last executing test programs: 4.700715599s ago: executing program 2 (id=861): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) sendmsg$tipc(r1, &(0x7f00000003c0)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x1, {{0x2}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x26040885}, 0x20000040) 4.181072038s ago: executing program 2 (id=865): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002306000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000340)='sys_enter\x00', r0}, 0x4b) r1 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tgkill(r1, r1, 0x21) 3.789730417s ago: executing program 1 (id=868): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18) unlinkat(0xffffffffffffffff, 0x0, 0x200) 3.414333616s ago: executing program 2 (id=869): r0 = socket(0x25, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) getsockname$packet(r0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) sendmsg$inet6(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000340)="c6", 0x1}], 0x1}, 0x800) 3.41404683s ago: executing program 3 (id=870): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x48}}, 0x0) 3.326902731s ago: executing program 1 (id=872): preadv(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x9b66) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000180)={0x0, 0x0, 0xfffffffd}) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x0) 2.822155277s ago: executing program 0 (id=874): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) r2 = io_uring_setup(0x563b, &(0x7f00000000c0)={0x0, 0xfffffff6, 0x801, 0x400, 0x20002bb}) r3 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xf4ffffff}, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 2.768383653s ago: executing program 2 (id=875): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002040)={{0x14, 0x10, 0x4}, [@NFT_MSG_DELTABLE={0x2c, 0x2, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x1, 0x84}}}, 0x54}}, 0x0) 2.496333635s ago: executing program 3 (id=876): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001840)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x7, 0x1, 0x82, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x7, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x5, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x7, 0x2, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x8000, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000000, 0xb, 0x7, 0x5, 0x2, 0x4]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0) 2.496096466s ago: executing program 1 (id=877): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) unshare(0x26000400) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 2.495986831s ago: executing program 4 (id=878): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000000)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0x1, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg") creat(&(0x7f0000000100)='./file1\x00', 0x11e) 2.434055478s ago: executing program 0 (id=879): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r2, 0xffffffffffffffff, 0x100000000000000) 2.180487101s ago: executing program 2 (id=880): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x000xffffffffffffffff}) vmsplice(r1, &(0x7f0000000540), 0x41, 0x1) 1.881494138s ago: executing program 0 (id=883): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) 1.841091116s ago: executing program 1 (id=884): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10) socket(0x1e, 0x4, 0x0) pipe2(&(0x7f0000000080), 0x4000) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000000)=@req={0x3fc, 0x2, 0x0, 0x5}, 0x10) r1 = socket(0x1e, 0x4, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r3}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r5, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) close(r1) 1.434884738s ago: executing program 3 (id=885): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x20000014}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000400), &(0x7f0000000440)=r3}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, 0x0, 0x0) close(r4) close_range(r0, r1, 0x0) 1.383149206s ago: executing program 4 (id=886): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) umount2(0x0, 0x0) 1.289175533s ago: executing program 1 (id=887): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000300)='./bus\x00', 0x15d) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r2, 0x0, 0x2}, 0x18) ftruncate(r1, 0x2008002) sendfile(r0, r1, 0x0, 0x80000001) socket$nl_route(0x10, 0x3, 0x0) 1.215758316s ago: executing program 2 (id=888): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000040)={{{@in=@rand_addr=0x64010100, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e23, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xc}, {0x0, 0x1, 0x0, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x8000000000000}, {0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @local}, 0x3507, 0x4, 0x1, 0x0, 0x0, 0x7c, 0xfffffffe}}, 0xe8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) 1.126806735s ago: executing program 0 (id=889): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) r2 = io_uring_setup(0x563b, &(0x7f00000000c0)={0x0, 0xfffffff6, 0x801, 0x400, 0x20002bb}) r3 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xf4ffffff}, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 915.338662ms ago: executing program 4 (id=890): r0 = open(&(0x7f0000000040)='./file1\x00', 0x14927e, 0x81) fallocate(r0, 0x0, 0x0, 0x74) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0) copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0x3b5, 0x39ea, 0x0) 784.828882ms ago: executing program 0 (id=891): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e00000000000300000000000000400000ea45a7d8db3c3ed2000000000002000000000038000200000002000080000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff8003000000000000010000003b6f"], 0x5b0) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) 698.994059ms ago: executing program 3 (id=892): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000850000005000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) io_setup(0xacf, &(0x7f0000000180)) 387.564716ms ago: executing program 4 (id=893): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x2c, r3, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) 356.857306ms ago: executing program 0 (id=894): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0) write$nci(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="7105090302030109bd06cf2c0406fb0e0191"], 0x12) 28.477517ms ago: executing program 3 (id=895): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030c00000000000000000000000100090000000000030006006c0000000200000000000000000000000000800002000100000000000002060b0000000003000500000000000200000000000000000000000000000001001800"], 0x60}, 0x1, 0x7}, 0x0) 28.168909ms ago: executing program 1 (id=896): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000002780)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000080)={r2, 0x3, r1, 0x5}) 0s ago: executing program 4 (id=897): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0xfff}, 0x18) fcntl$setlease(r0, 0x400, 0x0) kernel console output (not intermixed with test programs): 1 has an invalid descriptor of length 0, skipping remainder of the config [ 271.757717][ T5864] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 271.792760][ T5864] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 271.802625][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.811052][ T5864] usb 5-1: Product: syz [ 271.815459][ T5864] usb 5-1: Manufacturer: syz [ 271.820516][ T5864] usb 5-1: SerialNumber: syz [ 272.058285][ T6182] loop1: detected capacity change from 0 to 256 [ 272.094464][ T6182] exfat: Deprecated parameter 'utf8' [ 272.100930][ T6182] exfat: Deprecated parameter 'namecase' [ 272.107859][ T6182] exfat: Deprecated parameter 'namecase' [ 272.114220][ T6182] exfat: Deprecated parameter 'utf8' [ 272.214183][ T6174] netlink: 'syz.4.67': attribute type 9 has an invalid length. [ 272.222602][ T6174] netlink: 8 bytes leftover after parsing attributes in process `syz.4.67'. [ 272.262936][ T6174] hsr0: entered promiscuous mode [ 272.268662][ T6174] macvlan2: entered promiscuous mode [ 272.276263][ T6174] macvlan2: entered allmulticast mode [ 272.282260][ T6174] hsr0: entered allmulticast mode [ 272.287709][ T6174] hsr_slave_0: entered allmulticast mode [ 272.293949][ T6174] hsr_slave_1: entered allmulticast mode [ 272.324866][ T6174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 272.334976][ T6174] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 272.451204][ T6182] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 272.488685][ T5864] usb 5-1: 0:2 : does not exist [ 272.570618][ T5864] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 272.688618][ T6185] Zero length message leads to an empty skb [ 272.696979][ T5864] usb 5-1: USB disconnect, device number 4 [ 273.475145][ T6199] loop3: detected capacity change from 0 to 256 [ 273.485645][ T6199] exfat: Deprecated parameter 'namecase' [ 273.574674][ T6199] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 273.996693][ T6205] loop0: detected capacity change from 0 to 128 [ 274.006893][ T6205] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 274.021695][ T6205] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 274.040248][ T6203] loop2: detected capacity change from 0 to 1024 [ 274.045714][ T6205] netlink: 830 bytes leftover after parsing attributes in process `syz.0.79'. [ 274.708876][ T6219] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551614) [ 274.724588][ T6219] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 274.940062][ T6222] tmpfs: Unknown parameter '18446744073709551615' [ 274.965339][ T6222] netlink: 8 bytes leftover after parsing attributes in process `syz.0.85'. [ 276.151750][ T6235] FAULT_INJECTION: forcing a failure. [ 276.151750][ T6235] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 276.165547][ T6235] CPU: 0 UID: 0 PID: 6235 Comm: syz.4.88 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 276.165693][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 276.165786][ T6235] Call Trace: [ 276.165840][ T6235] [ 276.165891][ T6235] __dump_stack+0x26/0x30 [ 276.166077][ T6235] dump_stack_lvl+0x1df/0x270 [ 276.166249][ T6235] dump_stack+0x1e/0x25 [ 276.166405][ T6235] should_fail_ex+0x7dc/0x8a0 [ 276.166583][ T6235] should_fail+0x2a/0x40 [ 276.166727][ T6235] should_fail_usercopy+0x2e/0x40 [ 276.166891][ T6235] _copy_from_user+0x33/0x100 [ 276.167043][ T6235] ___sys_sendmsg+0x11b/0x3b0 [ 276.167189][ T6235] ? kmsan_get_metadata+0xfb/0x160 [ 276.167386][ T6235] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 276.167588][ T6235] ? __rcu_read_unlock+0x6d/0xd0 [ 276.167735][ T6235] ? __fget_files+0x3b4/0x4a0 [ 276.167931][ T6235] ? __fget_files+0x3b9/0x4a0 [ 276.168118][ T6235] ? kmsan_get_metadata+0xfb/0x160 [ 276.168317][ T6235] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 276.168524][ T6235] __sys_sendmmsg+0x2d9/0x7c0 [ 276.168666][ T6235] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 276.168852][ T6235] ? vfs_write+0x1359/0x1580 [ 276.169030][ T6235] ? kmsan_get_metadata+0xfb/0x160 [ 276.169219][ T6235] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 276.169417][ T6235] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 276.169622][ T6235] __x64_sys_sendmmsg+0xc6/0x150 [ 276.169779][ T6235] x64_sys_call+0x3ce7/0x3db0 [ 276.169956][ T6235] do_syscall_64+0xd9/0x210 [ 276.170090][ T6235] ? irqentry_exit+0x16/0x60 [ 276.170279][ T6235] ? clear_bhb_loop+0x40/0x90 [ 276.170429][ T6235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.170581][ T6235] RIP: 0033:0x7f356c18e929 [ 276.170701][ T6235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.170817][ T6235] RSP: 002b:00007f356cf65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 276.170962][ T6235] RAX: ffffffffffffffda RBX: 00007f356c3b5fa0 RCX: 00007f356c18e929 [ 276.171073][ T6235] RDX: 0000000000000300 RSI: 0000200000004d00 RDI: 0000000000000003 [ 276.171161][ T6235] RBP: 00007f356cf65090 R08: 0000000000000000 R09: 0000000000000000 [ 276.171247][ T6235] R10: 0000000000000f00 R11: 0000000000000246 R12: 0000000000000001 [ 276.171336][ T6235] R13: 0000000000000000 R14: 00007f356c3b5fa0 R15: 00007fffe78ad1d8 [ 276.171461][ T6235] [ 277.184413][ T6242] netlink: 830 bytes leftover after parsing attributes in process `syz.4.92'. [ 278.068518][ T6258] process 'syz.0.98' launched '/dev/fd/3' with NULL argv: empty string added [ 278.541037][ T6267] FAULT_INJECTION: forcing a failure. [ 278.541037][ T6267] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 278.554932][ T6267] CPU: 0 UID: 0 PID: 6267 Comm: syz.1.102 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 278.555083][ T6267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 278.555162][ T6267] Call Trace: [ 278.555212][ T6267] [ 278.555260][ T6267] __dump_stack+0x26/0x30 [ 278.555426][ T6267] dump_stack_lvl+0x1df/0x270 [ 278.555599][ T6267] dump_stack+0x1e/0x25 [ 278.555749][ T6267] should_fail_ex+0x7dc/0x8a0 [ 278.555926][ T6267] should_fail_alloc_page+0x222/0x240 [ 278.556140][ T6267] __alloc_frozen_pages_noprof+0x30f/0xf00 [ 278.556366][ T6267] alloc_pages_mpol+0x328/0x860 [ 278.556571][ T6267] alloc_pages_noprof+0x102/0x280 [ 278.556767][ T6267] pte_alloc_one+0x3c/0x380 [ 278.556917][ T6267] ? stack_depot_save_flags+0x35/0x7b0 [ 278.557068][ T6267] ? kmsan_get_metadata+0xfb/0x160 [ 278.557258][ T6267] __pte_alloc+0x3b/0x6f0 [ 278.557400][ T6267] ? kmsan_get_metadata+0xfb/0x160 [ 278.557580][ T6267] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 278.557782][ T6267] handle_mm_fault+0x5f60/0xe5e0 [ 278.557970][ T6267] ? kmsan_get_metadata+0xfb/0x160 [ 278.558161][ T6267] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 278.558395][ T6267] ? kmsan_get_metadata+0x60/0x160 [ 278.558620][ T6267] do_user_addr_fault+0xfe1/0x2560 [ 278.558817][ T6267] exc_page_fault+0x68/0xb0 [ 278.559015][ T6267] asm_exc_page_fault+0x2b/0x30 [ 278.559149][ T6267] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 278.559330][ T6267] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 0d 0e 05 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 278.559441][ T6267] RSP: 0018:ffff888056f37d68 EFLAGS: 00050206 [ 278.559553][ T6267] RAX: 00007ffffffff000 RBX: ffff88805266ccd8 RCX: 000000000000001c [ 278.559643][ T6267] RDX: ffff88805226ccb4 RSI: 00002000004b8fe4 RDI: ffff888056f37da8 [ 278.559740][ T6267] RBP: ffff888056f37d98 R08: ffffea000000000f R09: 0000000000000000 [ 278.559834][ T6267] R10: ffff88804e1f5230 R11: 0000000000000000 R12: 00002000004b8fe4 [ 278.559926][ T6267] R13: ffff888013f6c9c0 R14: 000000000000001c R15: ffff888056f37da8 [ 278.560064][ T6267] ? _copy_from_user+0x94/0x100 [ 278.560221][ T6267] __sys_bind+0x1af/0x5d0 [ 278.560391][ T6267] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 278.560576][ T6267] ? kmsan_get_metadata+0xfb/0x160 [ 278.560775][ T6267] __x64_sys_bind+0x95/0x100 [ 278.560962][ T6267] x64_sys_call+0x2746/0x3db0 [ 278.561149][ T6267] do_syscall_64+0xd9/0x210 [ 278.561279][ T6267] ? irqentry_exit+0x16/0x60 [ 278.561452][ T6267] ? clear_bhb_loop+0x40/0x90 [ 278.561600][ T6267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.561743][ T6267] RIP: 0033:0x7fd85e18e929 [ 278.561843][ T6267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.561956][ T6267] RSP: 002b:00007fd85f02d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 278.562087][ T6267] RAX: ffffffffffffffda RBX: 00007fd85e3b5fa0 RCX: 00007fd85e18e929 [ 278.562185][ T6267] RDX: 000000000000001c RSI: 00002000004b8fe4 RDI: 0000000000000003 [ 278.562270][ T6267] RBP: 00007fd85f02d090 R08: 0000000000000000 R09: 0000000000000000 [ 278.562354][ T6267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 278.562434][ T6267] R13: 0000000000000000 R14: 00007fd85e3b5fa0 R15: 00007ffc0fb1d1a8 [ 278.562557][ T6267] [ 279.025904][ T6269] loop2: detected capacity change from 0 to 4096 [ 279.030254][ T6268] loop4: detected capacity change from 0 to 4096 [ 279.035123][ T6269] ntfs3: Unknown parameter '' [ 279.118421][ T6268] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 279.273915][ T6271] netlink: 830 bytes leftover after parsing attributes in process `syz.0.105'. [ 279.325295][ T6268] ntfs3(loop4): ino=5, "/" indx_read [ 279.331396][ T6268] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 279.392757][ T6273] netlink: 'syz.1.106': attribute type 6 has an invalid length. [ 279.446722][ T6274] netlink: 16 bytes leftover after parsing attributes in process `syz.1.106'. [ 280.142468][ T6285] loop4: detected capacity change from 0 to 128 [ 280.288546][ T6288] netlink: 12 bytes leftover after parsing attributes in process `syz.3.112'. [ 280.331591][ T6288] netlink: 'syz.3.112': attribute type 1 has an invalid length. [ 280.339981][ T6288] nbd: couldn't find device at index 20 [ 280.352679][ T6285] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 280.360242][ T6288] mac80211_hwsim hwsim6 wlan1: entered promiscuous mode [ 280.397029][ T6291] FAULT_INJECTION: forcing a failure. [ 280.397029][ T6291] name failslab, interval 1, probability 0, space 0, times 1 [ 280.410752][ T6291] CPU: 1 UID: 0 PID: 6291 Comm: syz.0.114 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 280.410904][ T6291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 280.410987][ T6291] Call Trace: [ 280.411037][ T6291] [ 280.411085][ T6291] __dump_stack+0x26/0x30 [ 280.411246][ T6291] dump_stack_lvl+0x1df/0x270 [ 280.411416][ T6291] dump_stack+0x1e/0x25 [ 280.411566][ T6291] should_fail_ex+0x7dc/0x8a0 [ 280.411747][ T6291] should_failslab+0x15b/0x200 [ 280.411954][ T6291] kmem_cache_alloc_node_noprof+0xf3/0xf00 [ 280.412109][ T6291] ? __alloc_skb+0x1e0/0x7d0 [ 280.412297][ T6291] ? kmsan_get_metadata+0xfb/0x160 [ 280.412483][ T6291] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 280.412687][ T6291] __alloc_skb+0x1e0/0x7d0 [ 280.412887][ T6291] netlink_alloc_large_skb+0xa5/0x280 [ 280.413088][ T6291] netlink_sendmsg+0xaea/0x1250 [ 280.413262][ T6291] ? __pfx_netlink_sendmsg+0x10/0x10 [ 280.413404][ T6291] ? __pfx_netlink_sendmsg+0x10/0x10 [ 280.413552][ T6291] __sock_sendmsg+0x330/0x3d0 [ 280.413739][ T6291] ____sys_sendmsg+0x7e0/0xd80 [ 280.413918][ T6291] ___sys_sendmsg+0x271/0x3b0 [ 280.414081][ T6291] ? __rcu_read_unlock+0x6d/0xd0 [ 280.414227][ T6291] ? __fget_files+0x3b4/0x4a0 [ 280.414411][ T6291] ? __fget_files+0x3b9/0x4a0 [ 280.414618][ T6291] ? kmsan_get_metadata+0xfb/0x160 [ 280.414803][ T6291] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 280.415013][ T6291] __x64_sys_sendmsg+0x211/0x3e0 [ 280.415167][ T6291] ? kmsan_get_metadata+0xfb/0x160 [ 280.415373][ T6291] x64_sys_call+0x32fb/0x3db0 [ 280.415550][ T6291] do_syscall_64+0xd9/0x210 [ 280.415684][ T6291] ? irqentry_exit+0x16/0x60 [ 280.415865][ T6291] ? clear_bhb_loop+0x40/0x90 [ 280.416014][ T6291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.416159][ T6291] RIP: 0033:0x7fbf1cd8e929 [ 280.416260][ T6291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.416375][ T6291] RSP: 002b:00007fbf1db22038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 280.416504][ T6291] RAX: ffffffffffffffda RBX: 00007fbf1cfb5fa0 RCX: 00007fbf1cd8e929 [ 280.416602][ T6291] RDX: 000000002400c044 RSI: 0000200000000200 RDI: 0000000000000003 [ 280.416692][ T6291] RBP: 00007fbf1db22090 R08: 0000000000000000 R09: 0000000000000000 [ 280.416777][ T6291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 280.416863][ T6291] R13: 0000000000000000 R14: 00007fbf1cfb5fa0 R15: 00007ffc7cf4ece8 [ 280.416987][ T6291] [ 280.766542][ T6288] mac80211_hwsim hwsim6 wlan1: left promiscuous mode [ 281.681805][ T6308] netlink: 8 bytes leftover after parsing attributes in process `syz.0.122'. [ 282.339173][ T6319] syz.0.127: attempt to access beyond end of device [ 282.339173][ T6319] nbd0: rw=0, sector=6, nr_sectors = 2 limit=0 [ 282.352855][ T6319] ADFS-fs (nbd0): error: unable to read block 3, try 0 [ 282.458326][ T6320] FAULT_INJECTION: forcing a failure. [ 282.458326][ T6320] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 282.472235][ T6320] CPU: 0 UID: 0 PID: 6320 Comm: syz.4.128 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 282.472375][ T6320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 282.472452][ T6320] Call Trace: [ 282.472501][ T6320] [ 282.472547][ T6320] __dump_stack+0x26/0x30 [ 282.472710][ T6320] dump_stack_lvl+0x1df/0x270 [ 282.472894][ T6320] dump_stack+0x1e/0x25 [ 282.473046][ T6320] should_fail_ex+0x7dc/0x8a0 [ 282.473224][ T6320] should_fail+0x2a/0x40 [ 282.473363][ T6320] should_fail_usercopy+0x2e/0x40 [ 282.473542][ T6320] _copy_from_user+0x33/0x100 [ 282.473696][ T6320] io_register_pbuf_ring+0x76/0xbb0 [ 282.473847][ T6320] ? kmsan_get_metadata+0xfb/0x160 [ 282.474044][ T6320] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 282.474230][ T6320] ? kmsan_get_metadata+0xfb/0x160 [ 282.474416][ T6320] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 282.474617][ T6320] __se_sys_io_uring_register+0x14f2/0x1e20 [ 282.474772][ T6320] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 282.474984][ T6320] __x64_sys_io_uring_register+0xbd/0x120 [ 282.475153][ T6320] x64_sys_call+0xedb/0x3db0 [ 282.475329][ T6320] do_syscall_64+0xd9/0x210 [ 282.475462][ T6320] ? irqentry_exit+0x16/0x60 [ 282.475636][ T6320] ? clear_bhb_loop+0x40/0x90 [ 282.475784][ T6320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.475926][ T6320] RIP: 0033:0x7f356c18e929 [ 282.476024][ T6320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.476137][ T6320] RSP: 002b:00007f356cf65038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 282.476266][ T6320] RAX: ffffffffffffffda RBX: 00007f356c3b5fa0 RCX: 00007f356c18e929 [ 282.476365][ T6320] RDX: 0000200000000440 RSI: 0000000000000016 RDI: 0000000000000003 [ 282.476450][ T6320] RBP: 00007f356cf65090 R08: 0000000000000000 R09: 0000000000000000 [ 282.476534][ T6320] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 282.476614][ T6320] R13: 0000000000000000 R14: 00007f356c3b5fa0 R15: 00007fffe78ad1d8 [ 282.476737][ T6320] [ 282.714826][ T6322] overlayfs: failed to resolve './file1': -2 [ 282.730825][ T6325] loop1: detected capacity change from 0 to 128 [ 282.924987][ T6325] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 283.100807][ T6333] fuse: Bad value for 'fd' [ 283.315920][ T6337] loop0: detected capacity change from 0 to 8 [ 284.171798][ T6343] loop3: detected capacity change from 0 to 256 [ 284.206204][ T6333] loop4: detected capacity change from 0 to 40427 [ 284.224279][ T6343] vfat: Unknown parameter '0'eK [ 284.224279][ T6343] `ҧE(8~ɋI@sJ!XM♐m)\' [ 284.242037][ T6333] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 284.251587][ T6333] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 284.303487][ T6333] F2FS-fs (loop4): invalid crc value [ 284.662100][ T6333] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 284.669627][ T6333] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 284.902764][ T6337] SQUASHFS error: Unable to read directory block [631:26] [ 285.710743][ T6352] loop1: detected capacity change from 0 to 40427 [ 285.774078][ T6352] F2FS-fs (loop1): build fault injection rate: 690 [ 285.785877][ T6352] F2FS-fs (loop1): invalid crc value [ 286.046202][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 286.053157][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.159185][ T6361] loop3: detected capacity change from 0 to 128 [ 286.269683][ T6352] F2FS-fs (loop1): Start checkpoint disabled! [ 286.287911][ T6361] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 286.302200][ T6352] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 286.747422][ T6368] overlayfs: failed to resolve './file1': -2 [ 286.755176][ T5862] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 286.987321][ T5862] usb 1-1: Using ep0 maxpacket: 8 [ 287.102939][ T5862] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=bd.b2 [ 287.112767][ T5862] usb 1-1: New USB device strings: Mfr=255, Product=2, SerialNumber=3 [ 287.121429][ T5862] usb 1-1: Product: syz [ 287.125874][ T5862] usb 1-1: Manufacturer: syz [ 287.131257][ T5862] usb 1-1: SerialNumber: syz [ 287.648196][ T5862] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 288.359921][ T5862] gspca_sunplus: reg_w_riv err -110 [ 288.365699][ T5862] sunplus 1-1:5.0: probe with driver sunplus failed with error -110 [ 288.678089][ T6376] FAULT_INJECTION: forcing a failure. [ 288.678089][ T6376] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 288.691920][ T6376] CPU: 1 UID: 0 PID: 6376 Comm: syz.3.147 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 288.692073][ T6376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.692152][ T6376] Call Trace: [ 288.692202][ T6376] [ 288.692252][ T6376] __dump_stack+0x26/0x30 [ 288.692420][ T6376] dump_stack_lvl+0x1df/0x270 [ 288.692594][ T6376] dump_stack+0x1e/0x25 [ 288.692744][ T6376] should_fail_ex+0x7dc/0x8a0 [ 288.692947][ T6376] should_fail+0x2a/0x40 [ 288.693097][ T6376] should_fail_usercopy+0x2e/0x40 [ 288.693261][ T6376] _copy_from_user+0x33/0x100 [ 288.693415][ T6376] ___sys_sendmsg+0x11b/0x3b0 [ 288.693565][ T6376] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 288.693777][ T6376] ? __rcu_read_unlock+0x6d/0xd0 [ 288.693930][ T6376] ? __fget_files+0x3b4/0x4a0 [ 288.694120][ T6376] ? __fget_files+0x3b9/0x4a0 [ 288.694307][ T6376] ? kmsan_get_metadata+0xfb/0x160 [ 288.694493][ T6376] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 288.694698][ T6376] __x64_sys_sendmsg+0x211/0x3e0 [ 288.694837][ T6376] ? fput+0x113/0x160 [ 288.694965][ T6376] ? kmsan_get_metadata+0xfb/0x160 [ 288.695158][ T6376] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 288.695350][ T6376] ? kmsan_get_metadata+0xfb/0x160 [ 288.695555][ T6376] x64_sys_call+0x32fb/0x3db0 [ 288.695733][ T6376] do_syscall_64+0xd9/0x210 [ 288.695868][ T6376] ? irqentry_exit+0x16/0x60 [ 288.696047][ T6376] ? clear_bhb_loop+0x40/0x90 [ 288.696196][ T6376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.696340][ T6376] RIP: 0033:0x7f76f4f8e929 [ 288.696442][ T6376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.696558][ T6376] RSP: 002b:00007f76f5e4d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 288.696686][ T6376] RAX: ffffffffffffffda RBX: 00007f76f51b5fa0 RCX: 00007f76f4f8e929 [ 288.696785][ T6376] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 288.696870][ T6376] RBP: 00007f76f5e4d090 R08: 0000000000000000 R09: 0000000000000000 [ 288.696956][ T6376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 288.697045][ T6376] R13: 0000000000000000 R14: 00007f76f51b5fa0 R15: 00007ffe73494678 [ 288.697169][ T6376] [ 288.966503][ T6372] loop2: detected capacity change from 0 to 32768 [ 289.379246][ T6372] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 289.688409][ T6390] loop3: detected capacity change from 0 to 512 [ 289.754026][ T6372] XFS (loop2): Ending clean mount [ 289.804243][ T6372] XFS (loop2): Metadata CRC error detected at xfs_allocbt_read_verify+0xaf/0x2d0, xfs_bnobt block 0x8 [ 289.815988][ T6372] XFS (loop2): Unmount and run xfs_repair [ 289.822268][ T6372] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 289.830204][ T6372] 00000000: 41 42 33 42 00 00 00 03 ff ff ff ff ff ff ff ff AB3B............ [ 289.839322][ T6372] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 40 ...............@ [ 289.855101][ T6372] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a ...B..N....xv... [ 289.866068][ T6372] 00000030: 00 00 00 00 72 89 6f 7a 00 00 00 06 00 00 00 02 ....r.oz........ [ 289.875306][ T6372] 00000040: 00 00 05 9a 00 00 00 06 00 00 05 b0 00 00 0a 50 ...............P [ 289.884596][ T6372] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 289.893986][ T6372] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 289.903271][ T6372] 00000070: 00 00 00 00 00 00 00 00 00 07 00 00 00 00 00 00 ................ [ 289.912510][ T6372] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x33d/0x5f0" at daddr 0x8 len 8 error 74 [ 289.944989][ T6372] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x740/0xe70 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 289.958911][ T6391] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0xaf/0x2d0, xfs_finobt block 0x20 [ 289.967243][ T6372] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 289.971640][ T6391] XFS (loop2): Unmount and run xfs_repair [ 289.986293][ T6391] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 289.994110][ T6391] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff FIB3............ [ 290.003416][ T6391] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40 ....... .......@ [ 290.012655][ T6391] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a ...B..N....xv... [ 290.022246][ T6391] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37 .......F......@7 [ 290.031480][ T6391] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 290.040740][ T6391] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ................ [ 290.050271][ T6391] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 290.064825][ T6391] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 290.224870][ T6390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.238133][ T6390] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.503821][ T5809] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 290.578475][ T5803] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.907045][ T6400] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 290.942442][ T6406] netlink: 44 bytes leftover after parsing attributes in process `syz.3.151'. [ 291.823910][ T6416] overlayfs: failed to resolve './file1': -2 [ 291.863700][ T5864] usb 1-1: USB disconnect, device number 4 [ 292.146569][ T6422] loop3: detected capacity change from 0 to 128 [ 292.209004][ T6422] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 292.246037][ T6426] netlink: 12 bytes leftover after parsing attributes in process `syz.2.150'. [ 292.380694][ T5862] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 292.569773][ T5862] usb 2-1: device descriptor read/64, error -71 [ 292.865698][ T5862] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 293.019718][ T5862] usb 2-1: device descriptor read/64, error -71 [ 293.162965][ T5862] usb usb2-port1: attempt power cycle [ 293.253017][ T6438] loop0: detected capacity change from 0 to 8 [ 293.347112][ T6438] overlay: ./file0 is not a directory [ 293.756446][ T6438] syzkaller1: tun_chr_ioctl cmd 1074025672 [ 293.762795][ T6438] syzkaller1: ignored: set checksum enabled [ 294.151970][ T5862] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 294.192220][ T5862] usb 2-1: device descriptor read/8, error -71 [ 294.366684][ T6443] loop2: detected capacity change from 0 to 1024 [ 294.401235][ T6443] hfsplus: Unknown parameter 'D' [ 294.439825][ T5862] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 294.502728][ T5862] usb 2-1: device descriptor read/8, error -71 [ 294.628393][ T5862] usb usb2-port1: unable to enumerate USB device [ 294.915778][ T6448] loop0: detected capacity change from 0 to 512 [ 295.051915][ T6448] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.065429][ T6448] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 295.506446][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.978571][ T6457] overlayfs: failed to resolve './file1': -2 [ 297.580596][ T6469] loop1: detected capacity change from 0 to 32768 [ 297.665930][ T6469] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 298.063259][ T6469] XFS (loop1): Ending clean mount [ 298.778163][ T6490] loop0: detected capacity change from 0 to 1024 [ 298.787654][ T6490] hfsplus: Unknown parameter 'D' [ 298.950993][ T6492] loop4: detected capacity change from 0 to 512 [ 299.009946][ T5804] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 299.101951][ T6492] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 299.115277][ T6492] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 299.486581][ T6500] loop3: detected capacity change from 0 to 1024 [ 299.721296][ T5802] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.012131][ T6504] overlayfs: failed to resolve './file1': -2 [ 300.793875][ T194] hfsplus: b-tree write err: -5, ino 4 [ 301.328709][ T6516] loop3: detected capacity change from 0 to 128 [ 301.463220][ T6516] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 302.901762][ T6526] loop3: detected capacity change from 0 to 32768 [ 302.984392][ T6526] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 303.245381][ T6526] XFS (loop3): Ending clean mount [ 303.817495][ T5803] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 305.146868][ T5864] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 305.318457][ T6554] loop0: detected capacity change from 0 to 512 [ 305.335339][ T5864] usb 3-1: Using ep0 maxpacket: 8 [ 305.360289][ T5864] usb 3-1: config 0 has no interfaces? [ 305.390331][ T5864] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 305.399960][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.408220][ T5864] usb 3-1: Product: syz [ 305.416885][ T5864] usb 3-1: Manufacturer: syz [ 305.423160][ T5864] usb 3-1: SerialNumber: syz [ 305.490105][ T6554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.503772][ T6554] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 305.574531][ T5864] usb 3-1: config 0 descriptor?? [ 305.657245][ T6554] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 305.920926][ T5864] usb 3-1: USB disconnect, device number 7 [ 306.049192][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.405928][ T6572] netlink: 830 bytes leftover after parsing attributes in process `syz.3.204'. [ 306.944715][ T6574] netlink: 12 bytes leftover after parsing attributes in process `syz.0.205'. [ 307.763117][ T6588] netlink: 5 bytes leftover after parsing attributes in process `syz.1.211'. [ 307.784084][ T6588] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 308.317572][ T6592] bridge_slave_0: left allmulticast mode [ 308.323807][ T6592] bridge_slave_0: left promiscuous mode [ 308.330844][ T6592] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.394326][ T6592] bridge_slave_1: left allmulticast mode [ 308.400463][ T6592] bridge_slave_1: left promiscuous mode [ 308.403436][ T6596] netlink: 'syz.0.213': attribute type 10 has an invalid length. [ 308.407125][ T6592] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.648136][ T6592] bond0: (slave bond_slave_0): Releasing backup interface [ 308.815443][ T6592] bond0: (slave bond_slave_1): Releasing backup interface [ 309.047961][ T6592] team0: Port device team_slave_0 removed [ 309.129677][ T6592] team0: Port device team_slave_1 removed [ 309.140762][ T6592] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 309.148502][ T6592] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 309.276930][ T6592] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 309.285359][ T6592] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 309.491685][ T6596] 8021q: adding VLAN 0 to HW filter on device bond0 [ 309.505472][ T6596] team0: Port device bond0 added [ 309.882250][ T2170] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 309.974389][ T6614] netlink: 830 bytes leftover after parsing attributes in process `syz.2.219'. [ 310.089894][ T2170] usb 2-1: Using ep0 maxpacket: 8 [ 310.179742][ T2170] usb 2-1: device descriptor read/all, error -71 [ 310.414355][ T6585] loop3: detected capacity change from 0 to 32768 [ 310.462403][ T6585] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.209 (6585) [ 312.408269][ T6636] loop3: detected capacity change from 0 to 512 [ 312.572256][ T6636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 312.590341][ T6636] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 312.721792][ T6636] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 312.881779][ T6647] netlink: 830 bytes leftover after parsing attributes in process `syz.0.234'. [ 313.122765][ T5803] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.769831][ T2170] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 313.939779][ T2170] usb 4-1: device descriptor read/64, error -71 [ 314.210283][ T2170] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 314.380254][ T2170] usb 4-1: device descriptor read/64, error -71 [ 314.494073][ T2170] usb usb4-port1: attempt power cycle [ 314.879968][ T2170] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 314.950121][ T2170] usb 4-1: device descriptor read/8, error -71 [ 315.219826][ T2170] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 315.335282][ T2170] usb 4-1: device descriptor read/8, error -71 [ 315.462011][ T2170] usb usb4-port1: unable to enumerate USB device [ 315.696325][ T6667] loop2: detected capacity change from 0 to 32768 [ 315.919199][ T6667] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 316.219966][ T6667] XFS (loop2): Ending clean mount [ 316.964636][ T6686] loop0: detected capacity change from 0 to 512 [ 317.125055][ T5809] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 317.181402][ T6690] netlink: 830 bytes leftover after parsing attributes in process `syz.3.247'. [ 317.314790][ T6686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.328222][ T6686] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 317.440105][ T6686] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 317.869032][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.899744][ T5868] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 319.074836][ T5868] usb 1-1: device descriptor read/64, error -71 [ 319.984701][ T6713] loop1: detected capacity change from 0 to 32768 [ 320.027084][ T6713] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 320.152613][ T5868] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 320.239570][ T6713] XFS (loop1): Ending clean mount [ 320.352692][ T5868] usb 1-1: device descriptor read/64, error -71 [ 320.677131][ T5868] usb usb1-port1: attempt power cycle [ 321.101307][ T5868] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 321.162939][ T5868] usb 1-1: device descriptor read/8, error -71 [ 321.308050][ T6735] netlink: 830 bytes leftover after parsing attributes in process `syz.3.261'. [ 321.434551][ T5868] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 321.474299][ T5868] usb 1-1: device descriptor read/8, error -71 [ 321.497828][ T5804] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 321.599246][ T5868] usb usb1-port1: unable to enumerate USB device [ 322.996898][ T6748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.269'. [ 323.147025][ T6752] loop1: detected capacity change from 0 to 128 [ 323.283004][ T6752] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 323.672646][ T6761] netlink: 830 bytes leftover after parsing attributes in process `syz.3.273'. [ 324.120999][ T5868] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 324.300486][ T5868] usb 3-1: device descriptor read/64, error -71 [ 324.541776][ T5868] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 324.711635][ T5868] usb 3-1: device descriptor read/64, error -71 [ 324.830769][ T5868] usb usb3-port1: attempt power cycle [ 325.320150][ T5868] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 325.363440][ T6784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.283'. [ 325.386681][ T5868] usb 3-1: device descriptor read/8, error -71 [ 325.665472][ T5868] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 325.765981][ T5868] usb 3-1: device descriptor read/8, error -71 [ 325.888406][ T5868] usb usb3-port1: unable to enumerate USB device [ 326.874897][ T6767] loop3: detected capacity change from 0 to 32768 [ 326.888487][ T6767] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.276 (6767) [ 326.967054][ T6767] BTRFS info (device loop3 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 326.979235][ T6767] BTRFS info (device loop3 state S): using blake2b (blake2b-256-generic) checksum algorithm [ 326.992603][ T6767] BTRFS info (device loop3 state S): using free-space-tree [ 327.000267][ T6767] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048 [ 327.041072][ T6767] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048 [ 327.070966][ T6767] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048 [ 327.087336][ T6767] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048 [ 327.107632][ T6767] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048 [ 327.136924][ T6767] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048 [ 327.150735][ T6767] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048 [ 327.183534][ T4092] BTRFS warning (device loop3 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0x3fff8ff18ac4f264f26c9b61444b99be3a51e4b9014c9227426415668fcd4ed9 level 0, ignored [ 327.213294][ T194] BTRFS warning (device loop3 state CS): checksum verify failed on logical 5328896 mirror 1 wanted 0xe27e479340067083b74b333c1de55c530774f48d9bb4dbb5f2229db663324412 found 0x95f62be744ba79d2c7edda0b7f35c3ed250500c283e6cfbf6ba5d84a2ae65a3d level 1, ignored [ 327.242633][ T194] BTRFS error (device loop3 state CS): level verify failed on logical 5328896 mirror 1 wanted 0 found 1 [ 327.360270][ T5803] BTRFS info (device loop3 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 347.393959][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.403895][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 354.579821][ T5819] Bluetooth: hci4: command 0x0406 tx timeout [ 354.580753][ T5094] Bluetooth: hci1: command 0x0406 tx timeout [ 354.586099][ T5806] Bluetooth: hci2: command 0x0406 tx timeout [ 354.598733][ T5094] Bluetooth: hci0: command 0x0406 tx timeout [ 354.599793][ T5811] Bluetooth: hci3: command 0x0406 tx timeout [ 380.733993][ T6814] loop2: detected capacity change from 0 to 128 [ 380.796465][ T6814] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 381.985078][ T6823] netlink: 12 bytes leftover after parsing attributes in process `syz.1.286'. [ 381.994642][ T6823] netlink: 12 bytes leftover after parsing attributes in process `syz.1.286'. [ 382.138099][ T6821] loop0: detected capacity change from 0 to 40427 [ 382.210200][ T6821] F2FS-fs (loop0): Unrecognized mount option "usrquota=no" or missing value [ 382.750665][ T6829] loop4: detected capacity change from 0 to 1024 [ 384.416241][ T6840] syzkaller1: entered promiscuous mode [ 384.422404][ T6840] syzkaller1: entered allmulticast mode [ 385.101102][ T6844] loop2: detected capacity change from 0 to 64 [ 385.120204][ T6844] hfs: Unknown parameter 'di8434'fr_umask' [ 385.445011][ T4314] hfsplus: b-tree write err: -5, ino 4 [ 385.609919][ T5862] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 385.618574][ T24] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 385.791351][ T24] usb 2-1: device descriptor read/64, error -71 [ 385.819912][ T5862] usb 3-1: Using ep0 maxpacket: 16 [ 385.830592][ T6853] overlayfs: failed to resolve './file1': -2 [ 385.866053][ T5862] usb 3-1: unable to get BOS descriptor or descriptor too short [ 385.910254][ T5862] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 385.921744][ T5862] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 385.971512][ T5862] usb 3-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.40 [ 385.981273][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 385.989685][ T5862] usb 3-1: Product: syz [ 385.994080][ T5862] usb 3-1: Manufacturer: syz [ 385.998912][ T5862] usb 3-1: SerialNumber: syz [ 386.080704][ T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 386.219979][ T24] usb 2-1: device descriptor read/64, error -71 [ 386.263805][ T5862] usbhid 3-1:1.0: can't add hid device: -22 [ 386.270848][ T5862] usbhid 3-1:1.0: probe with driver usbhid failed with error -22 [ 386.352702][ T24] usb usb2-port1: attempt power cycle [ 386.373116][ T5862] usb 3-1: USB disconnect, device number 12 [ 387.550295][ T4412] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2 [ 387.928547][ T6847] loop0: detected capacity change from 0 to 32768 [ 388.123503][ T6847] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.299 (6847) [ 388.126681][ T6872] loop2: detected capacity change from 0 to 32768 [ 388.204335][ T6872] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.310 (6872) [ 388.227972][ T6878] netlink: 5 bytes leftover after parsing attributes in process `syz.3.314'. [ 388.242363][ T6878] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 388.266562][ T6872] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 388.281545][ T6872] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 388.291359][ T6872] BTRFS info (device loop2): using free-space-tree [ 388.401337][ T6874] loop1: detected capacity change from 0 to 4096 [ 388.516521][ T6872] BTRFS info (device loop2): rebuilding free space tree [ 388.700065][ T6874] cgroup: name respecified [ 388.754922][ T5809] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 388.888373][ T6895] overlayfs: failed to resolve './file1': -2 [ 389.127277][ T6901] loop3: detected capacity change from 0 to 128 [ 389.161303][ T6901] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 389.680602][ T24] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 389.880856][ T24] usb 5-1: device descriptor read/64, error -71 [ 390.159675][ T24] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 390.319692][ T5864] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 390.470866][ T6918] netlink: 44 bytes leftover after parsing attributes in process `syz.1.324'. [ 390.696027][ T6920] netlink: 36 bytes leftover after parsing attributes in process `syz.0.325'. [ 391.186942][ T6926] netlink: 5 bytes leftover after parsing attributes in process `syz.0.328'. [ 391.198998][ T6926] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 391.365752][ T6929] loop4: detected capacity change from 0 to 128 [ 391.425279][ T6930] overlayfs: failed to resolve './file1': -2 [ 391.439903][ T6929] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 392.495377][ T6946] netlink: 44 bytes leftover after parsing attributes in process `syz.0.337'. [ 392.585602][ T6948] netlink: 36 bytes leftover after parsing attributes in process `syz.3.338'. [ 393.062798][ T6956] netlink: 830 bytes leftover after parsing attributes in process `syz.3.341'. [ 393.249855][ T5864] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 393.347122][ T6960] netlink: 5 bytes leftover after parsing attributes in process `syz.1.343'. [ 393.360484][ T6960] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 393.416710][ T5864] usb 1-1: device descriptor read/64, error -71 [ 393.644780][ T6963] loop3: detected capacity change from 0 to 128 [ 393.660382][ T5864] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 393.698669][ T6963] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 393.843829][ T5864] usb 1-1: device descriptor read/64, error -71 [ 393.943623][ T6965] overlayfs: failed to resolve './file1': -2 [ 393.980249][ T5864] usb usb1-port1: attempt power cycle [ 394.389713][ T5864] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 394.470291][ T5864] usb 1-1: device descriptor read/8, error -71 [ 394.729784][ T5864] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 394.763688][ T6979] netlink: 44 bytes leftover after parsing attributes in process `syz.1.350'. [ 394.784236][ T5864] usb 1-1: device descriptor read/8, error -71 [ 394.825032][ T6978] netlink: 36 bytes leftover after parsing attributes in process `syz.3.351'. [ 394.901058][ T5864] usb usb1-port1: unable to enumerate USB device [ 395.215217][ T6986] netlink: 830 bytes leftover after parsing attributes in process `syz.3.354'. [ 395.551052][ T6989] netlink: 5 bytes leftover after parsing attributes in process `syz.4.356'. [ 395.565204][ T6989] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 395.624146][ T6991] loop2: detected capacity change from 0 to 128 [ 395.694826][ T6991] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 396.497150][ T7000] overlayfs: failed to resolve './file1': -2 [ 396.583180][ T7009] netlink: 36 bytes leftover after parsing attributes in process `syz.3.364'. [ 397.431529][ T7023] netlink: 5 bytes leftover after parsing attributes in process `syz.2.370'. [ 397.446317][ T7023] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 397.679529][ T7025] loop4: detected capacity change from 0 to 128 [ 397.690476][ T7015] loop0: detected capacity change from 0 to 32768 [ 397.732417][ T7015] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.367 (7015) [ 397.763927][ T7015] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 397.766583][ T7025] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 397.774599][ T7015] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 397.801419][ T7015] BTRFS info (device loop0): using free-space-tree [ 398.035457][ T7015] BTRFS info (device loop0): rebuilding free space tree [ 398.235801][ T5814] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 398.479787][ T5864] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 398.645324][ T5864] usb 3-1: device descriptor read/64, error -71 [ 398.926359][ T5864] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 398.972595][ T7055] netlink: 36 bytes leftover after parsing attributes in process `syz.4.378'. [ 399.077697][ T5864] usb 3-1: device descriptor read/64, error -71 [ 399.195188][ T5864] usb usb3-port1: attempt power cycle [ 399.424631][ T7057] overlayfs: failed to resolve './file1': -2 [ 399.580620][ T5864] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 399.647193][ T5864] usb 3-1: device descriptor read/8, error -71 [ 399.910233][ T5864] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 399.968040][ T5864] usb 3-1: device descriptor read/8, error -71 [ 400.091184][ T5864] usb usb3-port1: unable to enumerate USB device [ 400.269143][ T7069] netlink: 5 bytes leftover after parsing attributes in process `syz.1.383'. [ 400.281558][ T7069] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 400.375443][ T7070] loop4: detected capacity change from 0 to 128 [ 400.407524][ T7070] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 401.401507][ T7085] netlink: 36 bytes leftover after parsing attributes in process `syz.1.390'. [ 401.853157][ T7087] overlayfs: failed to resolve './file1': -2 [ 402.288484][ T7100] netlink: 5 bytes leftover after parsing attributes in process `syz.3.397'. [ 402.302193][ T7100] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 402.420925][ T7102] loop0: detected capacity change from 0 to 128 [ 402.450838][ T7102] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 403.260136][ T5864] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 403.425640][ T5864] usb 1-1: device descriptor read/64, error -71 [ 403.689682][ T5864] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 403.771980][ T24] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 403.879898][ T5864] usb 1-1: device descriptor read/64, error -71 [ 403.939868][ T24] usb 2-1: device descriptor read/64, error -71 [ 403.956280][ T7131] FAULT_INJECTION: forcing a failure. [ 403.956280][ T7131] name failslab, interval 1, probability 0, space 0, times 0 [ 403.969747][ T7131] CPU: 0 UID: 0 PID: 7131 Comm: syz.3.411 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 403.969894][ T7131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 403.969978][ T7131] Call Trace: [ 403.970031][ T7131] [ 403.970081][ T7131] __dump_stack+0x26/0x30 [ 403.970252][ T7131] dump_stack_lvl+0x1df/0x270 [ 403.970426][ T7131] dump_stack+0x1e/0x25 [ 403.970576][ T7131] should_fail_ex+0x7dc/0x8a0 [ 403.970760][ T7131] should_failslab+0x15b/0x200 [ 403.970962][ T7131] kmem_cache_alloc_noprof+0xf0/0xec0 [ 403.971110][ T7131] ? __break_lease+0xe9/0x2ef0 [ 403.971290][ T7131] ? kmsan_get_metadata+0xfb/0x160 [ 403.971492][ T7131] __break_lease+0xe9/0x2ef0 [ 403.971663][ T7131] ? strcmp+0x59/0x130 [ 403.971813][ T7131] ? evm_inode_setxattr+0x100/0x220 [ 403.971973][ T7131] ? kmsan_get_metadata+0xfb/0x160 [ 403.972156][ T7131] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 403.972358][ T7131] __vfs_setxattr_locked+0x29f/0x490 [ 403.972556][ T7131] vfs_setxattr+0x27f/0x640 [ 403.972747][ T7131] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 403.972950][ T7131] file_setxattr+0x331/0x610 [ 403.973152][ T7131] path_setxattrat+0x641/0x820 [ 403.973296][ T7131] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 403.973479][ T7131] ? vfs_write+0x1359/0x1580 [ 403.973642][ T7131] ? kmsan_get_metadata+0xfb/0x160 [ 403.973833][ T7131] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 403.974049][ T7131] __x64_sys_fsetxattr+0xfe/0x1b0 [ 403.974255][ T7131] x64_sys_call+0x3d5f/0x3db0 [ 403.974431][ T7131] do_syscall_64+0xd9/0x210 [ 403.974563][ T7131] ? irqentry_exit+0x16/0x60 [ 403.974743][ T7131] ? clear_bhb_loop+0x40/0x90 [ 403.974894][ T7131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 403.975046][ T7131] RIP: 0033:0x7f76f4f8e929 [ 403.975148][ T7131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 403.975263][ T7131] RSP: 002b:00007f76f5e4d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 403.975392][ T7131] RAX: ffffffffffffffda RBX: 00007f76f51b5fa0 RCX: 00007f76f4f8e929 [ 403.975490][ T7131] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 403.975576][ T7131] RBP: 00007f76f5e4d090 R08: 0000000000000000 R09: 0000000000000000 [ 403.975662][ T7131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 403.975747][ T7131] R13: 0000000000000000 R14: 00007f76f51b5fa0 R15: 00007ffe73494678 [ 403.975871][ T7131] [ 404.291052][ T24] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 404.418096][ T7133] netlink: 830 bytes leftover after parsing attributes in process `syz.4.412'. [ 404.443305][ T24] usb 2-1: device descriptor read/64, error -71 [ 404.520507][ T5864] usb usb1-port1: attempt power cycle [ 404.584041][ T24] usb usb2-port1: attempt power cycle [ 404.586571][ T7135] netlink: 5 bytes leftover after parsing attributes in process `syz.3.413'. [ 404.608394][ T7135] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 404.678628][ T7112] loop2: detected capacity change from 0 to 32768 [ 404.694069][ T7112] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.402 (7112) [ 404.759879][ T7112] BTRFS info (device loop2 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 404.772263][ T7112] BTRFS info (device loop2 state S): using blake2b (blake2b-256-generic) checksum algorithm [ 404.784887][ T7112] BTRFS info (device loop2 state S): using free-space-tree [ 404.792536][ T7112] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048 [ 404.817167][ T7112] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048 [ 404.867126][ T7137] loop4: detected capacity change from 0 to 128 [ 404.889600][ T7137] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 404.901447][ T5864] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 404.915301][ T7112] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048 [ 404.942589][ T5864] usb 1-1: device descriptor read/8, error -71 [ 404.951290][ T7112] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048 [ 404.968219][ T7112] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048 [ 404.990665][ T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 405.018633][ T7112] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048 [ 405.052778][ T24] usb 2-1: device descriptor read/8, error -71 [ 405.080020][ T7112] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048 [ 405.153174][ T3742] BTRFS warning (device loop2 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0x3fff8ff18ac4f264f26c9b61444b99be3a51e4b9014c9227426415668fcd4ed9 level 0, ignored [ 405.222635][ T5864] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 405.242981][ T3742] BTRFS warning (device loop2 state CS): checksum verify failed on logical 5328896 mirror 1 wanted 0xe27e479340067083b74b333c1de55c530774f48d9bb4dbb5f2229db663324412 found 0x95f62be744ba79d2c7edda0b7f35c3ed250500c283e6cfbf6ba5d84a2ae65a3d level 1, ignored [ 405.272627][ T3742] BTRFS error (device loop2 state CS): level verify failed on logical 5328896 mirror 1 wanted 0 found 1 [ 405.286591][ T5864] usb 1-1: device descriptor read/8, error -71 [ 405.339931][ T24] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 405.373754][ T24] usb 2-1: device descriptor read/8, error -71 [ 405.408458][ T5864] usb usb1-port1: unable to enumerate USB device [ 405.497481][ T24] usb usb2-port1: unable to enumerate USB device [ 405.600606][ T5809] BTRFS info (device loop2 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 406.614752][ T7172] netlink: 830 bytes leftover after parsing attributes in process `syz.3.424'. [ 406.638008][ T7171] loop0: detected capacity change from 0 to 1024 [ 406.723193][ T7174] netlink: 5 bytes leftover after parsing attributes in process `syz.4.425'. [ 406.735419][ T7174] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 406.834053][ T4195] hfsplus: b-tree write err: -5, ino 4 [ 407.009694][ T7177] loop1: detected capacity change from 0 to 128 [ 407.047981][ T7177] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 407.469787][ T5864] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 407.666440][ T5864] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 407.678591][ T5864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 407.689947][ T5864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 407.700395][ T5864] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 407.717806][ T5864] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 407.728789][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.764188][ T5864] usb 1-1: config 0 descriptor?? [ 408.013024][ T5864] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 408.066445][ T5864] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 408.400105][ T24] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 408.560322][ T24] usb 3-1: device descriptor read/64, error -71 [ 408.613512][ T7199] loop1: detected capacity change from 0 to 1024 [ 408.799683][ T24] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 409.520244][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 409.526962][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 409.581276][ T5864] usb 1-1: reset high-speed USB device number 17 using dummy_hcd [ 409.700301][ T24] usb 3-1: device descriptor read/64, error -71 [ 409.810615][ T24] usb usb3-port1: attempt power cycle [ 410.190038][ T24] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 410.228711][ T24] usb 3-1: device descriptor read/8, error -71 [ 410.348924][ T7187] loop4: detected capacity change from 0 to 32768 [ 410.386442][ T7187] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.430 (7187) [ 410.479862][ T24] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 410.526150][ T24] usb 3-1: device descriptor read/8, error -71 [ 410.684306][ T24] usb usb3-port1: unable to enumerate USB device [ 411.313973][ T7217] loop2: detected capacity change from 0 to 128 [ 411.344360][ T7217] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 411.357144][ T4092] hfsplus: b-tree write err: -5, ino 4 [ 411.391258][ T5864] usb 1-1: device descriptor read/64, error -71 [ 411.481122][ T2170] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 411.644206][ T2170] usb 4-1: Using ep0 maxpacket: 32 [ 411.650599][ T5864] usb 1-1: reset high-speed USB device number 17 using dummy_hcd [ 411.685930][ T2170] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 411.694671][ T2170] usb 4-1: config 0 has no interface number 0 [ 411.701310][ T2170] usb 4-1: config 0 interface 184 has no altsetting 0 [ 411.772521][ T2170] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 411.782188][ T2170] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 411.790595][ T2170] usb 4-1: Product: syz [ 411.794983][ T2170] usb 4-1: Manufacturer: syz [ 411.800273][ T2170] usb 4-1: SerialNumber: syz [ 411.836162][ T2170] usb 4-1: config 0 descriptor?? [ 411.848235][ T2170] smsc75xx v1.0.0 [ 411.890476][ T5864] usb 1-1: device descriptor read/64, error -71 [ 412.130061][ T5864] usb 1-1: reset high-speed USB device number 17 using dummy_hcd [ 412.184980][ T5864] usb 1-1: device descriptor read/8, error -71 [ 412.440778][ T5864] usb 1-1: reset high-speed USB device number 17 using dummy_hcd [ 412.476733][ T5864] usb 1-1: device descriptor read/8, error -71 [ 412.498468][ T2170] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 412.510217][ T2170] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 412.594908][ T5868] usb 1-1: USB disconnect, device number 17 [ 412.800438][ T5868] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 412.950556][ T5868] usb 1-1: device descriptor read/64, error -71 [ 413.000059][ T2170] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71 [ 413.012838][ T2170] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71 [ 413.022934][ T2170] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 413.040267][ T2170] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71 [ 413.093664][ T2170] usb 4-1: USB disconnect, device number 8 [ 413.200511][ T5868] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 413.339907][ T5868] usb 1-1: device descriptor read/64, error -71 [ 413.465020][ T5868] usb usb1-port1: attempt power cycle [ 413.810732][ T7238] loop4: detected capacity change from 0 to 4096 [ 413.833690][ T7238] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 413.848502][ T5868] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 413.908694][ T5868] usb 1-1: device descriptor read/8, error -71 [ 414.190236][ T5868] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 414.405144][ T7247] netlink: 48 bytes leftover after parsing attributes in process `syz.0.452'. [ 414.440945][ T5868] usb 1-1: device not accepting address 21, error -71 [ 414.464113][ T5868] usb usb1-port1: unable to enumerate USB device [ 414.479888][ T24] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 414.649800][ T24] usb 4-1: device descriptor read/64, error -71 [ 414.686622][ T7238] ntfs3(loop4): ino=5, mi_enum_attr [ 414.692685][ T7238] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 414.809782][ T7238] ntfs3(loop4): Failed to load root (-22). [ 414.890294][ T24] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 415.070108][ T24] usb 4-1: device descriptor read/64, error -71 [ 415.100569][ T7252] loop0: detected capacity change from 0 to 128 [ 415.121374][ T7252] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 415.191381][ T24] usb usb4-port1: attempt power cycle [ 415.572097][ T24] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 415.640575][ T24] usb 4-1: device descriptor read/8, error -71 [ 415.940150][ T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 415.982369][ T24] usb 4-1: device descriptor read/8, error -71 [ 416.086420][ T7263] netem: change failed [ 416.101371][ T24] usb usb4-port1: unable to enumerate USB device [ 416.136737][ T7240] loop2: detected capacity change from 0 to 32768 [ 416.172961][ T7240] BTRFS: device /dev/loop2 (7:2) using temp-fsid 61968b1f-d74a-49c8-b818-84078404d371 [ 416.183856][ T7240] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.449 (7240) [ 416.769738][ T5868] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 416.939697][ T5868] usb 1-1: device descriptor read/64, error -71 [ 417.220748][ T5868] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 417.381199][ T5868] usb 1-1: device descriptor read/64, error -71 [ 417.396489][ T7278] loop1: detected capacity change from 0 to 128 [ 417.427523][ T7278] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 417.501571][ T5868] usb usb1-port1: attempt power cycle [ 417.889675][ T5868] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 417.943003][ T5868] usb 1-1: device descriptor read/8, error -71 [ 417.970614][ T7285] loop1: detected capacity change from 0 to 8 [ 418.073639][ T7285] overlay: ./file0 is not a directory [ 418.180627][ T7285] syzkaller1: tun_chr_ioctl cmd 1074025672 [ 418.186837][ T7285] syzkaller1: ignored: set checksum enabled [ 418.202188][ T5868] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 418.252437][ T5868] usb 1-1: device descriptor read/8, error -71 [ 418.372486][ T5868] usb usb1-port1: unable to enumerate USB device [ 419.403391][ T7294] loop3: detected capacity change from 0 to 32768 [ 419.511139][ T7294] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 419.753662][ T7294] XFS (loop3): Ending clean mount [ 419.818199][ T7297] xt_TCPMSS: Only works on TCP SYN packets [ 420.105558][ T5868] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 420.294961][ T5868] usb 1-1: device descriptor read/64, error -71 [ 420.440601][ T5803] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 420.609927][ T5868] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 420.754418][ T7324] loop2: detected capacity change from 0 to 128 [ 420.781799][ T7325] loop4: detected capacity change from 0 to 1024 [ 420.801205][ T5868] usb 1-1: device descriptor read/64, error -71 [ 420.803415][ T7325] hfsplus: Unknown parameter 'D' [ 420.814687][ T7324] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 420.912613][ T5868] usb usb1-port1: attempt power cycle [ 421.280810][ T5868] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 421.354421][ T5868] usb 1-1: device descriptor read/8, error -71 [ 421.630522][ T5868] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 421.701697][ T5868] usb 1-1: device descriptor read/8, error -71 [ 421.812976][ T5868] usb usb1-port1: unable to enumerate USB device [ 421.849915][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.480'. [ 421.899984][ T7302] loop1: detected capacity change from 0 to 32768 [ 421.917525][ T7302] BTRFS: device /dev/loop1 (7:1) using temp-fsid 035af8aa-ab59-40c5-ac09-f699564e295b [ 421.928910][ T7302] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.476 (7302) [ 421.998454][ T7302] BTRFS info (device loop1 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 422.010206][ T7302] BTRFS info (device loop1 state S): using blake2b (blake2b-256-generic) checksum algorithm [ 422.021207][ T7302] BTRFS info (device loop1 state S): using free-space-tree [ 422.028683][ T7302] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048 [ 422.088108][ T7334] loop4: detected capacity change from 0 to 8 [ 422.089926][ T7302] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048 [ 422.177741][ T7302] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048 [ 422.181504][ T7334] overlay: ./file0 is not a directory [ 422.220429][ T7302] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048 [ 422.257708][ T7302] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048 [ 422.270073][ T7302] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 422.270366][ T7302] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048 [ 422.292108][ T7302] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 422.292498][ T7302] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048 [ 422.316324][ T7302] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 422.317265][ T7302] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 422.328315][ T7302] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 422.339140][ T7302] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 422.397703][ T7334] syzkaller1: tun_chr_ioctl cmd 1074025672 [ 422.419015][ T7334] syzkaller1: ignored: set checksum enabled [ 422.451396][ T7302] BTRFS error (device loop1 state S): open_ctree failed: -12 [ 423.643554][ T30] audit: type=1326 audit(1749285529.855:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.4.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 423.666675][ T30] audit: type=1326 audit(1749285529.855:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.4.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 423.758648][ T30] audit: type=1326 audit(1749285529.905:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.4.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 423.894210][ T30] audit: type=1326 audit(1749285530.005:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.4.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 423.917101][ T30] audit: type=1326 audit(1749285530.005:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7363 comm="syz.4.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 424.720048][ T5862] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 424.955087][ T5862] usb 2-1: Using ep0 maxpacket: 8 [ 424.984745][ T5862] usb 2-1: no configurations [ 424.989878][ T5862] usb 2-1: can't read configurations, error -22 [ 425.190065][ T5862] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 425.371789][ T5862] usb 2-1: Using ep0 maxpacket: 8 [ 425.405328][ T5862] usb 2-1: no configurations [ 425.410589][ T5862] usb 2-1: can't read configurations, error -22 [ 425.461265][ T5862] usb usb2-port1: attempt power cycle [ 425.841175][ T5862] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 425.902191][ T5862] usb 2-1: Using ep0 maxpacket: 8 [ 425.910517][ T5862] usb 2-1: no configurations [ 425.915482][ T5862] usb 2-1: can't read configurations, error -22 [ 426.021501][ T7389] loop2: detected capacity change from 0 to 8192 [ 426.093880][ T5862] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 426.168906][ T5862] usb 2-1: Using ep0 maxpacket: 8 [ 426.198382][ T5862] usb 2-1: no configurations [ 426.203602][ T5862] usb 2-1: can't read configurations, error -22 [ 426.230231][ T5862] usb usb2-port1: unable to enumerate USB device [ 426.815033][ T30] audit: type=1326 audit(1749285533.015:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7411 comm="syz.0.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 426.837840][ T30] audit: type=1326 audit(1749285533.015:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7411 comm="syz.0.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 426.864679][ T30] audit: type=1326 audit(1749285533.045:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7411 comm="syz.0.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 426.932882][ T7414] loop2: detected capacity change from 0 to 1024 [ 426.944519][ T7414] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 426.956354][ T7414] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 426.980385][ T30] audit: type=1326 audit(1749285533.185:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7411 comm="syz.0.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 427.003416][ T30] audit: type=1326 audit(1749285533.185:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7411 comm="syz.0.508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 427.060415][ T7414] JBD2: no valid journal superblock found [ 427.071221][ T7414] EXT4-fs (loop2): Could not load journal inode [ 427.214244][ T7414] netlink: 28 bytes leftover after parsing attributes in process `syz.2.506'. [ 427.430217][ T7420] ip6gretap0: entered promiscuous mode [ 427.436181][ T7420] vlan2: entered promiscuous mode [ 428.162770][ T7431] loop4: detected capacity change from 0 to 128 [ 428.198995][ T7431] EXT4-fs: Ignoring removed nobh option [ 428.352245][ T7431] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 428.437823][ T7431] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 429.186069][ T5802] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 430.254916][ T7475] loop4: detected capacity change from 0 to 512 [ 430.268928][ T30] kauditd_printk_skb: 15 callbacks suppressed [ 430.269006][ T30] audit: type=1326 audit(1749285792.481:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.298915][ T30] audit: type=1326 audit(1749285792.481:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.321751][ T30] audit: type=1326 audit(1749285792.491:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.348498][ T30] audit: type=1326 audit(1749285792.491:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.372657][ T30] audit: type=1326 audit(1749285792.491:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.395433][ T30] audit: type=1326 audit(1749285792.501:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.418340][ T30] audit: type=1326 audit(1749285792.501:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.445353][ T30] audit: type=1326 audit(1749285792.511:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.469107][ T30] audit: type=1326 audit(1749285792.511:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.491816][ T30] audit: type=1326 audit(1749285792.511:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7470 comm="syz.3.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 430.819971][ T7475] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 430.833172][ T7475] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 431.261338][ T5802] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.012627][ T7495] loop1: detected capacity change from 0 to 512 [ 432.363813][ T7495] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 432.407833][ T7495] EXT4-fs (loop1): orphan cleanup on readonly fs [ 432.418589][ T7495] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 432.442484][ T7495] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 432.454266][ T7495] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.539: bg 0: block 40: padding at end of block bitmap is not set [ 432.569766][ T7495] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 432.607094][ T7506] IPv6: sit1: Disabled Multicast RS [ 432.617220][ T7506] sit1: entered allmulticast mode [ 432.630072][ T7495] EXT4-fs (loop1): 1 truncate cleaned up [ 432.638226][ T7495] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 432.870963][ T7495] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 432.970942][ T7506] netlink: 8 bytes leftover after parsing attributes in process `syz.0.542'. [ 433.147399][ T7501] sctp: failed to load transform for md5: -2 [ 433.192381][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.233191][ T7516] loop4: detected capacity change from 0 to 1024 [ 433.272252][ T7516] EXT4-fs: Ignoring removed oldalloc option [ 433.278728][ T7516] EXT4-fs: Ignoring removed orlov option [ 433.371437][ T7516] EXT4-fs (loop4): stripe (1570) is not aligned with cluster size (16), stripe is disabled [ 433.540185][ T7516] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 433.899267][ T7516] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.545: Allocating blocks 401-513 which overlap fs metadata [ 433.960301][ T7516] EXT4-fs (loop4): Remounting filesystem read-only [ 433.994436][ T7515] EXT4-fs (loop4): pa ffff88812521a770: logic 0, phys. 129, len 24 [ 434.298672][ T7534] netlink: 12 bytes leftover after parsing attributes in process `syz.1.546'. [ 434.867747][ T4195] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1 [ 435.390158][ T4195] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1 [ 435.587383][ T5802] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.067566][ T7547] loop2: detected capacity change from 0 to 128 [ 436.069931][ T7544] loop4: detected capacity change from 0 to 512 [ 436.187427][ T7544] EXT4-fs (loop4): too many log groups per flexible block group [ 436.196375][ T7544] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 436.267748][ T7544] EXT4-fs (loop4): mount failed [ 436.304950][ T7547] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 436.387550][ T7544] netlink: 208 bytes leftover after parsing attributes in process `syz.4.550'. [ 436.397628][ T7544] unsupported nla_type 8573 [ 436.401377][ T7547] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 436.857077][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 436.857152][ T30] audit: type=1326 audit(1749285799.071:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 436.975467][ T30] audit: type=1326 audit(1749285799.141:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbf1cd8d290 code=0x7ffc0000 [ 437.002423][ T30] audit: type=1326 audit(1749285799.151:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 437.026531][ T30] audit: type=1326 audit(1749285799.151:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbf1cd8d290 code=0x7ffc0000 [ 437.052169][ T30] audit: type=1326 audit(1749285799.151:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 437.079648][ T30] audit: type=1326 audit(1749285799.151:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 437.106038][ T30] audit: type=1326 audit(1749285799.151:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 437.130131][ T30] audit: type=1326 audit(1749285799.151:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7562 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 437.662509][ T30] audit: type=1326 audit(1749285799.871:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 437.685971][ T30] audit: type=1326 audit(1749285799.871:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7570 comm="syz.0.562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 439.342021][ T7585] loop3: detected capacity change from 0 to 2048 [ 440.018361][ T7587] loop1: detected capacity change from 0 to 512 [ 440.093200][ T7587] EXT4-fs: Ignoring removed nobh option [ 440.269773][ T7587] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 440.287176][ T7587] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 440.299177][ T7587] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.568: Corrupt directory, running e2fsck is recommended [ 440.598609][ T7587] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 440.703206][ T7587] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.568: corrupted in-inode xattr: invalid ea_ino [ 440.840090][ T7587] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.568: couldn't read orphan inode 15 (err -117) [ 440.941977][ T7587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 441.107669][ T7587] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 441.119830][ T7587] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it [ 441.130522][ T7587] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.568: Corrupt directory, running e2fsck is recommended [ 441.364486][ T7596] netlink: 4 bytes leftover after parsing attributes in process `syz.1.568'. [ 441.501389][ T7587] usb usb1: usbfs: process 7587 (syz.1.568) did not claim interface 0 before use [ 441.566116][ T7587] netlink: 4 bytes leftover after parsing attributes in process `syz.1.568'. [ 442.134713][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 442.134791][ T30] audit: type=1326 audit(1749285804.351:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7607 comm="syz.4.573" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x0 [ 442.261381][ T5809] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 442.697326][ T7616] loop2: detected capacity change from 0 to 128 [ 442.868937][ T7616] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 442.925408][ T7616] ext4 filesystem being mounted at /103/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 442.988086][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.374042][ T7623] loop1: detected capacity change from 0 to 1024 [ 443.402817][ T7623] EXT4-fs: Ignoring removed nobh option [ 443.408693][ T7623] EXT4-fs: Ignoring removed bh option [ 443.434102][ T5809] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 443.530531][ T7623] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal [ 444.252036][ T7623] infiniband syz!: set active [ 444.257014][ T7623] infiniband syz!: added team_slave_0 [ 444.421250][ T7623] RDS/IB: syz!: added [ 444.425553][ T7623] smc: adding ib device syz! with port count 1 [ 444.432268][ T7623] smc: ib device syz! port 1 has pnetid [ 444.461708][ T7642] netlink: 28 bytes leftover after parsing attributes in process `syz.0.583'. [ 444.476862][ T7642] netlink: 196 bytes leftover after parsing attributes in process `syz.0.583'. [ 444.488803][ T7642] netlink: 28 bytes leftover after parsing attributes in process `syz.0.583'. [ 444.498620][ T7642] netlink: 196 bytes leftover after parsing attributes in process `syz.0.583'. [ 445.273004][ T30] audit: type=1326 audit(1749285807.491:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7645 comm="syz.3.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 445.300460][ T30] audit: type=1326 audit(1749285807.491:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7645 comm="syz.3.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 445.721760][ T30] audit: type=1326 audit(1749285807.931:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 445.745033][ T30] audit: type=1326 audit(1749285807.941:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 445.767729][ T30] audit: type=1326 audit(1749285807.941:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 445.980886][ T30] audit: type=1326 audit(1749285808.031:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 446.003759][ T30] audit: type=1326 audit(1749285808.031:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 446.030661][ T30] audit: type=1326 audit(1749285808.051:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 446.054979][ T30] audit: type=1326 audit(1749285808.051:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 446.362240][ T7641] loop4: detected capacity change from 0 to 8192 [ 447.361257][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 447.361340][ T30] audit: type=1326 audit(1749285809.581:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.488644][ T30] audit: type=1326 audit(1749285809.651:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.511746][ T30] audit: type=1326 audit(1749285809.651:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.534535][ T30] audit: type=1326 audit(1749285809.671:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.561292][ T30] audit: type=1326 audit(1749285809.691:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.585478][ T30] audit: type=1326 audit(1749285809.691:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.608235][ T30] audit: type=1326 audit(1749285809.691:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.631079][ T30] audit: type=1326 audit(1749285809.731:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.657463][ T30] audit: type=1326 audit(1749285809.731:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 447.681512][ T30] audit: type=1326 audit(1749285809.731:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.0.592" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 448.063843][ T7675] netlink: 16 bytes leftover after parsing attributes in process `syz.0.598'. [ 448.485808][ T7680] loop1: detected capacity change from 0 to 512 [ 448.761366][ T7680] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 448.779029][ T7680] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 449.120993][ T7692] xt_CT: You must specify a L4 protocol and not use inversions on it [ 449.229259][ T7695] loop4: detected capacity change from 0 to 256 [ 449.270916][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.292616][ T7697] netlink: 48 bytes leftover after parsing attributes in process `syz.3.604'. [ 449.351598][ T7692] netlink: 8 bytes leftover after parsing attributes in process `syz.2.601'. [ 450.735130][ T7723] loop3: detected capacity change from 0 to 2048 [ 450.836927][ T7723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 451.405210][ T5803] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 451.498602][ T7739] random: crng reseeded on system resumption [ 452.204627][ T7753] netlink: 8 bytes leftover after parsing attributes in process `wޣ'. [ 452.213903][ T7753] netlink: 'wޣ': attribute type 30 has an invalid length. [ 452.242003][ T7753] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 452.251683][ T7753] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 452.266501][ T7753] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 452.277553][ T7753] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 452.302326][ T7754] loop4: detected capacity change from 0 to 1024 [ 452.313000][ T7754] EXT4-fs: Ignoring removed nomblk_io_submit option [ 452.432704][ T7754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 452.465477][ T7753] netlink: 8 bytes leftover after parsing attributes in process `wޣ'. [ 452.475388][ T7753] netlink: 'wޣ': attribute type 30 has an invalid length. [ 452.552613][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 452.552688][ T30] audit: type=1326 audit(1749285814.771:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.631069][ T30] audit: type=1326 audit(1749285814.821:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.654515][ T30] audit: type=1326 audit(1749285814.851:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.681384][ T30] audit: type=1326 audit(1749285814.851:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.705598][ T30] audit: type=1326 audit(1749285814.851:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f76f4f8d290 code=0x7ffc0000 [ 452.728402][ T30] audit: type=1326 audit(1749285814.851:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f76f4f8d290 code=0x7ffc0000 [ 452.751157][ T30] audit: type=1326 audit(1749285814.851:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.778328][ T30] audit: type=1326 audit(1749285814.851:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.802427][ T30] audit: type=1326 audit(1749285814.851:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.825164][ T30] audit: type=1326 audit(1749285814.861:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7757 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 452.978521][ T5802] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.503570][ T7769] loop1: detected capacity change from 0 to 1024 [ 453.559667][ T7769] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 453.571107][ T7769] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 453.630532][ T7769] JBD2: no valid journal superblock found [ 453.636636][ T7769] EXT4-fs (loop1): Could not load journal inode [ 455.296473][ T7794] loop4: detected capacity change from 0 to 2048 [ 455.343306][ T7797] netlink: 'syz.0.645': attribute type 3 has an invalid length. [ 455.691258][ T7804] loop1: detected capacity change from 0 to 256 [ 456.304890][ T7812] ipvlan0: entered promiscuous mode [ 456.315474][ T7812] ipvlan0: left promiscuous mode [ 456.871496][ T7822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.654'. [ 456.953456][ T7819] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 457.002120][ T7819] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 458.572376][ T7842] loop4: detected capacity change from 0 to 512 [ 458.733390][ T7842] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 458.746573][ T7842] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 458.766419][ T7845] netlink: 8 bytes leftover after parsing attributes in process `syz.0.667'. [ 458.856817][ T7849] loop2: detected capacity change from 0 to 512 [ 459.053021][ T7849] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 459.066648][ T7849] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 459.067077][ T30] kauditd_printk_skb: 140 callbacks suppressed [ 459.067149][ T30] audit: type=1326 audit(1749285821.281:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7855 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 459.110802][ T30] audit: type=1326 audit(1749285821.321:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7855 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 459.137600][ T30] audit: type=1326 audit(1749285821.321:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7855 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 459.161706][ T30] audit: type=1326 audit(1749285821.331:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7855 comm="syz.3.669" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76f4f8e929 code=0x7ffc0000 [ 459.256311][ T5802] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 459.558539][ T7845] syz.0.667 (7845) used greatest stack depth: 2472 bytes left [ 459.951161][ T5809] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 460.325311][ T7877] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 460.794049][ T7883] loop4: detected capacity change from 0 to 256 [ 461.226470][ T7896] netlink: 300 bytes leftover after parsing attributes in process `syz.3.683'. [ 461.331918][ T7888] serio: Serial port ptm0 [ 461.410333][ T30] audit: type=1326 audit(1749285823.611:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7895 comm="syz.0.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 461.433195][ T30] audit: type=1326 audit(1749285823.611:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7895 comm="syz.0.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 461.456285][ T30] audit: type=1326 audit(1749285823.611:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7895 comm="syz.0.684" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 461.666602][ T7901] loop4: detected capacity change from 0 to 512 [ 461.753886][ T7889] loop1: detected capacity change from 0 to 2048 [ 461.789753][ T7901] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 461.911179][ T7889] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 461.998469][ T7901] EXT4-fs (loop4): 1 orphan inode deleted [ 462.006914][ T7901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 462.027019][ T35] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 462.037544][ T35] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1 [ 462.090452][ T7884] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.679: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 462.148704][ T7901] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 462.182989][ T7909] syzkaller0: entered promiscuous mode [ 462.194955][ T7909] syzkaller0: entered allmulticast mode [ 462.251471][ T7884] EXT4-fs (loop1): Remounting filesystem read-only [ 462.317723][ T7912] loop2: detected capacity change from 0 to 2048 [ 462.572836][ T5802] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 462.758562][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 464.478781][ T7945] netlink: 256 bytes leftover after parsing attributes in process `syz.3.704'. [ 464.489016][ T7945] ksmbd: Unknown IPC event: 3, ignore. [ 464.529761][ T30] audit: type=1326 audit(1749285826.741:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 464.625825][ T30] audit: type=1326 audit(1749285826.781:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 464.652905][ T30] audit: type=1326 audit(1749285826.791:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 464.677047][ T30] audit: type=1326 audit(1749285826.821:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 464.699949][ T30] audit: type=1326 audit(1749285826.821:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 464.722709][ T30] audit: type=1326 audit(1749285826.821:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 464.749949][ T30] audit: type=1326 audit(1749285826.871:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 464.774024][ T30] audit: type=1326 audit(1749285826.871:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 465.149528][ T30] audit: type=1326 audit(1749285827.011:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 465.176276][ T30] audit: type=1326 audit(1749285827.021:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7946 comm="syz.4.705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 466.405496][ T7976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.719'. [ 467.018471][ T5868] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 467.078027][ T5868] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 467.135134][ T7986] loop3: detected capacity change from 0 to 512 [ 467.166122][ T7988] syz.2.724: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 467.182061][ T7988] CPU: 1 UID: 0 PID: 7988 Comm: syz.2.724 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 467.182218][ T7988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 467.182303][ T7988] Call Trace: [ 467.182353][ T7988] [ 467.182408][ T7988] __dump_stack+0x26/0x30 [ 467.182583][ T7988] dump_stack_lvl+0x1df/0x270 [ 467.182759][ T7988] dump_stack+0x1e/0x25 [ 467.182914][ T7988] warn_alloc+0x470/0x690 [ 467.183121][ T7988] ? kmsan_get_metadata+0xfb/0x160 [ 467.183329][ T7988] __vmalloc_node_range_noprof+0x133/0x2360 [ 467.183525][ T7988] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 467.183729][ T7988] ? should_fail_ex+0x45/0x8a0 [ 467.183891][ T7988] ? kmsan_get_metadata+0xfb/0x160 [ 467.184082][ T7988] ? kmsan_get_metadata+0xfb/0x160 [ 467.184269][ T7988] ? kmsan_get_metadata+0xfb/0x160 [ 467.184466][ T7988] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 467.184673][ T7988] ? kmsan_get_metadata+0xfb/0x160 [ 467.184875][ T7988] vmalloc_user_noprof+0xce/0x140 [ 467.185048][ T7988] ? xskq_create+0x11d/0x290 [ 467.185206][ T7988] xskq_create+0x11d/0x290 [ 467.185373][ T7988] xsk_init_queue+0xfd/0x1d0 [ 467.185526][ T7988] xsk_setsockopt+0x873/0xc30 [ 467.185694][ T7988] do_sock_setsockopt+0x4d9/0x820 [ 467.185909][ T7988] ? __pfx_xsk_setsockopt+0x10/0x10 [ 467.186060][ T7988] __x64_sys_setsockopt+0x2ad/0x4a0 [ 467.186234][ T7988] x64_sys_call+0x36f7/0x3db0 [ 467.186419][ T7988] do_syscall_64+0xd9/0x210 [ 467.186559][ T7988] ? irqentry_exit+0x16/0x60 [ 467.186748][ T7988] ? clear_bhb_loop+0x40/0x90 [ 467.186903][ T7988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.187052][ T7988] RIP: 0033:0x7fc88fb8e929 [ 467.187156][ T7988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.187279][ T7988] RSP: 002b:00007fc89092f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 467.187412][ T7988] RAX: ffffffffffffffda RBX: 00007fc88fdb5fa0 RCX: 00007fc88fb8e929 [ 467.187518][ T7988] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006 [ 467.187600][ T7988] RBP: 00007fc88fc10b39 R08: 0000000000000004 R09: 0000000000000000 [ 467.187689][ T7988] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 467.187782][ T7988] R13: 0000000000000000 R14: 00007fc88fdb5fa0 R15: 00007ffcf4dfe7e8 [ 467.187914][ T7988] [ 467.187976][ T7988] Mem-Info: [ 467.293005][ T7986] EXT4-fs: Invalid journal IO priority (must be 0-7) [ 467.296443][ T7988] active_anon:4833 inactive_anon:0 isolated_anon:0 [ 467.296443][ T7988] active_file:1580 inactive_file:41060 isolated_file:0 [ 467.296443][ T7988] unevictable:768 dirty:122 writeback:0 [ 467.296443][ T7988] slab_reclaimable:4976 slab_unreclaimable:23509 [ 467.296443][ T7988] mapped:30330 shmem:1719 pagetables:1366 [ 467.296443][ T7988] sec_pagetables:0 bounce:0 [ 467.296443][ T7988] kernel_misc_reclaimable:0 [ 467.296443][ T7988] free:368457 free_pcp:14447 free_cma:0 [ 467.502470][ T7988] Node 0 active_anon:19984kB inactive_anon:0kB active_file:6320kB inactive_file:164032kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121964kB dirty:504kB writeback:0kB shmem:5768kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5232kB pagetables:5156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 467.540960][ T7988] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:32kB pagetables:360kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 467.546723][ T7986] netlink: 'syz.3.722': attribute type 4 has an invalid length. [ 467.574228][ T7988] Node 0 DMA free:4096kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 467.611432][ T7988] lowmem_reserve[]: 0 930 1243 1243 1243 [ 467.622367][ T7988] Node 0 DMA32 free:544032kB boost:0kB min:36868kB low:46084kB high:55300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:3380kB inactive_anon:0kB active_file:5908kB inactive_file:80440kB unevictable:0kB writepending:376kB present:3129332kB managed:953172kB mlocked:0kB bounce:0kB free_pcp:39940kB local_pcp:21364kB free_cma:0kB [ 467.656097][ T7988] lowmem_reserve[]: 0 0 312 312 312 [ 467.662097][ T7988] Node 0 Normal free:16196kB boost:0kB min:13004kB low:16252kB high:19500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16604kB inactive_anon:0kB active_file:412kB inactive_file:83592kB unevictable:1536kB writepending:128kB present:1048580kB managed:320452kB mlocked:0kB bounce:0kB free_pcp:15040kB local_pcp:7168kB free_cma:0kB [ 467.694661][ T7988] lowmem_reserve[]: 0 0 0 0 0 [ 467.700198][ T7988] Node 1 Normal free:909472kB boost:0kB min:40064kB low:50080kB high:60096kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:4kB present:4194300kB managed:987200kB mlocked:0kB bounce:0kB free_pcp:2144kB local_pcp:2144kB free_cma:0kB [ 467.736323][ T7988] lowmem_reserve[]: 0 0 0 0 0 [ 467.743172][ T7988] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB [ 467.757436][ T7988] Node 0 DMA32: 214*4kB (UME) 15*8kB (M) 7*16kB (UM) 113*32kB (UME) 91*64kB (ME) 66*128kB (ME) 33*256kB (M) 25*512kB (UM) 14*1024kB (M) 5*2048kB (UM) 117*4096kB (M) = 544032kB [ 467.777376][ T7988] Node 0 Normal: 79*4kB (U) 107*8kB (UME) 75*16kB (UME) 60*32kB (UM) 28*64kB (UM) 17*128kB (UME) 7*256kB (UM) 2*512kB (UM) 3*1024kB (ME) 1*2048kB (U) 0*4096kB = 16196kB [ 467.797089][ T7988] Node 1 Normal: 6*4kB (UME) 17*8kB (UME) 14*16kB (UME) 23*32kB (UME) 15*64kB (UME) 15*128kB (UME) 3*256kB (ME) 3*512kB (UME) 6*1024kB (UME) 4*2048kB (UME) 217*4096kB (UM) = 909472kB [ 467.821999][ T7988] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 467.833360][ T7988] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 467.843060][ T7988] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 467.853012][ T7988] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 467.862700][ T7988] 44590 total pagecache pages [ 467.867588][ T7988] 0 pages in swap cache [ 467.872181][ T7988] Free swap = 124996kB [ 467.876540][ T7988] Total swap = 124996kB [ 467.881086][ T7988] 2097051 pages RAM [ 467.885085][ T7988] 0 pages HighMem/MovableOnly [ 467.890106][ T7988] 1530821 pages reserved [ 467.894565][ T7988] 0 pages cma reserved [ 467.997257][ T7993] loop2: detected capacity change from 0 to 512 [ 468.173722][ T7993] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.187175][ T7993] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 468.238142][ T7988] mmap: syz.2.724 (7988) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 468.715977][ T5809] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.749188][ T8006] netlink: 300 bytes leftover after parsing attributes in process `syz.1.729'. [ 469.322514][ T8014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.733'. [ 469.372177][ T8015] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 469.729685][ T8021] netlink: 16 bytes leftover after parsing attributes in process `syz.2.736'. [ 470.284441][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 470.291281][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 470.974390][ T30] kauditd_printk_skb: 22 callbacks suppressed [ 470.974470][ T30] audit: type=1326 audit(1749285833.191:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.124895][ T30] audit: type=1326 audit(1749285833.261:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.147913][ T30] audit: type=1326 audit(1749285833.261:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.173718][ T30] audit: type=1326 audit(1749285833.261:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.200973][ T30] audit: type=1326 audit(1749285833.271:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.225045][ T30] audit: type=1326 audit(1749285833.271:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.247858][ T30] audit: type=1326 audit(1749285833.271:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.270660][ T30] audit: type=1326 audit(1749285833.271:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.293353][ T30] audit: type=1326 audit(1749285833.331:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.319989][ T30] audit: type=1326 audit(1749285833.331:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.741" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd85e18e929 code=0x7ffc0000 [ 471.396905][ T8037] netlink: 268 bytes leftover after parsing attributes in process `syz.0.743'. [ 474.842022][ T8072] binfmt_misc: register: failed to install interpreter file ./file2 [ 474.929704][ T8072] sd 0:0:1:0: device reset [ 478.123149][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 478.123227][ T30] audit: type=1326 audit(1749285840.341:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.152807][ T30] audit: type=1326 audit(1749285840.341:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.180759][ T30] audit: type=1326 audit(1749285840.351:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.203471][ T30] audit: type=1326 audit(1749285840.381:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.233383][ T30] audit: type=1326 audit(1749285840.381:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.256170][ T30] audit: type=1326 audit(1749285840.381:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.278898][ T30] audit: type=1326 audit(1749285840.431:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.307682][ T30] audit: type=1326 audit(1749285840.431:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.330460][ T30] audit: type=1326 audit(1749285840.521:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.353180][ T30] audit: type=1326 audit(1749285840.521:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8099 comm="syz.4.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f356c18e929 code=0x7ffc0000 [ 478.822326][ T8106] netlink: 28 bytes leftover after parsing attributes in process `syz.0.770'. [ 479.804324][ T8113] netlink: 12 bytes leftover after parsing attributes in process `syz.1.773'. [ 481.803990][ T8146] netlink: 16 bytes leftover after parsing attributes in process `syz.0.789'. [ 481.804104][ T8146] netlink: 4 bytes leftover after parsing attributes in process `syz.0.789'. [ 481.929116][ T8148] : renamed from vlan0 (while UP) [ 481.992820][ T8148] 9pnet_fd: Insufficient options for proto=fd [ 483.152668][ T8165] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 488.480048][ T8204] netlink: 'syz.1.812': attribute type 1 has an invalid length. [ 488.487954][ T8204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.812'. [ 489.697202][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 489.697285][ T30] audit: type=1326 audit(1749285851.911:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.804664][ T30] audit: type=1326 audit(1749285851.951:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.827850][ T30] audit: type=1326 audit(1749285851.951:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.854626][ T30] audit: type=1326 audit(1749285851.981:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.879116][ T30] audit: type=1326 audit(1749285851.991:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.902507][ T30] audit: type=1326 audit(1749285851.991:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.925235][ T30] audit: type=1326 audit(1749285851.991:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.956290][ T30] audit: type=1326 audit(1749285851.991:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 489.980451][ T30] audit: type=1326 audit(1749285852.111:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 490.003253][ T30] audit: type=1326 audit(1749285852.111:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf1cd8e929 code=0x7ffc0000 [ 490.221641][ T8213] netlink: 36 bytes leftover after parsing attributes in process `syz.3.816'. [ 490.231655][ T8213] netlink: 16 bytes leftover after parsing attributes in process `syz.3.816'. [ 490.241317][ T8213] netlink: 36 bytes leftover after parsing attributes in process `syz.3.816'. [ 490.255539][ T8213] netlink: 36 bytes leftover after parsing attributes in process `syz.3.816'. [ 491.251695][ T8231] serio: Serial port ptm0 [ 492.017283][ T8244] syzkaller0: entered promiscuous mode [ 492.023343][ T8244] syzkaller0: entered allmulticast mode [ 492.257848][ T8255] netlink: '+}[@': attribute type 5 has an invalid length. [ 492.265793][ T8255] netlink: 152 bytes leftover after parsing attributes in process `+}[@'. [ 492.541366][ T8255] : renamed from bond0 (while UP) [ 492.579088][ T8257] loop3: detected capacity change from 0 to 128 [ 492.794463][ T8257] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 492.900273][ T8257] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 493.298627][ T5803] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 493.697481][ T8274] loop0: detected capacity change from 0 to 2048 [ 495.347890][ T8292] netlink: 'syz.3.843': attribute type 13 has an invalid length. [ 496.110811][ T8295] netlink: 32 bytes leftover after parsing attributes in process `syz.1.844'. [ 496.308718][ T8296] loop4: detected capacity change from 0 to 512 [ 496.550204][ T8292] bridge0: port 2(bridge_slave_1) entered disabled state [ 496.560026][ T8292] bridge0: port 1(bridge_slave_0) entered disabled state [ 496.692136][ T8296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.710102][ T8296] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 496.862190][ T8292] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 496.892977][ T8292] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 497.536840][ T5802] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.548264][ T8292] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.558877][ T8292] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.568301][ T8292] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 497.577798][ T8292] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 498.889182][ T8335] netlink: 4 bytes leftover after parsing attributes in process `syz.4.855'. [ 498.900927][ T8335] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 498.908672][ T8335] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 499.004899][ T8335] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 499.013294][ T8335] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 499.191062][ T30] kauditd_printk_skb: 56 callbacks suppressed [ 499.191152][ T30] audit: type=1326 audit(1749285861.401:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.2.858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88fb8e929 code=0x7ffc0000 [ 499.220431][ T30] audit: type=1326 audit(1749285861.401:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.2.858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7fc88fb8e929 code=0x7ffc0000 [ 499.243223][ T30] audit: type=1326 audit(1749285861.411:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.2.858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88fb8e929 code=0x7ffc0000 [ 499.406637][ T8340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.855'. [ 499.451622][ T30] audit: type=1326 audit(1749285861.501:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8342 comm="syz.2.858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc88fb8e929 code=0x7ffc0000 [ 499.968527][ T8353] loop1: detected capacity change from 0 to 2048 [ 500.368106][ T8362] loop4: detected capacity change from 0 to 164 [ 500.379509][ T8363] netlink: 'syz.0.867': attribute type 10 has an invalid length. [ 500.391699][ T8363] netlink: 40 bytes leftover after parsing attributes in process `syz.0.867'. [ 500.403227][ T8363] dummy0: entered promiscuous mode [ 500.403960][ T8357] loop3: detected capacity change from 0 to 2048 [ 500.411897][ T8363] bridge0: port 1(dummy0) entered blocking state [ 500.422313][ T8363] bridge0: port 1(dummy0) entered disabled state [ 500.429704][ T8363] dummy0: entered allmulticast mode [ 500.442833][ T8363] bridge0: port 1(dummy0) entered blocking state [ 500.449894][ T8363] bridge0: port 1(dummy0) entered forwarding state [ 500.497208][ T8362] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 500.608885][ T8362] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 500.682929][ T8362] Symlink component flag not implemented [ 500.693058][ T8362] Symlink component flag not implemented [ 500.699155][ T8362] Symlink component flag not implemented (7) [ 500.706709][ T8362] Symlink component flag not implemented (116) [ 501.146338][ T8369] netlink: 12 bytes leftover after parsing attributes in process `syz.3.870'. [ 501.248363][ T8377] loop4: detected capacity change from 0 to 128 [ 501.321727][ T8377] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 501.341999][ T8377] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 501.787981][ T5802] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 502.038852][ T8393] loop4: detected capacity change from 0 to 256 [ 502.112429][ T8393] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 502.126446][ T8393] FAT-fs (loop4): Filesystem has been set read-only [ 502.484983][ T8396] loop2: detected capacity change from 0 to 1024 [ 502.526350][ T8396] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 502.541543][ T8396] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 502.603025][ T8396] JBD2: no valid journal superblock found [ 502.609149][ T8396] EXT4-fs (loop2): Could not load journal inode [ 502.653905][ T8404] tipc: Started in network mode [ 502.659161][ T8404] tipc: Node identity 4, cluster identity 4711 [ 502.665974][ T8404] tipc: Node number set to 4 [ 502.670454][ T8402] capability: warning: `syz.0.883' uses 32-bit capabilities (legacy support in use) [ 504.205445][ T4248] ===================================================== [ 504.212836][ T4248] BUG: KMSAN: uninit-value in nci_ntf_packet+0x2753/0x42b0 [ 504.220476][ T4248] nci_ntf_packet+0x2753/0x42b0 [ 504.225574][ T4248] nci_rx_work+0x403/0x750 [ 504.230726][ T4248] process_scheduled_works+0xb8e/0x1d80 [ 504.236536][ T4248] worker_thread+0xedf/0x1590 [ 504.241600][ T4248] kthread+0xd5c/0xf00 [ 504.245867][ T4248] ret_from_fork+0x1e3/0x310 [ 504.250802][ T4248] ret_from_fork_asm+0x1a/0x30 [ 504.255809][ T4248] [ 504.258234][ T4248] Uninit was created at: [ 504.263146][ T4248] kmem_cache_alloc_node_noprof+0x818/0xf00 [ 504.269263][ T4248] kmalloc_reserve+0x13c/0x4b0 [ 504.277981][ T4248] __alloc_skb+0x347/0x7d0 [ 504.283848][ T4248] virtual_ncidev_write+0x6b/0x430 [ 504.289204][ T4248] vfs_write+0x460/0x1580 [ 504.294034][ T4248] __x64_sys_write+0x1fb/0x4d0 [ 504.299050][ T4248] x64_sys_call+0x38c3/0x3db0 [ 504.304133][ T4248] do_syscall_64+0xd9/0x210 [ 504.308832][ T4248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.315132][ T4248] [ 504.317591][ T4248] CPU: 1 UID: 0 PID: 4248 Comm: kworker/u8:26 Not tainted 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 504.330388][ T4248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 504.341548][ T4248] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 504.347341][ T4248] ===================================================== [ 504.355014][ T4248] Disabling lock debugging due to kernel taint [ 504.361474][ T4248] Kernel panic - not syncing: kmsan.panic set ... [ 504.368070][ T4248] CPU: 1 UID: 0 PID: 4248 Comm: kworker/u8:26 Tainted: G B 6.15.0-syzkaller-13526-g7a912d04415b #0 PREEMPT(undef) [ 504.381890][ T4248] Tainted: [B]=BAD_PAGE [ 504.386189][ T4248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 504.396430][ T4248] Workqueue: nfc2_nci_rx_wq nci_rx_work [ 504.402194][ T4248] Call Trace: [ 504.405587][ T4248] [ 504.408632][ T4248] __dump_stack+0x26/0x30 [ 504.413178][ T4248] dump_stack_lvl+0x53/0x270 [ 504.417969][ T4248] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 504.424035][ T4248] dump_stack+0x1e/0x25 [ 504.428409][ T4248] panic+0x4bd/0xd50 [ 504.432563][ T4248] kmsan_report+0x31c/0x320 [ 504.437470][ T4248] ? stack_depot_save_flags+0x35/0x7b0 [ 504.443126][ T4248] ? __msan_warning+0x1b/0x30 [ 504.448007][ T4248] ? nci_ntf_packet+0x2753/0x42b0 [ 504.453236][ T4248] ? nci_rx_work+0x403/0x750 [ 504.457997][ T4248] ? process_scheduled_works+0xb8e/0x1d80 [ 504.463944][ T4248] ? worker_thread+0xedf/0x1590 [ 504.469021][ T4248] ? kthread+0xd5c/0xf00 [ 504.473445][ T4248] ? ret_from_fork+0x1e3/0x310 [ 504.478390][ T4248] ? ret_from_fork_asm+0x1a/0x30 [ 504.483556][ T4248] ? ret_from_fork_asm+0x1a/0x30 [ 504.488733][ T4248] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 504.495039][ T4248] ? kmsan_get_metadata+0xfb/0x160 [ 504.500395][ T4248] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 504.506957][ T4248] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 504.513253][ T4248] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 504.519290][ T4248] ? stack_depot_save_flags+0x60f/0x7b0 [ 504.525040][ T4248] ? kmsan_get_metadata+0xfb/0x160 [ 504.530387][ T4248] ? kmsan_internal_memmove_metadata+0x181/0x230 [ 504.536949][ T4248] ? kmsan_get_metadata+0xfb/0x160 [ 504.542303][ T4248] __msan_warning+0x1b/0x30 [ 504.547012][ T4248] nci_ntf_packet+0x2753/0x42b0 [ 504.552072][ T4248] ? advisor_target_scan_time_store+0x160/0x180 [ 504.558581][ T4248] nci_rx_work+0x403/0x750 [ 504.563199][ T4248] ? __pfx_nci_rx_work+0x10/0x10 [ 504.568319][ T4248] process_scheduled_works+0xb8e/0x1d80 [ 504.574171][ T4248] worker_thread+0xedf/0x1590 [ 504.579124][ T4248] kthread+0xd5c/0xf00 [ 504.583382][ T4248] ? __pfx_worker_thread+0x10/0x10 [ 504.588753][ T4248] ? __pfx_kthread+0x10/0x10 [ 504.593528][ T4248] ret_from_fork+0x1e3/0x310 [ 504.598302][ T4248] ? __pfx_kthread+0x10/0x10 [ 504.603079][ T4248] ret_from_fork_asm+0x1a/0x30 [ 504.608088][ T4248] [ 504.611519][ T4248] Kernel Offset: disabled [ 504.615923][ T4248] Rebooting in 86400 seconds..