last executing test programs: 14m32.275541924s ago: executing program 32 (id=1317): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x22400049, &(0x7f00000002c0)={[{@nombcache}, {@abort}, {@nomblk_io_submit}, {@noblock_validity}, {@nolazytime}, {@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@barrier_val={'barrier', 0x3d, 0xd95a}}, {@debug}]}, 0x84, 0x480, &(0x7f00000004c0)="$eJzs3M9vFFUcAPDvTH8gP0oXxB8gyioSG9GWFlQOXjSacDEx0YMea6kEWcDQmgghUo3Bo/EvUI8m/gWe9GLUk8ar3o0JMVxED2bN7M7Att2tbbfbBefzSab73vx6782b13kzb2cDKK1q9ieJ2BERv0TEaDO6eIVq8+PG9cszf12/PJNEvf7KH0ljvT+vX54pVt2Rf27P9zmWRqQfJrHQJt25i5fOTNdqsxfy+MT82bcn5i5eevL02elTs6dmz00dP37s6OQzT089tSHlHMnyuu+98/v3nnj9k5dmYuGN77/M8j+QL28tR1Ol6zSrUY16vV5PF80dbvw91PXeby8jLeFksI8ZYU2y8z+rrqFG+x+NgbhVeaPx4gd9zRzQU9n1adeyuc2rYnooaSwH/q+0cSir4oqf3f8W0+b2QPrr2nPNG6Cs3DfyqblkMLL79qTSvGMf6FH6OyLitYW/P82maPscAgBgY32d9X+eaNf/S+PelvV25mNDlYg4HBG7I+LuiNgTEfdENNa9LyLuX2P61SXx5f2fn7auq2CrlPX/ns3Hthb3/26O2lQG8thIo/xDyZuna7NH8mMyFkNbsvjkCml888LPH3daVm3p/2VTln7RF8zz8fvglsXbnJyen+6mzK2uvR+xb7Bd+ZObIwFJROyNiH3r2H92zE4//sX+LLxz+/Ll/13+FWzAOFP984jHmvW/EEvKX0iaKXUan5y4K2qzRyaKs2K5H368+nJrfKgl3FX5N0BW/9vanv95+YtmUIzXzq09jau/ftTxnma95/9w8mojPJzPe3d6fv7CZMRwPmPR/Klb2xbxYv2s/GMH27f/3RH/fJZv90BEZCfxgxHxUEQcyPP+cEQ8EhEHVyj/d88/+tbKR6i/9X+yQ/3nZ0AlaR2vX0dg4My3X3VKf3X1f6wRGsvnrOb/32oz2N3RAwAAgDtD2hiDTtLxm+E0HR9vfod/T2xLa+fn5g9X451zJ5tj1ZUYSosnXaMtz0Mn82fDRXxqSfxoROxqfNNoayM+PnO+NtLvwkPJbe/Q/jO/9epLL8DtY03jaEnv8gFsPu9rQnlp/1Be2j+Ul/YP5dWu/V+JuNGHrACbzPUfykv7h/LS/qG8tH8opeWvxBc/t7KeN/1vBXaf6GrzEgUGutt8IiLaLorWH+3oQSDSPh66+pV6vZv9pP2v9wtzB/LAlohY7VZXelqnS8+fFXk7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCP8GwAA///IPOO2") syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1810754, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@errors_continue}, {@usrquota}, {@prjquota}, {@usrquota}, {@resuid={'resuid', 0x3d, 0xee00}}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xffffffff}}, {@nodiscard}, {@test_dummy_encryption}]}, 0xff, 0x46e, &(0x7f0000000e40)="$eJzs281vFOUfAPDvzG7L249fKyIKgjSisfGlpQWVgxeNJh40MdEDHmtbCLJQQ2sihGg1Bo+GxLvxaOJf4MmTUU8mXvVuSIgSE9CYsGZmZ9ruslsK3bKE/XySaZ9n59mZ57vzPDPPzLMbQN8ayf4kEf+LiF8jYqiRbS4w0vh37cr56b+vnJ9Ool5/84/BvNzVK+eny6Ll+7YVmdE0Iv00KXbSbP7suZNTtdrsmSI/vnDqvfH5s+eeOXFq6vjs8dnTk0eOHD408fxzk892Jc4svqt7Ppzbu/vVty++Pn304js/fpPVd9e+xvqVcXTLSBb4n/Vc67rHu72zHrteX44zqfa6NqxVJSKywzWQ9/+hqMTywRuKVz7paeWADZWdsze1ebn4v1gH7mFJ9LoGQG+UF/zs/rdc7uDwo+cuv9i4AcrivlYsjTXVSIsyAxu4/5GIOLr4z5fZEi3PIZaOz+AGVgAA6DvfZeOfp9uN/9LYtaLc/4u5oeGIuC8idkTE/RGxMyIeiMjLPhgRD93i/lunhm4cf6aXbiuwNcrGfy8Uc1vN479y9BfDlSK3PY9/IDl2ojZ7sPhMRmNgU5afaLfxchMv//J5p/2vHP9lS7b/cixYbORSteUB3czUwlS3BqWXP47YU20Xf7I0E5BExO6I2LPmrS5G8fHkTjz59d5OJW8e/yq6MM9U/yriicbxX4yW+EvJ6vOT45ujNntwvGwVN/rp5wtvdNp/2/ivb19/YGuUHf+tze1/aV0l/zv0V7JyvnY+bvmG5MJvn3W8p6zeZvsfTN7K53TLmnwwtbBwZiJiMHktovX1yeX3lvmyfBb/6IH2/X9H8Z4s/ocjImvE+yLikYjYHxH/FvfQj0bEgVXi/+Glx97ttG5d7T9iyxrLdZTFP9P2/LfU/oebj/+tJyonv//29uPPjv/hPDVavJKf/26ic3U2FyWWWzMAAADc69L8u/FJOraUTtOxscZ3+HfG1rQ2N7/w1LG590/PNL5DPxwDafmka2jF89CJZLHYYiM/WTwrLtcfKp4bf1HZkufHpudqMz2OHfrdtub+v7/s/5nfK72uHbDh/F4L+ldr/097VA/gznP9h/6l/0P/0v+hf7Xr/x+15M0FwL3J9R/6l/4P/Uv/h/6l/0NfWs/v+jcqUV3l1/sSd0si0ruiGhItiUgaF/RN6+zdvT4zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMd/AQAA///gq/is") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 14m8.984448711s ago: executing program 33 (id=1449): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010b00000000fbdbdf2516"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x840) 13m27.687729455s ago: executing program 34 (id=1565): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, r1, 0x731, 0x0, 0x25dfdbfe, {0x38}}, 0x14}, 0x1, 0x2, 0x0, 0x20040895}, 0x64000000) 13m17.440305429s ago: executing program 35 (id=1560): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x200000, &(0x7f0000000900)={[{@umask={'umask', 0x3d, 0x6}}, {@codepage={'codepage', 0x3d, 'maciceland'}}, {@file_umask={'file_umask', 0x3d, 0x2}}, {@dir_umask={'dir_umask', 0x3d, 0x4}}, {@creator={'creator', 0x3d, "83490253"}}, {@file_umask={'file_umask', 0x3d, 0x4}}, {@type={'type', 0x3d, "66dc3f23"}}, {@file_umask={'file_umask', 0x3d, 0x2}}]}, 0x4, 0x32c, &(0x7f00000005c0)="$eJzs3U1r1EwAB/D/JLvb3aelT2wrBY/VgqfS1oMigiLFi1/AgxRru4XSWMFWsIK4ehbxJggevXkW/Qp6Eb+AnnoonvRSBI3MTGaTbGeyL902rf3/oGle5jWTSWa2bAMiOrauzn19c25L/ogyAB/ARcADUAVKAE5ivHp/bWNlI6wv5SXkqxjyR0DHFLvCLK7VbVFlPBUjFsitEobS+2h/RFEUfWsb6seBlIWKI3Tf38UDBuLe6fumr/4DGrpex0uqhcUOdvAAw0UWh4iIihc//734KTEUj989D5iMx+Hq6XGEn/+Z8c1OceU4FJrPf09vR0Ken//VoWS+p6ZwsvU9M0u0pWW9JqLkdFegr6xMA4h2s0pVFq+2vBLWpxoqgae4HEsFG1PLJZiKKK7SVvSvCcvcNEde3fMNqjqUZR3KjvKPdp3jh228tGc3/6mDMomP4rOYFwFeYak5/itFQp4cdX4CoJaOoMs/7U5R1TLQoTK1TObvJ1Qmp0wLvH+b1LLmOq9V+LIsNjIV0Tp+D0w5X1TcsTCC7McKunYz7ghqMWqNNdvc/mWNOtYaq7ZcDutTi3fD3I9S+sY6oxPPxQ0xge94h7nU+N+ToSfh7pmZXi5UyPjKyK1PSYV0tGOG6sB3uuqZpFyzNnS+Z7iNCxhe33y4uhCG9XvFr5iuUkju5paR7NEXYnw5yj3ydyoWqnKlDKBvxfgTRZH1UAn9rLKrzGVV1fOvm1VWt9mG3txbpmjoc5g6dMUdOLltyj3mjtBL7o+bsQYyjdt+5Wec+/qm/YIUqRJW9vcSNVllDvkY6Kin1HrI9Pqj1YWw+1sKHT1Jo2P85valootDB0+Ou4Se/6XmK9PqriMXQc5sJGqXeCrFGccMaEQt/+tsBtdM1jlOHDQrYX02b851+ixwpiVHDybHJ63JBnE5cRj/Kmn9U0YtL4aYwxfc4uf/RERERERERERERERERERERERERERHTbffRujl6wTZHLeO4T/eICIiIiIiIiIiIiIiIiIiIiIiIiIiIiLam9T7fwFfvTGm0sv7f3/38/2/fgfv/zXvpSCinv0NAAD//7xiWfw=") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000500)=""/173, 0xad) 11m19.648235948s ago: executing program 36 (id=2041): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000440)={0x0, 0x8, 0x0, 'queue1\x00', 0x4000001}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x1, 'queue0\x00', 0xfffffffe}) 10m27.220817354s ago: executing program 37 (id=2263): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5a4, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x4, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x7, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x9}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0x7, {[@main=@item_012={0x1, 0x0, 0xc, "c0"}, @local=@item_4={0x3, 0x2, 0x5, "0ae6b385"}]}}, 0x0}, 0x0) 9m28.778682259s ago: executing program 38 (id=2529): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x195be}]}]}]}, 0x3c}}, 0x0) 7m20.653113654s ago: executing program 39 (id=3308): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x44, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008}, 0x20000000) 4m35.510099354s ago: executing program 40 (id=4309): timer_create(0xfffffffd, 0x0, &(0x7f0000000040)=0x0) timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000000), &(0x7f00000000c0)) 4m9.76766973s ago: executing program 41 (id=4433): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22102, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={0xffffffffffffffff, 0xd, 0x93997f7c19df54f3}) 3m44.794797309s ago: executing program 42 (id=4561): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000180), 0xe) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2) 2m51.236307152s ago: executing program 9 (id=4895): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x58, 0x10, 0x403, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x10, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x9}}]}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}, 0x1, 0xba01}, 0x0) 2m50.583606357s ago: executing program 9 (id=4899): r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) prlimit64(0x0, 0x7, &(0x7f00000003c0), 0x0) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000200)=0x8001100) 2m49.690112577s ago: executing program 9 (id=4906): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x1f2, @time={0x65757900}}) 2m49.12885192s ago: executing program 9 (id=4909): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2c}, 0x84, 0x463, &(0x7f0000000b00)="$eJzs20tvG1UbAOB3JknT65e0X7n0AgQKouKSNKFAFywAgdQNEhIsyjKkaRWaNqgJEq0qGhAqS9RfACwR/AJWsKmAFYgtiC1CqlA3BBbIaOwZ103sYMdOnNbPIzk5xzPj876eOfaZOeMAetZI9ieJ2BkRP0fEUET0LV9hpPJv6calqb9uXJpKolR67Y8k2yz+vHFpqlg1yf/vyCuH04j0wyQO1Gl3/sLFM5Ozs9Pn8/rYwtm3x+YvXHxy5uzk6enT0+cmjh07+tT4s89MPN2RPHdlse5/b+7gvuNvXH1l6sTVN7/7Mot3Z768No+K4bbbHImR6nuy3CNtv/rmsqumnPR3MRBakvX1bHcNlPv/UPTFzZ03FC9/0NXggHVVKpVKgyu+pKojgMUScAdLotsRAN1RfNFn57/FYyPHH912/YXKCVCW91L+qCzpjzRfZ2DZ+W0njUTEicW/P8keUfc6BABAZ32djX+eqDf+S+PumvX+l88NDUfE7ojYExH/j4i9EXFXRHndeyLi3hbbH1lWXzn++XHbmhJrUjb+ey6f27p1/FeM/mK4L6I/zceAwzGQnJqZnT6SvyeHY2Awq4+v0sY3L/30caNlteO/7JG1X4wF8zh+7x+8dZuTkwuT7eRc6/r75WuAl1fmn1RnApKI2BcR+9fw+lsjYuaxzw82Wv7f+a+iA/NMpc8iHq3s/8VYln8hWX1+cmxrzE4fGSuOipW+/+HKq43abyv/Dsj2//a6x381/+Gkdr52vvU2rvzyUcNzmrUe/1uS18vlLflz704uLJwfj9iSLK58fuLmtkW9WD/L//Ch+v1/T8Q/n+bbHYiI7CC+LyLuj4gH8tgfjIiHIuLQKvl/++LDb9VUn28t//WV5X+ypf3feqHvzLWvGrXf3P4/ei3Kn7UVzXz+NRtgW28eAAAA3CbS8j3wSTpaLafp6GjlHv69sT2dnZtfePzU3DvnTlbulR+OgbS40jVUcz10PL82XNQnqvWZX4u2dpfvNNpWXj46NTe7XnPqQHN2NOj/md/6uh0dsO5amkdr9Is24Lbk95rQu/R/6F36P/Qu/R96V73+fzliqQuhABvM9z/0Lv0fepf+D72rXv//ogtxABuqnd/1r1bYc3y9XvlOK/RtjjBaLkS6KcJYWyHdHGFUCoMR0ezKl2OjAuv2JxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/BsAAP//NYztXg==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x31486c, &(0x7f0000000140)='usrjquota=') 2m48.243840278s ago: executing program 9 (id=4914): openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000080)='./file1\x00', 0x2000757) unlink(&(0x7f00000001c0)='./file1\x00') 2m47.645392904s ago: executing program 9 (id=4920): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000080)="18", 0x10, 0x0, &(0x7f00000000c0)={0x11, 0xc, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) 2m45.957942218s ago: executing program 43 (id=4920): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000080)="18", 0x10, 0x0, &(0x7f00000000c0)={0x11, 0xc, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) 2m42.262264006s ago: executing program 6 (id=4941): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r0, 0x89f0, 0x0) 2m41.488482901s ago: executing program 6 (id=4945): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000001f00)=""/4062, &(0x7f00000004c0)=0xfde) 2m40.760752162s ago: executing program 6 (id=4950): syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000086d044fc2000000000001090224"], 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 2m38.696835121s ago: executing program 6 (id=4960): syz_mount_image$minix(&(0x7f0000000080), &(0x7f00000001c0)='./file1\x00', 0x1000008, &(0x7f0000000040)=ANY=[], 0x1, 0x17c, &(0x7f0000000500)="$eJzs289O6kAUx/Ffy797uX8F3biRxIVupIord/ooBCohFCXCBmJiTHwLV76fJvoC1lCgpoUoIFCB72d1DmdmOiUZOF1UANZWTjkZMpSQtCPpJmtEvSUAC+JKenUBrKfYc9Q7ABCNpzOpIenx5bqkWGKoP+jWTwd1Mzlcv5W24/26kdKPcH/xIO0N5hs/R85Py3V79fTI+v7u4Pq/9Ft/9Ff/9F8byvTrZX/9rS92Q8B6MZQP54EPTJ1XHfvQzxNefuTnSS8vhPJjP095eb506ZTndQsApmR+cv5jofMfD51/AMur2e7Uio5jX40XJDXB4EAgs3fBKaeHg+5ys1hnFsFdRlN/LQS1otN97PwG2yAIHNigVhS/TgDmyWrVG1az3Tmo1osVu2JfFO77lRPL6/ytYP8PYHW8/+l/OCy1sA0BAAAAAAAAAAAAAICJZbU5zrDwa30AAAAAltAiXieK+h4BAAAAAAAAAAAAAAAAAACAVfEWAAD//2bRHbQ=") mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40000, 0x0) 2m37.547390151s ago: executing program 6 (id=4962): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000012000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@map=r1, 0x16, 0x1, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 2m36.868634759s ago: executing program 6 (id=4963): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000100)={[{@umask={'umask', 0x3d, 0x800}}, {}, {@nls={'nls', 0x3d, 'cp861'}}, {@force}, {@nobarrier}, {@nobarrier}]}, 0x20, 0x6ef, &(0x7f0000003980)="$eJzs3U9sW3cdAPDvsx037qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPO4xDOOyEOCANcUCMMxIS994rceBWccDoPb+X+E/i2G2cdOXzkZ7f7/n37/u+fu/ZfmnlAP5vLb4VU61IYvHCm1vp9sPtRvPhdmO1KEfEiYgoRVQ6q0jWIpJPIq5GZ4nPpk/mwyX7zfPGo48/OP/go0Znq5IvWfvSsH672kNmaOVLzEZEOV+PqbLfeNf3GO/+WEMnO3GnCTtXJA6OW3tAa5zuI5y3wLPufkR5ao/n6xEnI2I6/xwQ+dWhdMThHbqxrnIAAADwbCof1ODFx/E4tmLmaMIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA50PS+c3AJF9KRXk2kvz3/7+fN8tUq8cb7gG+fED9+zePKBAAAAAAAAAAOHxTu8Wzj+NxbMVMsd1Osr/5v5ZtnMoeX4h3YyOWYz0uxlYsxWZsxnrMR0zNdI1Z3Vra3FyfH+z5m0h7ttvt+3nPhYioD/RcGB7y9GHsNwAAAAAAAAA8v34aizFz3EEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEC3JKLcWWXLqaJcj1IlIqYjopq2a0X8uSh/mv3luAMAAACAyavl65nkv51CO8m+87+Sfe+fjndjLTZjJTajGctxI7sX0PnWX/pHq9F8uN1YTZfBgb/1r7HiyEaMiHK8t8/Mc1mL0zs9FuO78YO4ELNxLdZjJX4US7EZyzEbtXQnYimSqNc6dy/qRZy98Zbzoa72hHKtP7azfdtnskhqcTNWstguxvVqMVopa5HEma7Z/liN6MvQe2l2km/mRszRja7X69f5fZlc+8URx5iMerbnUzsZmUtzn2fjpb1zXxjzOOmfaT5KO/egTu3Okm72z1Tk/Ifj5Pxkvk5z/YvenB+2MW+l9WdiIUr50RfxSm/O73zhwcu9nb/0z79eu1Vau33r5saFCe7SU0paw2qnikJ/JhpdmXh1+NGXZ6KZZqI1eiam+p+YHrXnZFXzbHQubKNdLb+TlZbita5D8J24EctxOeZiPq7EXHw9FqLRc4Sd7slrpbHam5PsXCsNXt9qQ4I/98WuRr88oPHRSvPyUldeu6909awuf+bqr2KuK0svDz/6nuRdoPK5vJDO8bOdd5xnQU8m8mtzEV3xBrVPJn7bTh83mmu3128t3RlxvvP5Oj1t3x+4Ns893c48lfR4Sa+4lWwry0mtOF7Sus/sRNubr2r+F5dOv9JA3emdunrMxEp8b98ztZp/hhscqVP36p51jazuTFddz6eceCea2aeQPrNHk1UARnby9ZPV2qPa32sf1n5eu1V7c/rbJ66c+Hw1pv5W+VP596Xflb6RvB4fxk9i5rgjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA58HG3Xu3l5rN5fUJFqpPOFeUDmyz/cJoA0Y94m5t2FxJXqhOOBtF4tc3kuFpqU3u1fn3dMSQNrWY0L7/ISKGtKk+9RTJ5I/n9BU7lAGLH07LnmmXx+heKXrt3aYSG9P7vYIndl/3qN9eav6n3dOmFl2nDPCcu7S5eufSxt17X1lZXXp7+e3ltYUrl69cbnxt/quXbq40l+c6j8cdJTAJG3fvlY87BgAAAAAAAAAAAGA8+b/+33zi/8xQOaBNdX1j75nPHvWuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9Si2/FVCuSmJ+7OJduP9xuNNOlKO+2rEREKSKSH0ckn0Rcjc4S9a7hkv3meePRxx+cf/BRY3esStG+NKzfaFr5ErMRUc7XBzuxxzCD413vGq/1ROElO3uYJuxckTg4bv8LAAD//56s7LY=") truncate(&(0x7f0000000900)='./file1\x00', 0xbf39) truncate(&(0x7f0000000080)='./file1\x00', 0x4) 2m34.603063011s ago: executing program 44 (id=4963): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000100)={[{@umask={'umask', 0x3d, 0x800}}, {}, {@nls={'nls', 0x3d, 'cp861'}}, {@force}, {@nobarrier}, {@nobarrier}]}, 0x20, 0x6ef, &(0x7f0000003980)="$eJzs3U9sW3cdAPDvsx037qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPO4xDOOyEOCANcUCMMxIS994rceBWccDoPb+X+E/i2G2cdOXzkZ7f7/n37/u+fu/ZfmnlAP5vLb4VU61IYvHCm1vp9sPtRvPhdmO1KEfEiYgoRVQ6q0jWIpJPIq5GZ4nPpk/mwyX7zfPGo48/OP/go0Znq5IvWfvSsH672kNmaOVLzEZEOV+PqbLfeNf3GO/+WEMnO3GnCTtXJA6OW3tAa5zuI5y3wLPufkR5ao/n6xEnI2I6/xwQ+dWhdMThHbqxrnIAAADwbCof1ODFx/E4tmLmaMIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA50PS+c3AJF9KRXk2kvz3/7+fN8tUq8cb7gG+fED9+zePKBAAAAAAAAAAOHxTu8Wzj+NxbMVMsd1Osr/5v5ZtnMoeX4h3YyOWYz0uxlYsxWZsxnrMR0zNdI1Z3Vra3FyfH+z5m0h7ttvt+3nPhYioD/RcGB7y9GHsNwAAAAAAAAA8v34aizFz3EEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEC3JKLcWWXLqaJcj1IlIqYjopq2a0X8uSh/mv3luAMAAACAyavl65nkv51CO8m+87+Sfe+fjndjLTZjJTajGctxI7sX0PnWX/pHq9F8uN1YTZfBgb/1r7HiyEaMiHK8t8/Mc1mL0zs9FuO78YO4ELNxLdZjJX4US7EZyzEbtXQnYimSqNc6dy/qRZy98Zbzoa72hHKtP7azfdtnskhqcTNWstguxvVqMVopa5HEma7Z/liN6MvQe2l2km/mRszRja7X69f5fZlc+8URx5iMerbnUzsZmUtzn2fjpb1zXxjzOOmfaT5KO/egTu3Okm72z1Tk/Ifj5Pxkvk5z/YvenB+2MW+l9WdiIUr50RfxSm/O73zhwcu9nb/0z79eu1Vau33r5saFCe7SU0paw2qnikJ/JhpdmXh1+NGXZ6KZZqI1eiam+p+YHrXnZFXzbHQubKNdLb+TlZbita5D8J24EctxOeZiPq7EXHw9FqLRc4Sd7slrpbHam5PsXCsNXt9qQ4I/98WuRr88oPHRSvPyUldeu6909awuf+bqr2KuK0svDz/6nuRdoPK5vJDO8bOdd5xnQU8m8mtzEV3xBrVPJn7bTh83mmu3128t3RlxvvP5Oj1t3x+4Ns893c48lfR4Sa+4lWwry0mtOF7Sus/sRNubr2r+F5dOv9JA3emdunrMxEp8b98ztZp/hhscqVP36p51jazuTFddz6eceCea2aeQPrNHk1UARnby9ZPV2qPa32sf1n5eu1V7c/rbJ66c+Hw1pv5W+VP596Xflb6RvB4fxk9i5rgjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA58HG3Xu3l5rN5fUJFqpPOFeUDmyz/cJoA0Y94m5t2FxJXqhOOBtF4tc3kuFpqU3u1fn3dMSQNrWY0L7/ISKGtKk+9RTJ5I/n9BU7lAGLH07LnmmXx+heKXrt3aYSG9P7vYIndl/3qN9eav6n3dOmFl2nDPCcu7S5eufSxt17X1lZXXp7+e3ltYUrl69cbnxt/quXbq40l+c6j8cdJTAJG3fvlY87BgAAAAAAAAAAAGA8+b/+33zi/8xQOaBNdX1j75nPHvWuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9Si2/FVCuSmJ+7OJduP9xuNNOlKO+2rEREKSKSH0ckn0Rcjc4S9a7hkv3meePRxx+cf/BRY3esStG+NKzfaFr5ErMRUc7XBzuxxzCD413vGq/1ROElO3uYJuxckTg4bv8LAAD//56s7LY=") truncate(&(0x7f0000000900)='./file1\x00', 0xbf39) truncate(&(0x7f0000000080)='./file1\x00', 0x4) 1m54.090695598s ago: executing program 2 (id=5204): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x68, 0x10, 0x503, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x10, 0x5, 0x0, 0x1, [{0xa, 0x4, @dev}]}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @local}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x68}, 0x1, 0x0, 0x0, 0x4001}, 0x0) 1m53.625971801s ago: executing program 2 (id=5209): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010003b15000000000000000000004888", @ANYRES32=0x0, @ANYBLOB="d530d995212cf95a2000128008000100687372001400028008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES64], 0x40}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="662700000000000024001280090001007866726d0000000014000280040003"], 0x44}}, 0x0) 1m52.989059522s ago: executing program 2 (id=5214): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0xff, 0x6de, &(0x7f0000000180)="$eJzs3c9vHGcZB/DvrNeON1TBaZM2QkVYiVSQIhInVgrhgkEI5VChqhx6thKnsbpJqsRFaYUgBQQnJA79AwqSbxwQEvegcOFSbr36WAmJS8QhqpAWzezsete7ju0kXifw+UTjed9533nnmWd+eddZbYD/W5dOp3kvRS6dfuNOWd9YX2xvrC8eqpvbScpyI2l2ZyluJMX9ZKlsLwamDMxHfLx68a3PHmx83q0166nqP9Vfb3ZXIY/Zxt16ynw93vzYNad3NX53rCq8vJDkcj0fNrPbsYY6lkk7Vc/hwHVG3N3L6tte78Czr/d0KrrPzRFzyeH6yVz9TlDfHRqTi3B/7OkuBwAAAM+pT28edAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/Km//7+op0Y9z3yK3vf/z/SW1eVn0NKue97b1zgAAAAAAAAAYDK+9jAPcydHevVOUf3N/2RVOZYvOsmX8n5uZyW3ciZ3spy1rOVWziWZGxho5s7y2tqtc/01S+PXPD92zfOT2mMAAAAAAAAA+J/0i7Q2//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgiKZ6s6q6Vg9z1wazWy25W7yjyQzBx3vHhTjFt6bfBwAAADwRGYfY50vP8zD3MmRXr1TVK/5X65eL8/m/dzIWlazlnZWcqV+DV2+6m9srC+2N9YXr5dTWR8e93v/2lMYM/UIU1Vt3JZPVD1auZrVasmZXC6S/3Q6nUZ326eSE714BuIa8FEZU/Hd2i4ja9ZpLff8d9u9i/BUDL8V0XhEz9ZmcEk/Iwt1bOWaR7sZKKo3apKtmdjx6DSHanPVqNP9LZ1Lo//Oz7F9yPnhel7uz6/3Ned71c9EI1UmzqfRP1IvPzoTydf/8se3r7VvvHvt6u3Tz84u7WBqm+Vbz4nFgUy88lxnornH/gtVJo7365fyw/w4pzOfN3Mrq/lJlrOWlXTq9uX6fC5/zj06U0tDtTd3imSmPi7dY7abmObzg6q0nJPVukeymiI3cyUreb36dz7n8q1cyIVcHDjCx7eNu9q36qpvbL3qe0f6r2ODP/WNulDe3X6zeZdbetQeb3d2Pi3de3+Z16MDee2e9Q/6vY4OXAcLA1l6sZed6bGDP869sfmVulBu45c7PCcma67ORHkB9Z4Svehe6maiWT2LRs/z33fK9dK+0elcW35vm/Hvbqm/Vs/L02r9qzv17hl/KJ6u8nx5MbP1nWT47CjbXurfZQbaOpvncrdt+Ilbrne8aiuK3pX6o9ysToDRK3Wm/h1udKTzVdsrY9sWq7YTA21Dv2/lZtq5MoH8AfA4/v52vziXwzOtf7Y+bX3S+lXrWuuN2e8f+vahV2cy/bfp7zQXpl5rvFr8OZ/kZ5uv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMd3+4MP311ut1dujS80tm9aXup9cU27vdLK1j7bjXxo/IBF/YU+O8TzTBbSHG2aLfMyuGS6m6gJR9jaGsZIofPzZOIZ632J4Pg+vy0LzZEzalxhaWjJn0YH/GiPERa7uy72sdDIZDdaXsXjmg7ohgRMzNm16++dvf3Bh99cvb78zso7KzemL1y4uHDxwuuLZ6+utlcWuj8POkpgP2w+9A86EgAAAAAAAAAAAGC3xn0w4OQLO31oZFef8fA/CwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICn4tLpNO+lyLmFMwtlfWN9sV1OvfJmz2aSRiMpfpoU95OldKfMDQxX5A/30xmznY9XL7712YONzzfHanb7J416vr1Htya5W0+ZTzJVz5/A0HiXn3i84t+9fSgT9kWn01l6svjg6fhvAAAA///1I/PD") r0 = creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x194) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) write$binfmt_script(r0, &(0x7f00000008c0)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xfe) 1m52.175399128s ago: executing program 2 (id=5218): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) lsetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='trusted.overlay.impure\x00', &(0x7f0000000140)='\x00', 0x1, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 1m50.402960444s ago: executing program 2 (id=5222): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 1m44.456944073s ago: executing program 2 (id=5237): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x2000000000001}}, 0x30) 1m42.826207967s ago: executing program 45 (id=5237): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x2000000000001}}, 0x30) 1m33.687953716s ago: executing program 0 (id=5277): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)="1800000068006bcc9e3fe3dc4c", 0xd}, {&(0x7f0000000000)="5d00e85ca6000000000000", 0xb}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x20004880) 1m33.121714837s ago: executing program 0 (id=5280): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_io_uring_setup(0x7955, &(0x7f0000000500)={0x0, 0x8007ffd, 0x1, 0x0, 0xf5fffffd}, &(0x7f0000000040), &(0x7f0000000000)) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000240), 0x4) io_uring_register$IORING_REGISTER_FILES2(r0, 0xd, &(0x7f0000000180)={0x200000000000001f, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000080)=[0x4, 0x9]}, 0x20) 1m32.180885385s ago: executing program 0 (id=5282): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0) ioprio_set$pid(0x2, 0x0, 0x0) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rfc1337\x00', 0x2, 0x0) sendfile(r0, r0, 0x0, 0x1) 1m31.616547002s ago: executing program 0 (id=5285): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) open(&(0x7f0000000880)='./file0/file0\x00', 0x20400, 0x14) 1m30.615884433s ago: executing program 0 (id=5291): r0 = socket(0x10, 0x2, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl2\x00', r2, 0x0, 0xa, 0x0, 0xe, 0x6d, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, 0x8000, 0x69, 0x1}}) 1m29.57598593s ago: executing program 0 (id=5298): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000100001042dbd70000000000000000000", @ANYRES32=r2, @ANYBLOB="00800000020000002400128009000100626f6e640000000014000280080007000900000008000f808d90"], 0x44}}, 0x8004) 1m27.906673005s ago: executing program 46 (id=5298): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000100001042dbd70000000000000000000", @ANYRES32=r2, @ANYBLOB="00800000020000002400128009000100626f6e640000000014000280080007000900000008000f808d90"], 0x44}}, 0x8004) 40.266908498s ago: executing program 5 (id=5547): mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x105c42, 0x1db) splice(r0, 0x0, r1, 0x0, 0x1c, 0x9) 39.760180962s ago: executing program 5 (id=5550): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=@ipv4_newroute={0x2c, 0x18, 0x1, 0x70bd27, 0x25dfdbfc, {0x2, 0x0, 0x80, 0x20, 0x1, 0x0, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r2}, @RTA_PREFSRC={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x13}}]}, 0x2c}}, 0x0) 39.203328172s ago: executing program 5 (id=5554): unshare(0x20060400) r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f00000007c0)={0xa, 0x0, 0x3, @initdev={0xfe, 0x88, '\x00', 0x9, 0x0}, 0x401}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x1c) 38.629166518s ago: executing program 5 (id=5558): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x1008000, &(0x7f0000000040), 0x1, 0x5db, &(0x7f0000000680)="$eJzs3c9vVNUeAPDvmf6gpfBayMt7j7d4NHl5geRJSwsYYlzAnjT4I27cWGkhSIGG1mjRxJLgxsS4McbElQvxv1CULStduXDjypAQNSxNHHNn5rbTdqZDm2kvcj+fZOg958xwzu30O+fMmXPuBFBao9k/lYhDETGfIobT8kpZbzQKR+v3e/TbuxeyW4pq9aVfUqRGXn7/1Pg51HjwQER8922Kgz0b611Yunllem5u9kYjPb54dX58YenmsctXpy/NXpq9Nvns5OlTJ0+dnjjetXM9d/uNt4Y/mHr1i89+TxNf/jiV4kzsa5Q1n0e3jMZo/XeyZ21+9ns93e3KCtLTOJ/mpzj1FtggtiR//voi4p8xHD2x+uQNx/svFNo4YEdVU0R1vfw1YEMB8HRJwhxKKh8H5O/t178Pruz+kATYJQ/P1icANsZ/b31uMAZqcwN7H6VontZJEdGNmbmsjvv3pm5fvDd1O3ZoHg5obflWRPyrVfynWmyO1Gbxs/ivrIn/bFxwvvEzy39xm/WPrkuLf9g99fgf2Fb8v9YU/69vs37xDwAAAAAAAN1z92xEPNPq8//KyvqfaLH+ZygiznSh/s6f/1UedKEaoIWHZyOeb7n+txIR3xyoVmOkp5HaX1sP0JcuXp6bPR4Rf4uIo9G3J0tPbFLHsQ8PftquLF//l9+y+u831gLWN85WHvSu2z87M7043ZWTh5J7eCvi3y3X/6aV/j+16P+z14P5x6zj4P/unG9Xtnn8Azup+nnEkZb9f1q5T9r8+hzjtfHAeD4q2Og/73z0Vbv6O8b/QFdPF2iS9f97N4//kdR8vZ6FrddxYqm32q6sc//fevzfn16uXXKmv5H39vTi4o2JiP50rifLbc5PEctbbzU8fWpxMrkaL1n8H/3v5vN/rcb/g7ExqNKva/cU5/7xx9BP7dpj/A/FyeJ/Zkv9/9YPJu+MfN2u/sfr/0/W+vqjjRzzf1D3SR6m/Wvz8+AbWI3d3nVF2xzNAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACViNgXqTK2clypjI1FDEXE32NvZe76wuL/L15/89pMVlb7/v9K/k2/w/V0yr//f6QpPbkufSIiDkTExz2DtfTYhetzM0WfPAAAAAAAAAAAAAAAAAAAADwhhtrs/8/83FN064Ad11t0A4DCtIj/74toB7D79P9QXuIfykv8Q3mJfygv8Q/lJf6hvMQ/lJf4BwAAAACAp8qBw3d/SBGx/Nxg7Zbpb5T1FdoyYKdVim4AUBiX+IHysvQHyst7fCB1KB9o+6BOj4z97YvmL3RsGAAAAAAAAAAAAACw4sgh+/+hrOz/h/Ky/x/KK9//f7jgdgC7z3t8IDrs5G+5/7/jowAAAAAAAAAAAACAblpYunllem5u9kZJD/pXc155EtqzuwfVavW97K/gSWnPX/wgXwpfZDMGu/UfFvu6BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArPozAAD//wHEHxQ=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000000c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) 37.572255164s ago: executing program 5 (id=5564): r0 = socket$kcm(0x11, 0xa, 0x300) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, &(0x7f0000000b40)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000001a00), 0x101d0}], 0x4}, 0x0) recvmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000002400)=""/4098, 0x1000}], 0x3a}, 0x0) 36.912726449s ago: executing program 5 (id=5569): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_usb_connect(0x0, 0x24, &(0x7f00000003c0)=ANY=[@ANYBLOB="13010000bd460e10490d1070900c0102030109021200010000000009040000", @ANYRES16, @ANYRES32=r0], 0x0) syz_emit_ethernet(0x52, 0x0, 0x0) 35.384766428s ago: executing program 47 (id=5569): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_usb_connect(0x0, 0x24, &(0x7f00000003c0)=ANY=[@ANYBLOB="13010000bd460e10490d1070900c0102030109021200010000000009040000", @ANYRES16, @ANYRES32=r0], 0x0) syz_emit_ethernet(0x52, 0x0, 0x0) 9.538539722s ago: executing program 1 (id=5719): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@setlink={0x48, 0x10, 0x401, 0x0, 0xfffffffc, {}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_to_bond\x00'}, @IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r1}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x5}]}]}, 0x48}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0xb8}}, 0x0) 9.068874038s ago: executing program 4 (id=5722): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r0, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) 8.89061009s ago: executing program 1 (id=5723): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8) 6.790142332s ago: executing program 1 (id=5728): ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x2f, 0x0, 0x2, 0x1000000, 0x2c, @mcast2, @private0, 0x7800, 0x0, 0x20003, 0x270}}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32, @ANYBLOB="08004e01"], 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x4) 6.260691686s ago: executing program 1 (id=5733): syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x808, &(0x7f0000000080)=ANY=[], 0x1, 0x17f, &(0x7f0000000500)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNF6ACRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//8JqdgE=") mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x1c0) getdents(r0, 0x0, 0x58) 6.142994792s ago: executing program 4 (id=5734): connect$inet6(0xffffffffffffffff, &(0x7f0000000440)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x1c) r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'streebog512-generic\x00'}}) 5.877403924s ago: executing program 3 (id=5735): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe) setresuid(0xee01, 0xee01, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x7) 5.706814573s ago: executing program 8 (id=5737): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x1d, &(0x7f0000000200), 0x8) recvmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@rights={{0x10}}], 0x10}, 0x0) 5.547087597s ago: executing program 1 (id=5738): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000fc0)=@newtfilter={0x68, 0x2c, 0x2, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff3}, {0x10, 0xffff}, {0xa, 0xf}}, [@f_tcindex={{0xc}, {0x38, 0x2, [@TCA_TCINDEX_ACT={0x34, 0x7, [@m_police={0x30, 0x16, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}]}]}}]}, 0x68}}, 0x8000) 5.48033602s ago: executing program 4 (id=5739): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000400)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x30, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, 0x0}, 0x0) r0 = socket$kcm(0x2, 0x1, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0x9, &(0x7f0000000380), 0x98) sendmsg$inet(r0, &(0x7f0000000800)={&(0x7f0000000100)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000000)="b1", 0x34000}], 0x1}, 0xc8d4) 5.310623338s ago: executing program 3 (id=5740): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r0, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000040), 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 5.310286726s ago: executing program 7 (id=5741): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'dummy0\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r0, r2, 0x25, 0x6, @val=@netfilter={0x1, 0x0, 0xfff0003, 0x1}}, 0x20) 5.108685908s ago: executing program 8 (id=5742): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 4.935223081s ago: executing program 4 (id=5743): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000200)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000280)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f0000000640)={{@host, 0x400}, 0x401, 0xffffffffffffffe6, 0x2, 0x7f, 0x7f, 0x10000}) 4.875185321s ago: executing program 1 (id=5744): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000007eaed64d8e8408caf4d83941bc"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff, @void, @value}, 0x94) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$sock(r0, &(0x7f0000004980)=[{{&(0x7f0000000100)=@nfc_llcp={0x27, 0x0, 0x0, 0x1, 0x1, 0x9, "a16174cf41dbde3620e48d842b1007c93a9cfcb111d3ddbbf678a4d176ebc0a4df2340b688170974457ffda1be92e468a690a54f1b0cf134419fb3c7748cd3", 0x1d}, 0x80, &(0x7f0000000180)=[{0x0}, {&(0x7f00000014c0)="1f247c95", 0x4}], 0x2}}], 0x1, 0x40480) 4.784767281s ago: executing program 3 (id=5745): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0880, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg\x00', 0x52d35ce30131f272}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xb) ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000240)=""/108) 4.546499488s ago: executing program 7 (id=5746): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r0, r1, 0x4, 0x0, @val=@tracing={0x0, 0x1}}, 0x20) 2.674978413s ago: executing program 48 (id=5744): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000007eaed64d8e8408caf4d83941bc"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff, @void, @value}, 0x94) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$sock(r0, &(0x7f0000004980)=[{{&(0x7f0000000100)=@nfc_llcp={0x27, 0x0, 0x0, 0x1, 0x1, 0x9, "a16174cf41dbde3620e48d842b1007c93a9cfcb111d3ddbbf678a4d176ebc0a4df2340b688170974457ffda1be92e468a690a54f1b0cf134419fb3c7748cd3", 0x1d}, 0x80, &(0x7f0000000180)=[{0x0}, {&(0x7f00000014c0)="1f247c95", 0x4}], 0x2}}], 0x1, 0x40480) 2.628282789s ago: executing program 3 (id=5748): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x8601, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0xa0000005}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000100)={0x80000001}) 2.624688138s ago: executing program 7 (id=5749): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x7}) 2.555036727s ago: executing program 4 (id=5750): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000380)=0x80, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) recvmmsg(r0, &(0x7f0000000080), 0x21e, 0x40010002, 0x0) 2.539739105s ago: executing program 8 (id=5751): syz_mount_image$udf(&(0x7f0000000340), &(0x7f00000002c0)='./file0\x00', 0x18008, &(0x7f00000003c0)=ANY=[], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 2.144544168s ago: executing program 7 (id=5752): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff800400002600000000000080950000000000000018100000", @ANYRES32, @ANYBLOB="100000000000002505000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x2, 0xa, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d) 2.060361148s ago: executing program 3 (id=5753): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) ioctl$EVIOCGLED(r0, 0x80284504, &(0x7f0000000000)=""/56) 2.060205272s ago: executing program 8 (id=5754): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='cgroup.max.depth\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x5) 1.64526651s ago: executing program 4 (id=5755): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="201101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000540)={0x1, 0x8, 0x2, &(0x7f0000000500)={0x11, "e78da5d0ce240742f712606d24dc95914798a0f15b49ef0272e7f67fec00"}}) 1.449901276s ago: executing program 8 (id=5756): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000280)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x800700, &(0x7f0000000880)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@sysvgroups}, {@usrjquota}]}, 0x3, 0x467, &(0x7f0000002280)="$eJzs3M9rHFUcAPDvzCb93SbWKrRWjRYx+CNp0qo9eFEUPFQU9FCPcZOW0m0jTQRbio0i9SJIQc/iUfAv8OZF1JPgVe9SKBqEVk+R2Z1JN9vdZNNsdmv384Fp39t5M/O+O+/tvJm3mwD61kj2TxKxKyJ+i4ihWnZlgZHafzcXL5X/WbxUTmJp6a0/k2q5G4uXykXRYrudeWY0jUg/SfKDxNb63c5duHhmqlKZOZ/nx+fPvjc+d+His6fPTp2aOTVzbvLYsaNHJl54fvK5tuJI1lifxXXjwIezB/e/9s7V18snrr7707fZNrvy9fVxdMpIFvhfS1WN657o9MF6bHddOhnoYUVYl1JEZKdrsNr/h6IUt07eULz6cU8rB2yq7Nq0tfXqhSXgHpbE2mX+7kZFgC4rLvTZ/W+xdGnocVe4/lLtBiiL+2a+1NYMRJqXGWy4v+2kkYg4sfDvV9kSm/QcAgCg3mflL4/HM83Gf2k8WFduTz6HMhwR90XE3oi4PyL2RcQDEVnZxiFlW0Ya8rePf9JrdxhaW7Lx34v53NbK8V8x+ovhUp7bXY1/MDl5ujJzOH9PRmNwa5afWOUY37/y6+et1tWP/7IlO34xFszrcW2g4QHd9NT8VHVQ2gHXP4o4MNAs/mR5JiCJiP0RcWB9u95TJE4/9c3B7QebF1o7/lV0YJ5p6euIJ2vnfyEa4i8kq89Pjm+Lyszh8aJV3O7nX6682er4LeLfsvHI2pOd/x0r239jkeGkfr52bv3HuPL7py3vae60/W9J3q6el+KN+mBqfv78RMSW5Hg1v+L1yVvbFvmifBb/6KHm/X9vvk12nIciImvCD0fEIxHxaF73xyLi8Yg4tEr8P76cJ5q01w21/w7I4p9u+vm33P4bzv/6E6UzP3xX7GzbuuPPzv/Ramo0f6X6+beGdiu40fcPAAAA/g/S6nfgk3RsOZ2mY2O17/Dvix1pZXZu/umTs++fm659V344BtPiSddQ3fPQiWQh32MtP5k/Ky7WH8mfG39R2l7Nj5VnK9M9jh363c4W/T/zR6nXtQM2XbN5tMmuTUEBvdTY/9OV2ctvdLMyQFf5vTb0rzX6f9qtegDd5/oP/atZ/7/ckDcXAPcm13/oX/o/9C/9H/qX/g99aSO/65fo50Sklcr0tojVCxd/EOjuqLNE+4lefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xn8BAAD///xQ9VA=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x401c5820, &(0x7f0000000080)={@desc={0xd32780, 0x0, @desc2}}) setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), &(0x7f0000000880)=ANY=[], 0xff27, 0x0) 1.089151095s ago: executing program 7 (id=5757): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1f, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100030000009500000000000000bf71000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0xf7, &(0x7f0000001e40)=""/4093, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x21) 1.009948256s ago: executing program 3 (id=5758): mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=ANY=[]) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) bind$inet(0xffffffffffffffff, 0x0, 0x0) 80.622946ms ago: executing program 7 (id=5759): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x324, 0x30, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [{0x310, 0x1, [@m_skbedit={0x1f0, 0xc, 0x0, 0x0, {{0xc}, {0x34, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x10, 0xa}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xd}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x1}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1, 0x1, 0xffffffffeffffffb, 0x6, 0x101}}]}, {0x191, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9007c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a16535a666c86a6321ae76cba859e771aa7d0ff9fa033e50e56e0f68419fd47894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69875f61ef4f46591d0547ce0f025b0a5f6dc470fd9635a05e318fa41b23e07582b3128621edbf17703923cea8b079f042f9924f50ce06116fc38e34430e0a4b60e7144cccb31d0a0457e528dd782264fec2417bd1b18aa82a223185cee31b2989e534df535b22243ec2971118b283cebb23130d1622a675cabf8788d71473f98949841ab1c34d28257f4b10e6eec198365490620753627951432cf82875ec0fccc70181d74035e141d4bbdd59571d5c3fa68b6a9365539b7e734e38e7083fe43b3104f03a618c99dc38b7b166c71dcda72645a7ddd09b867d20ef1d0f2154c6c2af7bfc13509c92a055f4ba6134cf5124359fccca93ea9ef30597c542c2e259bbd96051f"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_tunnel_key={0xe4, 0x1c, 0x0, 0x0, {{0xf}, {0xc, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x9}]}, {0xaa, 0x6, "ebb7905fe91e9be4677d59a9642fd119d19ac5e190bf4b0f9f2859657921b9c6fce506e2b627b610552adbd25f19af61b6f9b1603735a6e3d97188050bf1e9e04f7b370bf4a6645e82f7d27fe7ecb451e477ceac7c3e03294761182420c71011ec9e6197a94d09c8348554283a8308b47f98b0290d3149d466fd232ac06f2714af49e9c6aab9f06632e3c3c186c30993075db909549bd0d742e089db268d485be88eb32a76d3"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_sample={0x38, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0xc, 0x6, "5c284c3a39762419"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x324}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 0s ago: executing program 8 (id=5760): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000002000f000000050030000000000005002f000000000008000300", @ANYRES32=r2], 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0) kernel console output (not intermixed with test programs): ttributes in process `syz.1.4535'. [ 1166.146000][ T9317] usb 5-1: new full-speed USB device number 20 using dummy_hcd [ 1166.206034][T16740] loop6: detected capacity change from 0 to 512 [ 1166.223772][T16740] EXT4-fs: Ignoring removed nobh option [ 1166.349224][ T9317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1166.361554][ T9317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1166.371733][ T9317] usb 5-1: New USB device found, idVendor=0c70, idProduct=f003, bcdDevice= 0.00 [ 1166.381167][ T9317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1166.403914][T16740] EXT4-fs error (device loop6): ext4_do_update_inode:5211: inode #16: comm syz.6.4536: corrupted inode contents [ 1166.438463][T16740] EXT4-fs (loop6): Remounting filesystem read-only [ 1166.448470][ T9317] usb 5-1: config 0 descriptor?? [ 1166.470323][T16740] EXT4-fs (loop6): 1 truncate cleaned up [ 1166.478864][T16740] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1166.492138][T16740] ext4 filesystem being mounted at /223/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1166.507132][T14797] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 1166.515944][T15356] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 1166.525312][T14797] Quota error (device loop6): write_blk: dquota write failed [ 1166.527206][T14797] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries [ 1166.527361][T14797] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 1166.527518][T14797] Quota error (device loop6): write_blk: dquota write failed [ 1166.527592][T14797] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list [ 1166.528138][T14797] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 1166.528316][T14797] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 1166.529204][T14797] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1166.762073][T15356] usb 6-1: Using ep0 maxpacket: 32 [ 1166.854962][T13946] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1166.868139][T15356] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1166.879588][T15356] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1166.889846][T15356] usb 6-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00 [ 1166.901975][T15356] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1166.952257][ T9317] aquacomputer_d5next 0003:0C70:F003.003D: unknown main item tag 0x0 [ 1166.960973][ T9317] aquacomputer_d5next 0003:0C70:F003.003D: unknown main item tag 0x0 [ 1166.970915][ T9317] aquacomputer_d5next 0003:0C70:F003.003D: unknown main item tag 0x0 [ 1166.979834][ T9317] aquacomputer_d5next 0003:0C70:F003.003D: unknown main item tag 0x0 [ 1166.988330][ T9317] aquacomputer_d5next 0003:0C70:F003.003D: unknown main item tag 0x0 [ 1167.007124][ T9317] aquacomputer_d5next 0003:0C70:F003.003D: hidraw0: USB HID v0.00 Device [HID 0c70:f003] on usb-dummy_hcd.4-1/input0 [ 1167.008373][T15356] usb 6-1: config 0 descriptor?? [ 1167.161887][ T5849] usb 5-1: USB disconnect, device number 20 [ 1167.454113][T16753] loop1: detected capacity change from 0 to 256 [ 1167.486355][T15356] elecom 0003:056E:010C.003E: hidraw0: USB HID v0.00 Device [HID 056e:010c] on usb-dummy_hcd.5-1/input0 [ 1167.517685][T16753] exfat: Deprecated parameter 'utf8' [ 1167.621574][T16753] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1167.684330][ T9317] usb 6-1: USB disconnect, device number 4 [ 1168.826333][ T9317] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 1169.015998][ T9317] usb 6-1: Using ep0 maxpacket: 16 [ 1169.039960][ T9317] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 1169.049387][ T9317] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 1169.060018][ T9317] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1169.077363][T16777] loop1: detected capacity change from 0 to 512 [ 1169.157932][ T9317] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1169.167424][ T9317] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1169.168662][T16777] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13 [ 1169.181890][ T9317] usb 6-1: Product: syz [ 1169.181999][ T9317] usb 6-1: Manufacturer: syz [ 1169.182107][ T9317] usb 6-1: SerialNumber: syz [ 1169.337855][T16777] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.4552: invalid indirect mapped block 2683928664 (level 1) [ 1169.387297][T16777] EXT4-fs (loop1): 1 truncate cleaned up [ 1169.398211][T16777] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1169.547528][T16777] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 1169.674838][ T9317] usb 6-1: 0:2 : does not exist [ 1169.741881][ T5794] EXT4-fs error (device loop1): htree_dirblock_to_tree:1082: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=92, inode=16, rec_len=16, size=1024 fake=0 [ 1169.793513][ T9317] usb 6-1: USB disconnect, device number 5 [ 1169.861077][ T5794] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz-executor: Invalid block bitmap block 3 in block_group 0 [ 1169.916148][T16787] netlink: 88 bytes leftover after parsing attributes in process `syz.4.4555'. [ 1169.926544][T16787] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4555'. [ 1169.936464][T16787] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4555'. [ 1169.941369][ T5794] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 1169.945614][T16787] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4555'. [ 1170.644514][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1170.664362][T10795] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1170.840937][T10795] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1170.986688][T10795] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1171.051365][T16796] sctp: [Deprecated]: syz.4.4560 (pid 16796) Use of int in max_burst socket option. [ 1171.051365][T16796] Use struct sctp_assoc_value instead [ 1171.156911][T10795] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1171.536124][T16800] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4562'. [ 1171.593742][T10795] bridge_slave_1: left allmulticast mode [ 1171.600083][T10795] bridge_slave_1: left promiscuous mode [ 1171.607001][T10795] bridge0: port 2(bridge_slave_1) entered disabled state [ 1171.657430][T10795] bridge_slave_0: left promiscuous mode [ 1171.664133][T10795] bridge0: port 1(bridge_slave_0) entered disabled state [ 1172.400332][T10795] team0: Port device bridge1 removed [ 1172.458788][T10795] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1172.486232][T10795] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1172.510652][T10795] bond0 (unregistering): Released all slaves [ 1172.532064][T10795] bond1 (unregistering): Released all slaves [ 1172.702132][T10795] tipc: Disabling bearer [ 1172.714933][T10795] tipc: Left network mode [ 1172.744413][T10795] IPVS: stopping master sync thread 7059 ... [ 1172.993248][T16808] [U] „ [ 1173.384970][T10795] hsr_slave_0: left promiscuous mode [ 1173.405794][T10795] hsr_slave_1: left promiscuous mode [ 1173.413300][T10795] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1173.422122][T10795] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1173.444753][T10795] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1173.452559][T10795] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1173.569630][T10795] veth1_macvtap: left promiscuous mode [ 1173.580969][T10795] veth0_macvtap: left promiscuous mode [ 1173.587081][T10795] veth1_vlan: left promiscuous mode [ 1173.592626][T10795] veth0_vlan: left promiscuous mode [ 1174.039370][T13296] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1174.113544][T13296] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1174.152481][T13296] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1174.183166][T13296] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1174.200421][T13296] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1174.356329][T10795] team0 (unregistering): Port device team_slave_1 removed [ 1174.459421][T10795] team0 (unregistering): Port device team_slave_0 removed [ 1175.191666][T16830] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4576'. [ 1175.246387][T16830] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4576'. [ 1175.256118][T16830] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4576'. [ 1175.584964][T16820] chnl_net:caif_netlink_parms(): no params data found [ 1176.406146][T13947] Bluetooth: hci0: command tx timeout [ 1176.642338][T16820] bridge0: port 1(bridge_slave_0) entered blocking state [ 1176.652504][T16820] bridge0: port 1(bridge_slave_0) entered disabled state [ 1176.662909][T16820] bridge_slave_0: entered allmulticast mode [ 1176.673861][T16820] bridge_slave_0: entered promiscuous mode [ 1176.697678][T16820] bridge0: port 2(bridge_slave_1) entered blocking state [ 1176.705184][T16820] bridge0: port 2(bridge_slave_1) entered disabled state [ 1176.713824][T16820] bridge_slave_1: entered allmulticast mode [ 1176.725837][T16820] bridge_slave_1: entered promiscuous mode [ 1177.109095][T16820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1177.183979][T16820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1177.503452][T16820] team0: Port device team_slave_0 added [ 1177.551958][T16820] team0: Port device team_slave_1 added [ 1177.715298][T16820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1177.723861][T16820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1177.750438][T16820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1177.871665][T16820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1177.885057][T16820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1177.912909][T16820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1178.383463][T16820] hsr_slave_0: entered promiscuous mode [ 1178.400969][T16820] hsr_slave_1: entered promiscuous mode [ 1178.558381][T13947] Bluetooth: hci0: command tx timeout [ 1178.706742][T16876] loop4: detected capacity change from 0 to 1764 [ 1179.346990][T16884] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4598'. [ 1180.056925][T16896] netlink: 'syz.6.4603': attribute type 3 has an invalid length. [ 1180.177916][T16820] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1180.256748][T16820] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1180.329524][T16820] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1180.412879][T16820] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1180.569633][T13947] Bluetooth: hci0: command tx timeout [ 1180.631841][T16904] loop5: detected capacity change from 0 to 1024 [ 1181.172053][T10789] hfsplus: b-tree write err: -5, ino 4 [ 1181.276470][T16820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1181.433879][T16820] 8021q: adding VLAN 0 to HW filter on device team0 [ 1181.506036][T14797] bridge0: port 1(bridge_slave_0) entered blocking state [ 1181.513540][T14797] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1181.603788][T14797] bridge0: port 2(bridge_slave_1) entered blocking state [ 1181.611360][T14797] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1181.785668][T16919] loop5: detected capacity change from 0 to 512 [ 1181.987958][T16919] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1182.001246][T16919] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1182.506969][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1182.648575][T13947] Bluetooth: hci0: command tx timeout [ 1183.424094][T16820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1183.826294][ T9317] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 1184.036839][ T9317] usb 5-1: Using ep0 maxpacket: 32 [ 1184.066617][ T9317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1184.077802][ T9317] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 1184.088174][ T9317] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1184.098396][ T9317] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 1184.108599][ T9317] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1184.126546][ T9317] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 1184.137324][ T9317] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1184.160218][ T9317] usb 5-1: config 0 descriptor?? [ 1184.416755][ T9317] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 1185.336383][T16975] loop6: detected capacity change from 0 to 256 [ 1185.424167][T16820] veth0_vlan: entered promiscuous mode [ 1185.493156][T16975] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1185.506394][T16820] veth1_vlan: entered promiscuous mode [ 1185.727160][T16820] veth0_macvtap: entered promiscuous mode [ 1185.775062][T16820] veth1_macvtap: entered promiscuous mode [ 1185.825740][T16977] netlink: 46 bytes leftover after parsing attributes in process `syz.5.4635'. [ 1185.924634][T16820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1186.007802][T16820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1186.049875][T16820] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1186.059050][T16820] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1186.074332][T16820] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1186.085223][T16820] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1186.769186][ T9317] usb 5-1: USB disconnect, device number 21 [ 1186.844726][ T9317] usblp0: removed [ 1187.164233][T16993] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4642'. [ 1187.173704][T16993] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4642'. [ 1187.266965][T16993] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4642'. [ 1187.276334][T16993] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4642'. [ 1187.312331][T16994] loop5: detected capacity change from 0 to 1024 [ 1187.343933][T16994] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1187.391525][T16994] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 1187.407625][T16994] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1187.460377][T16994] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 1187.493105][T16994] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1187.563551][T16994] EXT4-fs error (device loop5): ext4_read_inode_bitmap:167: comm syz.5.4640: Inode bitmap for bg 0 marked uninitialized [ 1187.598131][T16994] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1187.926886][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1189.000177][T17013] loop5: detected capacity change from 0 to 4096 [ 1189.123853][T17023] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1190.193098][T17034] netlink: 'syz.6.4654': attribute type 1 has an invalid length. [ 1190.815004][T17045] loop5: detected capacity change from 0 to 164 [ 1190.965828][T17045] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1191.003347][T17050] loop4: detected capacity change from 0 to 1024 [ 1191.040098][T17045] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1191.052173][T17050] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 1191.233315][T17050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1191.301334][T10789] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1191.312046][T10789] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1191.374942][T17050] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.4660: missing EA_INODE flag [ 1191.421740][T17050] EXT4-fs (loop4): Remounting filesystem read-only [ 1191.501579][T10789] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1191.509775][T10789] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1191.681286][T12390] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1192.345963][ T5849] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 1192.538728][ T5849] usb 5-1: Using ep0 maxpacket: 32 [ 1192.594168][ T5849] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 1192.607079][ T5849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1192.639492][ T5849] usb 5-1: config 0 descriptor?? [ 1192.759460][T17072] loop9: detected capacity change from 0 to 1024 [ 1192.792254][T17072] EXT4-fs: Ignoring removed orlov option [ 1192.800380][T17074] dvmrp1: entered allmulticast mode [ 1192.879499][ T5849] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 1192.891118][T17072] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1192.910756][ T5849] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1192.962752][T17080] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4669'. [ 1192.974777][T17080] netlink: 'syz.5.4669': attribute type 6 has an invalid length. [ 1192.982996][T17080] netlink: 'syz.5.4669': attribute type 5 has an invalid length. [ 1192.991070][T17080] netlink: 'syz.5.4669': attribute type 4 has an invalid length. [ 1193.048435][ T5849] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 1193.059011][ T5849] usb 5-1: media controller created [ 1193.167838][ T5849] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1193.404023][T16820] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1193.478209][ T5849] az6027: usb out operation failed. (-71) [ 1193.486756][ T5849] az6027: usb out operation failed. (-71) [ 1193.492678][ T5849] stb0899_attach: Driver disabled by Kconfig [ 1193.499212][ T5849] az6027: no front-end attached [ 1193.499212][ T5849] [ 1193.570696][ T5849] az6027: usb out operation failed. (-71) [ 1193.576806][ T5849] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 1193.586445][ T5849] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input26 [ 1193.639185][ T5849] dvb-usb: schedule remote query interval to 400 msecs. [ 1193.651025][ T5849] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 1193.721662][ T5849] usb 5-1: USB disconnect, device number 22 [ 1194.076783][T17093] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4676'. [ 1194.080765][ T5849] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 1194.134478][T17093] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4676'. [ 1195.852494][T17117] tap0: tun_chr_ioctl cmd 1074025672 [ 1195.858489][T17117] tap0: ignored: set checksum enabled [ 1196.978361][T17133] netlink: 'syz.4.4695': attribute type 14 has an invalid length. [ 1197.046079][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 1197.406136][ T30] audit: type=1326 audit(1748018961.853:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17139 comm="syz.5.4698" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd1539 code=0x0 [ 1197.795712][ T9317] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 1198.007952][ T9317] usb 7-1: Using ep0 maxpacket: 32 [ 1198.041828][ T9317] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1198.054805][ T9317] usb 7-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 1198.066043][ T9317] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1198.080112][T17149] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1198.148676][ T9317] usb 7-1: config 0 descriptor?? [ 1198.692842][ T9317] sony 0003:054C:0268.003F: hiddev0,hidraw0: USB HID v81.01 Device [HID 054c:0268] on usb-dummy_hcd.6-1/input0 [ 1198.705821][ T9317] sony 0003:054C:0268.003F: failed to claim input [ 1198.748196][ T30] audit: type=1326 audit(1748018963.213:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1198.772944][ T30] audit: type=1326 audit(1748018963.213:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1198.796201][ T30] audit: type=1326 audit(1748018963.223:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1198.862858][ T9317] usb 7-1: USB disconnect, device number 13 [ 1199.014358][ T30] audit: type=1326 audit(1748018963.363:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1199.039888][ T30] audit: type=1326 audit(1748018963.373:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1199.065550][ T30] audit: type=1326 audit(1748018963.383:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1199.092913][ T30] audit: type=1326 audit(1748018963.393:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1199.116316][ T30] audit: type=1326 audit(1748018963.393:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17154 comm="syz.9.4705" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f82539 code=0x7ffc0000 [ 1199.147274][T13296] Bluetooth: hci1: command 0x0406 tx timeout [ 1199.830511][T17170] netlink: 'syz.4.4711': attribute type 1 has an invalid length. [ 1199.838838][T17170] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4711'. [ 1201.037350][T17186] block nbd4: NBD_DISCONNECT [ 1202.628124][T17201] loop5: detected capacity change from 0 to 4096 [ 1202.952771][T17201] ntfs3(loop5): ino=20, mi_enum_attr [ 1202.992080][ T30] audit: type=1326 audit(1748018967.463:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17200 comm="syz.4.4724" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000 [ 1203.035695][T17201] ntfs3(loop5): failed to convert name for inode 1e. [ 1203.045320][T17213] Bluetooth: MGMT ver 1.23 [ 1203.109074][T17201] ntfs3(loop5): ino=1f, mi_enum_attr [ 1203.115264][T17201] ntfs3(loop5): ino=1f, mi_enum_attr [ 1203.130183][T17215] loop9: detected capacity change from 0 to 256 [ 1203.324249][T17215] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 1203.337811][T17215] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 1203.429943][T17215] exFAT-fs (loop9): valid_size(150994954) is greater than size(10) [ 1204.064113][T17228] tap0: tun_chr_ioctl cmd 1074025677 [ 1204.070687][T17228] tap0: linktype set to 804 [ 1204.736234][T17244] netlink: 'syz.4.4743': attribute type 1 has an invalid length. [ 1204.961903][T17247] bond_slave_0: entered promiscuous mode [ 1204.968263][T17247] bond_slave_1: entered promiscuous mode [ 1204.974722][T17247] macvlan2: entered allmulticast mode [ 1204.983868][T17247] bond0: entered allmulticast mode [ 1204.989614][T17247] bond_slave_0: entered allmulticast mode [ 1204.996637][T17247] bond_slave_1: entered allmulticast mode [ 1205.016036][T17247] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1206.510928][T17272] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4754'. [ 1207.114857][T17283] netlink: 'syz.9.4759': attribute type 4 has an invalid length. [ 1207.315620][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 1207.322352][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 1207.386695][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1208.686545][T17298] loop6: detected capacity change from 0 to 4096 [ 1208.857033][T17306] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1210.472015][T17331] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1211.029816][ T5849] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 1211.243291][ T5849] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1211.254066][ T5849] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1211.268381][ T5849] usb 6-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00 [ 1211.278839][ T5849] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1211.306705][ T5849] usb 6-1: config 0 descriptor?? [ 1211.544113][T11058] usb 6-1: USB disconnect, device number 6 [ 1211.972242][T17354] loop4: detected capacity change from 0 to 1024 [ 1213.880675][T17384] program syz.8.4805 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1214.241634][T17390] loop4: detected capacity change from 0 to 2048 [ 1214.324286][T17390] Alternate GPT is invalid, using primary GPT. [ 1214.337318][T17390] loop4: p1 p2 p3 [ 1214.758239][T17398] program syz.6.4811 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1214.817868][T17389] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1214.824054][T17389] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 1214.860717][T17398] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1214.979884][T17389] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1214.988741][T17389] Bluetooth: hci5: Error when powering off device on rfkill (-4) [ 1215.192488][T17389] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1215.198842][T17389] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 1215.362047][T17389] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1215.368498][T17389] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 1215.590053][T17389] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1215.596303][T17389] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 1216.422529][T17417] loop4: detected capacity change from 0 to 1024 [ 1216.496067][T16005] usb 9-1: new full-speed USB device number 22 using dummy_hcd [ 1216.627550][T17423] Bluetooth: MGMT ver 1.23 [ 1216.672099][T16005] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1216.682671][T16005] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1216.773025][T16005] usb 9-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00 [ 1216.782509][T16005] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1216.793839][T16005] usb 9-1: Product: syz [ 1216.798454][T16005] usb 9-1: Manufacturer: syz [ 1216.803282][T16005] usb 9-1: SerialNumber: syz [ 1216.890934][T16005] usb 9-1: config 0 descriptor?? [ 1217.317241][T16005] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 1217.328343][T16005] asix 9-1:0.0: probe with driver asix failed with error -71 [ 1217.384309][T16005] usb 9-1: USB disconnect, device number 22 [ 1218.449553][T17447] loop5: detected capacity change from 0 to 256 [ 1218.851510][T17455] ALSA: mixer_oss: invalid OSS volume 'P×}VIN' [ 1219.091260][T17460] loop9: detected capacity change from 0 to 512 [ 1219.267942][T17460] EXT4-fs error (device loop9): ext4_iget_extra_inode:4693: inode #15: comm syz.9.4839: corrupted in-inode xattr: invalid ea_ino [ 1219.346036][T17460] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.4839: couldn't read orphan inode 15 (err -117) [ 1219.363436][T17460] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1219.569160][T17468] loop6: detected capacity change from 0 to 1024 [ 1219.580778][T16820] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1219.600929][T17468] EXT4-fs: Ignoring removed nobh option [ 1219.607701][T17468] EXT4-fs: Ignoring removed bh option [ 1219.695903][T17468] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1220.110469][T13946] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1220.314733][T17481] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4848'. [ 1220.324521][T17481] netlink: 48 bytes leftover after parsing attributes in process `syz.9.4848'. [ 1222.024923][T17508] loop4: detected capacity change from 0 to 128 [ 1222.076512][T17508] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1222.188092][T17508] openvswitch: netlink: Message has 1255 unknown bytes. [ 1222.199334][T17508] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1222.286004][T17513] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4864'. [ 1222.709905][T17519] loop6: detected capacity change from 0 to 64 [ 1223.026343][T17526] Context (ID=0x0) not attached to queue pair (handle=0xffffffff:0x4) [ 1223.386966][T17531] loop9: detected capacity change from 0 to 64 [ 1224.063746][T17540] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1224.634359][T17544] loop9: detected capacity change from 0 to 2048 [ 1225.020117][T17556] loop5: detected capacity change from 0 to 128 [ 1225.119893][T17556] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1225.197394][T17556] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1225.498877][T16496] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1226.352913][T17574] loop6: detected capacity change from 0 to 1024 [ 1226.450669][T17574] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1226.463878][T17574] ext4 filesystem being mounted at /304/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1226.564971][T17576] xt_CT: No such helper "snmp" [ 1226.697784][T17589] vlan2: entered allmulticast mode [ 1226.703159][T17589] bridge0: entered allmulticast mode [ 1226.903749][T13946] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1227.232041][T17591] IPVS: persistence engine module ip_vs_pe_@ not found [ 1228.346398][ T5849] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 1228.515854][ T5849] usb 7-1: Using ep0 maxpacket: 16 [ 1228.542756][ T5849] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1228.555131][ T5849] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1228.568861][ T5849] usb 7-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00 [ 1228.578415][ T5849] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1228.660648][ T5849] usb 7-1: config 0 descriptor?? [ 1228.752098][T17621] loop9: detected capacity change from 0 to 512 [ 1228.772993][T17623] loop4: detected capacity change from 0 to 16 [ 1228.794899][T17623] erofs (device loop4): mounted with root inode @ nid 36. [ 1228.878415][T17621] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -13 [ 1228.931664][T17621] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.4909: invalid indirect mapped block 2683928664 (level 1) [ 1228.951700][T17621] EXT4-fs (loop9): 1 truncate cleaned up [ 1228.963746][T17621] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1229.079988][T17621] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000. [ 1229.170965][ T5849] hid-picolcd 0003:04D8:F002.0040: No report with id 0xf3 found [ 1229.179204][ T5849] hid-picolcd 0003:04D8:F002.0040: No report with id 0xf4 found [ 1229.291486][T16820] EXT4-fs error (device loop9): htree_dirblock_to_tree:1082: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=92, inode=16, rec_len=16, size=1024 fake=0 [ 1229.303743][ T5849] usb 7-1: USB disconnect, device number 14 [ 1229.344455][T16820] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz-executor: Invalid block bitmap block 3 in block_group 0 [ 1229.370638][T16820] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 1229.804214][T10790] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1229.837062][T16820] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1229.937068][T10790] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1230.073357][T10790] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1230.210102][T10790] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1230.384774][T17643] loop6: detected capacity change from 0 to 128 [ 1230.587145][T10790] bridge_slave_1: left allmulticast mode [ 1230.593065][T10790] bridge_slave_1: left promiscuous mode [ 1230.599984][T10790] bridge0: port 2(bridge_slave_1) entered disabled state [ 1230.656792][T10790] bridge_slave_0: left allmulticast mode [ 1230.662671][T10790] bridge_slave_0: left promiscuous mode [ 1230.669725][T10790] bridge0: port 1(bridge_slave_0) entered disabled state [ 1231.152349][T10790] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1231.181356][T10790] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1231.233781][T10790] bond0 (unregistering): Released all slaves [ 1231.622647][T10790] hsr_slave_0: left promiscuous mode [ 1231.643257][T10790] hsr_slave_1: left promiscuous mode [ 1231.652118][T10790] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1231.670787][T10790] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1231.678638][T10790] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1231.709364][T10790] veth1_macvtap: left promiscuous mode [ 1231.714985][T10790] veth0_macvtap: left promiscuous mode [ 1231.723141][T10790] veth1_vlan: left promiscuous mode [ 1231.729564][T10790] veth0_vlan: left promiscuous mode [ 1232.143633][T17654] loop4: detected capacity change from 0 to 256 [ 1232.214384][T17652] loop5: detected capacity change from 0 to 256 [ 1232.294520][T17654] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1232.679933][T10790] team0 (unregistering): Port device team_slave_1 removed [ 1232.714318][T10790] team0 (unregistering): Port device team_slave_0 removed [ 1232.734099][T13296] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1232.767900][T13296] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1232.777934][T13296] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1232.793144][T13296] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1232.804740][T13296] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1232.935716][T17660] loop5: detected capacity change from 0 to 64 [ 1232.956782][T13947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1232.967702][T13947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1232.977477][T13947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1232.992327][T13947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1233.003861][T13947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1233.146685][T17660] Trying to free block not in datazone [ 1233.152352][T17660] Trying to free block not in datazone [ 1233.170241][T17660] Trying to free block not in datazone [ 1233.994427][T17657] chnl_net:caif_netlink_parms(): no params data found [ 1234.004228][T17673] loop5: detected capacity change from 0 to 512 [ 1234.096547][T17673] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1234.109733][T17673] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1234.134147][T17672] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4932'. [ 1234.348929][T17673] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.4934: corrupted inode contents [ 1234.446548][T17673] EXT4-fs error (device loop5): ext4_dirty_inode:6103: inode #2: comm syz.5.4934: mark_inode_dirty error [ 1234.529332][T17673] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #2: comm syz.5.4934: corrupted inode contents [ 1234.561977][T17673] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.4934: mark_inode_dirty error [ 1234.953966][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1235.006015][T17657] bridge0: port 1(bridge_slave_0) entered blocking state [ 1235.013540][T17657] bridge0: port 1(bridge_slave_0) entered disabled state [ 1235.020712][T17692] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4938'. [ 1235.032312][T17692] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4938'. [ 1235.032396][T17692] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4938'. [ 1235.051419][T17657] bridge_slave_0: entered allmulticast mode [ 1235.063480][T17657] bridge_slave_0: entered promiscuous mode [ 1235.085894][T13296] Bluetooth: hci0: command tx timeout [ 1235.094481][T17657] bridge0: port 2(bridge_slave_1) entered blocking state [ 1235.102523][T17657] bridge0: port 2(bridge_slave_1) entered disabled state [ 1235.110270][T17657] bridge_slave_1: entered allmulticast mode [ 1235.119792][T17657] bridge_slave_1: entered promiscuous mode [ 1235.254145][T17657] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1235.310592][T17657] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1235.661436][T17657] team0: Port device team_slave_0 added [ 1235.738947][T17700] loop5: detected capacity change from 0 to 1764 [ 1235.818096][T17657] team0: Port device team_slave_1 added [ 1235.975253][T17657] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1235.984439][T17657] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1236.013544][T17657] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1236.110434][T17657] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1236.118853][T17657] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1236.149258][T17657] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1236.622546][T17657] hsr_slave_0: entered promiscuous mode [ 1236.639074][T17657] hsr_slave_1: entered promiscuous mode [ 1237.127055][T13296] Bluetooth: hci0: command tx timeout [ 1237.306020][T16005] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 1237.510154][T16005] usb 7-1: Using ep0 maxpacket: 8 [ 1237.540885][T16005] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1237.551770][T16005] usb 7-1: config 0 has no interfaces? [ 1237.557647][T16005] usb 7-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00 [ 1237.567087][T16005] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1237.657863][T16005] usb 7-1: config 0 descriptor?? [ 1237.913533][T16005] usb 7-1: USB disconnect, device number 15 [ 1238.123232][T17657] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1238.151498][T17657] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1238.227519][T17657] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1238.266580][T17657] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1239.213092][T13296] Bluetooth: hci0: command tx timeout [ 1239.305064][T17657] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1239.405475][T17657] 8021q: adding VLAN 0 to HW filter on device team0 [ 1239.433508][T17743] loop6: detected capacity change from 0 to 64 [ 1239.480174][T14797] bridge0: port 1(bridge_slave_0) entered blocking state [ 1239.487769][T14797] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1239.637519][T14797] bridge0: port 2(bridge_slave_1) entered blocking state [ 1239.645118][T14797] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1239.905770][ T30] audit: type=1800 audit(1748019004.143:128): pid=17743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4960" name="file0" dev="overlay" ino=3 res=0 errno=0 [ 1240.684358][ T3719] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1240.890858][ T3719] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.070620][ T3719] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.204694][T17750] loop5: detected capacity change from 0 to 512 [ 1241.240449][ T3719] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1241.261638][T17750] EXT4-fs: Ignoring removed nobh option [ 1241.299528][T13296] Bluetooth: hci0: command tx timeout [ 1241.405001][T17750] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4964: invalid indirect mapped block 256 (level 2) [ 1241.476106][T17750] EXT4-fs (loop5): 2 truncates cleaned up [ 1241.484093][T17750] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1241.660856][ T3719] bridge_slave_1: left allmulticast mode [ 1241.667103][ T3719] bridge_slave_1: left promiscuous mode [ 1241.673637][ T3719] bridge0: port 2(bridge_slave_1) entered disabled state [ 1241.719597][ T3719] bridge_slave_0: left allmulticast mode [ 1241.725678][ T3719] bridge_slave_0: left promiscuous mode [ 1241.732241][ T3719] bridge0: port 1(bridge_slave_0) entered disabled state [ 1241.804998][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1242.217260][ T3719] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1242.239442][ T3719] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1242.263199][ T3719] bond0 (unregistering): Released all slaves [ 1242.408395][T17657] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1242.587157][ T3719] hsr_slave_0: left promiscuous mode [ 1242.594960][ T3719] hsr_slave_1: left promiscuous mode [ 1242.602813][ T3719] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1242.610545][ T3719] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1242.622607][ T3719] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1242.631773][ T3719] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1242.666253][ T3719] veth1_macvtap: left promiscuous mode [ 1242.671990][ T3719] veth0_macvtap: left promiscuous mode [ 1242.678142][ T3719] veth1_vlan: left promiscuous mode [ 1242.683697][ T3719] veth0_vlan: left promiscuous mode [ 1243.497315][ T3719] team0 (unregistering): Port device team_slave_1 removed [ 1243.580910][ T3719] team0 (unregistering): Port device team_slave_0 removed [ 1243.701235][T17760] loop4: detected capacity change from 0 to 4096 [ 1243.788609][T17760] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 1243.796742][T17760] UDF-fs: Scanning with blocksize 512 failed [ 1244.000465][T13947] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1244.083012][T13947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1244.111896][T13947] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1244.134893][T17760] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1244.158910][T13947] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1244.180008][T13947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1244.200599][T17657] veth0_vlan: entered promiscuous mode [ 1244.239930][T17657] veth1_vlan: entered promiscuous mode [ 1244.291849][T17769] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4971'. [ 1244.303950][T17769] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4971'. [ 1244.311713][T17766] bond1: entered promiscuous mode [ 1244.318481][T17766] bond1: entered allmulticast mode [ 1244.327163][T17766] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1244.353722][T17766] bond1 (unregistering): Released all slaves [ 1244.388182][T17769] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4971'. [ 1244.397461][T17769] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4971'. [ 1244.705119][T17657] veth0_macvtap: entered promiscuous mode [ 1244.792754][T17657] veth1_macvtap: entered promiscuous mode [ 1244.961230][T17657] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1245.143440][T17657] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1245.238508][T17657] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1245.247883][T17657] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1245.259884][T17657] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1245.269482][T17657] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1245.580593][T17781] loop5: detected capacity change from 0 to 512 [ 1245.651517][T17781] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1245.732233][T17781] EXT4-fs (loop5): 1 truncate cleaned up [ 1245.740971][T17781] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1245.910332][T17763] chnl_net:caif_netlink_parms(): no params data found [ 1245.924934][T17789] loop4: detected capacity change from 0 to 512 [ 1245.990340][T17789] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 1246.000428][T17789] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 1246.001732][T17781] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2798: inode #15: comm syz.5.4974: corrupted xattr block 33: invalid header [ 1246.053919][T17789] EXT4-fs (loop4): 1 truncate cleaned up [ 1246.062210][T17789] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1246.098723][T17781] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2962: inode #15: comm syz.5.4974: corrupted xattr block 33: invalid header [ 1246.150854][T17781] EXT4-fs warning (device loop5): ext4_evict_inode:279: xattr delete (err -117) [ 1246.174646][T17789] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 1246.325968][T13947] Bluetooth: hci1: command tx timeout [ 1246.430491][T12390] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1246.475793][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1246.909559][T17803] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4979'. [ 1247.323642][T17763] bridge0: port 1(bridge_slave_0) entered blocking state [ 1247.331612][T17763] bridge0: port 1(bridge_slave_0) entered disabled state [ 1247.341956][T17763] bridge_slave_0: entered allmulticast mode [ 1247.350864][T17809] loop4: detected capacity change from 0 to 1024 [ 1247.351447][T17763] bridge_slave_0: entered promiscuous mode [ 1247.372061][T17809] EXT4-fs: Ignoring removed orlov option [ 1247.392225][T17763] bridge0: port 2(bridge_slave_1) entered blocking state [ 1247.400073][T17763] bridge0: port 2(bridge_slave_1) entered disabled state [ 1247.407926][T17763] bridge_slave_1: entered allmulticast mode [ 1247.417185][T17763] bridge_slave_1: entered promiscuous mode [ 1247.539116][T17809] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1247.726476][T17763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1247.826969][T17763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1247.990029][T12390] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1248.247338][T17763] team0: Port device team_slave_0 added [ 1248.273381][T17763] team0: Port device team_slave_1 added [ 1248.384460][T17763] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1248.394552][T17763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1248.423447][T17763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1248.441280][T13947] Bluetooth: hci1: command tx timeout [ 1248.621429][T17763] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1248.633797][T17763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1248.660403][T17763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1249.080951][T17763] hsr_slave_0: entered promiscuous mode [ 1249.090975][T17763] hsr_slave_1: entered promiscuous mode [ 1249.100132][T17763] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1249.107971][T17763] Cannot create hsr debugfs directory [ 1249.360927][T16005] usb 9-1: new high-speed USB device number 23 using dummy_hcd [ 1249.515961][T16005] usb 9-1: Using ep0 maxpacket: 16 [ 1249.569612][T16005] usb 9-1: config 0 has an invalid interface number: 214 but max is 0 [ 1249.578536][T16005] usb 9-1: config 0 has no interface number 0 [ 1249.584881][T16005] usb 9-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1249.666615][T16005] usb 9-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 1249.676269][T16005] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1249.684506][T16005] usb 9-1: Product: syz [ 1249.689174][T16005] usb 9-1: Manufacturer: syz [ 1249.694003][T16005] usb 9-1: SerialNumber: syz [ 1249.762758][T16005] usb 9-1: config 0 descriptor?? [ 1249.922164][T17843] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4992'. [ 1249.936513][T17843] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4992'. [ 1249.968349][T17843] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1249.977663][T17843] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1249.986982][T17843] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1249.996249][T17843] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1250.310573][T10795] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1250.318862][T10795] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1250.466659][T16005] usbtouchscreen 9-1:0.214: probe with driver usbtouchscreen failed with error -71 [ 1250.488202][T13947] Bluetooth: hci1: command tx timeout [ 1250.505279][T16005] usb 9-1: USB disconnect, device number 23 [ 1250.543330][T17846] loop4: detected capacity change from 0 to 128 [ 1250.593666][T14797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1250.602049][T14797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1250.621486][T17848] loop5: detected capacity change from 0 to 64 [ 1250.663157][T17763] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1250.720628][T17763] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1250.768546][T17763] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1250.831419][T17763] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1251.243979][T17853] input: syz1 as /devices/virtual/input/input28 [ 1251.686449][T17763] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1251.791960][T17763] 8021q: adding VLAN 0 to HW filter on device team0 [ 1251.843139][ T3719] bridge0: port 1(bridge_slave_0) entered blocking state [ 1251.850749][ T3719] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1251.942115][ T3719] bridge0: port 2(bridge_slave_1) entered blocking state [ 1251.949679][ T3719] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1252.566074][T13947] Bluetooth: hci1: command tx timeout [ 1252.576767][T17871] netlink: 'syz.4.5002': attribute type 1 has an invalid length. [ 1252.692741][T17876] loop2: detected capacity change from 0 to 64 [ 1253.688028][T17763] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1254.233616][T17895] netlink: 'syz.8.5012': attribute type 3 has an invalid length. [ 1254.299060][T17763] veth0_vlan: entered promiscuous mode [ 1254.374694][T17763] veth1_vlan: entered promiscuous mode [ 1254.635049][T17763] veth0_macvtap: entered promiscuous mode [ 1254.709748][T17763] veth1_macvtap: entered promiscuous mode [ 1254.859428][T17763] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1254.952116][T17763] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1255.028640][T17763] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.037838][T17763] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.051639][T17763] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.060762][T17763] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1255.577980][T17917] loop4: detected capacity change from 0 to 2048 [ 1255.641532][T17917] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1256.967164][T17936] loop5: detected capacity change from 0 to 1024 [ 1258.436624][T17960] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5034'. [ 1258.446069][T17960] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5034'. [ 1259.482572][T17981] tap0: tun_chr_ioctl cmd 1074025672 [ 1259.491342][T17981] tap0: ignored: set checksum enabled [ 1259.773743][T17984] loop4: detected capacity change from 0 to 1024 [ 1259.875252][T17984] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1259.894738][T17984] ext4 filesystem being mounted at /483/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1260.040571][T14797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1260.048999][T14797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1260.251144][T12390] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1260.269814][T10795] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1260.279052][T10795] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1260.944760][T18007] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 0, id = 0 [ 1262.486905][T18022] loop4: detected capacity change from 0 to 8192 [ 1263.017214][T18036] netlink: 830 bytes leftover after parsing attributes in process `syz.5.5062'. [ 1264.785235][T18058] Bluetooth: MGMT ver 1.23 [ 1265.010933][T18062] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5074'. [ 1265.013230][T18063] loop0: detected capacity change from 0 to 512 [ 1265.055743][T18063] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1265.154479][T18067] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 1265.166741][T18063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1265.179954][T18063] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1265.585315][T17763] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1265.680687][T18076] sctp: [Deprecated]: syz.4.5078 (pid 18076) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1265.680687][T18076] Use struct sctp_sack_info instead [ 1266.140899][T18084] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1266.481539][T18090] loop0: detected capacity change from 0 to 1024 [ 1266.495056][T18090] ext4: Unknown parameter 'nouser_xattr' [ 1266.541658][T18093] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5087'. [ 1267.345888][T18100] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5089'. [ 1268.380231][T18107] loop0: detected capacity change from 0 to 1024 [ 1268.753142][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 1268.760139][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 1268.859524][T18109] xt_CT: No such helper "snmp" [ 1268.957126][T14797] hfsplus: b-tree write err: -5, ino 4 [ 1269.598590][ T30] audit: type=1326 audit(1748019034.053:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 1269.621403][ T30] audit: type=1326 audit(1748019034.063:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 1269.647576][ T30] audit: type=1326 audit(1748019034.063:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 1269.670371][ T30] audit: type=1326 audit(1748019034.073:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 1269.696274][ T30] audit: type=1326 audit(1748019034.073:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fd1567 code=0x7ffc0000 [ 1269.721323][ T30] audit: type=1326 audit(1748019034.073:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 1269.744569][ T30] audit: type=1326 audit(1748019034.073:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 1269.767318][ T30] audit: type=1326 audit(1748019034.073:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fd1567 code=0x7ffc0000 [ 1269.792616][ T30] audit: type=1326 audit(1748019034.073:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.5.5099" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 1270.724375][T18144] loop4: detected capacity change from 0 to 128 [ 1270.787452][T18144] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1270.825565][T18144] ext4 filesystem being mounted at /499/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1271.000271][T12390] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1271.394215][T18150] xt_CT: No such helper "snmp" [ 1272.283258][T18170] netlink: 'syz.5.5121': attribute type 4 has an invalid length. [ 1272.294236][T18170] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5121'. [ 1272.472427][T18164] loop4: detected capacity change from 0 to 8192 [ 1273.161740][T18182] loop2: detected capacity change from 0 to 256 [ 1273.531230][T18184] xt_CT: No such helper "snmp" [ 1274.024053][T18200] syz.5.5133: attempt to access beyond end of device [ 1274.024053][T18200] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 1274.033457][T18201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5134'. [ 1274.103456][T18202] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5134'. [ 1274.415818][ T9317] usb 9-1: new high-speed USB device number 24 using dummy_hcd [ 1274.605637][ T9317] usb 9-1: Using ep0 maxpacket: 32 [ 1274.631897][ T9317] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 1274.638077][T18212] loop0: detected capacity change from 0 to 128 [ 1274.699637][ T9317] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1274.709261][ T9317] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1274.717844][ T9317] usb 9-1: Product: syz [ 1274.722255][ T9317] usb 9-1: Manufacturer: syz [ 1274.727212][ T9317] usb 9-1: SerialNumber: syz [ 1274.763373][T18212] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1274.765106][ T9317] usb 9-1: config 0 descriptor?? [ 1274.783434][T18204] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 1274.796214][ T9317] hub 9-1:0.0: bad descriptor, ignoring hub [ 1274.802348][ T9317] hub 9-1:0.0: probe with driver hub failed with error -5 [ 1274.821943][T18212] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1274.974108][T18216] kvm: apic: phys broadcast and lowest prio [ 1275.161265][T17763] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1275.177739][ T9317] usb 9-1: USB disconnect, device number 24 [ 1275.526019][ T9317] usb 9-1: new high-speed USB device number 25 using dummy_hcd [ 1275.546469][T18222] loop4: detected capacity change from 0 to 2048 [ 1275.579002][T18224] loop0: detected capacity change from 0 to 128 [ 1275.616588][T18224] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1275.644258][T18222] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1275.649708][T18224] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1275.656729][T18222] ext4 filesystem being mounted at /506/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1275.711302][T18228] loop5: detected capacity change from 0 to 2048 [ 1275.718558][ T9317] usb 9-1: Using ep0 maxpacket: 32 [ 1275.734851][ T9317] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 1275.754006][T18228] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1275.764480][T18228] NILFS (loop5): mounting unchecked fs [ 1275.784637][T18228] NILFS (loop5): invalid segment: Sequence number mismatch [ 1275.792653][T18228] NILFS (loop5): unable to fall back to spare super block [ 1275.800300][T18228] NILFS (loop5): error -22 while searching super root [ 1275.827053][ T9317] usb 9-1: string descriptor 0 read error: -22 [ 1275.834108][ T9317] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 1275.843581][ T9317] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 1275.865892][T18224] fscrypt (loop0, inode 12): Unsupported encryption flags (0x29) [ 1275.899922][ T9317] usb 9-1: config 0 descriptor?? [ 1275.908042][T18204] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22 [ 1275.979367][ T9317] hub 9-1:0.0: bad descriptor, ignoring hub [ 1275.985632][ T9317] hub 9-1:0.0: probe with driver hub failed with error -5 [ 1276.076429][T12390] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1276.161106][T17763] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1276.339288][T15356] usb 9-1: USB disconnect, device number 25 [ 1276.791833][T18243] loop5: detected capacity change from 0 to 256 [ 1276.812051][T18243] exfat: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 1276.970926][T18245] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 1276.987305][T14797] Bluetooth: hci3: Frame reassembly failed (-84) [ 1277.747630][T18262] netlink: 71 bytes leftover after parsing attributes in process `syz.5.5160'. [ 1277.795248][T18259] loop4: detected capacity change from 0 to 1024 [ 1277.886635][T18259] hfsplus: found bad thread record in catalog [ 1278.152384][T14797] hfsplus: b-tree write err: -5, ino 4 [ 1278.905738][T15356] hid-generic 0000:0004:0000.0041: unknown main item tag 0x0 [ 1278.913452][T15356] hid-generic 0000:0004:0000.0041: unknown main item tag 0x0 [ 1278.922326][T15356] hid-generic 0000:0004:0000.0041: unknown main item tag 0x0 [ 1278.940553][T15356] hid-generic 0000:0004:0000.0041: hidraw0: HID v0.00 Device [syz0] on syz1 [ 1278.983042][T18246] Bluetooth: hci3: command 0x1003 tx timeout [ 1278.991213][T13947] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 1279.905712][T15356] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 1279.951811][T18291] loop2: detected capacity change from 0 to 4096 [ 1280.054010][T18291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1280.105234][T15356] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1280.137949][T15356] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 1280.147674][T15356] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1280.158652][T15356] usb 6-1: Product: syz [ 1280.163052][T15356] usb 6-1: Manufacturer: syz [ 1280.168227][T15356] usb 6-1: SerialNumber: syz [ 1280.193456][T18300] EXT4-fs (loop2): shut down requested (1) [ 1280.356533][T17657] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1280.410281][ T9317] usb 6-1: USB disconnect, device number 7 [ 1280.431159][T18302] loop4: detected capacity change from 0 to 512 [ 1280.480819][T18302] EXT4-fs: Ignoring removed nobh option [ 1280.543965][T18302] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5178: invalid indirect mapped block 256 (level 2) [ 1280.626357][T18302] EXT4-fs (loop4): 2 truncates cleaned up [ 1280.634317][T18302] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1280.660117][T18307] loop2: detected capacity change from 0 to 164 [ 1280.827828][T18310] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.5178: bg 0: block 5: invalid block bitmap [ 1280.849992][T18310] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 140 with error 28 [ 1280.866055][T18310] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1280.866055][T18310] [ 1280.876271][T18310] EXT4-fs (loop4): Total free blocks count 0 [ 1280.882464][T18310] EXT4-fs (loop4): Free/Dirty block details [ 1280.893163][T18310] EXT4-fs (loop4): free_blocks=0 [ 1280.900521][T18310] EXT4-fs (loop4): dirty_blocks=144 [ 1280.910374][T18310] EXT4-fs (loop4): Block reservation details [ 1280.916783][T18310] EXT4-fs (loop4): i_reserved_data_blocks=144 [ 1281.263460][T14797] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 140 with max blocks 4 with error 28 [ 1281.859061][T18323] loop2: detected capacity change from 0 to 1024 [ 1282.754599][T18339] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5195'. [ 1282.825291][T18343] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5197'. [ 1282.857662][T18344] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5198'. [ 1282.869965][T18344] bridge: RTM_NEWNEIGH with unconfigured vlan 191 on bridge0 [ 1282.888249][T18343] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5197'. [ 1284.266596][T18368] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5209'. [ 1284.998904][T18376] loop2: detected capacity change from 0 to 1024 [ 1285.224475][T18376] hfsplus: xattr searching failed [ 1285.234719][T18376] hfsplus: bad catalog file entry [ 1285.399459][T10793] hfsplus: b-tree write err: -5, ino 3 [ 1285.408686][T10793] hfsplus: bad catalog file entry [ 1285.773973][T18384] loop2: detected capacity change from 0 to 1024 [ 1285.825861][T15356] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 1285.858611][T18384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1286.052651][T15356] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1286.063321][T15356] usb 6-1: config 0 has no interfaces? [ 1286.069290][T15356] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1286.081985][T15356] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1286.122764][T15356] usb 6-1: config 0 descriptor?? [ 1286.399441][T18380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1286.411958][T18380] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1286.672529][T15356] usb 6-1: USB disconnect, device number 8 [ 1287.312107][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1287.449564][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1287.483896][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1287.500727][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1287.617203][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1287.680740][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1287.824160][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1287.952390][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1288.060979][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1288.130160][T17657] EXT4-fs error (device loop2): ext4_empty_dir:3077: inode #11: comm syz-executor: invalid size [ 1292.286338][T18420] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5232'. [ 1292.331709][T18420] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5232'. [ 1292.341678][T18420] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5232'. [ 1292.544130][T18386] Set syz1 is full, maxelem 65536 reached [ 1292.632927][T18422] input: syz0 as /devices/virtual/input/input31 [ 1292.814357][T18425] netlink: 116 bytes leftover after parsing attributes in process `syz.0.5234'. [ 1292.817279][T10793] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1292.891038][T17657] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1293.001252][T10793] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1293.190291][T10793] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1293.510799][T10793] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1293.614325][T18431] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5238'. [ 1293.626445][T18431] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5238'. [ 1293.651727][T18431] vlan2: entered allmulticast mode [ 1293.659861][T18431] macvtap0: entered allmulticast mode [ 1293.665864][T18431] veth0_macvtap: entered allmulticast mode [ 1293.948096][T10793] bridge_slave_1: left allmulticast mode [ 1293.954019][T10793] bridge_slave_1: left promiscuous mode [ 1293.960764][T10793] bridge0: port 2(bridge_slave_1) entered disabled state [ 1293.991875][T10793] bridge_slave_0: left allmulticast mode [ 1294.001303][T10793] bridge_slave_0: left promiscuous mode [ 1294.008523][T10793] bridge0: port 1(bridge_slave_0) entered disabled state [ 1294.461229][T10793] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1294.499792][T10793] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1294.542458][T10793] bond0 (unregistering): Released all slaves [ 1294.711888][T10793] IPVS: stopping master sync thread 18007 ... [ 1295.160002][T10793] hsr_slave_0: left promiscuous mode [ 1295.175669][T10793] hsr_slave_1: left promiscuous mode [ 1295.183558][T10793] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1295.191888][T10793] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1295.286182][T10793] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1295.293943][T10793] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1295.366981][T10793] veth1_macvtap: left promiscuous mode [ 1295.372815][T10793] veth0_macvtap: left promiscuous mode [ 1295.380750][T10793] veth1_vlan: left promiscuous mode [ 1295.386382][T10793] veth0_vlan: left promiscuous mode [ 1295.662924][T18246] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1295.716455][T18246] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1295.728710][T18246] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1295.751084][T18246] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1295.765046][T18246] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1296.343466][T10793] team0 (unregistering): Port device team_slave_1 removed [ 1296.395897][T10793] team0 (unregistering): Port device team_slave_0 removed [ 1297.603669][T18467] macvlan0: entered promiscuous mode [ 1297.621442][T18467] netlink: 'syz.8.5253': attribute type 1 has an invalid length. [ 1297.630562][T18467] netlink: 'syz.8.5253': attribute type 2 has an invalid length. [ 1297.834994][T18441] chnl_net:caif_netlink_parms(): no params data found [ 1298.089426][T18246] Bluetooth: hci0: command tx timeout [ 1299.192149][T18441] bridge0: port 1(bridge_slave_0) entered blocking state [ 1299.203071][T18441] bridge0: port 1(bridge_slave_0) entered disabled state [ 1299.215991][T18441] bridge_slave_0: entered allmulticast mode [ 1299.230042][T18441] bridge_slave_0: entered promiscuous mode [ 1299.258603][T18441] bridge0: port 2(bridge_slave_1) entered blocking state [ 1299.269198][T18441] bridge0: port 2(bridge_slave_1) entered disabled state [ 1299.277123][T18441] bridge_slave_1: entered allmulticast mode [ 1299.288256][T18441] bridge_slave_1: entered promiscuous mode [ 1299.569304][T18441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1299.621833][T18441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1299.755605][T18498] loop0: detected capacity change from 0 to 2048 [ 1299.820745][T18498] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 1299.864688][T18498] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1299.986645][T18441] team0: Port device team_slave_0 added [ 1300.064995][T18441] team0: Port device team_slave_1 added [ 1300.168477][T18246] Bluetooth: hci0: command tx timeout [ 1300.275037][T18501] infiniband syz!: set active [ 1300.280683][T18501] infiniband syz!: added team_slave_0 [ 1300.433732][T18501] RDS/IB: syz!: added [ 1300.438159][T18501] smc: adding ib device syz! with port count 1 [ 1300.444670][T18501] smc: ib device syz! port 1 has pnetid [ 1300.447900][T18441] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1300.457942][T18441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1300.488229][T18441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1301.036159][T18441] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1301.043342][T18441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1301.073007][T18441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1301.333275][T18508] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5268'. [ 1301.480414][T18441] hsr_slave_0: entered promiscuous mode [ 1301.490590][T18441] hsr_slave_1: entered promiscuous mode [ 1302.085848][T18511] loop4: detected capacity change from 0 to 4096 [ 1302.236430][T18513] loop5: detected capacity change from 0 to 4096 [ 1302.247004][T18246] Bluetooth: hci0: command tx timeout [ 1302.398976][T18515] loop0: detected capacity change from 0 to 1024 [ 1302.476237][T18513] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1302.547557][T18511] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1302.703254][T18518] EXT4-fs (loop5): shut down requested (1) [ 1302.947867][T14797] Quota error (device loop5): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 1302.961157][T14797] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 1302.972275][T14797] Quota error (device loop5): write_blk: dquota write failed [ 1302.982503][T14797] Quota error (device loop5): free_dqentry: Can't write quota data block 5 [ 1303.284593][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1303.298544][T10790] Quota error (device loop5): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 1303.318789][T10795] hfsplus: b-tree write err: -5, ino 4 [ 1304.145917][ T9317] usb 6-1: new low-speed USB device number 9 using dummy_hcd [ 1304.254724][T18531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5278'. [ 1304.328834][T18246] Bluetooth: hci0: command tx timeout [ 1304.332676][ T9317] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1304.348204][ T9317] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1304.351087][T18441] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1304.358879][ T9317] usb 6-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 1304.359036][ T9317] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1304.403812][T18441] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1304.451424][T18441] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1304.462655][ T9317] usb 6-1: config 0 descriptor?? [ 1304.529958][T18441] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1304.971926][ T9317] steelseries 0003:1038:1410.0042: missing HID_OUTPUT_REPORT 0 [ 1305.173598][ T9317] usb 6-1: USB disconnect, device number 9 [ 1305.319398][T18441] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1305.481513][T18441] 8021q: adding VLAN 0 to HW filter on device team0 [ 1305.534084][ T3431] bridge0: port 1(bridge_slave_0) entered blocking state [ 1305.541723][ T3431] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1305.618907][ T3431] bridge0: port 2(bridge_slave_1) entered blocking state [ 1305.626608][ T3431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1306.431570][T18554] loop0: detected capacity change from 0 to 1024 [ 1306.477766][T18554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1306.636039][T18560] netlink: 44 bytes leftover after parsing attributes in process `syz.8.5289'. [ 1307.113502][T17763] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz-executor: deleted inode referenced: 11 [ 1307.188166][T17763] EXT4-fs error (device loop0): ext4_lookup:1793: inode #2: comm syz-executor: deleted inode referenced: 11 [ 1307.336979][T18441] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1307.873295][T17763] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1307.893320][T10793] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1308.068604][T10793] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1308.232968][T10793] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1308.454062][T10793] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1308.846107][T10793] bridge_slave_1: left allmulticast mode [ 1308.852014][T10793] bridge_slave_1: left promiscuous mode [ 1308.864610][T10793] bridge0: port 2(bridge_slave_1) entered disabled state [ 1308.910207][T10793] bridge_slave_0: left allmulticast mode [ 1308.919043][T10793] bridge_slave_0: left promiscuous mode [ 1308.927352][T10793] bridge0: port 1(bridge_slave_0) entered disabled state [ 1309.351876][T10793] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1309.380214][T10793] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1309.398667][T10793] bond0 (unregistering): Released all slaves [ 1309.686172][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 1309.934506][T18441] veth0_vlan: entered promiscuous mode [ 1310.124786][T18441] veth1_vlan: entered promiscuous mode [ 1310.600449][T10793] hsr_slave_0: left promiscuous mode [ 1310.632907][T10793] hsr_slave_1: left promiscuous mode [ 1310.641420][T10793] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1310.650434][T10793] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1310.680002][T10793] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1310.688345][T10793] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1310.737447][T10793] veth1_macvtap: left promiscuous mode [ 1310.743201][T10793] veth0_macvtap: left promiscuous mode [ 1310.750782][T10793] veth1_vlan: left promiscuous mode [ 1310.756419][T10793] veth0_vlan: left promiscuous mode [ 1310.822447][T13947] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1310.832571][T13947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1310.843543][T13947] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1310.859989][T13947] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1310.872074][T13947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1310.946029][T15356] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 1311.165632][T15356] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1311.178973][T15356] usb 5-1: config 0 has no interfaces? [ 1311.184756][T15356] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1311.194272][T15356] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1311.220160][T15356] usb 5-1: config 0 descriptor?? [ 1311.487522][T18598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1311.497722][T18598] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1311.516120][T15356] usb 5-1: USB disconnect, device number 23 [ 1311.541011][T10793] team0 (unregistering): Port device team_slave_1 removed [ 1311.580109][T10793] team0 (unregistering): Port device team_slave_0 removed [ 1311.920720][T18604] netlink: 300 bytes leftover after parsing attributes in process `syz.8.5305'. [ 1312.005533][T18441] veth0_macvtap: entered promiscuous mode [ 1312.098569][T18441] veth1_macvtap: entered promiscuous mode [ 1312.627779][T18441] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1312.744698][T18441] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1312.804771][T18441] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1312.815233][T18441] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1312.828150][T18441] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1312.837276][T18441] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1312.988168][T18246] Bluetooth: hci1: command tx timeout [ 1313.507615][T18601] chnl_net:caif_netlink_parms(): no params data found [ 1313.532289][T18619] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5311'. [ 1313.614238][T18621] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5312'. [ 1313.648607][T18622] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5312'. [ 1314.096861][ T9317] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1314.312357][ T9317] usb 6-1: Using ep0 maxpacket: 32 [ 1314.332204][ T9317] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 1314.341565][ T9317] usb 6-1: config 0 has no interface number 0 [ 1314.420553][ T9317] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1314.430722][ T9317] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1314.440096][ T9317] usb 6-1: Product: syz [ 1314.444555][ T9317] usb 6-1: Manufacturer: syz [ 1314.449509][ T9317] usb 6-1: SerialNumber: syz [ 1314.499120][ T9317] usb 6-1: config 0 descriptor?? [ 1314.526820][ T9317] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1314.724778][ T9317] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1314.756437][ T9317] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1314.787513][T18601] bridge0: port 1(bridge_slave_0) entered blocking state [ 1314.795022][T18601] bridge0: port 1(bridge_slave_0) entered disabled state [ 1314.804174][T18601] bridge_slave_0: entered allmulticast mode [ 1314.819432][T18601] bridge_slave_0: entered promiscuous mode [ 1314.890138][T18601] bridge0: port 2(bridge_slave_1) entered blocking state [ 1314.900703][T18601] bridge0: port 2(bridge_slave_1) entered disabled state [ 1314.909718][T18601] bridge_slave_1: entered allmulticast mode [ 1314.919251][T18601] bridge_slave_1: entered promiscuous mode [ 1315.064477][T18246] Bluetooth: hci1: command tx timeout [ 1315.143634][ C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1315.154401][ T9317] usb 6-1: USB disconnect, device number 10 [ 1315.167138][ T9317] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1315.192456][ T9317] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1315.205676][ T9317] quatech2 6-1:0.51: device disconnected [ 1315.245657][T18601] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1315.340044][T18601] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1315.352591][T18645] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5318'. [ 1315.352694][T18645] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5318'. [ 1315.627839][T18601] team0: Port device team_slave_0 added [ 1315.681597][T18601] team0: Port device team_slave_1 added [ 1315.923846][T18601] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1315.936182][T18601] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1315.965998][T18601] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1316.011553][T18601] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1316.022843][T18601] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1316.050899][T18601] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1316.381803][T18657] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5322'. [ 1316.419710][T18601] hsr_slave_0: entered promiscuous mode [ 1316.429608][T18601] hsr_slave_1: entered promiscuous mode [ 1316.438198][T18601] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1316.448750][T18601] Cannot create hsr debugfs directory [ 1316.451392][T18659] overlayfs: workdir and upperdir must be separate subtrees [ 1316.463475][T18657] netlink: 173 bytes leftover after parsing attributes in process `syz.5.5322'. [ 1317.127600][T18246] Bluetooth: hci1: command tx timeout [ 1317.253992][T18671] 9pnet: p9_errstr2errno: server reported unknown error [ 1317.521140][T18674] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5328'. [ 1318.109438][T18601] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1318.187106][T18601] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1318.272183][T18601] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1318.339980][T18601] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1318.523381][T14797] Bluetooth: hci3: Frame reassembly failed (-84) [ 1318.683914][T10791] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1318.692974][T10791] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1318.857580][T14797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1318.866053][T14797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1319.103459][T18694] loop4: detected capacity change from 0 to 2048 [ 1319.170545][T18694] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1319.211485][T13947] Bluetooth: hci1: command tx timeout [ 1319.413348][T18601] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1319.551650][T18601] 8021q: adding VLAN 0 to HW filter on device team0 [ 1319.621368][T14797] bridge0: port 1(bridge_slave_0) entered blocking state [ 1319.629048][T14797] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1319.712740][T14797] bridge0: port 2(bridge_slave_1) entered blocking state [ 1319.720462][T14797] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1320.570369][T13947] Bluetooth: hci3: command 0x1003 tx timeout [ 1320.580540][T18246] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 1320.886535][T18703] loop4: detected capacity change from 0 to 40427 [ 1320.907264][T18703] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1320.915233][T18703] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1320.930782][T18703] F2FS-fs (loop4): Wrong secs_per_zone / total_sections (64, 24) [ 1320.938938][T18703] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 1321.929380][T18718] loop5: detected capacity change from 0 to 1024 [ 1322.160394][T18601] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1322.652964][T18601] veth0_vlan: entered promiscuous mode [ 1322.780022][T18601] veth1_vlan: entered promiscuous mode [ 1323.046872][T18601] veth0_macvtap: entered promiscuous mode [ 1323.113438][T18601] veth1_macvtap: entered promiscuous mode [ 1323.271252][T18601] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1323.354895][T18601] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1323.461678][T18601] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.470940][T18601] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.482507][T18601] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.493676][T18601] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1323.606822][T18730] @: renamed from vlan0 (while UP) [ 1324.302369][T18742] Bluetooth: MGMT ver 1.23 [ 1325.106008][ T24] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1325.313264][ T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1325.369086][ T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1325.378992][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1325.387466][ T24] usb 6-1: Product: syz [ 1325.391838][ T24] usb 6-1: Manufacturer: syz [ 1325.396741][ T24] usb 6-1: SerialNumber: syz [ 1326.374417][ T24] cdc_ncm 6-1:1.0: SET_CRC_MODE failed [ 1326.387483][ T24] cdc_ncm 6-1:1.0: SET_NTB_FORMAT failed [ 1326.416151][ T24] cdc_ncm 6-1:1.0: bind() failure [ 1326.432556][ T24] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 1326.441029][ T24] cdc_ncm 6-1:1.1: bind() failure [ 1326.500812][ T24] usb 6-1: USB disconnect, device number 11 [ 1326.774341][T18777] vxcan0: tx drop: invalid da for name 0x0000000000000002 [ 1327.907708][T18782] loop4: detected capacity change from 0 to 4096 [ 1328.209381][T18786] loop7: detected capacity change from 0 to 40427 [ 1328.223470][T18786] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 1328.231677][T18786] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 1328.243356][T18786] F2FS-fs (loop7): Mismatch start address, segment0(6) cp_blkaddr(512) [ 1328.252905][T18786] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 1330.022485][T14797] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1330.033232][T14797] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1330.195398][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 1330.202210][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 1330.266678][T18815] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5380'. [ 1330.279216][T18815] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5380'. [ 1330.291561][T14797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1330.299822][T14797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1330.833867][ T30] audit: type=1804 audit(1748019095.293:138): pid=18820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5382" name="/newroot/560/bus" dev="tmpfs" ino=2934 res=1 errno=0 [ 1332.243139][T18827] loop5: detected capacity change from 0 to 8192 [ 1333.678929][T18851] loop3: detected capacity change from 0 to 2048 [ 1333.743791][T18851] hpfs: Bad version 183,140. Mount readonly to go around [ 1333.751479][T18851] hpfs: please try recent version of HPFS driver at http://artax.karlin.mff.cuni.cz/~mikulas/vyplody/hpfs/index-e.cgi and if it still can't understand this format, contact author - mikulas@artax.karlin.mff.cuni.cz [ 1334.005143][T18861] loop5: detected capacity change from 0 to 512 [ 1334.097371][T18861] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 1334.106860][T18861] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 1334.206086][T18861] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 1334.288630][T18861] System zones: 0-2, 18-18, 34-35 [ 1334.307499][T18861] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1334.341070][T18863] tap0: tun_chr_ioctl cmd 2147767520 [ 1334.418866][T18861] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 1334.430212][T18861] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 1334.442161][T18861] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 1334.488661][T18861] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5395: bg 0: block 353: padding at end of block bitmap is not set [ 1334.782011][T18875] loop3: detected capacity change from 0 to 64 [ 1334.828503][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1334.981344][T18877] IPv6: NLM_F_CREATE should be specified when creating new route [ 1336.762158][T18908] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5417'. [ 1337.011595][T18914] bridge0: port 1(bridge_slave_0) entered blocking state [ 1337.019231][T18914] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1339.130219][T18945] loop3: detected capacity change from 0 to 4096 [ 1339.159981][T18945] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 1339.298914][T18949] loop5: detected capacity change from 0 to 1024 [ 1339.342858][T18949] EXT4-fs: Ignoring removed bh option [ 1339.460380][T18949] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1339.483058][T18945] ntfs3(loop3): ino=19, mi_enum_attr [ 1339.491658][T18945] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1339.669105][T18945] ntfs3(loop3): ino=1e, "file1" ntfs_rename [ 1339.721108][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1340.481178][T18965] loop5: detected capacity change from 0 to 256 [ 1341.660508][T18977] input: syz0 as /devices/virtual/input/input32 [ 1341.910947][T18981] tap0: tun_chr_ioctl cmd 1074025677 [ 1341.917100][T18981] tap0: linktype set to 6 [ 1342.119242][T18983] netlink: 176 bytes leftover after parsing attributes in process `syz.7.5450'. [ 1342.286645][T18987] 9p: Unknown access argument 18446744073709551615: -34 [ 1343.685100][T19007] syz_tun: entered promiscuous mode [ 1343.746520][T19007] syz_tun: left promiscuous mode [ 1344.657905][T19016] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1344.900222][T19028] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5471'. [ 1344.927184][ T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1344.963337][T19028] hsr0: entered promiscuous mode [ 1344.969476][T19028] macvtap1: entered promiscuous mode [ 1344.978679][T19028] macvtap1: entered allmulticast mode [ 1344.984306][T19028] hsr0: entered allmulticast mode [ 1344.989949][T19028] hsr_slave_0: entered allmulticast mode [ 1344.994208][T19032] loop3: detected capacity change from 0 to 128 [ 1345.001991][T19028] hsr_slave_1: entered allmulticast mode [ 1345.042542][T19030] loop7: detected capacity change from 0 to 512 [ 1345.050937][T19032] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 1345.069136][T19028] hsr0: left allmulticast mode [ 1345.074197][T19028] hsr_slave_0: left allmulticast mode [ 1345.080105][T19028] hsr_slave_1: left allmulticast mode [ 1345.107904][T19030] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 1345.126404][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 1345.155286][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1345.166938][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1345.177259][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1345.186671][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1345.224601][T19030] EXT4-fs (loop7): 1 truncate cleaned up [ 1345.234103][T19030] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1345.358320][ T24] usb 6-1: config 0 descriptor?? [ 1345.382065][T19036] loop4: detected capacity change from 0 to 256 [ 1345.420000][ T24] hub 6-1:0.0: USB hub found [ 1345.462553][T19036] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 1345.603230][ T24] hub 6-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 1345.772908][T19038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5475'. [ 1345.890287][T18441] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1346.086260][ T24] hid-generic 0003:046D:C31C.0043: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.5-1/input0 [ 1346.364795][ T24] usb 6-1: USB disconnect, device number 12 [ 1347.158039][ T24] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 1347.371979][ T24] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1347.381454][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1347.442163][ T24] usb 5-1: config 0 descriptor?? [ 1347.897890][ T24] ath6kl: Failed to submit usb control message: -71 [ 1347.904881][ T24] ath6kl: unable to send the bmi data to the device: -71 [ 1347.912283][ T24] ath6kl: Unable to send get target info: -71 [ 1347.937151][ T24] ath6kl: Failed to init ath6kl core: -71 [ 1347.948490][ T24] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 1348.036758][ T24] usb 5-1: USB disconnect, device number 24 [ 1348.805957][T19080] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5495'. [ 1349.374866][T19090] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5499'. [ 1349.437997][T19093] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5499'. [ 1349.486638][T19091] tap0: tun_chr_ioctl cmd 1074025677 [ 1349.492428][T19091] tap0: linktype set to 768 [ 1349.864574][T19099] bridge0: port 2(bridge_slave_1) entered disabled state [ 1350.046986][T19106] netlink: 'syz.4.5506': attribute type 5 has an invalid length. [ 1350.451760][T19113] loop3: detected capacity change from 0 to 64 [ 1350.619935][ T30] audit: type=1800 audit(1748019115.073:139): pid=19113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5509" name="file1" dev="loop3" ino=18 res=0 errno=0 [ 1350.640642][ C0] vkms_vblank_simulate: vblank timer overrun [ 1350.869592][T19118] loop5: detected capacity change from 0 to 256 [ 1350.974485][T19118] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 1350.984048][T19118] FAT-fs (loop5): Filesystem has been set read-only [ 1352.394365][ T24] IPVS: starting estimator thread 0... [ 1352.486262][T19135] IPVS: using max 240 ests per chain, 12000 per kthread [ 1352.719525][T19129] loop4: detected capacity change from 0 to 8192 [ 1353.000201][T19143] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 1353.010561][T19143] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 1354.520068][T19154] loop7: detected capacity change from 0 to 40427 [ 1354.537445][T19154] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 1354.545584][T19154] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 1354.562734][T19154] F2FS-fs (loop7): Wrong CP boundary, start(512) end(1536) blocks(512) [ 1354.571455][T19154] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 1355.141520][T19166] loop4: detected capacity change from 0 to 64 [ 1355.329858][T19166] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 1356.127639][T19180] netlink: 132 bytes leftover after parsing attributes in process `syz.7.5537'. [ 1356.289077][T19183] loop5: detected capacity change from 0 to 16 [ 1356.330402][T19183] erofs (device loop5): mounted with root inode @ nid 36. [ 1358.336230][ T24] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 1358.595927][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 1358.631848][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1358.643245][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1358.653520][ T24] usb 5-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 1358.662882][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1358.727740][ T24] usb 5-1: config 0 descriptor?? [ 1359.173012][T19225] loop7: detected capacity change from 0 to 256 [ 1359.244086][T19225] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1359.249858][ T24] playstation 0003:054C:05C4.0044: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.4-1/input0 [ 1359.447011][ T24] playstation 0003:054C:05C4.0044: Invalid byte count transferred, expected 16 got 0 [ 1359.456974][ T24] playstation 0003:054C:05C4.0044: Failed to retrieve DualShock4 pairing info: -22 [ 1359.467194][ T24] playstation 0003:054C:05C4.0044: Failed to get MAC address from DualShock4 [ 1359.476278][ T24] playstation 0003:054C:05C4.0044: Failed to create dualshock4. [ 1359.509509][T19227] loop5: detected capacity change from 0 to 1024 [ 1359.523549][ T24] playstation 0003:054C:05C4.0044: probe with driver playstation failed with error -22 [ 1359.663731][T19227] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1359.717015][ T24] usb 5-1: USB disconnect, device number 25 [ 1360.402368][T16496] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1360.539893][ T3719] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1360.550671][ T3719] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1360.721684][ T3719] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1360.732492][ T3719] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1360.882652][ T3719] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1360.898634][ T3719] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1361.130319][ T3719] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1361.141447][ T3719] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1361.427989][ T3719] bridge_slave_1: left allmulticast mode [ 1361.433915][ T3719] bridge_slave_1: left promiscuous mode [ 1361.440582][ T3719] bridge0: port 2(bridge_slave_1) entered disabled state [ 1361.464478][ T3719] bridge_slave_0: left allmulticast mode [ 1361.470780][ T3719] bridge_slave_0: left promiscuous mode [ 1361.477431][ T3719] bridge0: port 1(bridge_slave_0) entered disabled state [ 1361.949120][ T3719] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1361.987627][ T3719] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1362.044507][ T3719] bond0 (unregistering): Released all slaves [ 1362.444747][T19253] loop3: detected capacity change from 0 to 1024 [ 1362.543451][T19253] EXT4-fs: Ignoring removed orlov option [ 1362.552150][T19253] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1362.838171][T19253] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1363.092265][ T3719] hsr_slave_0: left promiscuous mode [ 1363.104705][ T3719] hsr_slave_1: left promiscuous mode [ 1363.112548][ T3719] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1363.120563][ T3719] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1363.230455][ T3719] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1363.238483][ T3719] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1363.353939][T13947] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1363.367045][T13947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1363.378724][T13947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1363.398324][ T3719] veth1_macvtap: left promiscuous mode [ 1363.404082][ T3719] veth0_macvtap: left promiscuous mode [ 1363.410160][ T3719] veth1_vlan: left promiscuous mode [ 1363.418343][ T3719] veth0_vlan: left promiscuous mode [ 1363.430032][T13947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1363.453001][T13947] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1363.574717][T18601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1363.983367][T19272] loop7: detected capacity change from 0 to 512 [ 1364.219321][T19272] EXT4-fs (loop7): 1 orphan inode deleted [ 1364.227846][T19272] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1364.260303][ T3431] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 1364.270695][ T3431] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:12: Failed to release dquot type 1 [ 1364.281260][T19272] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1364.292657][ T3719] team0 (unregistering): Port device team_slave_1 removed [ 1364.323011][ T3719] team0 (unregistering): Port device team_slave_0 removed [ 1365.065773][T18441] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1365.188659][T19283] macsec1: entered promiscuous mode [ 1365.194156][T19283] macvlan1: entered promiscuous mode [ 1365.201643][T19283] macsec1: entered allmulticast mode [ 1365.210540][T19283] macvlan1: entered allmulticast mode [ 1365.216269][T19283] veth1_vlan: entered allmulticast mode [ 1365.302347][T19283] macvlan1: left allmulticast mode [ 1365.308002][T19283] veth1_vlan: left allmulticast mode [ 1365.313569][T19283] macvlan1: left promiscuous mode [ 1365.550350][T13947] Bluetooth: hci2: command tx timeout [ 1365.582770][ T3719] IPVS: stop unused estimator thread 0... [ 1366.466635][T19267] chnl_net:caif_netlink_parms(): no params data found [ 1366.817297][T19297] loop3: detected capacity change from 0 to 4096 [ 1367.613713][T13947] Bluetooth: hci2: command tx timeout [ 1367.789029][T19267] bridge0: port 1(bridge_slave_0) entered blocking state [ 1367.796751][T19267] bridge0: port 1(bridge_slave_0) entered disabled state [ 1367.804438][T19267] bridge_slave_0: entered allmulticast mode [ 1367.813886][T19267] bridge_slave_0: entered promiscuous mode [ 1367.844773][T19267] bridge0: port 2(bridge_slave_1) entered blocking state [ 1367.857236][T19267] bridge0: port 2(bridge_slave_1) entered disabled state [ 1367.864845][T19267] bridge_slave_1: entered allmulticast mode [ 1367.874283][T19267] bridge_slave_1: entered promiscuous mode [ 1368.091686][T19267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1368.125086][T19267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1368.363056][T19267] team0: Port device team_slave_0 added [ 1368.391670][T19267] team0: Port device team_slave_1 added [ 1368.595218][T19324] loop3: detected capacity change from 0 to 4096 [ 1368.613021][T19267] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1368.620446][T19267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1368.653727][T19267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1368.694795][T19267] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1368.702196][T19267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1368.731305][T19267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1368.963158][T19267] hsr_slave_0: entered promiscuous mode [ 1368.975618][T19267] hsr_slave_1: entered promiscuous mode [ 1368.983935][T19267] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1368.992261][T19267] Cannot create hsr debugfs directory [ 1369.699742][T13947] Bluetooth: hci2: command tx timeout [ 1370.285706][T19267] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1370.313910][T19347] loop4: detected capacity change from 0 to 256 [ 1370.358873][T19267] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1370.452254][T19267] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1370.535068][T19267] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1371.020696][T19358] loop3: detected capacity change from 0 to 256 [ 1371.147257][T19358] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1371.195724][ T9432] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 1371.347373][T19267] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1371.435680][ T9432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1371.447516][ T9432] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1371.452853][T19267] 8021q: adding VLAN 0 to HW filter on device team0 [ 1371.460555][ T9432] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1371.478373][ T9432] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1371.490625][ T9432] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1371.522621][T10790] bridge0: port 1(bridge_slave_0) entered blocking state [ 1371.530235][T10790] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1371.578051][T10790] bridge0: port 2(bridge_slave_1) entered blocking state [ 1371.585897][T10790] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1371.707070][ T9432] usb 5-1: config 0 descriptor?? [ 1371.776244][T13947] Bluetooth: hci2: command tx timeout [ 1372.213243][ T9432] plantronics 0003:047F:FFFF.0045: unknown main item tag 0x3 [ 1372.252190][ T9432] plantronics 0003:047F:FFFF.0045: No inputs registered, leaving [ 1372.311402][T19367] netem: invalid attributes len -3 [ 1372.312882][ T9432] plantronics 0003:047F:FFFF.0045: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 1372.316840][T19367] netem: change failed [ 1372.457943][ T24] usb 5-1: USB disconnect, device number 26 [ 1373.180756][T19267] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1373.610192][T19267] veth0_vlan: entered promiscuous mode [ 1373.668169][T19267] veth1_vlan: entered promiscuous mode [ 1373.930457][T19267] veth0_macvtap: entered promiscuous mode [ 1374.014781][T19267] veth1_macvtap: entered promiscuous mode [ 1374.046958][T19386] team0: No ports can be present during mode change [ 1374.204499][T19267] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1374.313060][T19267] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1374.375745][T19267] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1374.384884][T19267] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1374.394130][T19267] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1374.403283][T19267] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1374.435831][T19390] evm: overlay not supported [ 1374.805198][T19397] loop3: detected capacity change from 0 to 64 [ 1374.941961][T19392] loop4: detected capacity change from 0 to 4096 [ 1375.032293][T19401] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1375.563988][T19405] lo: entered promiscuous mode [ 1375.634224][T19410] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5633'. [ 1375.645028][T19410] netem: unknown loss type 13 [ 1375.650609][T19410] netem: change failed [ 1376.164955][T19418] loop4: detected capacity change from 0 to 256 [ 1376.733481][T19427] netlink: 'syz.4.5640': attribute type 29 has an invalid length. [ 1376.820095][T19427] netlink: 'syz.4.5640': attribute type 29 has an invalid length. [ 1376.877554][T19431] netlink: 'syz.4.5640': attribute type 29 has an invalid length. [ 1377.288094][T19437] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1377.297322][T19437] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1377.306524][T19437] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1377.315766][T19437] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1377.387919][T19434] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5641'. [ 1377.400314][T19434] netlink: 52 bytes leftover after parsing attributes in process `syz.8.5641'. [ 1377.883604][T19447] netlink: 120 bytes leftover after parsing attributes in process `syz.8.5645'. [ 1378.240228][T10790] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1378.248891][T10790] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1378.356723][T10789] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1378.364802][T10789] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1378.609972][T19449] loop3: detected capacity change from 0 to 1024 [ 1378.874726][T10795] hfsplus: b-tree write err: -5, ino 4 [ 1379.157755][T19457] netlink: 52 bytes leftover after parsing attributes in process `syz.1.5570'. [ 1379.167564][T19457] netlink: 26 bytes leftover after parsing attributes in process `syz.1.5570'. [ 1379.176943][T19457] netlink: 26 bytes leftover after parsing attributes in process `syz.1.5570'. [ 1379.950303][T19476] loop4: detected capacity change from 0 to 512 [ 1380.047106][T19476] EXT4-fs: Ignoring removed nobh option [ 1380.053037][T19476] EXT4-fs: Ignoring removed mblk_io_submit option [ 1380.170496][T19476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1380.508497][T12390] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1380.673288][T19485] loop3: detected capacity change from 0 to 2048 [ 1380.789159][T19485] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 1380.797405][T19485] UDF-fs: Scanning with blocksize 512 failed [ 1380.842650][T19485] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1382.358928][ T9432] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 1382.402973][T19516] loop4: detected capacity change from 0 to 1024 [ 1382.519564][ T30] audit: type=1800 audit(1748019146.983:140): pid=19516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5677" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 1382.577937][T19518] block device autoloading is deprecated and will be removed. [ 1382.587408][ T9432] usb 4-1: Using ep0 maxpacket: 16 [ 1382.616388][ T9432] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1382.632101][ T9432] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 1382.641559][ T9432] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1382.707482][ T9432] usb 4-1: config 0 descriptor?? [ 1382.735134][ T9432] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input33 [ 1383.003980][ T5133] bcm5974 4-1:0.0: could not read from device [ 1383.013327][ T5133] bcm5974 4-1:0.0: could not read from device [ 1383.034984][ T9432] bcm5974 4-1:0.0: could not read from device [ 1383.046508][T19525] loop1: detected capacity change from 0 to 1024 [ 1383.063873][ T9432] input: failed to attach handler mousedev to device input33, error: -5 [ 1383.083542][ T5133] bcm5974 4-1:0.0: could not read from device [ 1383.124764][ T5133] bcm5974 4-1:0.0: could not read from device [ 1383.132614][ T9432] usb 4-1: USB disconnect, device number 9 [ 1383.153422][T19525] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1383.356185][T15354] usb 9-1: new full-speed USB device number 26 using dummy_hcd [ 1383.453901][T19267] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1383.535124][T15354] usb 9-1: config index 0 descriptor too short (expected 35577, got 27) [ 1383.544055][T15354] usb 9-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 1383.553145][T15354] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 1383.564897][T15354] usb 9-1: config 1 has no interface number 0 [ 1383.571324][T15354] usb 9-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1383.582648][T15354] usb 9-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 1383.599059][T15354] usb 9-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 1383.611453][T15354] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1383.781210][T15354] snd_usb_pod 9-1:1.1: Line 6 Pocket POD found [ 1384.010708][T19529] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1384.020363][T19529] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1384.402544][T19547] loop1: detected capacity change from 0 to 256 [ 1384.440298][T15354] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now attached [ 1384.507237][T19547] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1384.691299][T15354] usb 9-1: USB disconnect, device number 26 [ 1384.699435][T15354] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now disconnected [ 1384.837192][T19550] loop3: detected capacity change from 0 to 2048 [ 1385.534426][T19565] loop3: detected capacity change from 0 to 64 [ 1385.635071][T19567] loop4: detected capacity change from 0 to 512 [ 1385.725585][T19567] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.5696: iget: bad extended attribute block 1 [ 1385.812252][T19567] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5696: couldn't read orphan inode 15 (err -117) [ 1385.854500][T19567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1386.243670][T12390] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1386.898832][T19591] loop3: detected capacity change from 0 to 1024 [ 1387.131430][T19594] loop7: detected capacity change from 0 to 2048 [ 1389.222348][ T9317] kernel read not supported for file /dsp1 (pid: 9317 comm: kworker/1:1) [ 1389.873218][T19632] netlink: 108 bytes leftover after parsing attributes in process `syz.8.5725'. [ 1391.597051][T19651] loop1: detected capacity change from 0 to 8 [ 1391.624708][ T1281] ieee802154 phy0 wpan0: encryption failed: -22 [ 1391.631647][ T1281] ieee802154 phy1 wpan1: encryption failed: -22 [ 1392.083333][T19267] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 1392.139706][T19267] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 1392.649637][ T9850] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1392.863520][ T9850] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1393.001274][T19672] pim6reg: tun_chr_ioctl cmd 2148553947 [ 1393.104251][ T9850] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1393.291400][ T9850] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1393.703915][ T9850] bridge_slave_1: left allmulticast mode [ 1393.710849][ T9850] bridge_slave_1: left promiscuous mode [ 1393.717472][ T9850] bridge0: port 2(bridge_slave_1) entered disabled state [ 1393.739508][ T9850] bridge_slave_0: left allmulticast mode [ 1393.747260][ T9850] bridge_slave_0: left promiscuous mode [ 1393.754267][ T9850] bridge0: port 1(bridge_slave_0) entered disabled state [ 1394.251497][ T9850] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1394.289636][ T9850] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1394.309873][ T9850] bond0 (unregistering): Released all slaves [ 1395.185976][ T9850] hsr_slave_0: left promiscuous mode [ 1395.208461][ T9850] hsr_slave_1: left promiscuous mode [ 1395.216789][ T9850] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1395.224437][ T9850] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1395.287400][ T9850] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1395.295166][ T9850] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1395.381785][ T9850] veth1_macvtap: left promiscuous mode [ 1395.390372][ T9850] veth0_macvtap: left promiscuous mode [ 1395.398078][ T9850] veth1_vlan: left promiscuous mode [ 1395.403635][ T9850] veth0_vlan: left promiscuous mode [ 1396.236381][T18246] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1396.251808][T18246] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1396.298943][T15354] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 1396.329976][T18246] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1396.343466][T18246] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1396.357738][T18246] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1396.419692][ T9850] team0 (unregistering): Port device team_slave_1 removed [ 1396.456249][ T9850] team0 (unregistering): Port device team_slave_0 removed [ 1396.829667][T15354] usb 5-1: Using ep0 maxpacket: 32 [ 1396.847999][T15354] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 1396.861230][T15354] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1396.924357][T15354] usb 5-1: config 0 descriptor?? [ 1397.647049][T15354] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 1397.673085][T15354] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1397.701084][T15354] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 1397.708917][T15354] usb 5-1: media controller created [ 1397.794142][T15354] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1397.850795][T19695] ===================================================== [ 1397.858456][T19695] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 [ 1397.866026][T19695] _copy_to_user+0xcc/0x120 [ 1397.870708][T19695] i2cdev_ioctl_smbus+0x586/0x660 [ 1397.878619][T19695] compat_i2cdev_ioctl+0x48f/0xb40 [ 1397.883950][T19695] __ia32_compat_sys_ioctl+0x7f9/0x1260 [ 1397.890041][T19695] ia32_sys_call+0x2d07/0x42c0 [ 1397.894969][T19695] __do_fast_syscall_32+0xb0/0x110 [ 1397.900561][T19695] do_fast_syscall_32+0x38/0x80 [ 1397.908292][T19695] do_SYSENTER_32+0x1f/0x30 [ 1397.913058][T19695] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1397.920295][T19695] [ 1397.922732][T19695] Uninit was stored to memory at: [ 1397.928350][T19695] __i2c_smbus_xfer+0x2561/0x2f60 [ 1397.937008][T19695] i2c_smbus_xfer+0x31d/0x4d0 [ 1397.941914][T19695] i2cdev_ioctl_smbus+0x4a1/0x660 [ 1397.951082][T19695] compat_i2cdev_ioctl+0x48f/0xb40 [ 1397.956965][T19695] __ia32_compat_sys_ioctl+0x7f9/0x1260 [ 1397.962733][T19695] ia32_sys_call+0x2d07/0x42c0 [ 1397.968454][T19695] __do_fast_syscall_32+0xb0/0x110 [ 1397.973824][T19695] do_fast_syscall_32+0x38/0x80 [ 1397.981547][T19695] do_SYSENTER_32+0x1f/0x30 [ 1397.986484][T19695] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1397.993025][T19695] [ 1397.995598][T19695] Local variable msgbuf1.i created at: [ 1398.001172][T19695] __i2c_smbus_xfer+0x86a/0x2f60 [ 1398.009163][T19695] i2c_smbus_xfer+0x31d/0x4d0 [ 1398.014068][T19695] [ 1398.016723][T19695] Byte 0 of 1 is uninitialized [ 1398.021604][T19695] Memory access of size 1 starts at ffff88802b1ebc86 [ 1398.028680][T19695] Data copied to user address 0000000080000500 [ 1398.038255][T19695] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1398.044309][T19695] CPU: 0 UID: 0 PID: 19695 Comm: syz.4.5755 Not tainted 6.15.0-rc7-syzkaller-00099-g94305e83eccb #0 PREEMPT(undef) [ 1398.056930][T19695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1398.069937][T19695] ===================================================== [ 1398.077192][T19695] Disabling lock debugging due to kernel taint [ 1398.083472][T19695] Kernel panic - not syncing: kmsan.panic set ... [ 1398.090059][T19695] CPU: 0 UID: 0 PID: 19695 Comm: syz.4.5755 Tainted: G B 6.15.0-rc7-syzkaller-00099-g94305e83eccb #0 PREEMPT(undef) [ 1398.104013][T19695] Tainted: [B]=BAD_PAGE [ 1398.108293][T19695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1398.118548][T19695] Call Trace: [ 1398.121958][T19695] [ 1398.124984][T19695] __dump_stack+0x26/0x30 [ 1398.129487][T19695] dump_stack_lvl+0x53/0x270 [ 1398.134250][T19695] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1398.140275][T19695] dump_stack+0x1e/0x25 [ 1398.144595][T19695] panic+0x4bd/0xd50 [ 1398.148718][T19695] kmsan_report+0x29d/0x2a0 [ 1398.153449][T19695] ? kmsan_internal_check_memory+0x496/0x570 [ 1398.159608][T19695] ? kmsan_copy_to_user+0xca/0xe0 [ 1398.164809][T19695] ? _copy_to_user+0xcc/0x120 [ 1398.169636][T19695] ? i2cdev_ioctl_smbus+0x586/0x660 [ 1398.174992][T19695] ? compat_i2cdev_ioctl+0x48f/0xb40 [ 1398.180424][T19695] ? __ia32_compat_sys_ioctl+0x7f9/0x1260 [ 1398.186319][T19695] ? ia32_sys_call+0x2d07/0x42c0 [ 1398.191393][T19695] ? __do_fast_syscall_32+0xb0/0x110 [ 1398.196959][T19695] ? do_fast_syscall_32+0x38/0x80 [ 1398.202160][T19695] ? do_SYSENTER_32+0x1f/0x30 [ 1398.207018][T19695] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1398.213701][T19695] ? __pfx_az6027_i2c_xfer+0x10/0x10 [ 1398.219158][T19695] ? __i2c_transfer+0x11ca/0x30e0 [ 1398.224361][T19695] ? kmsan_get_metadata+0x105/0x1b0 [ 1398.229757][T19695] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1398.236275][T19695] ? kmsan_get_metadata+0x105/0x1b0 [ 1398.241661][T19695] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1398.247687][T19695] ? __i2c_smbus_xfer+0x1e93/0x2f60 [ 1398.253122][T19695] ? kmsan_get_metadata+0x105/0x1b0 [ 1398.258559][T19695] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1398.264612][T19695] kmsan_internal_check_memory+0x496/0x570 [ 1398.270621][T19695] kmsan_copy_to_user+0xca/0xe0 [ 1398.275665][T19695] ? should_fail_usercopy+0x2e/0x40 [ 1398.281058][T19695] _copy_to_user+0xcc/0x120 [ 1398.285718][T19695] i2cdev_ioctl_smbus+0x586/0x660 [ 1398.290932][T19695] compat_i2cdev_ioctl+0x48f/0xb40 [ 1398.296240][T19695] ? __pfx_compat_i2cdev_ioctl+0x10/0x10 [ 1398.302043][T19695] __ia32_compat_sys_ioctl+0x7f9/0x1260 [ 1398.307769][T19695] ? kmsan_get_metadata+0x105/0x1b0 [ 1398.313147][T19695] ? kmsan_get_metadata+0x105/0x1b0 [ 1398.318568][T19695] ia32_sys_call+0x2d07/0x42c0 [ 1398.323499][T19695] __do_fast_syscall_32+0xb0/0x110 [ 1398.328827][T19695] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 1398.334765][T19695] do_fast_syscall_32+0x38/0x80 [ 1398.339801][T19695] do_SYSENTER_32+0x1f/0x30 [ 1398.344484][T19695] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1398.351003][T19695] RIP: 0023:0xf7f28539 [ 1398.355204][T19695] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1398.375013][T19695] RSP: 002b:00000000f504655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 1398.383593][T19695] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000720 [ 1398.391704][T19695] RDX: 0000000080000540 RSI: 0000000000000000 RDI: 0000000000000000 [ 1398.399800][T19695] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1398.407898][T19695] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1398.415986][T19695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1398.424103][T19695] [ 1398.427543][T19695] Kernel Offset: disabled [ 1398.431947][T19695] Rebooting in 86400 seconds..