.129548][ T28] 3 locks held by kworker/1:16/5769: [ 717.134920][ T28] #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.145357][ T28] #1: ffffc90005527d20 (deferred_process_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.155819][ T28] #2: ffffffff8e4f7ce8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xa/0x20 [ 717.166376][ T4270] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 717.175522][ T28] 3 locks held by kworker/1:18/5771: [ 717.180806][ T28] #0: ffff888028da5d38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.192593][ T4270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 717.200682][ T4270] usb 3-1: Product: syz [ 717.204891][ T4270] usb 3-1: Manufacturer: syz [ 717.209589][ T4270] usb 3-1: SerialNumber: syz [ 717.215991][ T28] #1: ffffc9000a3e7d20 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 717.229139][ T28] #2: ffffffff8e4f7ce8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xcc/0x16b0 [ 717.238613][ T28] 2 locks held by syz.4.1971/10748: [ 717.243907][ T28] #0: ffff8880641314e8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2ba/0x360 [ 717.253275][ T28] #1: ffff888048060580 (&type->i_mutex_dir_key#30){++++}-{3:3}, at: iterate_dir+0x131/0x560 [ 717.253480][T12640] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 717.263606][ T28] 2 locks held by syz.0.2327/12099: [ 717.275913][ T28] #0: ffff88805aa46d68 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2ba/0x360 [ 717.285224][ T28] #1: ffff8880533cbd00 (&type->i_mutex_dir_key#30){++++}-{3:3}, at: iterate_dir+0x131/0x560 [ 717.296701][ T28] 1 lock held by syz-executor/12517: [ 717.302987][ T28] #0: ffffffff8e4f7ce8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x7c1/0xff0 [ 717.312585][ T28] 1 lock held by syz.4.2502/12634: [ 717.317788][ T28] #0: ffffffff8e4f7ce8 (rtnl_mutex){+.+.}-{3:3}, at: dev_ethtool+0x1f4/0x1540 [ 717.342993][ T28] [ 717.345361][ T28] ============================================= [ 717.345361][ T28] [ 717.368028][ T28] NMI backtrace for cpu 0 [ 717.372419][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.104-syzkaller #0 [ 717.380518][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 717.390577][ T28] Call Trace: [ 717.393856][ T28] [ 717.396792][ T28] dump_stack_lvl+0x1e3/0x2cb [ 717.401470][ T28] ? preempt_schedule_thunk+0x16/0x18 [ 717.406851][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 717.412319][ T28] ? panic+0x764/0x764 [ 717.416380][ T28] ? vprintk_emit+0x622/0x740 [ 717.421070][ T28] ? printk_sprint+0x490/0x490 [ 717.425848][ T28] ? nmi_cpu_backtrace+0x252/0x560 [ 717.430976][ T28] nmi_cpu_backtrace+0x4e1/0x560 [ 717.435931][ T28] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 717.442094][ T28] ? _printk+0xd1/0x111 [ 717.446248][ T28] ? panic+0x764/0x764 [ 717.450325][ T28] ? __wake_up_klogd+0xcc/0x100 [ 717.455182][ T28] ? panic+0x764/0x764 [ 717.459260][ T28] ? nmi_trigger_cpumask_backtrace+0xe2/0x3f0 [ 717.465330][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 717.471394][ T28] nmi_trigger_cpumask_backtrace+0x1b0/0x3f0 [ 717.477378][ T28] watchdog+0xf88/0xfd0 [ 717.481540][ T28] ? watchdog+0x1f8/0xfd0 [ 717.485882][ T28] kthread+0x28d/0x320 [ 717.489959][ T28] ? hungtask_pm_notify+0x50/0x50 [ 717.494989][ T28] ? kthread_blkcg+0xd0/0xd0 [ 717.499583][ T28] ret_from_fork+0x1f/0x30 [ 717.504008][ T28] [ 717.508233][ T28] Sending NMI from CPU 0 to CPUs 1: [ 717.513871][ C1] NMI backtrace for cpu 1 [ 717.513883][ C1] CPU: 1 PID: 102 Comm: kworker/u4:4 Not tainted 6.1.104-syzkaller #0 [ 717.513900][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 717.513909][ C1] Workqueue: bat_events batadv_nc_worker [ 717.513934][ C1] RIP: 0010:check_preemption_disabled+0x42/0x110 [ 717.513954][ C1] Code: 08 65 8b 1d d0 d5 5c 75 65 8b 05 71 2b 5d 75 a9 ff ff ff 7f 74 22 65 48 8b 04 25 28 00 00 00 48 3b 44 24 08 0f 85 c7 00 00 00 <89> d8 48 83 c4 10 5b 41 5c 41 5e 41 5f c3 48 c7 04 24 00 00 00 00 [ 717.513967][ C1] RSP: 0018:ffffc900015d7a30 EFLAGS: 00000046 [ 717.513979][ C1] RAX: 762332b2421ac700 RBX: 0000000000000001 RCX: 0000000000000001 [ 717.513990][ C1] RDX: 0000000000000000 RSI: ffffffff8b0c0280 RDI: ffffffff8b5d5e20 [ 717.514000][ C1] RBP: ffffc900015d7b50 R08: dffffc0000000000 R09: ffffed100a6f92f9 [ 717.514012][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 717.514022][ C1] R13: 1ffff920002baf5c R14: ffffffff815420a2 R15: 0000000000000201 [ 717.514033][ C1] FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 717.514046][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 717.514057][ C1] CR2: 00007f7e22cd3178 CR3: 000000004bb2f000 CR4: 00000000003506e0 [ 717.514071][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 717.514080][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 717.514090][ C1] Call Trace: [ 717.514095][ C1] [ 717.514101][ C1] ? nmi_cpu_backtrace+0x3de/0x560 [ 717.514123][ C1] ? read_lock_is_recursive+0x10/0x10 [ 717.514146][ C1] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 717.514167][ C1] ? nmi_handle+0x25/0x440 [ 717.514195][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 717.514217][ C1] ? nmi_handle+0x12e/0x440 [ 717.514237][ C1] ? nmi_handle+0x25/0x440 [ 717.514258][ C1] ? check_preemption_disabled+0x42/0x110 [ 717.514275][ C1] ? default_do_nmi+0x62/0x150 [ 717.514296][ C1] ? exc_nmi+0xa8/0x100 [ 717.514316][ C1] ? end_repeat_nmi+0x16/0x31 [ 717.514335][ C1] ? __local_bh_enable_ip+0x102/0x1f0 [ 717.514361][ C1] ? check_preemption_disabled+0x42/0x110 [ 717.514378][ C1] ? check_preemption_disabled+0x42/0x110 [ 717.514396][ C1] ? check_preemption_disabled+0x42/0x110 [ 717.514413][ C1] [ 717.514417][ C1] [ 717.514423][ C1] ? __local_bh_enable_ip+0x102/0x1f0 [ 717.514448][ C1] ? __local_bh_enable_ip+0x102/0x1f0 [ 717.514469][ C1] lockdep_hardirqs_off+0xa4/0x100 [ 717.514485][ C1] ? __local_bh_enable_ip+0x102/0x1f0 [ 717.514505][ C1] trace_hardirqs_off+0xe/0x40 [ 717.514525][ C1] __local_bh_enable_ip+0x102/0x1f0 [ 717.514546][ C1] ? batadv_nc_purge_paths+0x30e/0x3b0 [ 717.514565][ C1] ? _local_bh_enable+0xa0/0xa0 [ 717.514586][ C1] ? batadv_nc_purge_paths+0xe8/0x3b0 [ 717.514606][ C1] ? batadv_nc_purge_paths+0x3b0/0x3b0 [ 717.514625][ C1] batadv_nc_purge_paths+0x30e/0x3b0 [ 717.514650][ C1] batadv_nc_worker+0x324/0x610 [ 717.514669][ C1] ? batadv_nc_worker+0xc7/0x610 [ 717.514688][ C1] ? process_one_work+0x7a9/0x11d0 [ 717.514704][ C1] process_one_work+0x8a9/0x11d0 [ 717.514728][ C1] ? worker_detach_from_pool+0x260/0x260 [ 717.514748][ C1] ? _raw_spin_lock_irqsave+0x120/0x120 [ 717.514763][ C1] ? kthread_data+0x4e/0xc0 [ 717.514785][ C1] ? wq_worker_running+0x97/0x190 [ 717.514808][ C1] worker_thread+0xa47/0x1200 [ 717.514837][ C1] kthread+0x28d/0x320 [ 717.514849][ C1] ? worker_clr_flags+0x190/0x190 [ 717.514865][ C1] ? kthread_blkcg+0xd0/0xd0 [ 717.514879][ C1] ret_from_fork+0x1f/0x30 [ 717.514905][ C1] [ 717.520401][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 717.603512][T12640] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 717.603592][T12640] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 717.892417][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.104-syzkaller #0 [ 717.900296][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 717.910332][ T28] Call Trace: [ 717.913598][ T28] [ 717.916515][ T28] dump_stack_lvl+0x1e3/0x2cb [ 717.921187][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 717.926651][ T28] ? panic+0x764/0x764 [ 717.930703][ T28] ? llist_add_batch+0x160/0x1d0 [ 717.935628][ T28] ? vscnprintf+0x59/0x80 [ 717.939941][ T28] panic+0x318/0x764 [ 717.943818][ T28] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 717.949961][ T28] ? memcpy_page_flushcache+0xfc/0xfc [ 717.955326][ T28] ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0 [ 717.961467][ T28] ? nmi_trigger_cpumask_backtrace+0x33a/0x3f0 [ 717.967607][ T28] ? nmi_trigger_cpumask_backtrace+0x33f/0x3f0 [ 717.973749][ T28] watchdog+0xfc7/0xfd0 [ 717.977897][ T28] ? watchdog+0x1f8/0xfd0 [ 717.982215][ T28] kthread+0x28d/0x320 [ 717.986276][ T28] ? hungtask_pm_notify+0x50/0x50 [ 717.991286][ T28] ? kthread_blkcg+0xd0/0xd0 [ 717.995861][ T28] ret_from_fork+0x1f/0x30 [ 718.000274][ T28] [ 718.003508][ T28] Kernel Offset: disabled [ 718.007820][ T28] Rebooting in 86400 seconds..