last executing test programs: 22.378963821s ago: executing program 5 (id=418): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) 21.220479764s ago: executing program 5 (id=420): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1, 0x3}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000040)={{@local, 0x1b5c}, 0x0, 0x2, 0x2}) 21.013780944s ago: executing program 5 (id=423): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20) preadv(r0, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x0, 0x96, 0xd1, 0xca}}]}}]}}, 0x0) read$FUSE(r0, &(0x7f0000005b80)={0x2020}, 0x2020) 18.97796037s ago: executing program 5 (id=438): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x31001, 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2285080, 0x0) 18.808404117s ago: executing program 5 (id=439): r0 = socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x900, 0x4064}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x30}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffd, 0x0, {0x6, 0x0, 0x8100, 0x0, {}, {0x5}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0) 18.398057338s ago: executing program 5 (id=443): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x5883, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002fc0)=ANY=[@ANYBLOB="a00000000000000011000000090000009dfa53a1240a57985240b7229daec68fb090a8487d70d98500ada79e2bf9a942bf71f7027e743ce2440f8415a1249c384ce399621204206c79c55fddd709df9f806b3e569b65b7e253b9f91c281ccf0c98871d5d26a717ee8e5476b23270101b75d312e54bf73217a02246c942d7577a57a42ef6e80630ae46b4714c54199839596c0dbd30a9a9a99d6c6e1600000000c0000000000000000e010000060000008b68ca79842b953016659b2f7ee16c34ed0d05045620b39dddfc931896fc951f99dc4a34ff5093166f80cb94e794af49e1253a1c7551dbbd1b781070c8e0e908c5969218f18e8458545ba19b0439b45a8ef9d41f72eebec8f4b5470f885a5cfad742d92e2cfd30c7ece8253fb9b3f1a180d184b6107b4de1da0cb0c24082ed00428eed1a3fabe473adccd1a360fba30b83d5ede5a2dd58b7e3c427eef67f53a1eabe01990101ab5f9c0e0000000000009000000000000000130100006f5f00003ef6c8331af4bc2328c8f4e1340361a893290fc0af1da74c52171035943733b2825b1f324c32c5f377b398663c7380c524c0a28a107f759ba80995b20bbc35284795b82cfbd140d32c03f1cce742662862d47b7ebb365a8142f426ee0f2f570804ff0b02031a767d390e2a9332a0c08edceb46b28f0fc7345446000000000000f0000000000000000101000002000000b83a0800000000000000459b8cc5f070f1d8009af44b73bc923a9002740dc816d8acd71b249e375b1ab6bf5ffe6938548f20ea60e8a51d0c459edbd25fce4909ab0da70b24b950140f710a8e2c396f4543d60b33c78ce34d21ec9dc8267a44ba87f2f4cb1797fc8b073b5264ef3ace685b8e151223e32a5fc120c818ef9efa98ef6c099772bc1ba6b55cad58cebc2e81fb23d639a08574f3d8bb40061970874fc8d13b19fc2065077664e7ba85efac74e69bd5346ed6c9a3e507455fcb2ca8efc0025b0b63731a495056d79d570b4dc90d952be0e7bed360dea2a0cba8db000038000000000000003a0000000300000041e455ac6e00b717a731be6f08d04357d82cca2f2f7d4ef927cd3cfcb290143c83f1966200000000a800000000000000010000000200"], 0x15c0}, 0x0, 0x44}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) 18.014093289s ago: executing program 32 (id=443): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x5883, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002fc0)=ANY=[@ANYBLOB="a00000000000000011000000090000009dfa53a1240a57985240b7229daec68fb090a8487d70d98500ada79e2bf9a942bf71f7027e743ce2440f8415a1249c384ce399621204206c79c55fddd709df9f806b3e569b65b7e253b9f91c281ccf0c98871d5d26a717ee8e5476b23270101b75d312e54bf73217a02246c942d7577a57a42ef6e80630ae46b4714c54199839596c0dbd30a9a9a99d6c6e1600000000c0000000000000000e010000060000008b68ca79842b953016659b2f7ee16c34ed0d05045620b39dddfc931896fc951f99dc4a34ff5093166f80cb94e794af49e1253a1c7551dbbd1b781070c8e0e908c5969218f18e8458545ba19b0439b45a8ef9d41f72eebec8f4b5470f885a5cfad742d92e2cfd30c7ece8253fb9b3f1a180d184b6107b4de1da0cb0c24082ed00428eed1a3fabe473adccd1a360fba30b83d5ede5a2dd58b7e3c427eef67f53a1eabe01990101ab5f9c0e0000000000009000000000000000130100006f5f00003ef6c8331af4bc2328c8f4e1340361a893290fc0af1da74c52171035943733b2825b1f324c32c5f377b398663c7380c524c0a28a107f759ba80995b20bbc35284795b82cfbd140d32c03f1cce742662862d47b7ebb365a8142f426ee0f2f570804ff0b02031a767d390e2a9332a0c08edceb46b28f0fc7345446000000000000f0000000000000000101000002000000b83a0800000000000000459b8cc5f070f1d8009af44b73bc923a9002740dc816d8acd71b249e375b1ab6bf5ffe6938548f20ea60e8a51d0c459edbd25fce4909ab0da70b24b950140f710a8e2c396f4543d60b33c78ce34d21ec9dc8267a44ba87f2f4cb1797fc8b073b5264ef3ace685b8e151223e32a5fc120c818ef9efa98ef6c099772bc1ba6b55cad58cebc2e81fb23d639a08574f3d8bb40061970874fc8d13b19fc2065077664e7ba85efac74e69bd5346ed6c9a3e507455fcb2ca8efc0025b0b63731a495056d79d570b4dc90d952be0e7bed360dea2a0cba8db000038000000000000003a0000000300000041e455ac6e00b717a731be6f08d04357d82cca2f2f7d4ef927cd3cfcb290143c83f1966200000000a800000000000000010000000200"], 0x15c0}, 0x0, 0x44}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0) 5.857774949s ago: executing program 1 (id=508): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x48a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0x1, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x194) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, 0x0) r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 5.371649778s ago: executing program 1 (id=516): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000001c0)={{}, 'syz1\x00'}) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) r1 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5322, 0x10000, 0x0, 0x100002cc}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0) 4.881159716s ago: executing program 1 (id=521): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) getgroups(0x2, &(0x7f0000001080)=[0xee01, 0xffffffffffffffff]) keyctl$chown(0x4, r0, 0xee01, r2) setgroups(0x3, &(0x7f00000001c0)=[0x0, r1, r1]) keyctl$setperm(0x5, r0, 0x21062437) keyctl$chown(0x4, r0, 0xee01, 0x0) 4.577720432s ago: executing program 4 (id=527): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000500)={'netdevsim0\x00', 0x0}) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x2, 0x0, 0x10, r2, 0x8}, 0xc) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4) 4.53256521s ago: executing program 1 (id=529): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@discard}, {@abort}, {@dioread_lock}, {@norecovery}, {@nombcache}, {@lazytime}, {@noload}, {@usrquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@grpquota}, {@init_itable_val}, {@jqfmt_vfsv1}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}}) chdir(&(0x7f0000000180)='./file0\x00') chdir(&(0x7f00000000c0)='./file1\x00') 4.216198721s ago: executing program 1 (id=531): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000001940)=ANY=[], 0x1, 0xc25, &(0x7f0000002580)="$eJzs3V9oXNl9B/DfmStZY22aaLOJN2mz6UBKYpTa+F9sBZcgZxW1AccbIit0n6LRHzvDyiMjyY03bYPakhb6ErovpS9FNF1ayEPpQ7ePVZotJJRCCXlIHwqCJss+9EEPgdKWjcK9c0Ya2fJau15ZsvfzMePvnTu/OzrnntGdO6AzNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiM9+7tKp0+mgWwEAPExXJr506myKgYNuBwDw8Fz1+R8AAAAAAAAAAAAAAA67FEUcixSDr2ykqep+R/1yq33r9uTY+O6bHU2RohZFVV/e6qfPnD33qfMXRrr55tu/0z4cz01cvdR4duHGzcW5paW52cZkuzWzMDu352d40O3vNFztgMaNF27NXru21Dhz8uyOh28PvTbwxLGhixdOnB/p1k6OjY9P9NT09b/tn36Xe83wOBJFNCPFG0Ovp2ZE1OLB98V9Xjv77WjVieGqE5Nj41VH5lvN9nL5YKrlqlpEo2ej0e4+eghj8UBGI1bK5pcNHi67N3Gzudicnp9rfLG5uNxabi20U63T2rI/jajFSIpYjYj1XSb59kcRH40UL53aSNMRUXT3wyericH3b09tH/q4B2U7G/0Rq7VHYMwOsYEo4kqk+Nmrx2Om3Gf5Fh+P+EKZr0S8XOZnIlL5wjgX8VOTxR8bfVHEv0WKhbSRZqvjQfe4cvnLjc+3ry301HaPK4/8+8PDdMiPTfUoYro64m+kt3+yAwAAAAAAAAAAAAAAAMA77WgU8e1I8UfP/E41rziqeenvuzjynud/s3fO+NP3eZ6y9mRErNT2Nie3P08dTrXy3z50jD2pRxHfyPP//uCgGwMAAAAAAAAAAAAAAAAAAPCuVsTzkeIrJ46n1aiu/XskqmuKt9rXG1eb0/Odq8J2r/3bvWb65ubmZiN1cjTnVM6VnKs513Ku54xa3j7naM6pnCs5V3Ou5VzPGUXePudozqmcKzlXc67lXM8ZfXn7nKM5p3Ku5FzNuZZzPWcckmv3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8TmpRxM8jxbe+tpEiRcRoxFR0cm3goFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJTqqYiTkWLt+Xp1f7UWcTUifr65udm9RcRGmQ/qoPsKAAAAAAAAAAAAAAAAAAAAh1Yq4mOR4qn/20iNiLg99NrAE8eGLl44cX6kiCJSWdJb/9zE1UuNZxdu3FycW1qam21MtlszC7Nze/1x9cut9q3bk2Pj+9KZ+zq6z+0/Wn924eaLi63rX13e9fHB+qXppeXF5szuD8fRqEVM9a4Zrho8OTZeNXq+1WxXm6baPRpYixjda2cAAAAAAAAAAAAAAAAAAAA4NAZTEZ+LFD/5z3OpO2+8rzPn/5c694qt2pd/b/u7AObvyK7e7w/Yy3Laa0OHq4n3jcmx8fGJntV9/XeXlm1KqYinI8UnXvpQNR8+xeCuc+PLuveWdTfO5bqhXynrVnZU1Ycnx8YbVxbaJy7Nzy/MNJeb0/NzjYmbzZn8xQEre+0GAAAAAAAAAAAAAAAAAAAA7GYwFfGjSPHff/vvqXvd+Tz/v69zr2f+/29UU+gr9bQzt1Rz+99bze3vLL/v4sjgR5+51/r9mP9ftimlIr4ZKc7+6EPV9fS78/+n7qgt6/4kUrz+zEdyXe1IWdfsdqfzjNda83Onytq/jBS/+ka3Nqra67n2qe3a02Xt0Ujx5xs7a7+aaz+wXXumrD0eKb73X7vXfnC79mxZ+5NI8Y9/0+jWDpa1v5trj23XnpxZmJ+9324tx/87keKvr/xW6vb5nuPf8/0PK3fklrvG/M2X36nxH+pZt5LH9Y/z+DfvM/7nI8V36h/JdZ19P50ff7L6f3v8PxEp/uNfd9Zey7Xv3649vdduHbRy/L8dKb77Fz/e6nMe//74+/+N7RHfOf6/3Lczt14lBzT+T/asG8rtmnnru+NdZ+nFr7/QnJ+fW7RgwYKFrYWDPjLxMJTv/38aKf7/WJG65zH5/f89nXvb53//843t9/+Ld+SWA3r/f3/Puov5rKW/L6K+fONm/9MR9aUXv36idaN5fe76XPvM6VOf/vT506dOn+8/0j25217a8757HJTj/4NI8cO/++HW55it87/K7uf/g3fklgMa/6d6+7TjvGbPu+JdqRz/v4oUT372x1ufN3eO/87z/+7n/+Mf25lbv38HNP4f6Fk3lNvVeov7AgAAAAAAAAAA4FEymIr4s0jx23/466k7h2gvf/83e0duOaC//zrWs272Ic1r2PNOBgA4RMrzvw9Gin/a/P7WXO6d53/xa93a3vO/ezkM1/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXYoifj9SDL6ykdYGyvsd9cut9q3bk2Pju292NEWKWhRVfXmrnz5z9tynzl8Y6eabb/9O+3A8N3H1UuPZhRs3F+eWluZmG5Pt1szC7Nyen+FBt7/TcLUDGjdeuDV77dpS48zJszsevj302sATx4YuXjhxfqRTO9CYHBsfn+ip6et/2z/9Luke649EEd+PFG8MvZ6+OxBRiwffF/d57ey3o1UnhqtOTI6NVx2ZbzXby+WDqZarahGNno1Gu/soj9t+jsUDGY1YKZtfNni47N7EzeZic3p+rvHF5uJya7m10E61TmvL/jSiFiMpYjUi1gfufrr+KOKbkeKlUxvpnwciiu5++OSViS+dOnv/9tT2oY97ULaz0R+xWnsExuwQG4gi/iFS/OzV4/G9gYi+6Nzi4xFfKPOViJfL/ExEKl8Y5yJ+usvriEdTXxRxLlIspI306kB5POgeVy5/ufH59rWFntruceWRf394mA75sakeRfygOuJvpH/xew0AAAAAAAAAAAAAAABwiBSxGim+cuJ4quYHb80pbrWvN642p+c70/q6c/+6c6Y3Nzc3G6mTozmncq7kXM25lnM9Z9Ty9jlHc07lXMm5mnMt53rOKPL2OUdzTuVcybmacy3nes7oy9vnHM05lXMl52rOtZzrOeOQzN0DAAAAAAAAAAAAAAAAAAAeL7Uoqqu4f+trG2lzoHN96ano5JrrgT72fhEAAP//gMd2Mw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000008c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0xc0086c43, &(0x7f0000000f40)=0x700) 4.215971395s ago: executing program 4 (id=532): pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[], 0x5) ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x7ff) splice(r0, 0x0, r2, 0x0, 0x25, 0x5) 4.118683148s ago: executing program 4 (id=533): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, &(0x7f0000000180)={0x0, 0x3, 0x50, @string={0x50, 0x3, "8f3b718b97f34a07d231dce3b07cf87e0de7d256bf3ac67a9d15156e011a7d58f7bfd42002403b6a7cd3dba8786d7a75fbf6691e82e5d99e0867c1969826b6fa3b885a441a112c2d2608d9cd08db"}}, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x40400) ioctl$HIDIOCSREPORT(r1, 0x81044804, &(0x7f0000000400)={0x1, 0x100, 0xab9}) 4.079474926s ago: executing program 6 (id=534): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4}) ioctl$FBIO_WAITFORVSYNC(r0, 0x40044620, 0x0) 3.892597632s ago: executing program 1 (id=535): r0 = gettid() mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0) acct(&(0x7f0000000140)='./file0\x00') timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) 3.373116854s ago: executing program 33 (id=535): r0 = gettid() mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0) acct(&(0x7f0000000140)='./file0\x00') timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) 3.362422038s ago: executing program 6 (id=537): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = eventfd2(0x1, 0x1) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1}) close(r0) 2.982508384s ago: executing program 6 (id=541): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) r0 = gettid() timer_create(0x3, &(0x7f0000000180)={0x0, 0x17, 0x4, @tid=r0}, &(0x7f0000000080)) timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8) 2.724291791s ago: executing program 2 (id=543): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = socket$inet6(0x10, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x2100) 2.52054624s ago: executing program 6 (id=545): syz_usb_connect$uac1(0x6, 0x95, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x83, 0x3, 0x1, 0x2, 0xb0, 0x3, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x202, 0x1}, [@mixer_unit={0x7, 0x24, 0x4, 0x3, 0x3, "ab97"}, @processing_unit={0x10, 0x24, 0x7, 0x3, 0x0, 0x4, 'E!y'}, @mixer_unit={0x5, 0x24, 0x4, 0x5, 0x7}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x8, 0x1, 0xfb, {0x7, 0x25, 0x1, 0x100, 0xf8}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x1, 0xf7, 0x2}, @as_header={0x7, 0x24, 0x1, 0xc, 0x3, 0x2}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x6, 0x3, 0x5, {0x7, 0x25, 0x1, 0x1, 0xf7, 0x8000}}}}}}}]}}, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x140) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) write$P9_RLERRORu(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00\x00F\x00', @ANYRES64], 0x53) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[], [], 0x6b}}) 2.284513824s ago: executing program 2 (id=547): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000140)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noblock_validity}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = fanotify_init(0x18, 0x0) fanotify_mark(r1, 0x105, 0x4800003a, r0, 0x0) r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r2, 0x2007ffc) 1.72675946s ago: executing program 0 (id=549): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="f78d9ca38fff48f3", 0x8}], 0x1}], 0x1, 0x0) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x20000253) 1.624267107s ago: executing program 2 (id=550): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000100)={@val={0x800e, 0x6002}, @void, @eth={@broadcast, @remote, @void, {@mpls_mc}}}, 0x12) 1.62379036s ago: executing program 3 (id=551): read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020}, 0x2020) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0xfffe, @remote}, {0x2, 0x4e23, @rand_addr=0x64010102}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000}) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e22, @loopback}, {0x2, 0x4e24, @broadcast}, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x8}) 1.623490843s ago: executing program 6 (id=552): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @remote}, 0x8) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2}}}}}, 0x0) 1.579983071s ago: executing program 0 (id=553): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0f000000040000000400000015"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2, 0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20) recvmsg$unix(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000840)=""/170, 0xaa}], 0x1}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3}, &(0x7f0000000000), &(0x7f00000000c0)=r0}, 0x20) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4000000) 1.547221397s ago: executing program 4 (id=554): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x80000) sendmsg$kcm(r1, &(0x7f0000001880)={0x0, 0xf5, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x7fffeffd}, {&(0x7f0000001680)="094fb143daa9baa36aaa2cca06886c533118e056", 0x14}], 0x3}, 0x0) 1.288259681s ago: executing program 0 (id=555): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x200000000000000, &(0x7f0000000140), 0x0, 0x4) ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3000000}) 1.19751502s ago: executing program 3 (id=556): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x18}) shutdown(r1, 0x0) epoll_wait(r0, &(0x7f0000000000)=[{}], 0x1, 0x101) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000140)={0x2012}) 1.124736643s ago: executing program 6 (id=558): r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000402505a8a440000102030109021b00010100000009040000020701010009050102"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r0) ioctl$EVIOCGMASK(r1, 0x604, 0x0) fcntl$getflags(0xffffffffffffffff, 0x401) 920.524314ms ago: executing program 0 (id=559): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000380)='./file1\x00', 0x0, &(0x7f0000000340)={[{@usrjquota}]}, 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) read$FUSE(r0, &(0x7f0000000dc0)={0x2020}, 0x2020) 920.243819ms ago: executing program 3 (id=560): pipe2$watch_queue(&(0x7f0000001180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r2 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r0, 0x0) pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0xffffffffffffffff) 784.010397ms ago: executing program 3 (id=561): r0 = creat(&(0x7f0000000180)='./file0\x00', 0x18b) r1 = open(&(0x7f0000000000)='./file0\x00', 0x8060, 0x1a0) flock(r0, 0x1780f9c373410de4) flock(r1, 0x2) r2 = creat(&(0x7f0000000180)='./file0\x00', 0x0) flock(r2, 0x5) 722.485124ms ago: executing program 2 (id=562): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "128c00", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a060f0200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c100000000200ffffffff", 0x58}], 0x1) 624.86517ms ago: executing program 0 (id=563): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f0000000140)=ANY=[], 0x11, 0x69c, &(0x7f0000000380)="$eJzs3c1vHGcdB/DvrDe2N5UcN03TgCphGqkgIhI7VgrhkoAQClKFqnDgbDWOYmWTBsdFaQ/EBSSuHPgDyiFc4ARCSEhIkcoZbhU3i1MlJC49pT0waGdn12t31y95W4d+PtHs8zzzzDzzm9+87EtkTYDPrUun0ryfVi6dev1Op71xb7G9cW/xRq+eZCpJI2l2iyTrKT5ILqY75QtJinq4YtR2fr1y/vKHH2981G01MzBeI2lNjQywOapj9uhmfb2eMpdkoi4fwZbx3ny48QZ2qehnppOwk73EwbgdSlJu8ePjmz3DlBMDjZHXO/DsKLrvmwO61/9scjjJdO8Nbb3b2Xj6Ee5qX/ei9ScXBwAAABwYRx7cTe5kZtxxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLOkfv5/UU+NXn0uRe/5/5MDz9ifHHO4o+0Y2Wbn/cbTCAYAAAAAAAAAnqwvPcjvLpflTK9dFtX/+b9SNY5Vr8/l7dzOclZzOneylLWsZTULSWYHBpq8s7S2trrQW/PTsixHrHl26Jpn9xhw63HsNQAAAAAAAAD837hQlz/LpcyMORYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiiSCa6RTUd69Vn02gmmU4y2VluPflHr/4suz/uAAAAAOApOPIgD3InM712WVTf+Y9X3/un83ZuZi0rWUs7y7lS/RbQ/dbf2Li32N64t3ijM3123G//Z7P+x5ldw6hGTPe3h+FbPlEt0crVrFRzTufNvJV2rqRRrdlxohfP8Lje68RUXOgqy70l6Epddvb8V3V5MMxWGTnUz8h8HVsnG89vZqE5JBODR+chtrSQRv+Xn2P7yPmFHbdS/Ld3TA735iTPfX/3nB/a1848ku2ZODtw9h3fORPJV/70+x9da9+8fq1YP3VwTqN9mPrX5lWzPROLA5l4ac+ZuHr72czEdo282K9fyvfyw5zKXN7IalbykyxlLcuZy3er2lJ9PndeZ3fO1MUtrTd2i2KyPi4T22L68pFuuVNMr1TrzmQlP8hbuZLlvFb9O5uFfCPnci7nB47wi3u46htDrvo/jw7+5FfrSivJL+vyYOjk9fmBvA7ec2ervsE5jZRT3fWOPrZ7Y1/zi3WlcyR+XpcHQz8T0+m/S/Sie6GXgVaGZeI31W3ldvvm9dVrS7e2jVusD9/eq9m6+wfnRtI5X452DlbV2np2dPpeGNq3UPUd6/c1tvf9ttXv2+1Knaw/w312pLNV30tD+xarvhMDfZuftz4ty7L7eQuAA+/w1w5Ptv7d+nvr/dYvWtdar09/Z+qbUy9P5tDfDn2rOT/xauPl4g95Pz/N7t/QAQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXd1+593rS+328uq2SlmWd0d0PZFKmsmWOX/9y8AySaqHAe19wM7SFxtJNaeZurK/wO4+3O6897BJ+Gd9TPa1VmNfaXnMlemR58/2yidlWY4jwn1WyiPJUrtz9lfGHs8YK2O9LQFPwZm1G7fO3H7n3a/3nrp4/ty58/Pnz722eObqSnt5vvs65iCBJ2LgEzgAAAAAAAAAAADwjNjbH+cUj/a3PQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACP4NKpNO+nyML86flOe+PeYrsz9eqbS36SpJGkmEuKD5KL6U6ZHRiuGLWd9eTyhx9vfNRtNeupWr6x03p7s15PmUsyUZdDTA+bWd4dNV5RjXNr9Hh7VPT3sJOwk73Ewbj9LwAA//8e5BRW") mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x810, 0xffffffffffffffff, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DESTROY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x14, 0x15, 0x1, 0x70bd27, 0x25dfdbfb, {0x1a, 0x20}}, 0x14}, 0x1, 0x0, 0x0, 0x20000005}, 0x40) r1 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3) 504.534823ms ago: executing program 4 (id=564): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001340)="$eJzs3cFvHFcdB/DvrNeOt1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitEKQAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmfXu/Y6Xif2OoHPJxrPe/Nm3vzmN29mvOusNsD/rctn0ryfIpfPvHG3rG+sL7Y31heP1M3tJGW5kTS7sxQ3k+JBslS2FwNTBubbfLx66a3PHm583q0166laf6q/3exYIY/Yx716ynzd3/zILafH6r/bVxVeXkxypZ4Pmxm3r6EVy6Sdrudw6Drb3NvL5jte78Czr/d0KrrPzW3mkhfqJ3P1O0F9d2hMLsKDsae7HAAAADynPr112BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA86f+/v+inhr1PPMpet//P9NbVpefQUtjr3n/QOMAAAAAAAAAgMn4+qM8yt0c7dU7RfU3/1NV5Xi+6CRfyvu5k5XcztnczXLWspbbOZ9kbqCjmbvLa2u3z/e3LI3e8sLILS9M6ogBAAAAAAAA4H/SL9Pa/Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8C4pkqjurpuP1PHNpNLPZlnvJP5PMHHa8e1CMWnh/8nEAAADAU5l9gm2+/CiPcjdHe/VOUb3m/0r1enk27+dm1rKatbSzkqv1a+jyVX9jY32xvbG+eKOcyvpwv9//957CmKl7mKpqo/Z8slqjlWtZrZaczZUqmKtpdPd9OjnZi2cgrgEflTEV36uNGVmzTmu5s9/v9C7Cvhh+K6LxmDVbm8El/Yws1LGVWx7rZqCo3qhJtmZi17PTHKrNVb1O9/d0Po3+Oz/HDyDnL9Tz8nh+c6A536t+JhqpMnGhN/rKa+bxmUi+8dc/vX29ffPd69funHl2DmkXUzss3zomFgcy8cpznYnmHtdfqDJxol+/nB/lJzmT+byZ21nNT7OctaykU7cv1+O5/Dn3+EwtDdXe3C2Smfq8dM/ZODHN54dVaTmnqm2PZjVFbuVqVvJ69e9CzufbuZiLuTRwhk/sGHd1bNVV39h61ffO9N9GBn/6m3WhvLv9dvMut/S4I95pdO6X7r2/zOuxgbx2R/3D/lrHBq6DhYEsvdTLzvTIzp/k3tj8al0o9/GrXZ4TkzVXZ6K8gHpPiV50L3cz0ayeRdvH+R865XZp3+x0ri+/t0P/97bUX6vn5bBa/9pua/eMPhX7qxwvL2W2vpMMj46y7eX+XWagrbM5lrttw0/ccrsTVVtR9K7UH+dWNQC2X6kz9e9w23u6ULW9MrJtsWo7OdA29PtWbqWdqxPIHwBP4h9v94tzeWGm9a/Wp61PWr9uXW+9MfuDI9858upMpv8+/d3mwtRrjVeLv+ST/Hzz9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDk7nzw4bvL7fbK7dGFxs5NQ4VWti7Zqecjo/sp6i/0GWNfz0VhNsnQkup7jiYeRmtrGNsKnV8kE89P70sER6/zu7LQ3DaiRhWWhpb8eXuHH+0xwmK86+IAC41MdqdTGT0ADvGmBEzEubUb752788GH31q9sfzOyjsrN6cvXry0cOni64vnrq22Vxa6Pw87SuAgbD70DzsSAAAAAAAAAAAAYFyjPhhw6sXdPjQy1mc8/M9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYF9cPpPm/RQ5v3B2oaxvrC+2y6lX3lyzmaTRSIqfJcWDZCndKXMD3RX544N0Ruzn49VLb332cOPzzb6a3fWTRj3f2eNbk9yrp8wnmarnT2GovytP3V/xn94xlAn7otPpLD1dfLA//hsAAP//P3v0tA==") symlink(0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000080)) rmdir(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') unlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 433.43267ms ago: executing program 3 (id=565): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 324.359967ms ago: executing program 2 (id=566): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="c50a00ff0000000071104300000000b560d6bdf59f8c0f03f736c9bad55b3b60dd31ba71585d1a6e4adf30b27d81686123ce73beb48dbd228c5e33f5a8f5085d137b51779de787d2a549e1dc45de5d1abc6d3d850dd1cb95ca99b696538759aad305aebfc28c180bc7493b484fda2f8072cc5bc098201ff3b732adb3fc036ae4e702b60e67c10d7291186565fb008ee04b4c0ad11856066e12182152035f09fa"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 165.200241ms ago: executing program 0 (id=567): r0 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f00000004c0)=[{0x80000006, 0x0, 0x12, 0xf9}]}, 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 147.957123ms ago: executing program 3 (id=568): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000002a00)={&(0x7f0000002a80)=ANY=[], 0x77c}}, 0x8010) accept4(r1, 0x0, 0x0, 0x800) 44.521267ms ago: executing program 2 (id=569): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]}) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r1, 0x400, 0x1) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) pread64(r2, &(0x7f0000001440)=""/126, 0x7e, 0x41) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 4 (id=570): syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="0407ff05aaaaaaaaaa10"], 0x102) r0 = syz_open_dev$sg(0x0, 0x0, 0x40042) write$binfmt_aout(r0, 0x0, 0x125) socket$inet6_sctp(0xa, 0x1, 0x84) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x10800, 0x0) kernel console output (not intermixed with test programs): ackets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.166892][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 127.182344][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 127.189747][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.235878][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.352967][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 127.361345][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 127.393474][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.544945][ T5844] hsr_slave_0: entered promiscuous mode [ 127.552119][ T5844] hsr_slave_1: entered promiscuous mode [ 127.559387][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.568878][ T5844] Cannot create hsr debugfs directory [ 127.729099][ T5845] hsr_slave_0: entered promiscuous mode [ 127.737416][ T5845] hsr_slave_1: entered promiscuous mode [ 127.745287][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.752984][ T5845] Cannot create hsr debugfs directory [ 127.800832][ T5840] hsr_slave_0: entered promiscuous mode [ 127.808340][ T5840] hsr_slave_1: entered promiscuous mode [ 127.814700][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.822628][ T5840] Cannot create hsr debugfs directory [ 127.876868][ T5838] hsr_slave_0: entered promiscuous mode [ 127.885536][ T5838] hsr_slave_1: entered promiscuous mode [ 127.892787][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.900763][ T5838] Cannot create hsr debugfs directory [ 128.069171][ T5847] hsr_slave_0: entered promiscuous mode [ 128.076669][ T5847] hsr_slave_1: entered promiscuous mode [ 128.083866][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 128.091791][ T5847] Cannot create hsr debugfs directory [ 128.096639][ T5857] Bluetooth: hci0: command tx timeout [ 128.175378][ T5850] Bluetooth: hci4: command tx timeout [ 128.181008][ T5850] Bluetooth: hci1: command tx timeout [ 128.187128][ T5857] Bluetooth: hci3: command tx timeout [ 128.255271][ T5850] Bluetooth: hci2: command tx timeout [ 128.255329][ T5856] Bluetooth: hci5: command tx timeout [ 129.045639][ T5839] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 129.065803][ T5839] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 129.112285][ T5839] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 129.155431][ T5839] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 129.257994][ T5845] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 129.294480][ T5845] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 129.311363][ T5845] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 129.352800][ T5845] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 129.474319][ T5838] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 129.496252][ T5838] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 129.520404][ T5838] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 129.540487][ T5838] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 129.726983][ T5847] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 129.774784][ T5847] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 129.794258][ T5847] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 129.846349][ T5847] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 129.913364][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.004923][ T5844] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 130.078483][ T5844] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 130.094121][ T5844] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 130.141741][ T5844] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 130.175236][ T5856] Bluetooth: hci0: command tx timeout [ 130.197968][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.248246][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.256053][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.265802][ T5856] Bluetooth: hci1: command tx timeout [ 130.271448][ T5856] Bluetooth: hci3: command tx timeout [ 130.274403][ T5850] Bluetooth: hci4: command tx timeout [ 130.335529][ T5857] Bluetooth: hci2: command tx timeout [ 130.345361][ T5857] Bluetooth: hci5: command tx timeout [ 130.368009][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.375345][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.449369][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 130.464614][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 130.482156][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 130.514492][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.539056][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 130.613445][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.648720][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.752407][ T4493] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.759637][ T4493] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.804875][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.824307][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.831618][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.943861][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.951317][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.029022][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.037370][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.084952][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.320657][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.396816][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.404053][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.441876][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.449168][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.509595][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.711004][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.740898][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.771205][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.830932][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.838674][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.969204][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.976882][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.075929][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.191327][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.198889][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.272737][ T188] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.280306][ T188] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.364607][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 132.443697][ T5839] veth0_vlan: entered promiscuous mode [ 132.680719][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 132.714735][ T5839] veth1_vlan: entered promiscuous mode [ 132.947969][ T5839] veth0_macvtap: entered promiscuous mode [ 132.975542][ T5839] veth1_macvtap: entered promiscuous mode [ 133.241302][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 133.342231][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.378973][ T5838] veth0_vlan: entered promiscuous mode [ 133.412891][ T5838] veth1_vlan: entered promiscuous mode [ 133.461859][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 133.542685][ T5839] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.583003][ T5839] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.608495][ T5839] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.633678][ T5839] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.920734][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.129162][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.153318][ T5838] veth0_macvtap: entered promiscuous mode [ 134.211660][ T5838] veth1_macvtap: entered promiscuous mode [ 134.246467][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.254490][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.435038][ T5845] veth0_vlan: entered promiscuous mode [ 134.446130][ T2942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.454022][ T2942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.473286][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.521077][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.584874][ T5838] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.602413][ T5838] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.611452][ T5838] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.620948][ T5838] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.646810][ T5844] veth0_vlan: entered promiscuous mode [ 134.660397][ T5845] veth1_vlan: entered promiscuous mode [ 134.673206][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 134.842469][ T5844] veth1_vlan: entered promiscuous mode [ 135.016976][ T5840] veth0_vlan: entered promiscuous mode [ 135.072425][ T5847] veth0_vlan: entered promiscuous mode [ 135.213642][ T5845] veth0_macvtap: entered promiscuous mode [ 135.237850][ T5847] veth1_vlan: entered promiscuous mode [ 135.256635][ T5840] veth1_vlan: entered promiscuous mode [ 135.270123][ T5845] veth1_macvtap: entered promiscuous mode [ 135.299213][ T5844] veth0_macvtap: entered promiscuous mode [ 135.307015][ T188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.315582][ T188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.432333][ T5844] veth1_macvtap: entered promiscuous mode [ 135.453003][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.463253][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.473673][ T24] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 135.479298][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.519300][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.583925][ T5840] veth0_macvtap: entered promiscuous mode [ 135.599515][ T5845] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.610901][ T5845] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.620728][ T5845] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.634339][ T5845] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.653365][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 135.675883][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 135.681574][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.694524][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 135.703762][ T5840] veth1_macvtap: entered promiscuous mode [ 135.713672][ T24] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 135.723966][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.733970][ T5847] veth0_macvtap: entered promiscuous mode [ 135.739432][ T24] usb 2-1: config 0 descriptor?? [ 135.858482][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.919501][ T5844] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.934514][ T5844] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.961836][ T5844] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.974772][ T5844] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.013065][ T5847] veth1_macvtap: entered promiscuous mode [ 136.141229][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 136.232060][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 136.249257][ T24] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 136.307910][ T5840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.313779][ T24] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 136.348006][ T5840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.374876][ T5840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.397735][ T5840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.531043][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 136.591443][ T2145] usb 2-1: USB disconnect, device number 2 [ 136.699789][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 136.715734][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.745988][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.794139][ T5955] fido_id[5955]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 136.865666][ T5847] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.889957][ T5847] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.912137][ T5847] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.922477][ T5847] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.981256][ T4493] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.996873][ T4493] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.030004][ T5960] loop3: detected capacity change from 0 to 256 [ 137.040026][ T5960] ======================================================= [ 137.040026][ T5960] WARNING: The mand mount option has been deprecated and [ 137.040026][ T5960] and is ignored by this kernel. Remove the mand [ 137.040026][ T5960] option from the mount to silence this warning. [ 137.040026][ T5960] ======================================================= [ 137.183638][ T5960] process 'syz.3.10' launched '/dev/fd/3' with NULL argv: empty string added [ 137.246570][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.254452][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.443264][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.459767][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.573570][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.599238][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.691688][ T5962] loop1: detected capacity change from 0 to 2048 [ 137.874354][ T5962] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.900405][ T188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.940236][ T188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.971401][ T5962] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 138.093359][ T4493] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.157628][ T4493] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.174747][ T5962] fs-verity: sha512 using implementation "sha512-avx2" [ 138.289172][ T3501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.302357][ T3501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.543288][ T5970] loop4: detected capacity change from 0 to 4096 [ 138.543300][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.318328][ T5986] loop5: detected capacity change from 0 to 32768 [ 141.440442][ T5986] JBD2: Ignoring recovery information on journal [ 141.563149][ T6033] overlayfs: invalid origin (0000) [ 141.605103][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 141.688614][ T5986] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 141.775340][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 141.807833][ T9] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 141.852373][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.909897][ T9] usb 2-1: Product: syz [ 141.914139][ T9] usb 2-1: Manufacturer: syz [ 141.951784][ T9] usb 2-1: SerialNumber: syz [ 142.060319][ T9] usb 2-1: config 0 descriptor?? [ 142.155264][ T5843] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 142.367367][ T5847] ocfs2: Unmounting device (7,5) on (node local) [ 142.378973][ T5843] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 142.400270][ T5843] usb 3-1: config 0 has no interface number 0 [ 142.473313][ T5843] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 142.508854][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 142.521834][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 142.537575][ T5843] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.586160][ T5843] usb 3-1: config 0 descriptor?? [ 142.589388][ T9] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 142.630440][ T5843] usb 3-1: selecting invalid altsetting 1 [ 142.664217][ T5843] dvb_ttusb_budget: ttusb_init_controller: error [ 142.678746][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 142.712200][ T5843] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 142.755017][ T9] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 142.763055][ T9] usb 2-1: media controller created [ 142.797428][ T6027] dtv5100: wlen = 0, aborting. [ 142.966865][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 143.075221][ T6054] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 143.090303][ T5843] DVB: Unable to find symbol cx22700_attach() [ 143.156392][ T9] zl10353_read_register: readreg error (reg=127, ret==0) [ 143.163528][ T9] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 143.186605][ T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 143.266207][ T9] usb 2-1: USB disconnect, device number 3 [ 143.411614][ T5843] DVB: Unable to find symbol tda10046_attach() [ 143.427686][ T5843] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 143.494177][ T5843] usb 3-1: USB disconnect, device number 2 [ 143.507303][ T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 143.683847][ T6067] netlink: 48 bytes leftover after parsing attributes in process `syz.3.45'. [ 144.049305][ T6078] netlink: 36 bytes leftover after parsing attributes in process `syz.4.50'. [ 144.575652][ T2145] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 144.588926][ T6086] syz.5.54 uses obsolete (PF_INET,SOCK_PACKET) [ 144.634069][ T6089] No control pipe specified [ 144.688095][ T6089] No control pipe specified [ 144.791375][ T2145] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 82, changing to 10 [ 144.794632][ T6079] loop0: detected capacity change from 0 to 65536 [ 144.862916][ T2145] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1816, setting to 1024 [ 144.879255][ T2145] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 144.892396][ T6079] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 144.897784][ T2145] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.002335][ T2145] usb 2-1: config 0 descriptor?? [ 145.019109][ T6084] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 145.038215][ T6079] XFS (loop0): Ending clean mount [ 145.103205][ T6079] XFS (loop0): Metadata corruption detected at xfs_dinode_verify.part.0+0x93e/0x1760, inode 0x45 dinode [ 145.114740][ T6079] XFS (loop0): Unmount and run xfs_repair [ 145.120570][ T6079] XFS (loop0): First 128 bytes of corrupted metadata buffer: [ 145.128153][ T6079] 00000000: 49 4e a1 ff 03 01 00 00 00 00 00 00 00 00 00 00 IN.............. [ 145.137793][ T6079] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 145.146890][ T6079] 00000020: 34 f7 58 68 a7 8d ff 64 34 f7 58 68 a7 8d ff 64 4.Xh...d4.Xh...d [ 145.155835][ T6079] 00000030: 34 f7 58 68 a7 8d ff 64 00 00 00 00 00 00 00 26 4.Xh...d.......& [ 145.164736][ T6079] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 145.175159][ T6079] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 97 d7 4a ca ..............J. [ 145.185173][ T6079] 00000060: ff ff ff ff b0 c8 54 15 00 00 00 00 00 00 00 02 ......T......... [ 145.194067][ T6079] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08 ................ [ 145.313671][ T5844] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 145.450900][ T6107] netlink: 32 bytes leftover after parsing attributes in process `syz.2.59'. [ 145.521305][ T2145] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 145.570654][ T2145] cm6533_jd 0003:0D8C:0022.0002: global environment stack underflow [ 145.645282][ T2145] cm6533_jd 0003:0D8C:0022.0002: item 0 0 1 11 parsing failed [ 145.698794][ T2145] cm6533_jd 0003:0D8C:0022.0002: parse failed [ 145.724049][ T6110] loop3: detected capacity change from 0 to 2048 [ 145.744512][ T2145] cm6533_jd 0003:0D8C:0022.0002: probe with driver cm6533_jd failed with error -22 [ 145.867388][ T2145] usb 2-1: USB disconnect, device number 4 [ 145.929641][ T6110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.221959][ T6109] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 146.234147][ T6123] netlink: 8 bytes leftover after parsing attributes in process `syz.5.64'. [ 146.353383][ T6109] EXT4-fs (loop3): Remounting filesystem read-only [ 146.686836][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.905515][ T6132] Bluetooth: MGMT ver 1.23 [ 146.964101][ T6135] Zero length message leads to an empty skb [ 146.964920][ T6127] loop0: detected capacity change from 0 to 32768 [ 146.992119][ T5795] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 147.005751][ T6127] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 147.014153][ T6127] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 147.081334][ T6127] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms [ 147.097350][ T43] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 147.104298][ T43] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 147.178502][ T5795] usb 5-1: Using ep0 maxpacket: 32 [ 147.214721][ T5795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.266654][ T5795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.335241][ T5795] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 147.401638][ T5795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.457172][ T5795] usb 5-1: config 0 descriptor?? [ 147.467777][ T43] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 363ms [ 147.510141][ T43] gfs2: fsid=syz:syz.0: jid=0: Done [ 147.544592][ T6127] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 148.018838][ T5795] savu 0003:1E7D:2D5A.0003: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 148.371814][ T43] usb 5-1: USB disconnect, device number 2 [ 148.584449][ T6155] fido_id[6155]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 149.446725][ T6173] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 149.784742][ T6179] loop4: detected capacity change from 0 to 1024 [ 150.240277][ T6181] loop2: detected capacity change from 0 to 40427 [ 150.350719][ T6181] F2FS-fs (loop2): invalid crc value [ 150.360895][ T6179] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.571535][ T6181] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 150.700448][ T6200] EXT4-fs error (device loop4): __ext4_remount:6738: comm syz.4.88: Abort forced by user [ 150.732669][ T6203] loop1: detected capacity change from 0 to 256 [ 150.754805][ T6204] warning: `syz.3.95' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 150.793575][ T6200] EXT4-fs (loop4): Remounting filesystem read-only [ 150.822619][ T6200] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 150.885052][ T6203] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1f11eda7, utbl_chksum : 0xe619d30d) [ 151.017015][ T6203] exFAT-fs (loop1): valid_size(150994954) is greater than size(10) [ 151.276896][ T6214] syz.3.101 (6214): /proc/6212/oom_adj is deprecated, please use /proc/6212/oom_score_adj instead. [ 151.292617][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.569571][ T6218] netlink: 8 bytes leftover after parsing attributes in process `syz.3.106'. [ 151.595294][ T6218] netlink: 12 bytes leftover after parsing attributes in process `syz.3.106'. [ 151.660414][ T6218] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.669666][ T6218] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.678635][ T6218] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.687576][ T6218] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 151.745725][ T6223] 9pnet: p9_errstr2errno: server reported unknown error [ 152.167553][ T6231] unknown channel width for channel at 909000KHz? [ 152.231252][ T6232] netlink: 8 bytes leftover after parsing attributes in process `syz.4.110'. [ 152.885243][ T43] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 152.895287][ T2145] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 152.982341][ T6247] loop0: detected capacity change from 0 to 512 [ 153.075399][ T43] usb 2-1: Using ep0 maxpacket: 16 [ 153.088243][ T2145] usb 5-1: config 0 interface 0 has no altsetting 0 [ 153.102858][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.124547][ T2145] usb 5-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 153.135656][ T6247] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.175404][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.190185][ T6247] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 153.193136][ T2145] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.224410][ T43] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 153.232296][ T6247] capability: warning: `syz.0.116' uses deprecated v2 capabilities in a way that may be insecure [ 153.246849][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.272676][ T2145] usb 5-1: config 0 descriptor?? [ 153.288068][ T43] usb 2-1: config 0 descriptor?? [ 153.502988][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.715162][ T5904] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 153.746433][ T5909] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 153.780045][ T43] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:05AC:8241.0004/input/input6 [ 153.908613][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 153.931311][ T43] appleir 0003:05AC:8241.0004: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0 [ 153.945215][ T5909] usb 4-1: Using ep0 maxpacket: 32 [ 153.950496][ T5904] usb 6-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 153.995225][ T5909] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 154.004339][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.019784][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.049802][ T43] usb 2-1: USB disconnect, device number 5 [ 154.098094][ T5904] usb 6-1: config 0 descriptor?? [ 154.123488][ T5909] usb 4-1: config 0 descriptor?? [ 154.160898][ T5909] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 154.206703][ T5795] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 154.295695][ T6264] fido_id[6264]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 154.369107][ T2145] video4linux radio48: keene_cmd_set failed (-71) [ 154.395314][ T5795] usb 1-1: Using ep0 maxpacket: 8 [ 154.407451][ T2145] radio-keene 5-1:0.0: V4L2 device registered as radio48 [ 154.429366][ T5795] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 154.439627][ T2145] usb 5-1: USB disconnect, device number 3 [ 154.445063][ T5795] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 154.491629][ T5795] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 154.527290][ T5795] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 154.547973][ T5904] holtek 0003:1241:5015.0005: invalid report_size 23041 [ 154.572416][ T5795] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 154.583473][ T5904] holtek 0003:1241:5015.0005: item 0 2 1 7 parsing failed [ 154.603640][ T5904] holtek 0003:1241:5015.0005: parse failed [ 154.610033][ T5795] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.618267][ T5904] holtek 0003:1241:5015.0005: probe with driver holtek failed with error -22 [ 154.801336][ T5904] usb 6-1: USB disconnect, device number 2 [ 154.847630][ T6272] loop1: detected capacity change from 0 to 512 [ 154.854535][ T6270] syzkaller1: entered promiscuous mode [ 154.856507][ T5795] usb 1-1: GET_CAPABILITIES returned 0 [ 154.860417][ T6270] syzkaller1: entered allmulticast mode [ 154.888022][ T5795] usbtmc 1-1:16.0: can't read capabilities [ 154.895965][ T6272] EXT4-fs (loop1): orphan cleanup on readonly fs [ 154.922752][ T6272] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.126: bg 0: block 248: padding at end of block bitmap is not set [ 154.975451][ T6272] Quota error (device loop1): write_blk: dquota write failed [ 155.007240][ T6272] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 155.035584][ T6272] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.126: Failed to acquire dquot type 1 [ 155.065818][ T6272] EXT4-fs (loop1): 1 truncate cleaned up [ 155.108624][ T6272] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 155.158112][ T5795] usb 1-1: USB disconnect, device number 2 [ 155.173985][ T5909] gspca_nw80x: reg_w err -71 [ 155.183949][ T5909] nw80x 4-1:0.0: probe with driver nw80x failed with error -71 [ 155.233987][ T5909] usb 4-1: USB disconnect, device number 2 [ 155.284647][ T6272] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 155.352939][ T6272] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 155.427384][ T6277] Quota error (device loop1): do_check_range: Getting block 1536 out of range 0-5 [ 155.632634][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.023467][ T6298] loop3: detected capacity change from 0 to 64 [ 156.407879][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.407879][ T13] loop3: rw=1, sector=65, nr_sectors = 1 limit=64 [ 156.443192][ T13] Buffer I/O error on dev loop3, logical block 65, lost async page write [ 156.483768][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.483768][ T13] loop3: rw=1, sector=66, nr_sectors = 1 limit=64 [ 156.505132][ T5904] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 156.522934][ T13] Buffer I/O error on dev loop3, logical block 66, lost async page write [ 156.539847][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.539847][ T13] loop3: rw=1, sector=67, nr_sectors = 1 limit=64 [ 156.584241][ T13] Buffer I/O error on dev loop3, logical block 67, lost async page write [ 156.635458][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.635458][ T13] loop3: rw=1, sector=68, nr_sectors = 1 limit=64 [ 156.693490][ T5904] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 156.725383][ T13] Buffer I/O error on dev loop3, logical block 68, lost async page write [ 156.734063][ T5904] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 156.744884][ T6287] loop5: detected capacity change from 0 to 32768 [ 156.751488][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.751488][ T13] loop3: rw=1, sector=72, nr_sectors = 1 limit=64 [ 156.751553][ T13] Buffer I/O error on dev loop3, logical block 72, lost async page write [ 156.751653][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.751653][ T13] loop3: rw=1, sector=73, nr_sectors = 1 limit=64 [ 156.751693][ T13] Buffer I/O error on dev loop3, logical block 73, lost async page write [ 156.751803][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.751803][ T13] loop3: rw=1, sector=76, nr_sectors = 1 limit=64 [ 156.751845][ T13] Buffer I/O error on dev loop3, logical block 76, lost async page write [ 156.751955][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.751955][ T13] loop3: rw=1, sector=77, nr_sectors = 1 limit=64 [ 156.751996][ T13] Buffer I/O error on dev loop3, logical block 77, lost async page write [ 156.752523][ T13] kworker/u8:1: attempt to access beyond end of device [ 156.752523][ T13] loop3: rw=1, sector=78, nr_sectors = 57 limit=64 [ 156.863161][ T6287] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.130 (6287) [ 156.865240][ T5904] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.960577][ T5904] usb 3-1: config 0 descriptor?? [ 156.977950][ T6301] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 157.094023][ T6287] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 157.158748][ T6287] BTRFS info (device loop5): using sha256 (sha256-x86_64) checksum algorithm [ 157.225053][ T6287] BTRFS info (device loop5): disk space caching is enabled [ 157.283744][ T6287] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 157.496639][ T5904] elan 0003:04F3:0755.0006: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0 [ 157.722471][ T6287] BTRFS info (device loop5): rebuilding free space tree [ 157.796877][ T5909] usb 3-1: USB disconnect, device number 3 [ 157.946887][ T6287] BTRFS info (device loop5): disabling free space tree [ 157.988839][ T6287] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 158.027026][ T6287] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 158.057118][ T6330] fido_id[6330]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 158.918053][ T5847] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 159.649012][ T6336] loop1: detected capacity change from 0 to 32768 [ 159.816529][ T6336] [ 159.816529][ T6336] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 159.816529][ T6336] [ 159.875607][ T6357] binder: 6356:6357 ioctl c0306201 200000000540 returned -14 [ 159.956324][ T6336] read_mapping_page failed! [ 159.971227][ T6337] loop3: detected capacity change from 0 to 40427 [ 159.985621][ T6336] ERROR: (device loop1): txAbort: [ 159.985621][ T6336] [ 160.009504][ T6337] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 160.027325][ T6358] read_mapping_page failed! [ 160.035801][ T6358] ERROR: (device loop1): txAbort: [ 160.035801][ T6358] [ 160.058331][ T6337] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 160.113020][ T6336] read_mapping_page failed! [ 160.127960][ T6336] ERROR: (device loop1): txAbort: [ 160.127960][ T6336] [ 160.458454][ T6367] loop2: detected capacity change from 0 to 1024 [ 160.476322][ T6367] EXT4-fs: Ignoring removed orlov option [ 160.485128][ T5839] [ 160.485128][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 160.485128][ T5839] [ 160.516539][ T6367] EXT4-fs: Ignoring removed nomblk_io_submit option [ 160.565113][ T5839] [ 160.565113][ T5839] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 160.565113][ T5839] [ 160.659131][ T6337] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 160.703974][ T6364] loop0: detected capacity change from 0 to 8192 [ 160.715449][ T6337] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 160.734914][ T6367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.794491][ T6364] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 160.986564][ T5795] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 161.138906][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.180637][ T5795] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 161.209614][ T5795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.273835][ T5795] usb 5-1: config 0 descriptor?? [ 161.340662][ T5795] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 161.589860][ T6385] loop2: detected capacity change from 0 to 256 [ 161.698969][ T6385] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 161.738193][ T5795] cpia1 5-1:0.0: unexpected state after lo power cmd: 00 [ 161.845242][ T9] IPVS: starting estimator thread 0... [ 161.862338][ T6387] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 161.976048][ T6391] IPVS: using max 22 ests per chain, 52800 per kthread [ 162.142178][ T5795] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0) [ 162.342798][ T6393] loop5: detected capacity change from 0 to 2048 [ 162.363793][ T5795] usb 5-1: USB disconnect, device number 4 [ 162.462835][ T6393] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.625181][ T30] audit: type=1800 audit(1748347036.496:2): pid=6393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.170" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 162.690617][ T6393] EXT4-fs (loop5): shut down requested (0) [ 162.698390][ T6403] netlink: 'syz.2.173': attribute type 1 has an invalid length. [ 162.742949][ T6403] netlink: 16150 bytes leftover after parsing attributes in process `syz.2.173'. [ 163.017841][ T5847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.323926][ T6416] loop5: detected capacity change from 0 to 512 [ 163.346534][ T6416] EXT4-fs: Ignoring removed orlov option [ 163.391110][ T6416] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 163.475089][ T6416] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 163.536457][ T6416] EXT4-fs error (device loop5): ext4_iget_extra_inode:4692: inode #15: comm syz.5.177: corrupted in-inode xattr: e_value size too large [ 163.650563][ T6416] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.177: couldn't read orphan inode 15 (err -117) [ 163.740181][ T6416] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.032281][ T5847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.535522][ T6448] tipc: Started in network mode [ 164.562888][ T6448] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 164.602450][ T6448] tipc: Enabled bearer , priority 0 [ 164.670170][ T6453] loop1: detected capacity change from 0 to 2048 [ 164.803737][ T6453] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.181175][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.414373][ T6478] loop4: detected capacity change from 0 to 512 [ 165.716533][ T2145] tipc: Node number set to 11578026 [ 165.860525][ T6486] loop1: detected capacity change from 0 to 512 [ 165.919323][ T6478] EXT4-fs (loop4): Test dummy encryption mode enabled [ 165.984824][ T6478] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.001166][ T6486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.057925][ T6486] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 166.276077][ T6486] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 166.394464][ T6486] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 166.421012][ T6486] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.206: Failed to acquire dquot type 0 [ 166.628332][ T5845] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 166.704827][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.841028][ T6508] loop0: detected capacity change from 0 to 1024 [ 166.904660][ T6508] EXT4-fs: Ignoring removed bh option [ 166.944527][ T6508] EXT4-fs: inline encryption not supported [ 166.987713][ T6508] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 167.052843][ T6508] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 167.108949][ T6508] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 2: comm syz.0.217: lblock 2 mapped to illegal pblock 2 (length 1) [ 167.124919][ T6508] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 167.134232][ T6508] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 48: comm syz.0.217: lblock 0 mapped to illegal pblock 48 (length 1) [ 167.169802][ T6508] Quota error (device loop0): v2_write_file_info: Can't write info structure [ 167.185104][ T6508] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.217: Failed to acquire dquot type 0 [ 167.235645][ T6508] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 167.306704][ T6508] EXT4-fs error (device loop0): ext4_evict_inode:259: inode #11: comm syz.0.217: mark_inode_dirty error [ 167.422504][ T6508] EXT4-fs warning (device loop0): ext4_evict_inode:261: couldn't mark inode dirty (err -117) [ 167.503897][ T6508] EXT4-fs (loop0): 1 orphan inode deleted [ 167.521879][ T4493] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 167.568764][ T6508] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.634289][ T4493] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 167.675295][ T4493] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 0 [ 167.786541][ T6508] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 167.915835][ T6508] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 168.219033][ T6508] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 168.277168][ T6508] EXT4-fs error (device loop0): ext4_map_blocks:675: inode #3: block 48: comm syz.0.217: lblock 0 mapped to illegal pblock 48 (length 1) [ 168.431168][ T6508] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=-117 [ 168.530882][ T6508] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 169.179465][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.305922][ T6532] loop4: detected capacity change from 0 to 131072 [ 169.336597][ T6538] loop3: detected capacity change from 0 to 8192 [ 169.352696][ T6532] F2FS-fs (loop4): invalid crc value [ 169.386270][ T6538] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 169.496388][ T6532] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 169.549731][ T6516] loop1: detected capacity change from 0 to 32768 [ 169.655389][ T6550] loop0: detected capacity change from 0 to 512 [ 169.662844][ T6550] EXT4-fs: Ignoring removed nobh option [ 169.711174][ T6516] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 169.844107][ T6550] EXT4-fs error (device loop0): ext4_free_branches:1020: inode #11: comm syz.0.230: invalid indirect mapped block 256 (level 2) [ 169.863524][ T6516] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 170.027782][ T6550] EXT4-fs (loop0): 2 truncates cleaned up [ 170.140760][ T6550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.246154][ T6516] (syz.1.216,6516,1):ocfs2_rename:1699 ERROR: status = -39 [ 170.315619][ T6550] EXT4-fs error (device loop0): ext4_validate_block_bitmap:431: comm syz.0.230: bg 0: block 5: invalid block bitmap [ 170.417221][ T30] audit: type=1800 audit(1748347044.286:3): pid=6563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.230" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 170.448382][ T6563] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 4 with error 28 [ 170.528545][ T6550] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 170.605338][ T6550] EXT4-fs (loop0): This should not happen!! Data will be lost [ 170.605338][ T6550] [ 170.646547][ T6563] EXT4-fs (loop0): This should not happen!! Data will be lost [ 170.646547][ T6563] [ 170.668431][ T5839] ocfs2: Unmounting device (7,1) on (node local) [ 170.716562][ T6567] netlink: 20 bytes leftover after parsing attributes in process `syz.3.237'. [ 170.746071][ T6550] EXT4-fs (loop0): Total free blocks count 0 [ 170.752115][ T6550] EXT4-fs (loop0): Free/Dirty block details [ 170.799056][ T6563] EXT4-fs (loop0): Total free blocks count 0 [ 170.828774][ T6550] EXT4-fs (loop0): free_blocks=0 [ 170.877246][ T6563] EXT4-fs (loop0): Free/Dirty block details [ 171.255126][ T2145] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 171.431829][ T6579] loop3: detected capacity change from 0 to 128 [ 171.460827][ T2145] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 171.493389][ T6579] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 171.505647][ T24] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 171.522566][ T2145] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.563732][ T2145] usb 6-1: config 0 descriptor?? [ 171.575500][ T6579] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 171.623139][ T2145] cp210x 6-1:0.0: cp210x converter detected [ 171.675166][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 171.691752][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 171.741212][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 171.774564][ T24] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 171.792299][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.825470][ T24] usb 3-1: config 0 descriptor?? [ 171.890899][ T5838] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 172.026558][ T2145] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 172.079093][ T2145] usb 6-1: cp210x converter now attached to ttyUSB0 [ 172.296422][ T2145] usb 6-1: USB disconnect, device number 3 [ 172.303992][ T24] savu 0003:1E7D:2D5A.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 172.360795][ T2145] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 172.404085][ T2145] cp210x 6-1:0.0: device disconnected [ 172.588341][ T24] usb 3-1: USB disconnect, device number 4 [ 172.686746][ T6594] vlan2: entered allmulticast mode [ 172.702338][ T6594] bond0: entered allmulticast mode [ 172.715383][ T6594] bond_slave_0: entered allmulticast mode [ 172.722669][ T6588] fido_id[6588]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 172.750546][ T6594] bond_slave_1: entered allmulticast mode [ 174.213375][ T6627] netlink: 'syz.4.262': attribute type 1 has an invalid length. [ 174.259934][ T6627] netlink: 'syz.4.262': attribute type 4 has an invalid length. [ 174.264915][ T6634] 9pnet: p9_errstr2errno: server reported unknown error @cƒF S [ 174.316328][ T6627] netlink: 32 bytes leftover after parsing attributes in process `syz.4.262'. [ 174.497243][ T6603] loop5: detected capacity change from 0 to 32768 [ 174.591403][ T6632] loop2: detected capacity change from 0 to 32768 [ 174.658468][ T6603] ocfs2: Slot 0 on device (7,5) was already allocated to this node! [ 174.707035][ T6632] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 174.795611][ T6632] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,read_only,reconstruct_alloc [ 174.795611][ T6632] allowing incompatible features above 0.0: (unknown version) [ 174.795611][ T6632] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 174.841429][ T6632] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 174.850059][ T6632] bcachefs (loop2): Version upgrade required: [ 174.850059][ T6632] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 174.850059][ T6632] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 174.850059][ T6632] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 174.934819][ T6632] bcachefs (loop2): dropping and reconstructing all alloc info [ 174.944525][ T6603] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 174.960992][ T6632] bcachefs (loop2): accounting_read... done [ 175.027876][ T6632] bcachefs (loop2): alloc_read... done [ 175.061009][ T30] audit: type=1800 audit(1748347048.936:4): pid=6603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.252" name="file1" dev="loop5" ino=17058 res=0 errno=0 [ 175.094444][ T6632] bcachefs (loop2): done starting filesystem [ 175.194939][ T6632] bcachefs (loop2): dirent to missing inode: [ 175.195282][ T6632] u64s 7 type dirent 4096:4330382808765833931:U32_MAX len 0 ver 0: file1 -> 536870912 type reg [ 175.235137][ T2145] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 175.257011][ T6650] netlink: 'syz.4.270': attribute type 16 has an invalid length. [ 175.324140][ T6650] netlink: 'syz.4.270': attribute type 17 has an invalid length. [ 175.342991][ T6649] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.420524][ T5840] bcachefs (loop2): shutting down [ 175.429559][ T6649] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.444838][ T5847] ocfs2: Unmounting device (7,5) on (node local) [ 175.456035][ T2145] usb 2-1: Using ep0 maxpacket: 16 [ 175.477473][ T2145] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 175.525132][ T2145] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 175.554280][ T2145] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 175.581718][ T2145] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.606619][ T5840] bcachefs (loop2): shutdown complete [ 175.635145][ T2145] usb 2-1: Product: syz [ 175.648630][ T2145] usb 2-1: Manufacturer: syz [ 175.684008][ T2145] usb 2-1: SerialNumber: syz [ 175.964722][ T6640] netlink: 71 bytes leftover after parsing attributes in process `syz.1.269'. [ 176.078350][ T2145] usb 2-1: skipping empty audio interface (v1) [ 176.330518][ T2145] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 176.391076][ T2145] usb 2-1: USB disconnect, device number 6 [ 176.570409][ T5949] udevd[5949]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 176.940407][ T6655] loop5: detected capacity change from 0 to 131072 [ 176.955349][ T6655] F2FS-fs (loop5): Wrong CP boundary, start(512) end(1536) blocks(0) [ 176.963494][ T6655] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 177.037582][ T6663] 9pnet: p9_errstr2errno: server reported unknown error ÿÿÿÿ [ 177.053937][ T6655] F2FS-fs (loop5): invalid crc value [ 177.203836][ T6655] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 177.211015][ T6655] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 177.233796][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'. [ 177.682228][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 177.757349][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 178.026672][ T6680] loop1: detected capacity change from 0 to 1024 [ 178.252348][ T6650] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.269874][ T6680] hfsplus: bad catalog folder thread [ 178.283531][ T6650] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.325184][ T6650] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.373317][ T6650] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.896209][ T6696] loop5: detected capacity change from 0 to 64 [ 178.966599][ T6696] hfs: Unknown parameter 'u;¯ˆrôa¸ý¿Dmas' [ 179.256150][ T6705] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 179.263873][ T6705] IPv6: NLM_F_CREATE should be set when creating new route [ 179.271160][ T6705] IPv6: NLM_F_CREATE should be set when creating new route [ 179.497988][ T6709] loop5: detected capacity change from 0 to 256 [ 180.219414][ T6721] loop4: detected capacity change from 0 to 512 [ 180.258349][ T6721] EXT4-fs: Ignoring removed nobh option [ 180.277079][ T6727] loop1: detected capacity change from 0 to 64 [ 180.287082][ T6724] vlan2: entered allmulticast mode [ 180.325240][ T6724] bond0: entered allmulticast mode [ 180.342128][ T6721] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #11: comm syz.4.301: invalid indirect mapped block 256 (level 2) [ 180.378058][ T6724] bond_slave_0: entered allmulticast mode [ 180.434391][ T6724] bond_slave_1: entered allmulticast mode [ 180.435426][ T6721] EXT4-fs (loop4): 2 truncates cleaned up [ 180.467021][ T6721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.619640][ T6721] EXT4-fs error (device loop4): ext4_validate_block_bitmap:431: comm syz.4.301: bg 0: block 5: invalid block bitmap [ 180.709184][ T6721] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 180.732454][ T6734] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 4 with error 28 [ 180.750944][ T30] audit: type=1800 audit(1748347054.606:5): pid=6734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.301" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 180.817693][ T2942] kworker/u8:6: attempt to access beyond end of device [ 180.817693][ T2942] loop1: rw=1, sector=65, nr_sectors = 1 limit=64 [ 180.843962][ T6721] EXT4-fs (loop4): This should not happen!! Data will be lost [ 180.843962][ T6721] [ 180.871107][ T2942] Buffer I/O error on dev loop1, logical block 65, lost async page write [ 180.885739][ T6734] EXT4-fs (loop4): This should not happen!! Data will be lost [ 180.885739][ T6734] [ 180.904283][ T2942] kworker/u8:6: attempt to access beyond end of device [ 180.904283][ T2942] loop1: rw=1, sector=66, nr_sectors = 1 limit=64 [ 180.943626][ T6721] EXT4-fs (loop4): Total free blocks count 0 [ 180.959975][ T6734] EXT4-fs (loop4): Total free blocks count 0 [ 180.970210][ T2942] Buffer I/O error on dev loop1, logical block 66, lost async page write [ 180.989869][ T6734] EXT4-fs (loop4): Free/Dirty block details [ 181.025187][ T2942] kworker/u8:6: attempt to access beyond end of device [ 181.025187][ T2942] loop1: rw=1, sector=67, nr_sectors = 1 limit=64 [ 181.039686][ T6721] EXT4-fs (loop4): Free/Dirty block details [ 181.075100][ T2942] Buffer I/O error on dev loop1, logical block 67, lost async page write [ 181.095833][ T2942] kworker/u8:6: attempt to access beyond end of device [ 181.095833][ T2942] loop1: rw=1, sector=68, nr_sectors = 1 limit=64 [ 181.138102][ T6734] EXT4-fs (loop4): free_blocks=0 [ 181.165453][ T2942] Buffer I/O error on dev loop1, logical block 68, lost async page write [ 181.175274][ T2942] kworker/u8:6: attempt to access beyond end of device [ 181.175274][ T2942] loop1: rw=1, sector=72, nr_sectors = 1 limit=64 [ 181.243165][ T2942] Buffer I/O error on dev loop1, logical block 72, lost async page write [ 181.288303][ T2942] kworker/u8:6: attempt to access beyond end of device [ 181.288303][ T2942] loop1: rw=1, sector=73, nr_sectors = 1 limit=64 [ 181.324373][ T2942] Buffer I/O error on dev loop1, logical block 73, lost async page write [ 181.351445][ T2942] kworker/u8:6: attempt to access beyond end of device [ 181.351445][ T2942] loop1: rw=1, sector=76, nr_sectors = 1 limit=64 [ 181.379490][ T6746] loop2: detected capacity change from 0 to 1024 [ 181.387383][ T2942] Buffer I/O error on dev loop1, logical block 76, lost async page write [ 181.436578][ T2942] kworker/u8:6: attempt to access beyond end of device [ 181.436578][ T2942] loop1: rw=1, sector=77, nr_sectors = 1 limit=64 [ 181.449637][ T6746] EXT4-fs: Ignoring removed bh option [ 181.479569][ T6746] EXT4-fs: inline encryption not supported [ 181.501088][ T2942] Buffer I/O error on dev loop1, logical block 77, lost async page write [ 181.507117][ T6746] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 181.530687][ T2942] kworker/u8:6: attempt to access beyond end of device [ 181.530687][ T2942] loop1: rw=1, sector=78, nr_sectors = 57 limit=64 [ 181.604221][ T6746] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 181.652508][ T6746] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 2: comm syz.2.310: lblock 2 mapped to illegal pblock 2 (length 1) [ 181.745059][ T6746] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 181.770982][ T6746] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 48: comm syz.2.310: lblock 0 mapped to illegal pblock 48 (length 1) [ 181.771166][ T6752] loop4: detected capacity change from 0 to 2048 [ 181.846099][ T6746] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 181.885398][ T6746] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.310: Failed to acquire dquot type 0 [ 181.914030][ T6752] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.957315][ T6746] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem [ 181.999463][ T6746] EXT4-fs error (device loop2): ext4_evict_inode:259: inode #11: comm syz.2.310: mark_inode_dirty error [ 182.076630][ T6746] EXT4-fs warning (device loop2): ext4_evict_inode:261: couldn't mark inode dirty (err -117) [ 182.104414][ T6746] EXT4-fs (loop2): 1 orphan inode deleted [ 182.111027][ T30] audit: type=1800 audit(1748347055.996:6): pid=6752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.311" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 182.135453][ T2145] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 182.151569][ T6746] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 182.159397][ T49] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:3: lblock 1 mapped to illegal pblock 1 (length 1) [ 182.164300][ T6752] EXT4-fs (loop4): shut down requested (0) [ 182.213555][ T49] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 182.225228][ T49] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 182.249481][ T6744] loop0: detected capacity change from 0 to 32768 [ 182.295914][ T6746] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 182.317346][ T6744] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode. [ 182.340468][ T6746] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 182.368917][ T6746] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 182.382075][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.393300][ T6746] EXT4-fs error (device loop2): ext4_map_blocks:675: inode #3: block 48: comm syz.2.310: lblock 0 mapped to illegal pblock 48 (length 1) [ 182.407900][ T2145] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 182.418490][ T6746] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=-117 [ 182.435766][ T6746] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 182.465113][ T2145] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.521169][ T2145] usb 2-1: config 0 descriptor?? [ 182.538550][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.541490][ T2145] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 182.655342][ T5844] ocfs2: Unmounting device (7,0) on (node local) [ 182.827178][ T6767] loop4: detected capacity change from 0 to 256 [ 182.966284][ T2145] cpia1 2-1:0.0: unexpected state after lo power cmd: 00 [ 183.400368][ T2145] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0) [ 183.468492][ T6775] loop4: detected capacity change from 0 to 64 [ 183.655970][ T2145] usb 2-1: USB disconnect, device number 7 [ 183.837992][ T12] kworker/u8:0: attempt to access beyond end of device [ 183.837992][ T12] loop4: rw=1, sector=65, nr_sectors = 1 limit=64 [ 183.884489][ T12] Buffer I/O error on dev loop4, logical block 65, lost async page write [ 183.916404][ T12] Buffer I/O error on dev loop4, logical block 66, lost async page write [ 183.973682][ T6786] vlan2: entered allmulticast mode [ 183.991725][ T6786] bond0: entered allmulticast mode [ 184.007581][ T6786] bond_slave_0: entered allmulticast mode [ 184.036021][ T6786] bond_slave_1: entered allmulticast mode [ 184.558625][ T6799] loop5: detected capacity change from 0 to 1024 [ 184.623251][ T6802] loop2: detected capacity change from 0 to 256 [ 184.763816][ T6799] hfsplus: bad catalog folder thread [ 185.082069][ T6808] loop1: detected capacity change from 0 to 512 [ 185.121322][ T6808] EXT4-fs: Ignoring removed nobh option [ 185.216205][ T6808] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #11: comm syz.1.333: invalid indirect mapped block 256 (level 2) [ 185.314917][ T6808] EXT4-fs (loop1): 2 truncates cleaned up [ 185.358968][ T6808] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 185.462463][ T6808] EXT4-fs error (device loop1): ext4_validate_block_bitmap:431: comm syz.1.333: bg 0: block 5: invalid block bitmap [ 185.537209][ T6808] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 185.596226][ T6808] EXT4-fs (loop1): This should not happen!! Data will be lost [ 185.596226][ T6808] [ 185.634321][ T6794] loop4: detected capacity change from 0 to 32768 [ 185.654647][ T30] audit: type=1800 audit(1748347059.526:7): pid=6819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.333" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 185.676038][ T6808] EXT4-fs (loop1): Total free blocks count 0 [ 185.682060][ T6808] EXT4-fs (loop1): Free/Dirty block details [ 185.705948][ T6808] EXT4-fs (loop1): free_blocks=0 [ 185.710954][ T6808] EXT4-fs (loop1): dirty_blocks=66 [ 185.742584][ T6822] loop2: detected capacity change from 0 to 2048 [ 185.751799][ T6794] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 185.753044][ T6808] EXT4-fs (loop1): Block reservation details [ 185.794335][ T6808] EXT4-fs (loop1): i_reserved_data_blocks=66 [ 185.820000][ T6794] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 185.883989][ T6822] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.931656][ T6806] loop3: detected capacity change from 0 to 32768 [ 186.015534][ T30] audit: type=1800 audit(1748347059.896:8): pid=6822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.336" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 186.037568][ T30] audit: type=1800 audit(1748347059.896:9): pid=6794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.326" name="file1" dev="loop4" ino=17058 res=0 errno=0 [ 186.039233][ T6822] EXT4-fs (loop2): shut down requested (0) [ 186.100580][ T6806] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present! [ 186.192727][ T6806] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 186.260667][ T12] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28 [ 186.567460][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.585969][ T5845] ocfs2: Unmounting device (7,4) on (node local) [ 186.598957][ T6834] loop5: detected capacity change from 0 to 512 [ 186.678664][ T6834] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 186.692299][ T5838] ocfs2: Unmounting device (7,3) on (node local) [ 186.732419][ T6834] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 186.827569][ T5843] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 186.906737][ T6834] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 186.930234][ T6834] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 187.017384][ T6834] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.337: Failed to acquire dquot type 0 [ 187.049449][ T5843] usb 2-1: Using ep0 maxpacket: 32 [ 187.075095][ T5843] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.136728][ T5843] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 187.169246][ T5843] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 187.246228][ T5843] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.295638][ T5843] usb 2-1: config 0 descriptor?? [ 187.377559][ T5847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.671231][ T6849] team0: Device gre1 is of different type [ 187.782747][ T6852] vlan2: entered allmulticast mode [ 187.817461][ T6852] bond0: entered allmulticast mode [ 187.820477][ T5843] savu 0003:1E7D:2D5A.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 187.853279][ T6852] bond_slave_0: entered allmulticast mode [ 187.862880][ T6852] bond_slave_1: entered allmulticast mode [ 188.158888][ T24] usb 2-1: USB disconnect, device number 8 [ 188.171003][ T6858] loop5: detected capacity change from 0 to 256 [ 188.512095][ T6862] loop0: detected capacity change from 0 to 1024 [ 188.672607][ T6862] hfsplus: bad catalog folder thread [ 189.636565][ T6879] loop3: detected capacity change from 0 to 1024 [ 189.763532][ T6879] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.007192][ T6887] EXT4-fs error (device loop3): __ext4_remount:6738: comm syz.3.355: Abort forced by user [ 190.070143][ T6887] EXT4-fs (loop3): Remounting filesystem read-only [ 190.115292][ T6887] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 190.205552][ T6869] loop2: detected capacity change from 0 to 32768 [ 190.278190][ T6869] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 190.399090][ T6869] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 190.482049][ T30] audit: type=1800 audit(1748347064.356:10): pid=6869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.352" name="file1" dev="loop2" ino=17058 res=0 errno=0 [ 190.600483][ T5838] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.795391][ T5840] ocfs2: Unmounting device (7,2) on (node local) [ 190.872400][ T6873] loop1: detected capacity change from 0 to 32768 [ 191.090389][ T6873] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode. [ 191.265092][ T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 191.467774][ T24] usb 6-1: config 0 has no interfaces? [ 191.484951][ T24] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 191.532632][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.604415][ T24] usb 6-1: config 0 descriptor?? [ 191.642571][ T5839] ocfs2: Unmounting device (7,1) on (node local) [ 191.847645][ T6913] loop0: detected capacity change from 0 to 4096 [ 191.868856][ T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 192.081232][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.121898][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 192.191495][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 192.222286][ T6920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 192.230031][ T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 192.282690][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.327503][ T24] usb 5-1: config 0 descriptor?? [ 192.342203][ T6920] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 192.818145][ T24] plantronics 0003:047F:FFFF.0009: item 0 4 0 11 parsing failed [ 192.866380][ T5795] usb 6-1: USB disconnect, device number 4 [ 192.866444][ T24] plantronics 0003:047F:FFFF.0009: parse failed [ 192.898290][ T6929] loop1: detected capacity change from 0 to 1024 [ 192.925500][ T24] plantronics 0003:047F:FFFF.0009: probe with driver plantronics failed with error -22 [ 193.009957][ T6929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.035524][ T9] usb 5-1: USB disconnect, device number 5 [ 193.178070][ T6929] EXT4-fs error (device loop1): __ext4_remount:6738: comm syz.1.373: Abort forced by user [ 193.213599][ T6929] EXT4-fs (loop1): Remounting filesystem read-only [ 193.247688][ T6929] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 193.531935][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.801593][ T6921] loop2: detected capacity change from 0 to 32768 [ 194.352421][ T6948] vlan2: entered allmulticast mode [ 194.387488][ T6948] bond0: entered allmulticast mode [ 194.410976][ T6948] bond_slave_0: entered allmulticast mode [ 194.459444][ T6948] bond_slave_1: entered allmulticast mode [ 194.786380][ T6934] loop3: detected capacity change from 0 to 32768 [ 194.823157][ T6934] ocfs2: Slot 0 on device (7,3) was already allocated to this node! [ 194.941025][ T6934] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 195.068348][ T30] audit: type=1800 audit(1748347068.946:11): pid=6934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.374" name="file1" dev="loop3" ino=17058 res=0 errno=0 [ 195.267900][ T6962] loop2: detected capacity change from 0 to 512 [ 195.401321][ T6962] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.423726][ T6962] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.444256][ T6963] loop5: detected capacity change from 0 to 4096 [ 195.529335][ T5838] ocfs2: Unmounting device (7,3) on (node local) [ 195.629109][ T6962] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 195.709983][ T6962] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 195.792837][ T6962] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.384: Failed to acquire dquot type 0 [ 196.184053][ T6950] loop4: detected capacity change from 0 to 32768 [ 196.251072][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.433138][ T6950] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 196.476407][ T6972] netlink: 'syz.1.387': attribute type 16 has an invalid length. [ 196.548453][ T6972] netlink: 'syz.1.387': attribute type 17 has an invalid length. [ 196.678391][ T6969] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.747152][ T6969] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.956600][ T5845] ocfs2: Unmounting device (7,4) on (node local) [ 197.768090][ T6972] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 197.841947][ T6972] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.205569][ T6972] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.224533][ T6972] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.236943][ T6972] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.246381][ T6972] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.473988][ T6978] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 198.581989][ T30] audit: type=1326 audit(1748347072.446:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06198e969 code=0x7ffc0000 [ 198.666350][ T30] audit: type=1326 audit(1748347072.486:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06198e969 code=0x7ffc0000 [ 198.696501][ T30] audit: type=1326 audit(1748347072.496:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb06198e969 code=0x7ffc0000 [ 198.719434][ T30] audit: type=1326 audit(1748347072.496:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06198e969 code=0x7ffc0000 [ 198.824364][ T30] audit: type=1326 audit(1748347072.496:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06198e969 code=0x7ffc0000 [ 198.941683][ T30] audit: type=1326 audit(1748347072.496:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb06198e969 code=0x7ffc0000 [ 199.025993][ T7008] loop0: detected capacity change from 0 to 1024 [ 199.045670][ T30] audit: type=1326 audit(1748347072.496:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7000 comm="syz.3.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb06198e969 code=0x7ffc0000 [ 199.145248][ T7008] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.412178][ T7024] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 199.538095][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.595111][ T5795] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 199.769890][ T5795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 199.804654][ T5795] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 199.830848][ T5795] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.847938][ T5795] usb 2-1: config 0 descriptor?? [ 199.861548][ T7023] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 199.950523][ T7033] netlink: 'syz.3.414': attribute type 16 has an invalid length. [ 199.964092][ T7031] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.000266][ T7033] netlink: 'syz.3.414': attribute type 17 has an invalid length. [ 200.084859][ T7031] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.334774][ T5795] elan 0003:04F3:0755.000A: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0 [ 200.604820][ T5905] usb 2-1: USB disconnect, device number 9 [ 200.655252][ T7042] fido_id[7042]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 200.958106][ T7033] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 200.979009][ T7033] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 201.328911][ T7033] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.368854][ T7033] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.384663][ T7033] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.395873][ T7033] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.684925][ T7033] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 201.696440][ T7033] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 201.706034][ T7033] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 201.715216][ T7033] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 201.995090][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 202.015861][ T5843] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 202.075226][ T24] IPVS: starting estimator thread 0... [ 202.081264][ T7059] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 202.133399][ T7063] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 88 [ 202.185782][ T9] usb 1-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice= d.5b [ 202.185894][ T7065] IPVS: using max 25 ests per chain, 60000 per kthread [ 202.209228][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.225396][ T5843] usb 6-1: Using ep0 maxpacket: 32 [ 202.267953][ T9] usb 1-1: Product: syz [ 202.272195][ T9] usb 1-1: Manufacturer: syz [ 202.279318][ T5843] usb 6-1: config 0 has an invalid interface number: 184 but max is 0 [ 202.309645][ T5843] usb 6-1: config 0 has no interface number 0 [ 202.329620][ T9] usb 1-1: SerialNumber: syz [ 202.335545][ T5843] usb 6-1: config 0 interface 184 has no altsetting 0 [ 202.361867][ T9] usb 1-1: config 0 descriptor?? [ 202.375844][ T5843] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 202.418871][ T9] gspca_main: pac207-2.14.0 probing 093a:2476 [ 202.422747][ T5843] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.467329][ T5843] usb 6-1: Product: syz [ 202.471571][ T5843] usb 6-1: Manufacturer: syz [ 202.504799][ T5843] usb 6-1: SerialNumber: syz [ 202.566441][ T5843] usb 6-1: config 0 descriptor?? [ 202.571846][ T9] gspca_pac207: Failed to read a register (index 0x0000, error -110) [ 202.616859][ T5843] smsc75xx v1.0.0 [ 202.621976][ T5843] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 202.665560][ T5843] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -22 [ 202.669109][ T9] usb 1-1: USB disconnect, device number 3 [ 202.841129][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 202.850441][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 202.864548][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 202.873433][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 202.882202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 202.887922][ T7077] loop2: detected capacity change from 0 to 128 [ 202.904700][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 202.915370][ T24] usb 6-1: USB disconnect, device number 5 [ 202.999874][ T7077] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 203.119933][ T7077] ext4 filesystem being mounted at /77/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 203.421605][ T7085] loop4: detected capacity change from 0 to 512 [ 203.445633][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 203.454775][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 203.463599][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 203.472569][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 203.489364][ T7085] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 203.670960][ T7085] EXT4-fs (loop4): 1 orphan inode deleted [ 203.701257][ T49] __quota_error: 6 callbacks suppressed [ 203.701282][ T49] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 203.715435][ T7085] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 203.737589][ T7085] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 203.785392][ T49] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1 [ 203.853912][ T5840] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 203.949932][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.956872][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 203.999307][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.121648][ T7101] loop0: detected capacity change from 0 to 1024 [ 204.205617][ T7101] EXT4-fs (loop0): Test dummy encryption mode enabled [ 204.264898][ T7101] EXT4-fs (loop0): stripe (9) is not aligned with cluster size (16), stripe is disabled [ 204.311184][ T7101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 204.422738][ T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.463611][ T7101] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 204.646118][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.657538][ T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.953364][ T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.210451][ T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.515826][ T7130] loop4: detected capacity change from 0 to 1024 [ 205.658524][ T7130] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.741024][ T13] bridge_slave_1: left allmulticast mode [ 205.747127][ T13] bridge_slave_1: left promiscuous mode [ 205.754603][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.770183][ T5850] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 205.780148][ T5850] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 205.790367][ T5850] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 205.799083][ T5850] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 205.807756][ T5850] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 205.968984][ T13] bridge_slave_0: left allmulticast mode [ 205.981405][ T13] bridge_slave_0: left promiscuous mode [ 205.995368][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.017896][ T7143] EXT4-fs error (device loop4): __ext4_remount:6738: comm syz.4.453: Abort forced by user [ 206.055488][ T7143] EXT4-fs (loop4): Remounting filesystem read-only [ 206.078000][ T7143] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 206.328996][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.945072][ T24] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 207.105103][ T2145] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 207.115076][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 207.143401][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.176576][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 207.186536][ T24] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 207.203064][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.220342][ T24] usb 2-1: config 0 descriptor?? [ 207.297130][ T2145] usb 1-1: Using ep0 maxpacket: 8 [ 207.308747][ T2145] usb 1-1: config 2 has an invalid interface number: 216 but max is 0 [ 207.317988][ T2145] usb 1-1: config 2 has no interface number 0 [ 207.333253][ T2145] usb 1-1: New USB device found, idVendor=040a, idProduct=0002, bcdDevice=de.7b [ 207.343709][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 207.354546][ T13] bond_slave_0: left allmulticast mode [ 207.361002][ T2145] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.377154][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 207.391980][ T13] bond_slave_1: left allmulticast mode [ 207.401288][ T2145] gspca_main: spca501-2.14.0 probing 040a:0002 [ 207.409797][ T13] bond0 (unregistering): Released all slaves [ 207.671311][ T24] ft260 0003:0403:6030.000B: unknown main item tag 0x0 [ 207.819546][ T7158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 207.830130][ T7158] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 207.853087][ T13] hsr_slave_0: left promiscuous mode [ 207.855118][ T5857] Bluetooth: hci5: command tx timeout [ 207.867014][ T2145] gspca_spca501: reg write: error -71 [ 207.872953][ T24] ft260 0003:0403:6030.000B: chip code: 0000 0000 [ 207.883358][ T2145] spca501 1-1:2.216: Reg write failed for 0x00,0xaa,0x00 [ 207.891417][ T13] hsr_slave_1: left promiscuous mode [ 207.892610][ T2145] spca501 1-1:2.216: probe with driver spca501 failed with error -22 [ 207.902528][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.913874][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 207.914702][ T2145] usb 1-1: USB disconnect, device number 4 [ 207.933385][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 207.941005][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 207.967640][ T13] veth1_macvtap: left promiscuous mode [ 207.973488][ T13] veth0_macvtap: left promiscuous mode [ 207.979343][ T13] veth1_vlan: left promiscuous mode [ 207.984833][ T13] veth0_vlan: left promiscuous mode [ 208.277223][ T2145] usb 2-1: USB disconnect, device number 10 [ 208.442994][ T13] team0 (unregistering): Port device team_slave_1 removed [ 208.484324][ T13] team0 (unregistering): Port device team_slave_0 removed [ 208.850366][ T7134] chnl_net:caif_netlink_parms(): no params data found [ 208.983342][ T7134] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.990672][ T7134] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.998618][ T7134] bridge_slave_0: entered allmulticast mode [ 209.006871][ T7134] bridge_slave_0: entered promiscuous mode [ 209.019246][ T7134] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.027008][ T7134] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.046769][ T7134] bridge_slave_1: entered allmulticast mode [ 209.056861][ T7134] bridge_slave_1: entered promiscuous mode [ 209.102450][ T7134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 209.116721][ T7134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 209.164846][ T7134] team0: Port device team_slave_0 added [ 209.184038][ T7134] team0: Port device team_slave_1 added [ 209.223781][ T7134] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.230997][ T7134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.257058][ T7134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.271675][ T7134] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.279276][ T7134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.305522][ T7134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 209.365881][ T7134] hsr_slave_0: entered promiscuous mode [ 209.372399][ T7134] hsr_slave_1: entered promiscuous mode [ 209.379176][ T7134] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 209.387058][ T7134] Cannot create hsr debugfs directory [ 209.575664][ T7134] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 209.592208][ T7134] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 209.606047][ T7134] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 209.623177][ T7134] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 209.657202][ T7134] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.664348][ T7134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.671958][ T7134] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.679126][ T7134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.757558][ T7134] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.777939][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.788108][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.808012][ T7134] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.825175][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.832292][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.858517][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.865700][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.935144][ T5857] Bluetooth: hci5: command tx timeout [ 210.137492][ T7134] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 210.463402][ T7134] veth0_vlan: entered promiscuous mode [ 210.478295][ T7134] veth1_vlan: entered promiscuous mode [ 210.522752][ T7134] veth0_macvtap: entered promiscuous mode [ 210.534189][ T7134] veth1_macvtap: entered promiscuous mode [ 210.557411][ T7134] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 210.579305][ T7134] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 210.593898][ T7134] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.603975][ T7134] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.613985][ T7134] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.624092][ T7134] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 210.712614][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.723305][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.758269][ T3501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.766815][ T3501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.342560][ T7187] loop1: detected capacity change from 0 to 40427 [ 211.367451][ T7187] F2FS-fs (loop1): invalid crc value [ 211.439250][ T7202] loop0: detected capacity change from 0 to 128 [ 211.471117][ T7202] EXT4-fs: Ignoring removed nobh option [ 211.496537][ T7187] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 211.517177][ T7202] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 211.564627][ T7202] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 211.626205][ T5839] bio_check_eod: 8 callbacks suppressed [ 211.626231][ T5839] syz-executor: attempt to access beyond end of device [ 211.626231][ T5839] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 211.722470][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) [ 211.722524][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 211.722546][ T5839] Call Trace: [ 211.722557][ T5839] [ 211.722571][ T5839] dump_stack_lvl+0x16c/0x1f0 [ 211.722633][ T5839] f2fs_handle_critical_error+0x621/0x9f0 [ 211.722675][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.722721][ T5839] ? __asan_memset+0x23/0x50 [ 211.722766][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.722825][ T5839] f2fs_write_end_io+0x73b/0xb60 [ 211.722876][ T5839] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 211.722930][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.722987][ T5839] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 211.723032][ T5839] bio_endio+0x70d/0x850 [ 211.723083][ T5839] submit_bio_noacct+0x56d/0x1eb0 [ 211.723155][ T5839] __submit_merged_bio+0x33c/0x770 [ 211.723209][ T5839] __submit_merged_write_cond+0x319/0x3f0 [ 211.723269][ T5839] f2fs_write_cache_pages+0x2139/0x2680 [ 211.723355][ T5839] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 211.723412][ T5839] ? unwind_next_frame+0x3fe/0x20a0 [ 211.723474][ T5839] ? syscall_exit_to_user_mode+0x25f/0x290 [ 211.723539][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.723583][ T5839] ? __lock_acquire+0xb8a/0x1c90 [ 211.723664][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.723786][ T5839] ? __bfs+0x148/0x290 [ 211.723824][ T5839] ? _raw_spin_unlock+0x28/0x50 [ 211.723870][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.723922][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.723976][ T5839] f2fs_write_data_pages+0x4ad/0xd90 [ 211.724040][ T5839] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 211.724106][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.724156][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.724198][ T5839] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 211.724255][ T5839] do_writepages+0x27a/0x600 [ 211.724310][ T5839] ? __pfx_do_writepages+0x10/0x10 [ 211.724354][ T5839] ? do_raw_spin_unlock+0x172/0x230 [ 211.724414][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.724469][ T5839] ? _raw_spin_unlock+0x28/0x50 [ 211.724523][ T5839] filemap_fdatawrite_wbc+0x104/0x160 [ 211.724582][ T5839] __filemap_fdatawrite_range+0xb2/0xf0 [ 211.724643][ T5839] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 211.724773][ T5839] ? find_held_lock+0x2b/0x80 [ 211.724813][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.724858][ T5839] ? do_raw_spin_unlock+0x172/0x230 [ 211.724918][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.724975][ T5839] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 211.725058][ T5839] block_operations+0x2a3/0xfd0 [ 211.725128][ T5839] ? __pfx_block_operations+0x10/0x10 [ 211.725250][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.725294][ T5839] ? down_write+0x14d/0x200 [ 211.725327][ T5839] ? __pfx_down_write+0x10/0x10 [ 211.725364][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.725408][ T5839] ? rcu_is_watching+0x12/0xc0 [ 211.725462][ T5839] f2fs_write_checkpoint+0x2b8/0x4780 [ 211.725526][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.725570][ T5839] ? kfree+0x2b4/0x4d0 [ 211.725611][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.725660][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.725704][ T5839] ? rcu_is_watching+0x12/0xc0 [ 211.725740][ T5839] ? srso_alias_return_thunk+0x5/0xfbef5 [ 211.725784][ T5839] ? kthread_stop+0x273/0x650 [ 211.725843][ T5839] kill_f2fs_super+0x3c2/0x470 [ 211.725902][ T5839] ? __pfx_kill_f2fs_super+0x10/0x10 [ 211.725957][ T5839] ? lockdep_hardirqs_on+0x7c/0x110 [ 211.726034][ T5839] deactivate_locked_super+0xc1/0x1a0 [ 211.726085][ T5839] deactivate_super+0xde/0x100 [ 211.726135][ T5839] cleanup_mnt+0x225/0x450 [ 211.726190][ T5839] task_work_run+0x150/0x240 [ 211.726251][ T5839] ? __pfx_task_work_run+0x10/0x10 [ 211.726326][ T5839] syscall_exit_to_user_mode+0x25f/0x290 [ 211.726385][ T5839] do_syscall_64+0xda/0x260 [ 211.726451][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.726488][ T5839] RIP: 0033:0x7f720d18fc97 [ 211.726518][ T5839] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 211.726553][ T5839] RSP: 002b:00007ffd68ad7eb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 211.726589][ T5839] RAX: 0000000000000000 RBX: 00007f720d21089d RCX: 00007f720d18fc97 [ 211.726611][ T5839] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd68ad7f70 [ 211.726632][ T5839] RBP: 00007ffd68ad7f70 R08: 0000000000000000 R09: 0000000000000000 [ 211.726653][ T5839] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd68ad9000 [ 211.726674][ T5839] R13: 00007f720d21089d R14: 0000000000033a3f R15: 00007ffd68ad9040 [ 211.726725][ T5839] [ 212.225127][ T5839] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 212.236301][ T5857] Bluetooth: hci5: command tx timeout [ 212.312588][ T5844] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 212.542623][ T7191] loop3: detected capacity change from 0 to 40427 [ 212.703887][ T7191] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 212.725468][ T7217] IPVS: Error joining to the multicast group [ 212.998917][ T7191] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 213.150493][ T5838] syz-executor: attempt to access beyond end of device [ 213.150493][ T5838] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 213.201978][ T7229] overlayfs: invalid origin (0000) [ 213.207501][ T5838] CPU: 1 UID: 0 PID: 5838 Comm: syz-executor Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) [ 213.207550][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 213.207572][ T5838] Call Trace: [ 213.207584][ T5838] [ 213.207596][ T5838] dump_stack_lvl+0x16c/0x1f0 [ 213.207656][ T5838] f2fs_handle_critical_error+0x621/0x9f0 [ 213.207697][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.207742][ T5838] ? __asan_memset+0x23/0x50 [ 213.207787][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.207842][ T5838] f2fs_write_end_io+0x73b/0xb60 [ 213.207890][ T5838] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 213.207941][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.207995][ T5838] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 213.208038][ T5838] bio_endio+0x70d/0x850 [ 213.208087][ T5838] submit_bio_noacct+0x56d/0x1eb0 [ 213.208155][ T5838] __submit_merged_bio+0x33c/0x770 [ 213.208206][ T5838] __submit_merged_write_cond+0x319/0x3f0 [ 213.208264][ T5838] f2fs_write_cache_pages+0x2139/0x2680 [ 213.208343][ T5838] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 213.208394][ T5838] ? __lock_acquire+0x622/0x1c90 [ 213.208459][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.208512][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.208557][ T5838] ? __lock_acquire+0x622/0x1c90 [ 213.208625][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.208691][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.208771][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.208815][ T5838] ? rcu_is_watching+0x12/0xc0 [ 213.208850][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.208894][ T5838] ? __mod_memcg_lruvec_state+0x533/0x760 [ 213.208939][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.208985][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.209037][ T5838] f2fs_write_data_pages+0x4ad/0xd90 [ 213.209100][ T5838] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 213.209171][ T5838] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 213.209226][ T5838] do_writepages+0x27a/0x600 [ 213.209279][ T5838] ? __pfx_do_writepages+0x10/0x10 [ 213.209322][ T5838] ? do_raw_spin_unlock+0x172/0x230 [ 213.209380][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.209429][ T5838] ? _raw_spin_unlock+0x28/0x50 [ 213.209482][ T5838] filemap_fdatawrite_wbc+0x104/0x160 [ 213.209534][ T5838] __filemap_fdatawrite_range+0xb2/0xf0 [ 213.209594][ T5838] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 213.209712][ T5838] ? find_held_lock+0x2b/0x80 [ 213.209750][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.209795][ T5838] ? do_raw_spin_unlock+0x172/0x230 [ 213.209854][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.209904][ T5838] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 213.209980][ T5838] block_operations+0x2a3/0xfd0 [ 213.210047][ T5838] ? __pfx_block_operations+0x10/0x10 [ 213.210157][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.210201][ T5838] ? down_write+0x14d/0x200 [ 213.210233][ T5838] ? __pfx_down_write+0x10/0x10 [ 213.210268][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.210311][ T5838] ? rcu_is_watching+0x12/0xc0 [ 213.210353][ T5838] f2fs_write_checkpoint+0x2b8/0x4780 [ 213.210415][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.210467][ T5838] ? kfree+0x2b4/0x4d0 [ 213.210506][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.210554][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.210597][ T5838] ? rcu_is_watching+0x12/0xc0 [ 213.210633][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.210676][ T5838] ? kthread_stop+0x273/0x650 [ 213.210734][ T5838] kill_f2fs_super+0x3c2/0x470 [ 213.210793][ T5838] ? __pfx_kill_f2fs_super+0x10/0x10 [ 213.210848][ T5838] ? lockdep_hardirqs_on+0x7c/0x110 [ 213.210921][ T5838] deactivate_locked_super+0xc1/0x1a0 [ 213.210972][ T5838] deactivate_super+0xde/0x100 [ 213.211021][ T5838] cleanup_mnt+0x225/0x450 [ 213.211074][ T5838] task_work_run+0x150/0x240 [ 213.211135][ T5838] ? __pfx_task_work_run+0x10/0x10 [ 213.211190][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.211238][ T5838] ? __pfx___x64_sys_umount+0x10/0x10 [ 213.211304][ T5838] syscall_exit_to_user_mode+0x25f/0x290 [ 213.211362][ T5838] do_syscall_64+0xda/0x260 [ 213.211428][ T5838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.211466][ T5838] RIP: 0033:0x7fb06198fc97 [ 213.211494][ T5838] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 213.211530][ T5838] RSP: 002b:00007ffc4fd508f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 213.211564][ T5838] RAX: 0000000000000000 RBX: 00007fb061a1089d RCX: 00007fb06198fc97 [ 213.211587][ T5838] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4fd509b0 [ 213.211610][ T5838] RBP: 00007ffc4fd509b0 R08: 0000000000000000 R09: 0000000000000000 [ 213.211632][ T5838] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4fd51a40 [ 213.211656][ T5838] R13: 00007fb061a1089d R14: 0000000000034029 R15: 00007ffc4fd51a80 [ 213.211704][ T5838] [ 213.211717][ T5838] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 213.743799][ T5838] CPU: 0 UID: 0 PID: 5838 Comm: syz-executor Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) [ 213.743846][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 213.743866][ T5838] Call Trace: [ 213.743877][ T5838] [ 213.743890][ T5838] dump_stack_lvl+0x16c/0x1f0 [ 213.743945][ T5838] f2fs_handle_critical_error+0x621/0x9f0 [ 213.743980][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744018][ T5838] ? __asan_memset+0x23/0x50 [ 213.744055][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744102][ T5838] f2fs_write_end_io+0x73b/0xb60 [ 213.744143][ T5838] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 213.744184][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744229][ T5838] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 213.744264][ T5838] bio_endio+0x70d/0x850 [ 213.744305][ T5838] submit_bio_noacct+0x56d/0x1eb0 [ 213.744362][ T5838] __submit_merged_bio+0x33c/0x770 [ 213.744406][ T5838] __submit_merged_write_cond+0x319/0x3f0 [ 213.744456][ T5838] f2fs_write_cache_pages+0x2139/0x2680 [ 213.744526][ T5838] ? __pfx_f2fs_write_cache_pages+0x10/0x10 [ 213.744573][ T5838] ? __lock_acquire+0x622/0x1c90 [ 213.744622][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744665][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744708][ T5838] ? __lock_acquire+0x622/0x1c90 [ 213.744767][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744824][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744894][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.744930][ T5838] ? rcu_is_watching+0x12/0xc0 [ 213.744966][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.745003][ T5838] ? __mod_memcg_lruvec_state+0x533/0x760 [ 213.745047][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.745093][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.745145][ T5838] f2fs_write_data_pages+0x4ad/0xd90 [ 213.745208][ T5838] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 213.745280][ T5838] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 213.745336][ T5838] do_writepages+0x27a/0x600 [ 213.745390][ T5838] ? __pfx_do_writepages+0x10/0x10 [ 213.745434][ T5838] ? do_raw_spin_unlock+0x172/0x230 [ 213.745499][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.745543][ T5838] ? _raw_spin_unlock+0x28/0x50 [ 213.745597][ T5838] filemap_fdatawrite_wbc+0x104/0x160 [ 213.745651][ T5838] __filemap_fdatawrite_range+0xb2/0xf0 [ 213.745719][ T5838] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 213.745837][ T5838] ? find_held_lock+0x2b/0x80 [ 213.745876][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.745922][ T5838] ? do_raw_spin_unlock+0x172/0x230 [ 213.745982][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.746034][ T5838] f2fs_sync_dirty_inodes+0x2a9/0x990 [ 213.746111][ T5838] block_operations+0x2a3/0xfd0 [ 213.746179][ T5838] ? __pfx_block_operations+0x10/0x10 [ 213.746287][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.746330][ T5838] ? down_write+0x14d/0x200 [ 213.746363][ T5838] ? __pfx_down_write+0x10/0x10 [ 213.746398][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.746445][ T5838] ? rcu_is_watching+0x12/0xc0 [ 213.746489][ T5838] f2fs_write_checkpoint+0x2b8/0x4780 [ 213.746552][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.746597][ T5838] ? kfree+0x2b4/0x4d0 [ 213.746638][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.746695][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.746739][ T5838] ? rcu_is_watching+0x12/0xc0 [ 213.746774][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.746818][ T5838] ? kthread_stop+0x273/0x650 [ 213.746874][ T5838] kill_f2fs_super+0x3c2/0x470 [ 213.746932][ T5838] ? __pfx_kill_f2fs_super+0x10/0x10 [ 213.746989][ T5838] ? lockdep_hardirqs_on+0x7c/0x110 [ 213.747063][ T5838] deactivate_locked_super+0xc1/0x1a0 [ 213.747114][ T5838] deactivate_super+0xde/0x100 [ 213.747165][ T5838] cleanup_mnt+0x225/0x450 [ 213.747220][ T5838] task_work_run+0x150/0x240 [ 213.747281][ T5838] ? __pfx_task_work_run+0x10/0x10 [ 213.747338][ T5838] ? srso_alias_return_thunk+0x5/0xfbef5 [ 213.747388][ T5838] ? __pfx___x64_sys_umount+0x10/0x10 [ 213.747454][ T5838] syscall_exit_to_user_mode+0x25f/0x290 [ 213.747516][ T5838] do_syscall_64+0xda/0x260 [ 213.747583][ T5838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.747622][ T5838] RIP: 0033:0x7fb06198fc97 [ 213.747652][ T5838] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 213.747699][ T5838] RSP: 002b:00007ffc4fd508f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 213.747735][ T5838] RAX: 0000000000000000 RBX: 00007fb061a1089d RCX: 00007fb06198fc97 [ 213.747760][ T5838] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4fd509b0 [ 213.747784][ T5838] RBP: 00007ffc4fd509b0 R08: 0000000000000000 R09: 0000000000000000 [ 213.747808][ T5838] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4fd51a40 [ 213.747832][ T5838] R13: 00007fb061a1089d R14: 0000000000034029 R15: 00007ffc4fd51a80 [ 213.747882][ T5838] [ 214.299652][ T5857] Bluetooth: hci5: command tx timeout [ 214.312362][ T7224] loop4: detected capacity change from 0 to 32768 [ 214.325609][ T5838] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 214.339985][ T7224] [ 214.339985][ T7224] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 214.339985][ T7224] [ 214.378217][ T7224] read_mapping_page failed! [ 214.388749][ T7224] ERROR: (device loop4): txAbort: [ 214.388749][ T7224] [ 214.425280][ T24] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 214.504829][ T7226] loop6: detected capacity change from 0 to 32768 [ 214.537810][ T5845] [ 214.537810][ T5845] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 214.537810][ T5845] [ 214.554785][ T7226] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 214.584647][ T5845] [ 214.584647][ T5845] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 214.584647][ T5845] [ 214.585039][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 214.639645][ T24] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 214.665285][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.673083][ T7226] XFS (loop6): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 214.696644][ T7226] XFS (loop6): Starting recovery (logdev: internal) [ 214.719055][ T7226] XFS (loop6): Ending recovery (logdev: internal) [ 214.723325][ T24] usb 1-1: Product: syz [ 214.732227][ T24] usb 1-1: Manufacturer: syz [ 214.763331][ T24] usb 1-1: SerialNumber: syz [ 214.799878][ T24] usb 1-1: config 0 descriptor?? [ 215.120510][ T7134] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 215.268351][ T24] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 215.292313][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 215.335725][ T24] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 215.370674][ T24] usb 1-1: media controller created [ 215.458128][ T7260] netlink: 48 bytes leftover after parsing attributes in process `syz.4.490'. [ 215.478575][ T7231] dtv5100: wlen = 0, aborting. [ 215.499611][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 215.639057][ T24] zl10353_read_register: readreg error (reg=127, ret==0) [ 215.662597][ T24] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 215.673952][ T24] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 215.688740][ T24] usb 1-1: USB disconnect, device number 5 [ 215.795958][ T7266] loop1: detected capacity change from 0 to 256 [ 215.800456][ T24] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 215.825100][ T5904] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 215.845126][ T7266] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 215.865547][ T7266] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 215.934143][ T7266] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 216.017956][ T5904] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 216.047644][ T5904] usb 4-1: config 0 has no interface number 0 [ 216.060738][ T5904] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 216.093351][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.119169][ T5904] usb 4-1: config 0 descriptor?? [ 216.135596][ T5795] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 216.147603][ T5904] usb 4-1: selecting invalid altsetting 1 [ 216.179861][ T5904] dvb_ttusb_budget: ttusb_init_controller: error [ 216.195233][ T5904] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 216.291124][ T5795] usb 7-1: Using ep0 maxpacket: 16 [ 216.319227][ T5795] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.345262][ T5795] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.348697][ T7277] netlink: 4 bytes leftover after parsing attributes in process `syz.4.503'. [ 216.385074][ T5795] usb 7-1: New USB device found, idVendor=060b, idProduct=0001, bcdDevice= 0.00 [ 216.406861][ T5795] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.424356][ T5904] DVB: Unable to find symbol cx22700_attach() [ 216.443258][ T5795] usb 7-1: config 0 descriptor?? [ 216.559530][ T5904] DVB: Unable to find symbol tda10046_attach() [ 216.569757][ T5904] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 216.637765][ T5904] usb 4-1: USB disconnect, device number 3 [ 216.808603][ T7292] loop1: detected capacity change from 0 to 512 [ 216.845856][ T7292] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 216.874775][ T7292] EXT4-fs (loop1): 1 truncate cleaned up [ 216.921320][ T5795] macally 0003:060B:0001.000C: unknown main item tag 0x4 [ 216.932463][ T7292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 216.961961][ T5795] macally 0003:060B:0001.000C: unexpected long global item [ 217.011545][ T5795] macally 0003:060B:0001.000C: probe with driver macally failed with error -22 [ 217.052233][ T7292] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 217.110358][ T5795] usb 7-1: USB disconnect, device number 2 [ 217.161447][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 217.367886][ T7314] input: syz1 as /devices/virtual/input/input7 [ 217.505602][ T7316] netlink: 28 bytes leftover after parsing attributes in process `syz.3.517'. [ 217.842267][ T7330] netlink: 24 bytes leftover after parsing attributes in process `syz.4.519'. [ 218.073403][ T7336] loop1: detected capacity change from 0 to 1024 [ 218.122264][ T7336] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.147271][ T7345] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 218.169824][ T7345] netdevsim netdevsim4 netdevsim0: left allmulticast mode [ 218.195218][ T24] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 218.261394][ T7336] EXT4-fs (loop1): shut down requested (1) [ 218.298374][ T7336] overlayfs: failed to get origin (-5) [ 218.312655][ T13] Bluetooth: (null): Invalid header checksum [ 218.334472][ T13] Bluetooth: (null): Invalid header checksum [ 218.403108][ T24] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 218.424676][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.434645][ T13] Bluetooth: (null): Invalid header checksum [ 218.453113][ T24] usb 3-1: config 0 descriptor?? [ 218.485844][ T43] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 218.537788][ T3501] Bluetooth: (null): Invalid header checksum [ 218.601254][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.646058][ T2942] Bluetooth: (null): Invalid header checksum [ 218.685185][ T43] usb 4-1: unable to get BOS descriptor or descriptor too short [ 218.687226][ T43] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 218.730024][ T24] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 218.739043][ T24] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 218.754638][ T43] usb 4-1: can't read configurations, error -71 [ 218.784518][ T24] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 218.801508][ T24] [drm] Initialized udl on minor 2 [ 218.806867][ T5851] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 218.963348][ T24] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed [ 218.979410][ T24] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 218.996099][ T5851] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 219.015588][ T5851] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 219.027864][ T5851] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 219.031755][ T3501] bridge_slave_1: left allmulticast mode [ 219.037928][ T5851] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 219.059822][ T5851] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 219.061837][ T3501] bridge_slave_1: left promiscuous mode [ 219.069444][ T5851] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 219.083329][ T5851] usb 5-1: Manufacturer: syz [ 219.091983][ T5851] usb 5-1: config 0 descriptor?? [ 219.099022][ T3501] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.120185][ T3501] bridge_slave_0: left allmulticast mode [ 219.135338][ T3501] bridge_slave_0: left promiscuous mode [ 219.151383][ T3501] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.169210][ T2145] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 219.169505][ T5904] usb 3-1: USB disconnect, device number 5 [ 219.192941][ T2145] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 219.553901][ T5851] appleir 0003:05AC:8243.000D: unknown main item tag 0x0 [ 219.614433][ T5851] appleir 0003:05AC:8243.000D: No inputs registered, leaving [ 219.638632][ T5851] appleir 0003:05AC:8243.000D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 219.792013][ T30] audit: type=1326 audit(1748347093.656:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 219.920837][ T30] audit: type=1326 audit(1748347093.656:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.025231][ T30] audit: type=1326 audit(1748347093.706:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.140816][ T30] audit: type=1326 audit(1748347093.706:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.214059][ T7379] 9pnet: p9_errstr2errno: server reported unknown error ÿÿÿÿÿÿÿÿ÷ [ 220.248763][ T30] audit: type=1326 audit(1748347093.716:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.338205][ T30] audit: type=1326 audit(1748347093.716:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.414001][ T43] usb 5-1: USB disconnect, device number 6 [ 220.431818][ T7385] loop2: detected capacity change from 0 to 2048 [ 220.434292][ T30] audit: type=1326 audit(1748347093.716:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.522590][ T30] audit: type=1326 audit(1748347093.716:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.533437][ T7385] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.565086][ T30] audit: type=1326 audit(1748347093.716:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.587200][ C0] vkms_vblank_simulate: vblank timer overrun [ 220.616165][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 220.635105][ T30] audit: type=1326 audit(1748347093.716:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7369 comm="syz.6.541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68b698e969 code=0x7ffc0000 [ 220.667697][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 220.686288][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 220.695482][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 220.703233][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 220.948997][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.133125][ T3501] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 221.157660][ T3501] bond_slave_0: left allmulticast mode [ 221.174681][ T3501] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 221.201927][ T3501] bond_slave_1: left allmulticast mode [ 221.208758][ T3501] bond0 (unregistering): Released all slaves [ 221.856644][ T43] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 221.925685][ T7427] syz.3.561(7427): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 222.032191][ T43] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 222.051552][ T3501] hsr_slave_0: left promiscuous mode [ 222.067584][ T3501] hsr_slave_1: left promiscuous mode [ 222.074611][ T43] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 222.084720][ T3501] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 222.111310][ T43] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 222.133449][ T3501] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 222.162646][ T43] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 222.181573][ T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.226826][ T43] usb 7-1: Product: syz [ 222.231085][ T43] usb 7-1: Manufacturer: syz [ 222.246975][ T43] usb 7-1: SerialNumber: syz [ 222.273467][ T7435] loop4: detected capacity change from 0 to 1024 [ 222.363844][ T7435] hfsplus: xattr search failed [ 222.490513][ T43] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 222.580322][ T7442] ================================================================== [ 222.588467][ T7442] BUG: KASAN: use-after-free in __crypto_shash_import+0x241/0x290 [ 222.596334][ T7442] Write of size 1 at addr ffff888154c66347 by task syz.3.568/7442 [ 222.604179][ T7442] [ 222.606525][ T7442] CPU: 0 UID: 0 PID: 7442 Comm: syz.3.568 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) [ 222.606576][ T7442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 222.606600][ T7442] Call Trace: [ 222.606612][ T7442] [ 222.606625][ T7442] dump_stack_lvl+0x116/0x1f0 [ 222.606684][ T7442] print_report+0xcd/0x680 [ 222.606740][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.606787][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.606833][ T7442] ? __phys_addr+0xe8/0x180 [ 222.606872][ T7442] ? __crypto_shash_import+0x241/0x290 [ 222.606922][ T7442] kasan_report+0xe0/0x110 [ 222.606981][ T7442] ? __crypto_shash_import+0x241/0x290 [ 222.607038][ T7442] __crypto_shash_import+0x241/0x290 [ 222.607092][ T7442] crypto_shash_import+0x88/0x260 [ 222.607144][ T7442] crypto_ahash_import+0xcd/0x2a0 [ 222.607186][ T7442] hash_accept+0x33c/0x3d0 [ 222.607229][ T7442] do_accept+0x33e/0x530 [ 222.607293][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.607340][ T7442] ? __pfx_do_accept+0x10/0x10 [ 222.607426][ T7442] __sys_accept4+0x100/0x1c0 [ 222.607488][ T7442] ? __pfx___sys_accept4+0x10/0x10 [ 222.607550][ T7442] ? __pfx___x64_sys_futex+0x10/0x10 [ 222.607602][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.607654][ T7442] __x64_sys_accept4+0x96/0x100 [ 222.607687][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.607733][ T7442] ? lockdep_hardirqs_on+0x7c/0x110 [ 222.607789][ T7442] do_syscall_64+0xcd/0x260 [ 222.607850][ T7442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.607888][ T7442] RIP: 0033:0x7fb06198e969 [ 222.607917][ T7442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.607956][ T7442] RSP: 002b:00007fb0628a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 222.607993][ T7442] RAX: ffffffffffffffda RBX: 00007fb061bb5fa0 RCX: 00007fb06198e969 [ 222.608020][ T7442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 222.608043][ T7442] RBP: 00007fb061a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 222.608068][ T7442] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000000 [ 222.608092][ T7442] R13: 0000000000000000 R14: 00007fb061bb5fa0 R15: 00007ffc4fd51668 [ 222.608132][ T7442] [ 222.608145][ T7442] [ 222.834579][ T7442] The buggy address belongs to the physical page: [ 222.841000][ T7442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x154c66 [ 222.849868][ T7442] flags: 0x57ff00000000000(node=1|zone=2|lastcpupid=0x7ff) [ 222.857093][ T7442] raw: 057ff00000000000 ffffea0005531988 ffffea0005531988 0000000000000000 [ 222.865698][ T7442] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 222.874289][ T7442] page dumped because: kasan: bad access detected [ 222.880736][ T7442] page_owner info is not present (never set?) [ 222.886806][ T7442] [ 222.889129][ T7442] Memory state around the buggy address: [ 222.894769][ T7442] ffff888154c66200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 222.902855][ T7442] ffff888154c66280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 222.910934][ T7442] >ffff888154c66300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 222.919007][ T7442] ^ [ 222.925169][ T7442] ffff888154c66380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 222.933244][ T7442] ffff888154c66400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 222.941322][ T7442] ================================================================== [ 222.949430][ C0] vkms_vblank_simulate: vblank timer overrun [ 222.957957][ T43] usb 7-1: USB disconnect, device number 3 [ 222.983800][ T43] usblp0: removed [ 222.991458][ T5857] Bluetooth: hci0: command tx timeout [ 223.030743][ T7442] Kernel panic - not syncing: kasan.fault=panic_on_write set ... [ 223.038532][ T7442] CPU: 1 UID: 0 PID: 7442 Comm: syz.3.568 Not tainted 6.15.0-syzkaller-01972-g914873bc7df9 #0 PREEMPT(full) [ 223.052208][ T7442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 223.062299][ T7442] Call Trace: [ 223.065600][ T7442] [ 223.068552][ T7442] dump_stack_lvl+0x3d/0x1f0 [ 223.073196][ T7442] panic+0x71c/0x800 [ 223.077136][ T7442] ? rcu_is_watching+0x12/0xc0 [ 223.081931][ T7442] ? __pfx_panic+0x10/0x10 [ 223.086386][ T7442] ? lockdep_hardirqs_on+0x7c/0x110 [ 223.091630][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 223.097472][ T7442] ? __crypto_shash_import+0x241/0x290 [ 223.102976][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 223.108649][ T7442] ? preempt_schedule_common+0x44/0xc0 [ 223.114150][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 223.119818][ T7442] ? preempt_schedule_thunk+0x16/0x30 [ 223.125223][ T7442] ? __crypto_shash_import+0x241/0x290 [ 223.130744][ T7442] end_report+0x159/0x170 [ 223.135120][ T7442] kasan_report+0xee/0x110 [ 223.139591][ T7442] ? __crypto_shash_import+0x241/0x290 [ 223.145101][ T7442] __crypto_shash_import+0x241/0x290 [ 223.150430][ T7442] crypto_shash_import+0x88/0x260 [ 223.155492][ T7442] crypto_ahash_import+0xcd/0x2a0 [ 223.160566][ T7442] hash_accept+0x33c/0x3d0 [ 223.165015][ T7442] do_accept+0x33e/0x530 [ 223.169306][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 223.174974][ T7442] ? __pfx_do_accept+0x10/0x10 [ 223.179809][ T7442] __sys_accept4+0x100/0x1c0 [ 223.184477][ T7442] ? __pfx___sys_accept4+0x10/0x10 [ 223.189641][ T7442] ? __pfx___x64_sys_futex+0x10/0x10 [ 223.194961][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 223.200642][ T7442] __x64_sys_accept4+0x96/0x100 [ 223.205521][ T7442] ? srso_alias_return_thunk+0x5/0xfbef5 [ 223.211183][ T7442] ? lockdep_hardirqs_on+0x7c/0x110 [ 223.216515][ T7442] do_syscall_64+0xcd/0x260 [ 223.221063][ T7442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.226981][ T7442] RIP: 0033:0x7fb06198e969 [ 223.231448][ T7442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.251348][ T7442] RSP: 002b:00007fb0628a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 223.259792][ T7442] RAX: ffffffffffffffda RBX: 00007fb061bb5fa0 RCX: 00007fb06198e969 [ 223.267867][ T7442] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 223.275855][ T7442] RBP: 00007fb061a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 223.283850][ T7442] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000000 [ 223.291840][ T7442] R13: 0000000000000000 R14: 00007fb061bb5fa0 R15: 00007ffc4fd51668 [ 223.299845][ T7442] [ 223.303067][ T7442] Kernel Offset: disabled [ 223.307396][ T7442] Rebooting in 86400 seconds..