last executing test programs: 1m26.148126358s ago: executing program 3 (id=900): socket(0x2, 0x80805, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000011) bind$alg(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000009c0), 0x183106, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r1, &(0x7f0000000080)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x9, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @multicast1}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1d}}}}, 0x118) 1m25.058743193s ago: executing program 3 (id=906): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2, 0x0, @void, @value}, 0x10) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2, 0x0, @void, @value}, 0x10) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r4, r5, 0x2, 0x2, 0x0, @void, @value}, 0x10) socket$kcm(0xa, 0x2, 0x3a) 1m24.85016678s ago: executing program 3 (id=910): openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0xa402) syz_emit_ethernet(0xfef3, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2, 0x3b9}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0) 1m24.598970001s ago: executing program 3 (id=913): mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='gfs2\x00', 0x0, &(0x7f0000000980)='norecovery') 45.467127103s ago: executing program 3 (id=913): mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='gfs2\x00', 0x0, &(0x7f0000000980)='norecovery') 32.082980377s ago: executing program 5 (id=1078): unshare(0x400) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='task_newtask\x00', r1, 0x0, 0x4}, 0x18) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) close(r3) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000001680)={@cgroup=r4, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000300)={0x8, 0x0}, 0x8) r6 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000180)=r5, 0x4) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000008c0)={@cgroup=r0, r4, 0x2f, 0x2000, 0x4, @value=r6}, 0x20) 29.547670594s ago: executing program 5 (id=1087): r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xffffffffffffffff) fcntl$setsig(r1, 0xa, 0x12) ppoll(&(0x7f0000000100)=[{r2}], 0x1, 0x0, &(0x7f0000000080)={[0x8001a0efffffff]}, 0x8) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) tkill(r0, 0x13) 28.506036582s ago: executing program 5 (id=1096): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0xd, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x200c8ad}, 0x20000004) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r6, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x22044028}, 0x84) 27.280310389s ago: executing program 5 (id=1100): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000500)={{0x2, 0x0, 0xee01, 0xee00, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xfff, 0x800, 0x800, 0x80000000, 0x2, 0x58, 0x7fff, 0x69, r0, r0}) 26.151001327s ago: executing program 5 (id=1104): mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f0000000080)='tmpfs\x00', 0x800, 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 25.980098585s ago: executing program 5 (id=1105): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x25, &(0x7f00000000c0)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r3, 0x26, &(0x7f0000000000)={0x1}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r4, 0x26, &(0x7f0000000000)={0x1}) fcntl$lock(r4, 0x25, &(0x7f00000000c0)) r5 = dup2(r1, r0) close_range(r5, 0xffffffffffffffff, 0x0) 19.452615524s ago: executing program 4 (id=1140): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)}, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e20, @empty}}}, &(0x7f00000000c0)=0x84) setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={r2, 0x7}, 0x8) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) r3 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[], 0x57) r4 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0) syz_usb_control_io$uac1(r4, 0x0, &(0x7f00000006c0)={0x24, &(0x7f0000000080)={0x0, 0x0, 0x4, "a7212277"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 17.202652972s ago: executing program 3 (id=913): mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='gfs2\x00', 0x0, &(0x7f0000000980)='norecovery') 16.207256697s ago: executing program 4 (id=1152): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000080)='./file1\x00', 0x1010000, &(0x7f0000000180)={[{@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@utf8no}, {@shortname_lower}, {@shortname_lower}, {@uni_xlateno}, {}, {@shortname_lower}, {@shortname_mixed}, {@shortname_win95}, {@shortname_lower}, {@shortname_lower}, {@shortname_mixed}, {@fat=@check_strict}, {@shortname_win95}]}, 0xff, 0x369, &(0x7f0000000700)="$eJzs3T9oJNUfAPDvZJLd3MHvl3SiIKx2gobLddqYIDk4TKOy+KcQFy+nshuFBINJcUksFEvBUis7BS0sxFIERewsbD1BTsVCrzvw8MnuzOxusptcchgl+PkUm8f3ve+878wOu5Nh9+1zC9G+NBWXr1+/FtPTWUwuPLIQN7KYjTwqOzGqNiYGAJwON1KK31PhiCnZCZcEAJyw3vv/CxHRiNki8vqXh41P3v0B4NQr//8/c9iY6YM6XjmRkgCAEzZy///ePd21vff7J4c+FQAAnFZPPP3Mo4vLEY83GtMRq29uNDea8dCgf/FyvBSdWIlzMRM3I4oLhe5D1nu8cHF56Vyj0diOn2ajGRETZWKzuFJYzHv59ZiPmZgt88urjZRSfuGT5aX5Rk9E7Gz35o/VbKM5FWfL+b8/GyvlhUdWL7Ze5UdcXF463yg30Fyt8rcjdgf3Lbr1z8VMfPt8//olpeoTjMtLV+arogf5G816XOofhQPvgAAAAAAAAAAAAAAAAAAAAAAAwG2Za/TN9tfPSd2/xUo5c3Nj+nvr4xT55fpAu8X6QKmeIqXfXnug+VYee9YH2r8+z4aFBAEAAAAAAAAAAAAAAAAAAKBvfbMWrU5nZW19c6s93NheW9+ciIhu5OWvP/riTIyOuUVjspiiHtGfolFOu9VupbwanPKI0fS8O3kV+eDTfsXDY+r9vRhbRv3grk7nf/f8+O4gcndebfnPwZg8xu9gPlTGw/u2vPr/oqTjHKh+4/xwpD46+9WU0lDkjeH0K8+ObnAii5g8/hO31Z6Ig8ekbuOray/eWR391uepcN/9M09efef9X9qtTmRFX6dTW1u/mdqtrBp8vMPSPdRVJIuikQ2fCZOHpe/ujbTy73596q63vzna7Gk48mr3fN43Ji925+P96bWi0S1zX9eZQfpUuROdlakxJ/+tGrfxnN7x3mcfpvTDz0eeYmBi5GUj+3tefQAAAAAAAAAAAAAAAAAAgGGDL/1WkfLLvlOHZT342MlXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/nMHv/5+rGptbuztRNPqRozT+2B6TVV9ZW4+o/du7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9xfAQAA///BpFg6") 14.682651697s ago: executing program 4 (id=1156): bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x14, 0x22, 0x1, 0xfffffffc, 0xfffffffc, {0x2}}, 0x14}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 12.896027841s ago: executing program 4 (id=1159): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8000, 0x1) creat(&(0x7f00000001c0)='./file0\x00', 0x8) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) unlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) getdents(r0, 0x0, 0x0) 12.510001163s ago: executing program 4 (id=1164): creat(&(0x7f0000000100)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0) sendmsg$key(r0, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) 10.738508454s ago: executing program 32 (id=1105): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$unix(0x1, 0x5, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x25, &(0x7f00000000c0)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r3, 0x26, &(0x7f0000000000)={0x1}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r4, 0x26, &(0x7f0000000000)={0x1}) fcntl$lock(r4, 0x25, &(0x7f00000000c0)) r5 = dup2(r1, r0) close_range(r5, 0xffffffffffffffff, 0x0) 10.733676585s ago: executing program 4 (id=1170): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000003d) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x36) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = io_uring_setup(0x5b77, &(0x7f00000001c0)={0x0, 0xd634, 0x0, 0x2, 0x137}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r4, 0x402, 0x4) close_range(r3, 0xffffffffffffffff, 0x0) 10.149175558s ago: executing program 33 (id=1170): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000003d) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x36) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = io_uring_setup(0x5b77, &(0x7f00000001c0)={0x0, 0xd634, 0x0, 0x2, 0x137}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r4, 0x402, 0x4) close_range(r3, 0xffffffffffffffff, 0x0) 6.079216041s ago: executing program 1 (id=1185): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000004e00)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000cc0)="0dda2dfa", 0x4}], 0x1, &(0x7f00000000c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x4}], 0x30}], 0x1, 0x0) recvmsg$can_j1939(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000002c0)=""/47, 0x2f}], 0x1}, 0x2140) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) 4.363361674s ago: executing program 1 (id=1191): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x18) getresgid(&(0x7f0000000440), 0x0, &(0x7f00000004c0)) 3.45089465s ago: executing program 2 (id=1195): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r2, 0x1, 0x0, @val=@iter={0x0}}, 0x40) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000001200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r3, r5, 0x1, 0x0, @val=@iter={0x0}}, 0x40) close_range(r1, r6, 0x0) 3.261536378s ago: executing program 1 (id=1196): timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x0, @tid=0xffffffffffffffff}, &(0x7f00000000c0)) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x378b5ec3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd0}}, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) timer_settime(0x0, 0x0, &(0x7f0000000200)={{}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x13}, &(0x7f0000000140)=0x0) timer_settime(r3, 0x0, &(0x7f00000010c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) 2.658928815s ago: executing program 2 (id=1197): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) bind$tipc(r0, 0x0, 0x0) sendmsg$tipc(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4010}, 0x8820) close(0x3) 2.594908107s ago: executing program 0 (id=1198): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_BMAP(r2, &(0x7f0000000940)={0x18}, 0x18) write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x8000000}}, 0x18) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) read$FUSE(r3, &(0x7f00000009c0)={0x2020}, 0x2020) 2.486294391s ago: executing program 1 (id=1199): syz_init_net_socket$ax25(0x3, 0x5, 0x6) socket$netlink(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6(0xa, 0x5, 0x0) socket$kcm(0x1e, 0x5, 0x0) socket(0x2000000000000021, 0x2, 0x10000000000002) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0xb5}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 2.469823161s ago: executing program 2 (id=1200): r0 = fanotify_init(0x8, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x0) fanotify_mark(r0, 0x61, 0x40001002, r1, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r2 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) io_setup(0x7d, &(0x7f0000000600)=0x0) io_submit(r3, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000000)="96", 0x1, 0x0, 0x0, 0x0, r2}]) 2.453229444s ago: executing program 0 (id=1201): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file1\x00', 0x810010, &(0x7f0000000580)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRES64=0x0, @ANYRES16=0x0, @ANYRES32, @ANYRES64=0x0, @ANYRES32, @ANYBLOB="013f5e0c4eaa6035b286a05ad2cbf6ceb6b4f8857887209c639f55bd4ca21768b42eeee1fe270b10650dfc195399e97b5c92213937a3783cb425f2e75f5b798de95c5127ab7b7d5dcc5a7d075fa0c84271bd431467c0a9182239a790a6370a74eeb0af47952b2077a2bcba1563e80c3323f3c4"], 0x1, 0x1fb, &(0x7f0000000280)="$eJzskk9rE08Yxz+zu0n296OlQaKiCEUtWg9tNqnGPwcFLwb1JBVqQTAkaQ2m/mkCNaGHCEIRL4JVaBEPoqSIB/ENmIOn3hSKt1LouYcevEjryuxOtpN34GE+h/3uzDzP99nn2blbe1RLALvb80VIInFI8V0IHGBQBFuU7FBdpdeVxtX5FSvUjtLfSnfPNicmQVSOreeszsHSUZGkL/VrdYMiA7c5//bapx83Yotr+7Y+fJXxV282viBOlgbevfn84vJSf2Avbk3qPnbnyLIrjYCXOxPrG84hUl2vyuLafvfPgdWn7Y+5Z7KD11MIb9kFRr+NLF30+p9byrPWaN4rVKvl2dqlJxZbQamf2/NF+XInAb7v+0HvQB7QY2T7K+zFHHZgHLDxoxiHPdL1mYfpWqM5UpkpTJeny/ez2bGcd9rzzmTTU5Xq+1fyWfaEVkJNEKmnAPmb/tPOY8COivkfWlo1hPZp6lzouXHt1w0fpwdLy+2qoBPlJlScHME4J5CjnWsJbXcocHEIWsojsOfCRcbRvi+s5QYHo8UH1dICAtFNa+NEHplNYtEiqy/GzkVtLygdUppX2la6qXTQ7b2pTuBgqfs83II4jwv1+mwmDit9KkvtZeXgwrdkSx+YrJq0e5u7YGMwGAwGg8FgMBgM/wx/AwAA//+2K50Q") openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) 1.572893089s ago: executing program 2 (id=1202): socket$inet6_udp(0xa, 0x2, 0x0) syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff) socket$pppl2tp(0x18, 0x1, 0x1) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, 0x0, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), 0x4) sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0) close(r2) 1.570509613s ago: executing program 1 (id=1212): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1c, r4, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}}, 0x40) 1.354223796s ago: executing program 0 (id=1203): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f0000000200)='m', 0x1) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100)) r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65) write$snddsp(r2, &(0x7f0000000200)="a3", 0x1) ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0) r3 = syz_io_uring_setup(0x9eb, &(0x7f0000000140)={0x0, 0xfad6}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r3, 0x5b4, 0x0, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000040)) 1.252548596s ago: executing program 1 (id=1204): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv") recvmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2000) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x165442, 0x19b) pwrite64(r1, &(0x7f00000003c0)='\x00\x00', 0xfffffe97, 0x1) r2 = syz_open_dev$loop(&(0x7f00000005c0), 0x9, 0x12d600) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_user\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2abfc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0155aaffffffffffff0300", "2809e85397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac0000000000000000000400", "90010000009265406c09306903d800", [0x0, 0x1]}}) 1.095881072s ago: executing program 2 (id=1205): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r2, 0x5, 0x0, 0x0, @void, @value}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000019c0)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&\x00'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000140), &(0x7f0000000280)=r0}, 0x20) 1.002855349s ago: executing program 0 (id=1206): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000fc7fffff000000000000000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=0x0) timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) pipe(&(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r4, 0x0, r5, 0x0, 0x7, 0x9) write$P9_RWRITE(r5, &(0x7f0000000040)={0xb}, 0x11000) close_range(r0, 0xffffffffffffffff, 0x0) 953.35613ms ago: executing program 2 (id=1207): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8) r3 = gettid() timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r3}, &(0x7f0000000080)) read$FUSE(r2, &(0x7f00000008c0)={0x2020}, 0xfffffef0) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) 786.154537ms ago: executing program 0 (id=1208): socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x0) clock_getres(0xeaffffff, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) accept4$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @my=0x1}, 0x10, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) shutdown(r1, 0x1) ppoll(&(0x7f0000000100)=[{r1}], 0x1, 0x0, 0x0, 0x0) 0s ago: executing program 0 (id=1209): ioperm(0x0, 0x5, 0x6) openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file1\x00', 0x2818c02, &(0x7f0000002580)=ANY=[], 0x1, 0xc3b, &(0x7f0000001940)="$eJzs3V9oXOl5B+D3myOtJadJZjcb549zMbCBbL3ZRbK8axVvQI4VEYPxmpWVi4WCx5bsDiuNZEku3lCCCwklpC0uuchlDZtAe1VftRCa4lxtSwiI9qb0orjtxmwvCpNA2tKLqJyZb6SR1ra0a1uS189j7N/MOe+Z+c7Yr+ac8TlzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI+OrXjg8Np90eBQCwk05Pvj404v0fAJ4oZ+3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwtRRFfDtSvP29VjrXvt8xcKrRvHJ1anzi7osNpkhRiaJdX/4eGD48cuTlV46OdvP+yz9sn4vXJs8er52Yn1tYnFlampmuTTUbF+anZ7b9CA+6/GaH2i9Abe7NK9MXLy7VDr80smH21eqdfR87UD02enDkjW7t1PjExGRPTV//h37290kP76H4CHkqivh6pHjnxfdSPSIq8eC9sMXPjkdtMPrK/muvxNT4RHtFZhv15nI5M1VyVV9EtWehsW6P7EAvPpCxiGvl31M54EPl6k0u1Bfr52dnamfqi8uN5cZ8M1U6oy3XpxqVGE0RCxHRKnZ78Ow1/VHEkUhx51etdD4iim4fvHB68vWhka0foG8HBnmPp60WESvxGPQs7FH7oog/ixTfPzcUF3Jftdvm3YgvlflqxOUyb6W4nu+n8gfEaMQvvZ/AY60vivh5pJhPrTTd7f32duWpb9RONi/O99R2tysf+/2DnWTbhD1sIIo4397ib6UP/2EXAAAAAAAAAAAAALAzivhxpLg593xaiN5zShvNS7Wz9fOznaOCu8f+1/JSq6urq9XUyVrOoZxjOc+kiL/7RMS5fH8h57Wc13PeyHkz562cKzlv52zljEp+/py1nEM5x3KeyXku50LOazmv57yR82bOWzlXct7O2coZznsCAAAAAAAAAAAAAAAAAADgIRuMIiYixY23f799XeloX5f+k8dGT48/23vN+M9s8Thl7UsR8ePY3jV5+/O1xlOl/PXw1wvY2kAU8a18/b8/3O3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe0Ilivh2pPjBr1tpdXV1NcYizpUzxiJuF7s9OgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNJCKOBEp/vNrA+37KxHx+Yj4zWr5K+J/Vzfb7REDAAAAAAAAAAAAAAAAAADAR1Aq4nKk+OE7rVSNiKvVO/s+dqB6bPTgyBtFFJHKkt761ybPHq+dmJ9bWJxZWpqZrk01Gxfmp2e2+3QDpxrNK1enxiceycpsafARj39w4MT8wluLjUu/t3zX+fsHjp9fWl6sX7j77BiMvoih3imH2gOeGp9oD3q2UW+2F02VewywL6K23ZUBAAAAAAAAAAAAAAAAAABgz9ifihiPFM/95Ejqnjfe1znn/+Ode8Va7Y/+YP27AGY3ZVfv9wds53ba7kAPtU+8r02NT0xM9kzu639/aTmmlIr4dKQ4+LefbZ8Pn2L/Xc+NL+v+OFKM/t+RXFc9WNaNbagaODQ1PlE7Pd988fjs7PyF+nL9/OxMbXKhfmHbXxwAAAAAAAAAAAAAAAAAAAAA97E/FfEnkeLIyZXUve58Pv+/r3Ov5/z/VyO6l50fSBtzTfvc/k+0z+3v3P7ksdGTh5+71/RHcf5/OaaUivhNpHj6zz/bvp5+9/z/oU21Zd0PI8XPv/OFXFd5qqwb7q5O5xEvNmZnhsraFyLFd890a6Nd+0qu/dR67XBZ+9NI8czvbqw9mmufXa89XNbeiRQTp+9e++n12pGydjBSfPmPat3a/WXtV3PtgfXaly7Mz05v9+XlyVT2/79Gii8Ofz11/83fs/97vv/j2qZc876ev//th9X/1Z5p13Jfr+b+H96i/y9Hij+9/oVc1+m9w3n+0+0/1/v/u5Hitz++sfblXPvMeu3wdlcLdlPZ//8QKVZu//Pav/nc/7mz1ju0t/8/37cxu9sFu9X/T/dMq+ZxjXzA1wKeNEtvffPN+uzszKIbbrjxpN34r5P3nLXbP5mAR63c/v/vSPGVy0Xq7sfm7f/f6txb3///n2+tb/8f25Rrdmn7/5meacfyXkt/X8TA8txC/2ciBpbe+uaLjbn6pZlLM82RkdGjv3Nk+PDR4f6nujv367e2/drB467s/zcjxY/+6h/XPsfeuP9/98//9m/KNbvU/5/qXacN+zXbfingiVP2/19Ein+58d7a/zfd7/O/7ud8zz+3MQe7RbvU/8/2TKvlP0Z7pt3lvwkBAAAAAAAAAOCxtz8V8ZNI8detv1+75v3G43/ii93a3uP/7mUvXP8fALi/8v1/MlL8bP+XU/c7ZLZz/P/0plzzwY///ae/3M5At3j/P9AzbXqHzmv+QC80AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8CCmK2Bcp3v5eK90uyvsdA6cazStXp8Yn7r7YYIoUlSja9eXvgeHDI0defuXoaDfvv/zD9rl4bfLs8dqJ+bmFxZmlpZnp2lSzcWF+embbj/Cgy292qP0C1ObevDJ98eJS7fBLIxtmX63e2fexA9VjowdH3ujWTo1PTEz21PT1f+hnf5/08B6Kj5CnooifRYp3Xnwv/VsRUYkH74UtfnY8aoPRV/ZfeyWmxifaKzLbqDeXy5mpkqv6Iqo9C411e2QHevGBjEVci4hKOeBD5epNLtQX6+dnZ2pn6ovLjeXGfDNVOqMt16calRhNEQsR0Sp2e/DsNf1RxN9Eiju/aqV/LyKKbh+8cHry9aGRrR+gbwcGeY+nrRYRK/EY9CzsUfuiiGcjxffPDcV/FJ2+arfNuxFfKvPViMtl3kpxPd9P5Q+I0Yhfej+Bx1pfFHEmUsynVnq3yL3f3q489Y3ayebF+Z7a7nblY79/sJNsm7CHDUQRv2hv8bfSL7yfAwAAAAAAAAAAAMAeV8RXIsXNuedT+/zQtXNKG81LtbP187Odw/q7x/7X8lKrq6ur1dTJWs6hnGM5z+T8ac6FnNdyXs95I+fNnLdyruS8nbOVMyr5+XPWcg7lHMt5Jue5nAs5r+W8nvNGzps5b+VcyXk7ZytnOE4aAAAAAAAAAAAAAAAAAIBHpBJFfCdS/ODXrbRadK4vey46edt5rvCR9v8BAAD//5M7Saw=") r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) clock_settime(0x3, &(0x7f0000000080)) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, r1, 0x0) sync() r2 = open(&(0x7f00000005c0)='./bus\x00', 0x165942, 0x106) pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3) kernel console output (not intermixed with test programs): XT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.397148][ T6075] loop4: detected capacity change from 0 to 2048 [ 106.529951][ T6075] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.285487][ T5883] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 107.556787][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 107.881779][ T5883] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 107.894729][ T5883] usb 2-1: New USB device strings: Mfr=145, Product=0, SerialNumber=0 [ 108.135923][ T6106] netlink: 24 bytes leftover after parsing attributes in process `syz.3.56'. [ 108.250220][ T5883] usb 2-1: Manufacturer: syz [ 108.270004][ T5883] usb 2-1: config 0 descriptor?? [ 108.286668][ T5883] hub 2-1:0.0: USB hub found [ 108.512429][ T5883] hub 2-1:0.0: 1 port detected [ 110.000209][ T5883] usb 2-1.1: new full-speed USB device number 4 using dummy_hcd [ 110.007964][ T5883] dummy_hcd dummy_hcd.1: usb_device address has changed! [ 110.154074][ T5887] usb 2-1: USB disconnect, device number 3 [ 110.163448][ T5883] usb 2-1-port1: attempt power cycle [ 110.211600][ T6137] loop3: detected capacity change from 0 to 512 [ 110.490502][ T6137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.544491][ T6137] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 110.729091][ T6147] loop5: detected capacity change from 0 to 512 [ 110.900116][ T5829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.045810][ T6147] EXT4-fs (loop5): failed to open journal device unknown-block(0,0) -6 [ 111.344725][ T6153] loop3: detected capacity change from 0 to 1024 [ 111.402705][ T30] audit: type=1804 audit(1746096799.746:3): pid=6147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.66" name="/newroot/10/file0/bus" dev="overlay" ino=73 res=1 errno=0 [ 111.496074][ T6153] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.558136][ T6153] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.389908][ T13] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 112.468087][ T13] EXT4-fs (loop3): Remounting filesystem read-only [ 112.490427][ T5887] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 112.544908][ T5829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.697540][ T5887] usb 5-1: Using ep0 maxpacket: 32 [ 112.751654][ T5887] usb 5-1: config 0 has an invalid interface number: 12 but max is 0 [ 112.760478][ T5887] usb 5-1: config 0 has no interface number 0 [ 112.766590][ T5887] usb 5-1: config 0 interface 12 has no altsetting 0 [ 112.804329][ T5887] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 112.833747][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.876671][ T5887] usb 5-1: Product: syz [ 112.895225][ T5887] usb 5-1: Manufacturer: syz [ 112.899833][ T5887] usb 5-1: SerialNumber: syz [ 112.961764][ T5887] usb 5-1: config 0 descriptor?? [ 113.184217][ T30] audit: type=1326 audit(1746096801.546:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6182 comm="syz.2.79" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x0 [ 113.205600][ C0] vkms_vblank_simulate: vblank timer overrun [ 113.265773][ T6184] netlink: 4 bytes leftover after parsing attributes in process `syz.0.78'. [ 113.337003][ T6184] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.346426][ T6184] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.355236][ T6184] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.364024][ T6184] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 113.391252][ T6184] vxlan0: entered promiscuous mode [ 114.447224][ T6198] loop0: detected capacity change from 0 to 1024 [ 114.474479][ T6198] EXT4-fs: Ignoring removed nobh option [ 114.480054][ T6198] EXT4-fs: Ignoring removed bh option [ 114.589045][ T6198] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.865367][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.887431][ T5887] f81534 5-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 114.897456][ T5887] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71 [ 114.914879][ T6206] loop2: detected capacity change from 0 to 4096 [ 114.924003][ T5887] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 114.942546][ T5887] f81534 5-1:0.12: probe with driver f81534 failed with error -71 [ 115.002619][ T5887] usb 5-1: USB disconnect, device number 2 [ 115.022943][ T6206] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.171799][ T6212] loop0: detected capacity change from 0 to 1024 [ 115.180608][ T30] audit: type=1804 audit(1746096803.536:5): pid=6206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.88" name="/newroot/12/file1/file1" dev="loop2" ino=15 res=1 errno=0 [ 115.204597][ T6206] Quota error (device loop2): do_check_range: Getting block 589829 out of range 1-8 [ 115.266759][ T6206] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 115.277542][ T6189] xt_CT: You must specify a L4 protocol and not use inversions on it [ 115.319637][ T6206] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.88: Failed to acquire dquot type 0 [ 115.346801][ T6217] Quota error (device loop2): do_check_range: Getting block 589829 out of range 1-8 [ 115.407230][ T6217] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 115.510249][ T5886] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 115.518339][ T6217] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.88: Failed to acquire dquot type 0 [ 115.707050][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.890227][ T6225] loop4: detected capacity change from 0 to 32768 [ 115.979708][ T5886] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 116.007464][ T5886] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 116.037284][ T5886] usb 4-1: config 0 has no interface number 0 [ 116.062414][ T5886] usb 4-1: config 0 interface 8 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 116.106513][ T5886] usb 4-1: New USB device found, idVendor=0582, idProduct=b9d5, bcdDevice=73.f7 [ 116.132070][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.172653][ T5886] usb 4-1: config 0 descriptor?? [ 116.907063][ T5939] udevd[5939]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 117.351998][ T5886] usb 4-1: USB disconnect, device number 3 [ 117.618098][ T6264] input: syz1 as /devices/virtual/input/input6 [ 117.682821][ T6266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.102'. [ 117.707527][ T6266] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 117.770397][ T6266] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 117.844632][ T6266] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 117.906026][ T6266] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 118.504468][ T6284] loop1: detected capacity change from 0 to 16 [ 118.578045][ T6284] erofs (device loop1): mounted with root inode @ nid 36. [ 119.393093][ T6286] cgroup: fork rejected by pids controller in /syz2 [ 119.487856][ T6332] loop5: detected capacity change from 0 to 512 [ 119.617479][ T6332] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.691217][ T6332] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.812349][ T6332] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.117: corrupted xattr block 32: bad e_name length [ 120.642350][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.883265][ T6363] loop2: detected capacity change from 0 to 2048 [ 121.012203][ T6363] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 121.902262][ T6399] netlink: 4 bytes leftover after parsing attributes in process `syz.5.139'. [ 123.211843][ T6417] sctp: failed to load transform for md5: -4 [ 123.353280][ T6414] sctp: failed to load transform for md5: -2 [ 123.523800][ T6434] capability: warning: `syz.3.151' uses deprecated v2 capabilities in a way that may be insecure [ 123.725820][ T6442] loop4: detected capacity change from 0 to 128 [ 124.472088][ T6442] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 124.950915][ T6442] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 125.309920][ T6453] loop2: detected capacity change from 0 to 1024 [ 125.350188][ T6453] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 125.435536][ T6453] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.158: Invalid block bitmap block 0 in block_group 0 [ 125.483271][ T6453] Quota error (device loop2): write_blk: dquota write failed [ 125.508652][ T6453] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 125.520422][ T6453] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.158: Failed to acquire dquot type 0 [ 125.548377][ T6453] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.158: Freeing blocks not in datazone - block = 0, count = 4096 [ 125.594644][ T6454] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR [ 125.612813][ T6453] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.158: Invalid inode bitmap blk 0 in block_group 0 [ 125.642755][ T82] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-8 [ 125.660593][ T6453] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 125.696470][ T82] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 0 [ 125.738886][ T6453] EXT4-fs (loop2): 1 orphan inode deleted [ 125.754715][ T5932] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 125.762258][ T6453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.809952][ T5831] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 125.940296][ T6466] loop5: detected capacity change from 0 to 256 [ 125.952275][ T5932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.967962][ T5932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.008598][ T5932] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 126.052714][ T5932] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 126.067901][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.069001][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.098722][ T5932] usb 2-1: config 0 descriptor?? [ 126.400257][ T5887] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 126.532581][ T5932] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 126.564040][ T5932] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 126.570166][ T5887] usb 6-1: Using ep0 maxpacket: 8 [ 126.637601][ T5887] usb 6-1: config 0 interface 0 altsetting 255 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 126.696491][ T5887] usb 6-1: config 0 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.798809][ T5887] usb 6-1: config 0 interface 0 has no altsetting 0 [ 126.876832][ T5887] usb 6-1: New USB device found, idVendor=056a, idProduct=00d7, bcdDevice= 0.00 [ 126.888565][ T5887] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.900713][ T5887] usb 6-1: config 0 descriptor?? [ 127.068277][ T6484] netlink: 4 bytes leftover after parsing attributes in process `syz.3.168'. [ 127.162995][ T5887] usbhid 6-1:0.0: can't add hid device: -71 [ 127.185213][ T5887] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 127.218662][ T6487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.169'. [ 127.248987][ T5887] usb 6-1: USB disconnect, device number 2 [ 127.357868][ T5885] usb 2-1: USB disconnect, device number 8 [ 128.570818][ T5885] kernel write not supported for file /media1 (pid: 5885 comm: kworker/1:4) [ 128.672125][ T6513] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 128.687738][ T6515] binder: BINDER_SET_CONTEXT_MGR already set [ 128.694493][ T6515] binder: 6514:6515 ioctl 4018620d 200000000180 returned -16 [ 128.863939][ T6521] netlink: 8 bytes leftover after parsing attributes in process `syz.3.184'. [ 129.300156][ T5887] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 129.413647][ T6540] evm: overlay not supported [ 129.520416][ T5887] usb 3-1: Using ep0 maxpacket: 8 [ 129.537480][ T5887] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 129.549031][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.588737][ T5887] usb 3-1: config 0 descriptor?? [ 129.900169][ T5887] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 130.288463][ T6559] overlayfs: failed to clone upperpath [ 131.603566][ T5887] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 131.677296][ T5887] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 131.734679][ T5887] asix 3-1:0.0: probe with driver asix failed with error -71 [ 131.795923][ T5887] usb 3-1: USB disconnect, device number 2 [ 132.146979][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.160319][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.821465][ T6579] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 134.231492][ T6613] netlink: 'syz.2.218': attribute type 4 has an invalid length. [ 134.290389][ T6616] netlink: 'syz.2.218': attribute type 4 has an invalid length. [ 135.138367][ T6625] loop4: detected capacity change from 0 to 1024 [ 135.176767][ T6625] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 135.278575][ T6625] EXT4-fs error (device loop4): ext4_map_blocks:709: inode #3: block 1: comm syz.4.220: lblock 1 mapped to illegal pblock 1 (length 1) [ 135.304245][ T6629] IPv6: sit1: Disabled Multicast RS [ 135.366272][ T6625] Quota error (device loop4): write_blk: dquota write failed [ 135.386948][ T6625] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 135.449301][ T6625] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.220: Failed to acquire dquot type 0 [ 135.512039][ T6625] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.220: Freeing blocks not in datazone - block = 0, count = 4096 [ 135.530778][ T6634] loop2: detected capacity change from 0 to 1024 [ 135.663014][ T6625] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.220: Invalid inode bitmap blk 0 in block_group 0 [ 135.696076][ T36] EXT4-fs error (device loop4): ext4_map_blocks:675: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 135.732256][ T36] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 135.742729][ T36] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 0 [ 135.776342][ T6625] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 135.826873][ T6625] EXT4-fs (loop4): 1 orphan inode deleted [ 135.882494][ T6625] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.994068][ T6625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.220'. [ 136.384059][ T5831] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.402101][ T6655] netlink: 4 bytes leftover after parsing attributes in process `syz.3.233'. [ 136.727265][ T6657] loop2: detected capacity change from 0 to 4096 [ 136.742518][ T6657] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 137.010586][ T6662] tipc: Started in network mode [ 137.043493][ T6657] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 137.052050][ T6662] tipc: Node identity ee96accf8d9, cluster identity 4711 [ 137.078780][ T6657] ntfs3(loop2): ino=19, mi_enum_attr [ 137.103973][ T6662] tipc: Enabled bearer , priority 0 [ 137.189039][ T6657] ntfs3(loop2): failed to convert "c46c" to iso8859-7 [ 137.208433][ T6657] ntfs3(loop2): ino=20, mi_enum_attr [ 137.265604][ T6665] syzkaller0: MTU too low for tipc bearer [ 137.282924][ T6665] tipc: Disabling bearer [ 138.114330][ T6674] sit0: entered allmulticast mode [ 138.515588][ T6674] sit0: entered promiscuous mode [ 139.844391][ T6710] syz.1.252 uses obsolete (PF_INET,SOCK_PACKET) [ 140.461171][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 140.944477][ T6696] loop0: detected capacity change from 0 to 40427 [ 141.058402][ T6696] F2FS-fs (loop0): invalid crc value [ 141.921862][ T6696] F2FS-fs (loop0): Start checkpoint disabled! [ 142.169758][ T6730] netlink: 12 bytes leftover after parsing attributes in process `syz.1.256'. [ 145.380140][ T5885] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 145.617115][ T6740] loop4: detected capacity change from 0 to 32768 [ 145.630378][ T5885] usb 3-1: Using ep0 maxpacket: 32 [ 145.682228][ T5885] usb 3-1: config 0 has an invalid interface number: 110 but max is 0 [ 145.710949][ T5885] usb 3-1: config 0 has no interface number 0 [ 145.790319][ T5885] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=3a.e4 [ 145.832132][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 145.957410][ T5885] usb 3-1: Product: syz [ 145.964252][ T5885] usb 3-1: Manufacturer: syz [ 145.968916][ T5885] usb 3-1: SerialNumber: syz [ 146.009408][ T5885] usb 3-1: config 0 descriptor?? [ 146.327832][ T5885] igorplugusb 3-1:0.110: incorrect number of endpoints [ 146.339185][ T6740] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 146.410447][ T6774] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 146.541167][ T5831] ocfs2: Unmounting device (7,4) on (node local) [ 146.609825][ T6780] vivid-004: disconnect [ 146.635364][ T5887] usb 3-1: USB disconnect, device number 3 [ 146.679731][ T6754] vivid-004: reconnect [ 147.137606][ T6790] netlink: 40 bytes leftover after parsing attributes in process `syz.4.277'. [ 147.530737][ T6793] loop2: detected capacity change from 0 to 256 [ 147.594031][ T6793] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 147.684205][ T6793] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 148.074920][ T6787] loop3: detected capacity change from 0 to 32768 [ 148.189383][ T6787] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 148.388484][ T6787] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 148.467598][ T6787] XFS (loop3): Starting recovery (logdev: internal) [ 148.480308][ T5886] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 148.680119][ T5886] usb 3-1: Using ep0 maxpacket: 32 [ 148.702888][ T6787] XFS (loop3): Ending recovery (logdev: internal) [ 148.707978][ T5886] usb 3-1: config 0 has an invalid interface number: 12 but max is 0 [ 148.778506][ T5886] usb 3-1: config 0 has no interface number 0 [ 148.785526][ T5886] usb 3-1: config 0 interface 12 has no altsetting 0 [ 148.820515][ T5886] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 148.857588][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.883110][ T5886] usb 3-1: Product: syz [ 149.111327][ T5886] usb 3-1: Manufacturer: syz [ 149.120475][ T5886] usb 3-1: SerialNumber: syz [ 149.137688][ T30] audit: type=1804 audit(1746096838.503:6): pid=6818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.279" name="/newroot/56/file1/file2" dev="loop3" ino=4423 res=1 errno=0 [ 149.140922][ T5886] usb 3-1: config 0 descriptor?? [ 149.452897][ T5829] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 150.711131][ T6834] netlink: 'syz.0.294': attribute type 39 has an invalid length. [ 151.246534][ T5886] f81534 3-1:0.12: f81534_set_register: reg: 1003 data: b0 failed: -71 [ 151.265134][ T5886] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71 [ 151.293016][ T5886] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 151.342100][ T5886] f81534 3-1:0.12: probe with driver f81534 failed with error -71 [ 151.398312][ T5886] usb 3-1: USB disconnect, device number 4 [ 151.469448][ T6853] warning: `syz.4.303' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 151.522531][ T6852] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 151.579377][ T6852] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 151.618505][ T6852] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 151.888150][ T6858] loop3: detected capacity change from 0 to 32768 [ 151.898522][ T6858] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.304 (6858) [ 151.935464][ T6858] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 151.946288][ T6858] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 151.955115][ T6858] BTRFS info (device loop3): disk space caching is enabled [ 151.962421][ T6858] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 151.982146][ T9] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 151.995461][ T30] audit: type=1804 audit(1746096841.343:7): pid=6867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.305" name="file0" dev="tmpfs" ino=344 res=1 errno=0 [ 152.192182][ T6858] BTRFS info (device loop3): rebuilding free space tree [ 152.213904][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 152.250924][ T6858] BTRFS info (device loop3): disabling free space tree [ 152.257850][ T6858] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 152.267787][ T6858] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 152.278254][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 152.278304][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 152.278331][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.636789][ T9] usb 6-1: usb_control_msg returned -32 [ 152.642609][ T9] usbtmc 6-1:16.0: can't read capabilities [ 153.272099][ T6908] cgroup: fork rejected by pids controller in /syz4 [ 153.343742][ T5829] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 153.947135][ T5939] udevd[5939]: '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0' [6911] terminated by signal 33 (Unknown signal 33) [ 154.900501][ T5948] usb 6-1: USB disconnect, device number 3 [ 154.923635][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.466844][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.595291][ T6936] loop2: detected capacity change from 0 to 512 [ 155.739187][ T6936] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.323: corrupted in-inode xattr: invalid ea_ino [ 155.836565][ T6936] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.323: couldn't read orphan inode 15 (err -117) [ 155.922533][ T6936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 156.028482][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.161562][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.212093][ T6947] tipc: Started in network mode [ 156.217280][ T6947] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 156.260403][ T6947] tipc: Enabled bearer , priority 0 [ 156.542617][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.824333][ T5887] tipc: Node number set to 11578026 [ 157.980323][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 158.000343][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 158.008381][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 158.018147][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 158.027408][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 158.713894][ T12] bridge_slave_0: left allmulticast mode [ 158.794608][ T12] bridge_slave_0: left promiscuous mode [ 158.822377][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.079198][ T6988] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 160.110132][ T56] Bluetooth: hci3: command tx timeout [ 160.190914][ T6999] loop3: detected capacity change from 0 to 1764 [ 160.393368][ T6999] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 160.800906][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 160.885605][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 160.964719][ T12] bond0 (unregistering): Released all slaves [ 161.824761][ T12] tipc: Left network mode [ 162.140498][ T56] Bluetooth: hci3: command tx timeout [ 162.999867][ T7016] loop2: detected capacity change from 0 to 32768 [ 163.224636][ T7016] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 163.336618][ T7016] XFS (loop2): Ending clean mount [ 163.349973][ T7016] XFS (loop2): Quotacheck needed: Please wait. [ 163.538939][ T7016] XFS (loop2): Quotacheck: Done. [ 163.591583][ T12] hsr_slave_0: left promiscuous mode [ 163.711745][ T7058] loop3: detected capacity change from 0 to 512 [ 163.741628][ T7058] EXT4-fs: Ignoring removed bh option [ 163.750790][ T30] audit: type=1800 audit(1746096853.103:8): pid=7016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.351" name="file1" dev="loop2" ino=6150 res=0 errno=0 [ 163.782396][ T12] hsr_slave_1: left promiscuous mode [ 163.799238][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.808296][ T7058] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 163.817382][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.848883][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.867275][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.920312][ T7058] EXT4-fs (loop3): DAX unsupported by block device. [ 164.020295][ T12] veth1_macvtap: left promiscuous mode [ 164.076436][ T12] veth0_macvtap: left promiscuous mode [ 164.090538][ T12] veth1_vlan: left promiscuous mode [ 164.114376][ T12] veth0_vlan: left promiscuous mode [ 164.220391][ T56] Bluetooth: hci3: command tx timeout [ 164.342642][ T5833] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 165.141497][ T7056] loop5: detected capacity change from 0 to 32768 [ 166.309817][ T56] Bluetooth: hci3: command tx timeout [ 166.356033][ T12] team0 (unregistering): Port device team_slave_1 removed [ 166.438949][ T12] team0 (unregistering): Port device team_slave_0 removed [ 170.163702][ T7096] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 170.391457][ T6967] chnl_net:caif_netlink_parms(): no params data found [ 170.684775][ T7132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.376'. [ 170.786522][ T30] audit: type=1326 audit(1746096860.153:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7126 comm="syz.3.379" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3bf038e969 code=0x0 [ 171.684082][ T7147] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 172.025751][ T6967] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.079682][ T6967] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.132633][ T6967] bridge_slave_0: entered allmulticast mode [ 172.165399][ T6967] bridge_slave_0: entered promiscuous mode [ 172.211794][ T6967] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.227506][ T6967] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.247114][ T6967] bridge_slave_1: entered allmulticast mode [ 172.261802][ T6967] bridge_slave_1: entered promiscuous mode [ 172.383716][ T7163] loop5: detected capacity change from 0 to 2048 [ 172.409606][ T7160] netlink: 452 bytes leftover after parsing attributes in process `syz.3.385'. [ 172.452476][ T7163] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 172.661823][ T6967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.738877][ T6967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.796402][ T7173] loop3: detected capacity change from 0 to 512 [ 172.844377][ T7173] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.387: casefold flag without casefold feature [ 172.877555][ T5928] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 172.919327][ T7173] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.387: couldn't read orphan inode 15 (err -117) [ 172.933119][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 172.955290][ T7173] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.085503][ T5928] usb 1-1: Using ep0 maxpacket: 16 [ 173.125569][ T5928] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 173.162925][ T6967] team0: Port device team_slave_0 added [ 173.199916][ T5928] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 173.204348][ T6967] team0: Port device team_slave_1 added [ 173.240214][ T5928] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.248224][ T5928] usb 1-1: Product: syz [ 173.271045][ T7179] serio: Serial port pts0 [ 173.307100][ T5928] usb 1-1: Manufacturer: syz [ 173.314280][ T5928] usb 1-1: SerialNumber: syz [ 173.353613][ T5928] usb 1-1: config 0 descriptor?? [ 173.362752][ T5928] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 173.381498][ T5928] em28xx 1-1:0.0: DVB interface 0 found: bulk [ 173.470524][ T7187] overlayfs: failed to clone upperpath [ 173.481769][ T5829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.543775][ T6967] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 173.566931][ T6967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.666921][ T6967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 173.706140][ T6967] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 173.807865][ T6967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.055709][ T5928] em28xx 1-1:0.0: unknown em28xx chip ID (0) [ 174.292628][ T6967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.681215][ T5928] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 174.697187][ T5928] em28xx 1-1:0.0: board has no eeprom [ 174.717559][ T6967] hsr_slave_0: entered promiscuous mode [ 174.739006][ T6967] hsr_slave_1: entered promiscuous mode [ 174.747969][ T7205] netlink: 4 bytes leftover after parsing attributes in process `syz.2.396'. [ 174.767424][ T6967] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 174.779457][ T6967] Cannot create hsr debugfs directory [ 174.794639][ T7205] netlink: 12 bytes leftover after parsing attributes in process `syz.2.396'. [ 174.990525][ T5928] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 175.026511][ T5928] em28xx 1-1:0.0: dvb set to bulk mode. [ 175.069894][ T9] em28xx 1-1:0.0: Binding DVB extension [ 175.107325][ T5928] usb 1-1: USB disconnect, device number 3 [ 175.153581][ T5928] em28xx 1-1:0.0: Disconnecting em28xx [ 175.332981][ T9] em28xx 1-1:0.0: Registering input extension [ 175.339675][ T5928] em28xx 1-1:0.0: Closing input extension [ 175.439769][ T7217] overlayfs: failed to clone upperpath [ 175.455348][ T5928] em28xx 1-1:0.0: Freeing device [ 175.777857][ T30] audit: type=1800 audit(1746096865.143:10): pid=7218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.398" name="/" dev="9p" ino=2 res=0 errno=0 [ 175.909769][ T7218] syz.2.398 (7218) used greatest stack depth: 20136 bytes left [ 176.080308][ T5928] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 176.262433][ T5928] usb 4-1: Using ep0 maxpacket: 32 [ 176.275955][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.314259][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.332507][ T5928] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 176.369678][ T5928] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 176.432544][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.474419][ T5928] usb 4-1: config 0 descriptor?? [ 176.984659][ T5928] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.0003/input/input8 [ 177.120317][ T7228] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 177.141174][ T7228] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 177.169475][ T7228] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 177.202687][ T5928] input: HID 0458:5011 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5011.0003/input/input9 [ 177.247297][ T7228] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 177.323218][ T5928] kye 0003:0458:5011.0003: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.3-1/input0 [ 177.515365][ T5928] usb 4-1: USB disconnect, device number 4 [ 177.670935][ T7274] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[7274] [ 177.728931][ T6967] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 177.786298][ T7274] netlink: 404 bytes leftover after parsing attributes in process `syz.2.416'. [ 178.253531][ T6967] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 178.365011][ T6967] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 178.466899][ T6967] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 179.478564][ T6967] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.591541][ T6967] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.671286][ T82] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.678462][ T82] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.856310][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.863549][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.087179][ T6967] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 180.187104][ T30] audit: type=1804 audit(1746096869.543:11): pid=7305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.426" name="/newroot/55/file0" dev="tmpfs" ino=344 res=1 errno=0 [ 180.213998][ T6967] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 181.024014][ T7329] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 181.113411][ T7329] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 181.129090][ T6967] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 181.217167][ T7332] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 182.439903][ T7346] Bluetooth: MGMT ver 1.23 [ 182.692039][ T7353] loop5: detected capacity change from 0 to 16 [ 182.762432][ T7353] erofs (device loop5): mounted with root inode @ nid 36. [ 184.017596][ T6967] veth0_vlan: entered promiscuous mode [ 184.317751][ T6967] veth1_vlan: entered promiscuous mode [ 184.749608][ T6967] veth0_macvtap: entered promiscuous mode [ 184.771213][ T6967] veth1_macvtap: entered promiscuous mode [ 184.859578][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 184.900092][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.120106][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.152159][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.170617][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.225451][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.259966][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 185.320080][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.362564][ T6967] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.432253][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 185.518281][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.583863][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 185.628398][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.674202][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 185.739818][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.784266][ T6967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 185.846722][ T6967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 185.963474][ T6967] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 186.563876][ T6967] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.660096][ T6967] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.668816][ T6967] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.736053][ T6967] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.054566][ T7417] netlink: 64 bytes leftover after parsing attributes in process `syz.3.448'. [ 187.703886][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.793873][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.097500][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.214408][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.889872][ T7448] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.457'. [ 191.340181][ T56] Bluetooth: hci3: command tx timeout [ 193.596805][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.606565][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.207404][ T7511] binder: 7507:7511 ioctl c0306201 2000000003c0 returned -14 [ 194.704093][ T7523] loop0: detected capacity change from 0 to 2048 [ 194.929771][ T7523] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 194.997449][ T7523] UDF-fs: Scanning with blocksize 512 failed [ 195.071131][ T7523] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 195.251795][ T30] audit: type=1800 audit(1746096884.623:12): pid=7523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.477" name="bus" dev="loop0" ino=830 res=0 errno=0 [ 195.805546][ T30] audit: type=1800 audit(1746096885.153:13): pid=7535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.477" name="bus" dev="loop0" ino=830 res=0 errno=0 [ 195.949347][ T30] audit: type=1800 audit(1746096885.273:14): pid=7537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.477" name="bus" dev="loop0" ino=830 res=0 errno=0 [ 198.096824][ T7550] loop0: detected capacity change from 0 to 32768 [ 198.210263][ T7550] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.484 (7550) [ 198.336348][ T7550] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 198.418756][ T7550] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm [ 198.570122][ T7550] BTRFS info (device loop0): using free-space-tree [ 198.593373][ T7578] netlink: 16 bytes leftover after parsing attributes in process `syz.1.491'. [ 198.771073][ T7561] loop3: detected capacity change from 0 to 32768 [ 199.286423][ T7561] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 199.286423][ T7561] allowing incompatible features above 0.0: (unknown version) [ 199.378301][ T7607] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.387139][ T7607] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.442919][ T7561] bcachefs (loop3): initializing new filesystem [ 199.476587][ T5834] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 199.489149][ T7561] bcachefs (loop3): going read-write [ 199.523481][ T7607] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.530667][ T7607] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.541978][ T7607] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.549117][ T7607] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.647423][ T7561] bcachefs (loop3): marking superblocks [ 199.804095][ T7561] bcachefs (loop3): initializing freespace [ 199.849768][ T7561] bcachefs (loop3): done initializing freespace [ 199.922199][ T7561] bcachefs (loop3): reading snapshots table [ 199.983589][ T7561] bcachefs (loop3): reading snapshots done [ 200.648123][ T7561] bcachefs (loop3): done starting filesystem [ 201.000286][ T7561] syz.3.488 (7561) used greatest stack depth: 14632 bytes left [ 201.053938][ T5829] bcachefs (loop3): shutting down [ 201.059094][ T5829] bcachefs (loop3): going read-only [ 201.081351][ T5829] bcachefs (loop3): finished waiting for writes to stop [ 201.151977][ T5829] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3 [ 201.618367][ T5829] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4 [ 201.670271][ T5829] bcachefs (loop3): clean shutdown complete, journal seq 5 [ 201.745701][ T5829] bcachefs (loop3): marking filesystem clean [ 202.021379][ T5829] bcachefs (loop3): shutdown complete [ 202.846333][ T7627] loop4: detected capacity change from 0 to 4096 [ 202.915819][ T7627] NILFS (loop4): invalid segment: Checksum error in segment payload [ 202.973098][ T7627] NILFS (loop4): trying rollback from an earlier position [ 203.048247][ T7627] NILFS (loop4): recovery complete [ 203.127485][ T7636] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 203.185052][ T30] audit: type=1800 audit(1746096892.553:15): pid=7627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.499" name="file1" dev="loop4" ino=12 res=0 errno=0 [ 203.288090][ T30] audit: type=1800 audit(1746096892.583:16): pid=7627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.499" name="file1" dev="loop4" ino=12 res=0 errno=0 [ 203.914817][ C0] vcan0: j1939_tp_rxtimer: 0xffff88807f568000: rx timeout, send abort [ 203.924192][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807f568000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 204.173646][ T7656] netlink: 24 bytes leftover after parsing attributes in process `syz.2.510'. [ 204.259645][ T7661] loop4: detected capacity change from 0 to 164 [ 204.342005][ T7661] ISOFS: unable to read i-node block [ 204.389696][ T7661] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 204.511899][ T30] audit: type=1326 audit(1746096893.883:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7662 comm="syz.5.512" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x0 [ 204.902043][ T5948] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 205.110076][ T5948] usb 3-1: Using ep0 maxpacket: 16 [ 205.122773][ T5948] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 205.168018][ T5948] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 205.202012][ T5948] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 205.227118][ T5948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.247404][ T5948] usb 3-1: Product: syz [ 205.251899][ T5948] usb 3-1: Manufacturer: syz [ 205.267624][ T5948] usb 3-1: SerialNumber: syz [ 205.301256][ T5948] usb 3-1: config 0 descriptor?? [ 205.313840][ T5948] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 205.340953][ T5948] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 205.366127][ T7666] loop0: detected capacity change from 0 to 32768 [ 205.410697][ T7666] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.513 (7666) [ 205.474274][ T7666] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 205.529735][ T7666] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm [ 205.870202][ T7666] BTRFS info (device loop0): using free-space-tree [ 206.045105][ T5948] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 206.072262][ T5948] em28xx 3-1:0.0: Config register raw data: 0xfffffffb [ 206.450348][ T30] audit: type=1800 audit(1746096895.803:18): pid=7708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.513" name="file1" dev="loop0" ino=260 res=0 errno=0 [ 206.662856][ T7711] 8021q: VLANs not supported on ip6gre0 [ 206.764406][ T5834] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 206.880547][ T7714] netlink: 'syz.5.522': attribute type 1 has an invalid length. [ 207.135267][ T5948] em28xx 3-1:0.0: Unknown AC97 audio processor detected! [ 207.144324][ T5948] em28xx 3-1:0.0: couldn't setup AC97 register 2 [ 207.169397][ T5948] em28xx 3-1:0.0: couldn't setup AC97 register 4 [ 207.176580][ T5948] em28xx 3-1:0.0: couldn't setup AC97 register 6 [ 207.188214][ T5948] em28xx 3-1:0.0: couldn't setup AC97 register 54 [ 207.195848][ T5948] em28xx 3-1:0.0: couldn't setup AC97 register 56 [ 207.207058][ T7714] 8021q: adding VLAN 0 to HW filter on device bond1 [ 207.264950][ T5948] usb 3-1: USB disconnect, device number 5 [ 207.372010][ T7718] ip6erspan0: entered promiscuous mode [ 207.449245][ T7718] bond1: (slave ip6erspan0): making interface the new active one [ 207.504089][ T7718] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 207.977615][ T7736] loop2: detected capacity change from 0 to 64 [ 208.900180][ T5948] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 209.120117][ T5948] usb 6-1: Using ep0 maxpacket: 32 [ 209.285009][ T7746] loop2: detected capacity change from 0 to 2048 [ 209.619037][ T5948] usb 6-1: config 0 interface 0 has no altsetting 0 [ 209.943090][ T5948] usb 6-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 209.980739][ T5948] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.026979][ T5948] usb 6-1: config 0 descriptor?? [ 210.187220][ T7268] Alternate GPT is invalid, using primary GPT. [ 210.269516][ T7268] loop2: p1 p2 p3 [ 210.404788][ T7752] Bluetooth: hci0: invalid len left 7, exp >= 116 [ 210.517679][ T5948] uclogic 0003:5543:0522.0004: item fetching failed at offset 5/7 [ 210.621595][ T5948] uclogic 0003:5543:0522.0004: parse failed [ 210.627638][ T5948] uclogic 0003:5543:0522.0004: probe with driver uclogic failed with error -22 [ 210.770725][ T5948] usb 6-1: USB disconnect, device number 4 [ 210.857103][ T7759] loop2: detected capacity change from 0 to 256 [ 211.069592][ T5828] Bluetooth: hci1: command 0x0406 tx timeout [ 211.075763][ T5838] Bluetooth: hci2: command 0x0406 tx timeout [ 211.081889][ T5823] Bluetooth: hci4: command 0x0406 tx timeout [ 211.087891][ T5823] Bluetooth: hci5: command 0x0406 tx timeout [ 211.313962][ T7268] udevd[7268]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 211.399331][ T7269] udevd[7269]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 211.400204][ T5939] udevd[5939]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 211.561852][ T7770] loop0: detected capacity change from 0 to 128 [ 211.599065][ T7759] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 211.954474][ T7770] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 211.994939][ T7770] ext4 filesystem being mounted at /106/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 212.131238][ T7775] netlink: 'syz.5.539': attribute type 12 has an invalid length. [ 212.889938][ T5834] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 212.896077][ T7783] netlink: 'syz.4.542': attribute type 1 has an invalid length. [ 213.139810][ T7792] loop2: detected capacity change from 0 to 512 [ 213.463386][ T7792] EXT4-fs: Ignoring removed nobh option [ 213.469917][ T7788] ip6erspan0: entered promiscuous mode [ 213.482103][ T7788] ip6erspan0: entered allmulticast mode [ 213.530192][ T7785] loop5: detected capacity change from 0 to 2048 [ 213.550245][ T7792] EXT4-fs: Ignoring removed mblk_io_submit option [ 213.589014][ T7763] loop3: detected capacity change from 0 to 4096 [ 213.880642][ T7796] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 213.926242][ T7792] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 214.054720][ T7785] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 214.181049][ T30] audit: type=1800 audit(1746097159.547:19): pid=7792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.545" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 214.445455][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.980927][ T5948] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 214.981578][ T7812] loop5: detected capacity change from 0 to 512 [ 215.158565][ T7812] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.193545][ T5948] usb 5-1: Using ep0 maxpacket: 16 [ 215.214565][ T5948] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 215.252509][ T7812] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 215.262526][ T5948] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 18 [ 215.342897][ T5948] usb 5-1: config 0 has no interface number 0 [ 215.399834][ T5948] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice=3f.88 [ 215.432541][ T5948] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.491091][ T5948] usb 5-1: config 0 descriptor?? [ 215.527211][ T5948] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 215.535883][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.598956][ T5948] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -2 [ 215.607329][ T7834] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 215.721990][ T7268] udevd[7268]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 215.738360][ T5928] IPVS: starting estimator thread 0... [ 215.755241][ T7836] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 215.773905][ T7806] loop4: detected capacity change from 0 to 256 [ 215.807341][ T7806] exfat: Unknown parameter '@' [ 215.860611][ T7839] IPVS: using max 24 ests per chain, 57600 per kthread [ 216.034843][ T5887] usb 5-1: USB disconnect, device number 3 [ 216.100739][ T5948] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 216.377322][ T5948] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 216.483499][ T5948] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFB, changing to 0x8B [ 216.583196][ T5948] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 216.593875][ T5948] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 216.607714][ T5948] usb 1-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10 [ 216.619812][ T5948] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.163604][ T5948] usb 1-1: config 0 descriptor?? [ 217.212005][ T5948] radioshark2 1-1:0.0: Invalid radioSHARK2 device [ 217.221546][ T5948] radioshark2 1-1:0.0: probe with driver radioshark2 failed with error -22 [ 217.231193][ T5948] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 217.445402][ T7859] loop5: detected capacity change from 0 to 1024 [ 217.496119][ T5932] usb 1-1: USB disconnect, device number 4 [ 218.292178][ T7859] EXT4-fs (loop5): Test dummy encryption mode enabled [ 218.326783][ T7859] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 218.513599][ T30] audit: type=1326 audit(1746097163.877:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7858 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7fc00000 [ 218.632860][ T30] audit: type=1326 audit(1746097163.977:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7858 comm="syz.5.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe2a118e969 code=0x7fc00000 [ 218.752592][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.001527][ T7885] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.009907][ T7885] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.113825][ T7885] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.147268][ T7885] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.190182][ T7885] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.226360][ T7885] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.660654][ T7909] loop0: detected capacity change from 0 to 1024 [ 221.761718][ T7909] EXT4-fs: Ignoring removed bh option [ 222.253622][ T7909] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 222.458827][ T7909] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt. [ 222.505089][ T7909] EXT4-fs (loop0): Remounting filesystem read-only [ 222.661601][ T7927] tipc: Started in network mode [ 222.666524][ T7927] tipc: Node identity 8000008, cluster identity 4711 [ 222.712119][ T7927] tipc: Node number set to 134217736 [ 222.728933][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.954140][ T7935] loop0: detected capacity change from 0 to 256 [ 223.205841][ T30] audit: type=1800 audit(1746097168.567:22): pid=7935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.592" name="bus" dev="loop0" ino=1048621 res=0 errno=0 [ 223.221052][ T7935] exFAT-fs (loop0): error, bogus directory size (clus : ondisk(1) != counted(2)) [ 223.253229][ T7935] exFAT-fs (loop0): Filesystem has been set read-only [ 224.338910][ T7956] loop3: detected capacity change from 0 to 1024 [ 224.361750][ T7956] EXT4-fs: Ignoring removed orlov option [ 224.372147][ T7956] EXT4-fs: Ignoring removed oldalloc option [ 224.412540][ T7956] EXT4-fs (loop3): Test dummy encryption mode enabled [ 224.445510][ T7956] EXT4-fs (loop3): stripe (6) is not aligned with cluster size (16), stripe is disabled [ 224.452508][ T7920] loop5: detected capacity change from 0 to 32768 [ 224.477650][ T7956] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.547303][ T7920] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 224.630580][ T5885] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 224.759435][ T7920] XFS (loop5): Ending clean mount [ 224.802908][ T7956] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 224.834470][ T7920] XFS (loop5): Quotacheck needed: Please wait. [ 224.920107][ T5885] usb 5-1: Using ep0 maxpacket: 8 [ 224.927345][ T5885] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 224.984742][ T5885] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 225.006907][ T5885] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 225.026278][ T5885] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 225.041667][ T5885] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 225.050806][ T5885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.062533][ T7956] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 225.161235][ T7920] XFS (loop5): Quotacheck: Done. [ 225.285520][ T5885] usb 5-1: GET_CAPABILITIES returned 0 [ 225.291264][ T5885] usbtmc 5-1:16.0: can't read capabilities [ 225.343654][ T5829] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.479888][ T5825] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 225.510411][ T5883] usb 5-1: USB disconnect, device number 4 [ 225.704604][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 225.880088][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 225.906865][ T9] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 225.928687][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.963349][ T9] usb 4-1: config 0 descriptor?? [ 226.002810][ T9] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 226.690202][ T5885] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 226.812638][ T8011] loop0: detected capacity change from 0 to 512 [ 226.870594][ T5885] usb 5-1: Using ep0 maxpacket: 16 [ 226.888472][ T5885] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 226.923297][ T8011] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 226.946155][ T5885] usb 5-1: config 0 has no interface number 0 [ 226.970336][ T8011] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 226.990827][ T5885] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28 [ 227.000253][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 227.025012][ T5885] usb 5-1: Product: syz [ 227.038775][ T5885] usb 5-1: Manufacturer: syz [ 227.078225][ T8011] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 227.096318][ T5885] usb 5-1: SerialNumber: syz [ 227.283534][ T5885] usb 5-1: config 0 descriptor?? [ 227.300768][ T8001] loop5: detected capacity change from 0 to 32768 [ 227.434111][ T8001] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.610 (8001) [ 227.476000][ T8001] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 227.486611][ T8001] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 227.752854][ T5885] usb 5-1: USB disconnect, device number 5 [ 227.835252][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.000832][ T5825] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 228.051558][ T9] gspca_sonixj: reg_r err -71 [ 228.056440][ T9] sonixj 4-1:0.0: probe with driver sonixj failed with error -71 [ 228.079274][ T9] usb 4-1: USB disconnect, device number 5 [ 228.546034][ T8058] loop5: detected capacity change from 0 to 3 [ 228.725470][ T8067] loop2: detected capacity change from 0 to 512 [ 228.757402][ T8067] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 228.793439][ T8067] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 228.845589][ T8067] EXT4-fs (loop2): 1 truncate cleaned up [ 228.889106][ T8078] overlayfs: failed to clone upperpath [ 228.907634][ T8067] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.945593][ T8067] syz.2.626 (pid 8067) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 228.983843][ T8067] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload [ 229.076847][ T5833] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.420214][ T5133] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 231.639568][ T8127] overlayfs: failed to clone upperpath [ 233.249057][ T8144] loop0: detected capacity change from 0 to 1024 [ 233.311482][ T8144] hfsplus: unable to find HFS+ superblock [ 234.491393][ T8144] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.500429][ T8144] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.686308][ T8158] loop0: detected capacity change from 0 to 2048 [ 235.062106][ T8158] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.576340][ T8158] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.656: bg 0: block 234: padding at end of block bitmap is not set [ 235.593980][ T8158] EXT4-fs (loop0): Remounting filesystem read-only [ 239.092576][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.128827][ T8194] loop4: detected capacity change from 0 to 256 [ 241.163293][ T8211] netlink: 4 bytes leftover after parsing attributes in process `syz.3.670'. [ 241.303905][ T8218] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 243.260373][ T5821] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 243.457428][ T5821] usb 4-1: config 0 has no interfaces? [ 243.489215][ T5821] usb 4-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=61.d8 [ 243.552661][ T5821] usb 4-1: New USB device strings: Mfr=123, Product=105, SerialNumber=3 [ 243.587948][ T5821] usb 4-1: Product: syz [ 243.600109][ T5821] usb 4-1: Manufacturer: syz [ 243.620064][ T5821] usb 4-1: SerialNumber: syz [ 243.641347][ T5821] usb 4-1: config 0 descriptor?? [ 246.832023][ T5887] usb 4-1: USB disconnect, device number 6 [ 247.095258][ T8291] overlayfs: failed to clone upperpath [ 247.320127][ T5948] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 247.418661][ T8297] loop0: detected capacity change from 0 to 4096 [ 247.452362][ T8297] NILFS (loop0): invalid segment: Checksum error in segment payload [ 247.530378][ T5948] usb 5-1: Using ep0 maxpacket: 32 [ 247.540983][ T8297] NILFS (loop0): trying rollback from an earlier position [ 247.543847][ T5948] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 247.592676][ T8297] NILFS (loop0): recovery complete [ 247.620555][ T5948] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 247.639524][ T8300] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 247.658570][ T5948] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 247.687762][ T8299] bridge0: port 3(vlan2) entered blocking state [ 247.712880][ T30] audit: type=1800 audit(1746097193.077:23): pid=8297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.698" name="file1" dev="loop0" ino=12 res=0 errno=0 [ 247.754022][ T5948] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 247.769820][ T8299] bridge0: port 3(vlan2) entered disabled state [ 247.782824][ T5948] usb 5-1: Product: syz [ 247.786997][ T5948] usb 5-1: Manufacturer: syz [ 247.800202][ T30] audit: type=1800 audit(1746097193.077:24): pid=8297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.698" name="file1" dev="loop0" ino=12 res=0 errno=0 [ 247.821137][ T8299] vlan2: entered allmulticast mode [ 247.838521][ T5948] hub 5-1:4.0: USB hub found [ 247.863529][ T8299] macvlan1: entered allmulticast mode [ 247.907791][ T8306] netlink: 24 bytes leftover after parsing attributes in process `syz.3.703'. [ 247.922818][ T8299] vlan2: entered promiscuous mode [ 247.940123][ T8299] macvlan1: entered promiscuous mode [ 247.990427][ T8309] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 247.990427][ T8309] The task syz.2.702 (8309) triggered the difference, watch for misbehavior. [ 248.040616][ T8309] fuse: Bad value for 'fd' [ 248.049379][ T5948] hub 5-1:4.0: 2 ports detected [ 248.055097][ T5948] hub 5-1:4.0: insufficient power available to use all downstream ports [ 248.253641][ T5948] hub 5-1:4.0: hub_hub_status failed (err = -71) [ 248.268260][ T5948] hub 5-1:4.0: config failed, can't get hub status (err -71) [ 248.286365][ T30] audit: type=1804 audit(1746097193.647:25): pid=8313 uid=0 auid=0 ses=1 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.705" name="file0" dev="ramfs" ino=14292 res=1 errno=0 [ 248.344071][ T5948] usb 5-1: USB disconnect, device number 6 [ 249.580455][ T5948] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 249.926821][ T5948] usb 5-1: config 0 has no interfaces? [ 249.951964][ T5948] usb 5-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=61.d8 [ 249.963427][ T5948] usb 5-1: New USB device strings: Mfr=123, Product=105, SerialNumber=3 [ 250.340054][ T5948] usb 5-1: Product: syz [ 250.360442][ T5948] usb 5-1: Manufacturer: syz [ 250.365055][ T5948] usb 5-1: SerialNumber: syz [ 250.396318][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.405340][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.414214][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.423103][ T8347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.456709][ T5948] usb 5-1: config 0 descriptor?? [ 250.604026][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.613371][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.622281][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.631186][ T8347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.715'. [ 250.940485][ T8347] netlink: 20 bytes leftover after parsing attributes in process `syz.1.715'. [ 251.583326][ T36] bond0: (slave bond_slave_0): interface is now down [ 251.614140][ T36] bond0: (slave bond_slave_1): interface is now down [ 251.657310][ T36] bond0: now running without any active interface! [ 251.660298][ T8360] netlink: 'syz.2.721': attribute type 10 has an invalid length. [ 252.021789][ T8360] syz_tun: entered promiscuous mode [ 252.186690][ T8360] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 252.198454][ T82] bond0: (slave syz_tun): interface is now down [ 252.251058][ T82] bond0: now running without any active interface! [ 253.220664][ T5887] usb 5-1: USB disconnect, device number 7 [ 253.362135][ T8383] syzkaller1: entered promiscuous mode [ 253.390117][ T8383] syzkaller1: entered allmulticast mode [ 255.154092][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.160471][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.387566][ T5826] Bluetooth: hci5: unexpected event for opcode 0x0c25 [ 255.750807][ T8429] vlan3: entered promiscuous mode [ 255.756236][ T8429] ip6gretap0: entered promiscuous mode [ 255.964775][ T8435] delete_channel: no stack [ 256.089024][ T8440] kAFS: No cell specified [ 256.232552][ T8442] overlayfs: failed to resolve './file0': -2 [ 258.193335][ T8474] loop0: detected capacity change from 0 to 256 [ 258.226118][ T8474] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 258.273842][ T8474] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 258.305250][ T8474] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 258.333185][ T8474] UDF-fs: Scanning with blocksize 512 failed [ 258.376788][ T8474] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 258.409270][ T8474] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 258.657845][ T30] audit: type=1800 audit(1746097204.017:26): pid=8478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.762" name="file1" dev="loop0" ino=55 res=0 errno=0 [ 258.692660][ T8478] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 296 marked as free, partition length is 80) [ 260.460204][ T5932] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 260.540122][ T5948] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 260.651690][ T5932] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 260.673267][ T5932] usb 1-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1 [ 260.690167][ T5948] usb 5-1: Using ep0 maxpacket: 8 [ 260.699301][ T5932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.743902][ T5948] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 260.836598][ T5932] usb 1-1: Product: syz [ 260.846759][ T5932] usb 1-1: Manufacturer: syz [ 260.851505][ T5948] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.860292][ T5932] usb 1-1: SerialNumber: syz [ 260.866342][ T5948] usb 5-1: Product: syz [ 260.873998][ T5948] usb 5-1: Manufacturer: syz [ 260.881116][ T5932] usb 1-1: config 0 descriptor?? [ 260.886270][ T5948] usb 5-1: SerialNumber: syz [ 260.893787][ T5932] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 260.907031][ T5948] usb 5-1: config 0 descriptor?? [ 260.913453][ T5932] usb 1-1: Detected SIO [ 260.918008][ T5932] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 7 [ 261.038205][ T5932] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 261.129710][ T5948] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 261.268914][ T8507] loop0: detected capacity change from 0 to 4096 [ 261.354729][ T8507] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 261.492002][ T30] audit: type=1800 audit(1746097206.847:27): pid=8507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.774" name="file1" dev="loop0" ino=33 res=0 errno=0 [ 261.534002][ T5887] usb 1-1: USB disconnect, device number 5 [ 261.555892][ T5887] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 261.605447][ T5887] ftdi_sio 1-1:0.0: device disconnected [ 262.565633][ T5948] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 263.410264][ T5948] usb 5-1: USB disconnect, device number 8 [ 263.946755][ T8555] __nla_validate_parse: 4 callbacks suppressed [ 263.946771][ T8555] netlink: 28 bytes leftover after parsing attributes in process `syz.1.793'. [ 264.108073][ T8554] syzkaller0: entered promiscuous mode [ 264.124868][ T8554] syzkaller0: entered allmulticast mode [ 264.484219][ T8572] loop0: detected capacity change from 0 to 1024 [ 265.676320][ T30] audit: type=1800 audit(1746097211.027:28): pid=8581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.799" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 268.480326][ T5948] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 269.056348][ T5948] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 269.075818][ T5948] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 269.093914][ T5948] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 269.114808][ T5948] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 269.134210][ T5948] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 269.152126][ T5948] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 269.162522][ T5948] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 269.177138][ T5948] usb 1-1: Product: syz [ 269.250713][ T5948] usb 1-1: Manufacturer: syz [ 269.485152][ T5948] cdc_wdm 1-1:1.0: skipping garbage [ 269.490488][ T5948] cdc_wdm 1-1:1.0: skipping garbage [ 269.701010][ T5948] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 269.730976][ T8603] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 269.777525][ T5948] cdc_wdm 1-1:1.0: Unknown control protocol [ 269.792814][ T8603] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 270.156131][ T8618] loop5: detected capacity change from 0 to 1024 [ 270.903127][ T5886] usb 1-1: USB disconnect, device number 6 [ 270.949606][ T8618] EXT4-fs: Ignoring removed bh option [ 271.014869][ T8618] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.164008][ T8618] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt. [ 271.223350][ T8618] EXT4-fs (loop5): Remounting filesystem read-only [ 271.375804][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.423563][ T8626] loop4: detected capacity change from 0 to 128 [ 271.471170][ T8626] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 271.554324][ T8626] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 271.747833][ T8639] loop0: detected capacity change from 0 to 164 [ 271.794055][ T8639] ISOFS: unable to read i-node block [ 271.801168][ T6967] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 271.806631][ T8639] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 276.609389][ T8701] loop5: detected capacity change from 0 to 164 [ 276.627168][ T8701] ISOFS: unable to read i-node block [ 276.654590][ T8701] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 277.229284][ T8712] loop4: detected capacity change from 0 to 256 [ 277.237907][ T8712] exfat: Bad value for 'gid' [ 277.242680][ T8712] exfat: Bad value for 'gid' [ 277.600108][ T5928] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 277.753384][ T5928] usb 5-1: config index 0 descriptor too short (expected 69, got 36) [ 277.771236][ T5928] usb 5-1: config 0 has an invalid descriptor of length 153, skipping remainder of the config [ 277.798652][ T5928] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 277.864605][ T5928] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 51379, setting to 64 [ 277.928259][ T5928] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 278.024903][ T5928] usb 5-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 278.072584][ T5928] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.090921][ T5928] usb 5-1: Product: syz [ 278.095161][ T5928] usb 5-1: Manufacturer: syz [ 278.099885][ T5928] usb 5-1: SerialNumber: syz [ 278.145062][ T5928] usb 5-1: config 0 descriptor?? [ 278.191404][ T8712] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 278.204384][ T5928] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 278.348790][ T8730] loop0: detected capacity change from 0 to 1024 [ 278.371043][ T8730] EXT4-fs: Ignoring removed nobh option [ 278.386852][ T8730] EXT4-fs: Ignoring removed bh option [ 278.439222][ T8730] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 278.935907][ T8730] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 15: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 279.023927][ T5928] input: gspca_pac7302 as /devices/platform/dummy_hcd.4/usb5/5-1/input/input11 [ 279.082378][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.115797][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.122697][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.129605][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.136475][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.143408][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.150269][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.157130][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.164130][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.171108][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.178006][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.185126][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.191990][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.198855][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.206000][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.212875][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.219735][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.226749][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.233628][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.240583][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.247480][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.254386][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.261320][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.268230][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.275094][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.282108][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.289236][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.296120][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.303027][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.311798][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.318650][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.325419][ T5928] usb 5-1: USB disconnect, device number 9 [ 279.331265][ C0] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 279.331279][ C0] gspca_main: Resubmit URB failed with error -19 [ 279.361404][ T8744] ptrace attach of "./syz-executor exec"[5820] was attempted by "./syz-executor exec"[8744] [ 279.789898][ T8759] overlayfs: failed to clone upperpath [ 280.154793][ T5883] libceph: connect (1)[c::]:6789 error -101 [ 280.217075][ T5883] libceph: mon0 (1)[c::]:6789 connect error [ 280.245316][ T5883] libceph: connect (1)[c::]:6789 error -101 [ 280.255451][ T5883] libceph: mon0 (1)[c::]:6789 connect error [ 280.274949][ T8771] overlayfs: failed to clone upperpath [ 280.281011][ T8766] loop4: detected capacity change from 0 to 16 [ 280.287469][ T8762] ceph: No mds server is up or the cluster is laggy [ 280.322465][ T8766] erofs: DAX unsupported by block device. Turning off DAX. [ 280.452554][ T8766] erofs (device loop4): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 280.544395][ T8766] erofs (device loop4): mounted with root inode @ nid 36. [ 281.891111][ T8786] loop4: detected capacity change from 0 to 1024 [ 281.898430][ T8786] EXT4-fs: Ignoring removed nobh option [ 281.940262][ T8786] EXT4-fs: Ignoring removed bh option [ 281.975168][ T8786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 282.064128][ T8796] fuse: Bad value for 'fd' [ 282.167407][ T8798] netlink: 4 bytes leftover after parsing attributes in process `syz.0.874'. [ 282.387053][ T8786] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 283.328077][ T6967] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.916985][ T8837] loop0: detected capacity change from 0 to 256 [ 283.998328][ T8837] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 284.320943][ T8844] loop3: detected capacity change from 0 to 164 [ 284.339488][ T8844] ISOFS: unable to read i-node block [ 284.354614][ T8844] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 286.007701][ T8868] loop5: detected capacity change from 0 to 2048 [ 286.049100][ T8868] EXT4-fs: Ignoring removed mblk_io_submit option [ 286.231443][ T8877] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 286.308571][ T8868] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 286.817163][ T8868] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.898: bg 0: block 234: padding at end of block bitmap is not set [ 287.040756][ T8868] EXT4-fs (loop5): Remounting filesystem read-only [ 287.085298][ T8868] EXT4-fs (loop5): error restoring inline_data for inode -- potential data loss! (inode 15, error -30) [ 287.319420][ T5825] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.692179][ T8926] netlink: 'syz.2.919': attribute type 21 has an invalid length. [ 290.338582][ T8916] syzkaller0: entered promiscuous mode [ 290.375187][ T8916] syzkaller0: entered allmulticast mode [ 290.701085][ T5133] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 290.713162][ T5133] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 290.724536][ T5133] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 290.742500][ T5133] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 290.750667][ T5133] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 290.945690][ T8943] overlayfs: failed to clone upperpath [ 292.790159][ T5826] Bluetooth: hci2: command tx timeout [ 293.869607][ T5928] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 294.647329][ T5928] usb 6-1: Using ep0 maxpacket: 8 [ 294.657846][ T5928] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 294.669568][ T5928] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 294.686457][ T5928] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 294.707625][ T5928] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 294.717654][ T5928] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 294.734916][ T5928] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 294.745602][ T5928] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.860088][ T5826] Bluetooth: hci2: command tx timeout [ 294.970452][ T5928] usb 6-1: GET_CAPABILITIES returned 0 [ 294.982455][ T5928] usbtmc 6-1:16.0: can't read capabilities [ 295.205501][ T8974] ptrace attach of "./syz-executor exec"[6967] was attempted by "./syz-executor exec"[8974] [ 295.239395][ T8974] netlink: 340 bytes leftover after parsing attributes in process `syz.4.936'. [ 295.251226][ T8974] netlink: 36 bytes leftover after parsing attributes in process `syz.4.936'. [ 295.351410][ T5886] usb 6-1: USB disconnect, device number 5 [ 296.879070][ T8926] netlink: 132 bytes leftover after parsing attributes in process `syz.2.919'. [ 297.001947][ T5826] Bluetooth: hci2: command tx timeout [ 297.327003][ T8986] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.938'. [ 297.350438][ T8986] netlink: zone id is out of range [ 297.357357][ T8986] netlink: zone id is out of range [ 297.363770][ T8986] netlink: get zone limit has 8 unknown bytes [ 299.456498][ T5826] Bluetooth: hci2: command tx timeout [ 299.775862][ T8936] chnl_net:caif_netlink_parms(): no params data found [ 299.887885][ T9019] syz_tun: entered allmulticast mode [ 299.955103][ T9021] netlink: 28 bytes leftover after parsing attributes in process `syz.2.948'. [ 299.975817][ T9021] netlink: 28 bytes leftover after parsing attributes in process `syz.2.948'. [ 299.994933][ T9019] dvmrp1: entered allmulticast mode [ 300.114767][ T9015] syz_tun: left allmulticast mode [ 300.564088][ T8936] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.571492][ T8936] bridge0: port 1(bridge_slave_0) entered disabled state [ 300.605914][ T8936] bridge_slave_0: entered allmulticast mode [ 301.356115][ T8936] bridge_slave_0: entered promiscuous mode [ 301.367918][ T8936] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.377295][ T8936] bridge0: port 2(bridge_slave_1) entered disabled state [ 301.389898][ T8936] bridge_slave_1: entered allmulticast mode [ 301.398577][ T8936] bridge_slave_1: entered promiscuous mode [ 301.633006][ T8936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 302.169664][ T8936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 302.238699][ T8936] team0: Port device team_slave_0 added [ 302.257410][ T8936] team0: Port device team_slave_1 added [ 302.413649][ T8936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 302.436666][ T8936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 302.535112][ T8936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 302.624251][ T8936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 302.664251][ T8936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 302.735700][ T8936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 303.215791][ T8936] hsr_slave_0: entered promiscuous mode [ 303.222664][ T8936] hsr_slave_1: entered promiscuous mode [ 303.231097][ T8936] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 303.238732][ T8936] Cannot create hsr debugfs directory [ 306.886622][ T8936] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.042917][ T8936] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.186676][ T8936] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.205698][ T9088] overlayfs: failed to clone upperpath [ 309.765928][ T8936] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.811076][ T9099] overlayfs: failed to clone upperpath [ 310.117064][ T9098] loop5: detected capacity change from 0 to 2048 [ 310.302695][ T9098] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 310.386193][ T9098] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 310.456650][ T9098] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 11 with max blocks 1 with error 28 [ 310.530367][ T9098] EXT4-fs (loop5): This should not happen!! Data will be lost [ 310.530367][ T9098] [ 310.576548][ T9098] EXT4-fs (loop5): Total free blocks count 0 [ 310.633961][ T9098] EXT4-fs (loop5): Free/Dirty block details [ 310.680962][ T9098] EXT4-fs (loop5): free_blocks=2415919104 [ 310.701696][ T8936] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 310.725720][ T9098] EXT4-fs (loop5): dirty_blocks=16 [ 310.750657][ T9098] EXT4-fs (loop5): Block reservation details [ 310.759427][ T8936] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 310.777039][ T9098] EXT4-fs (loop5): i_reserved_data_blocks=1 [ 310.841354][ T8936] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 310.876217][ T8936] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 310.904798][ T12] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 312.247369][ T8936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 312.354408][ T8936] 8021q: adding VLAN 0 to HW filter on device team0 [ 312.409138][ T5904] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.416323][ T5904] bridge0: port 1(bridge_slave_0) entered forwarding state [ 312.760968][ T989] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.780047][ T989] bridge0: port 2(bridge_slave_1) entered forwarding state [ 313.441609][ T5133] Bluetooth: hci3: command 0x0406 tx timeout [ 313.503257][ T5133] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 313.536006][ T5133] Bluetooth: hci5: Injecting HCI hardware error event [ 313.626129][ T5841] Bluetooth: hci5: hardware error 0x00 [ 314.123167][ T8936] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 315.770080][ T5841] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 316.505774][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.571065][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.058277][ T9168] loop4: detected capacity change from 0 to 2048 [ 318.125683][ T9168] loop4: p1 p3 < > p4 < p5 > [ 318.131128][ T9168] loop4: partition table partially beyond EOD, truncated [ 318.141677][ T9168] loop4: p1 size 33024 extends beyond EOD, truncated [ 318.151554][ T9168] loop4: p3 start 4284289 is beyond EOD, truncated [ 318.205010][ T9168] loop4: p5 size 33024 extends beyond EOD, truncated [ 318.216337][ T9176] overlayfs: failed to clone upperpath [ 318.255852][ T8936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 318.474540][ T9184] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 319.017655][ T8936] veth0_vlan: entered promiscuous mode [ 319.064643][ T8936] veth1_vlan: entered promiscuous mode [ 319.247338][ T8936] veth0_macvtap: entered promiscuous mode [ 320.214557][ T8936] veth1_macvtap: entered promiscuous mode [ 320.235989][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.246669][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.399851][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.424970][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.485036][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.518954][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.560067][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.685031][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.740109][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.795653][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.834217][ T8936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 320.877074][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.161086][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.206056][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.253069][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.270071][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.330418][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.340124][ T9214] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1008'. [ 321.360060][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.430129][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.450469][ T8936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.517215][ T8936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.552105][ T8936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 321.564838][ T9214] vlan2: left allmulticast mode [ 321.588285][ T9214] macvlan1: left allmulticast mode [ 321.600139][ T9214] vlan2: left promiscuous mode [ 321.610105][ T9214] macvlan1: left promiscuous mode [ 321.620503][ T9214] bridge0: port 3(vlan2) entered disabled state [ 321.733582][ T9214] bridge_slave_1: left allmulticast mode [ 321.739794][ T9214] bridge_slave_1: left promiscuous mode [ 321.758207][ T9214] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.879275][ T9214] bridge_slave_0: left allmulticast mode [ 321.904803][ T9214] bridge_slave_0: left promiscuous mode [ 321.942208][ T9214] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.178501][ T30] audit: type=1326 audit(1746097267.537:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 322.289836][ T8936] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.318488][ T8936] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.323967][ T30] audit: type=1326 audit(1746097267.537:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 322.340170][ T8936] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.383677][ T8936] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.516366][ T30] audit: type=1326 audit(1746097267.577:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 322.664460][ T30] audit: type=1326 audit(1746097267.577:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 322.832902][ T30] audit: type=1326 audit(1746097267.577:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 322.846303][ T5904] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.958919][ T5904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.003136][ T30] audit: type=1326 audit(1746097267.577:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 323.083005][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.229358][ T30] audit: type=1326 audit(1746097267.577:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 323.253087][ T30] audit: type=1326 audit(1746097267.577:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 323.277642][ T30] audit: type=1326 audit(1746097267.577:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 324.133750][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 324.213017][ T30] audit: type=1326 audit(1746097267.577:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.5.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2a118e969 code=0x7ffc0000 [ 324.787943][ T9255] tc_dump_action: action bad kind [ 327.064362][ T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.398395][ T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.615506][ T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.953809][ T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.689072][ T36] bridge_slave_1: left allmulticast mode [ 329.723043][ T36] bridge_slave_1: left promiscuous mode [ 329.764919][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 329.850172][ T5886] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 329.875244][ T36] bridge_slave_0: left allmulticast mode [ 329.898134][ T36] bridge_slave_0: left promiscuous mode [ 329.954681][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 330.063656][ T5886] usb 6-1: Using ep0 maxpacket: 16 [ 330.100171][ T5886] usb 6-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config [ 330.144257][ T5886] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 330.193083][ T5886] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 330.217486][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.247654][ T5886] usb 6-1: Product: syz [ 330.258703][ T5886] usb 6-1: Manufacturer: syz [ 330.288562][ T5886] usb 6-1: SerialNumber: syz [ 330.423103][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 330.433693][ T5826] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 330.441645][ T5826] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 330.450568][ T5826] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 330.459621][ T5826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 330.545980][ T5886] usb 6-1: 0:2 : does not exist [ 330.637837][ T5886] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 330.763385][ T5886] usb 6-1: USB disconnect, device number 6 [ 330.901714][ T9311] sd 0:0:1:0: PR command failed: 1026 [ 330.907167][ T9311] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 330.931585][ T9311] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 332.540770][ T5841] Bluetooth: hci2: command tx timeout [ 333.667177][ T9329] xt_CT: You must specify a L4 protocol and not use inversions on it [ 334.018683][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 334.110648][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 334.134859][ T36] bond0 (unregistering): Released all slaves [ 334.635126][ T5841] Bluetooth: hci2: command tx timeout [ 334.734567][ T5883] libceph: connect (1)[c::]:6789 error -101 [ 334.743903][ T5883] libceph: mon0 (1)[c::]:6789 connect error [ 334.861187][ T9356] ceph: No mds server is up or the cluster is laggy [ 335.854183][ T36] hsr_slave_0: left promiscuous mode [ 335.960096][ T36] hsr_slave_1: left promiscuous mode [ 336.411021][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 336.418461][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 336.505563][ T9376] loop0: detected capacity change from 0 to 1024 [ 336.537449][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.601510][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 336.700379][ T5841] Bluetooth: hci2: command tx timeout [ 336.716278][ T36] veth1_macvtap: left promiscuous mode [ 336.741577][ T9376] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.763048][ T36] veth0_macvtap: left promiscuous mode [ 336.769351][ T36] veth1_vlan: left promiscuous mode [ 336.820499][ T36] veth0_vlan: left promiscuous mode [ 337.026702][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.953020][ T5841] Bluetooth: hci2: command tx timeout [ 340.039696][ T9429] process 'syz.2.1077' launched '/dev/fd/6' with NULL argv: empty string added [ 340.395745][ T36] team0 (unregistering): Port device team_slave_1 removed [ 340.488551][ T36] team0 (unregistering): Port device team_slave_0 removed [ 342.184825][ T9452] overlayfs: failed to clone upperpath [ 342.330344][ T9454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1085'. [ 342.784292][ T9465] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[9465] [ 342.798366][ T9465] netlink: 264 bytes leftover after parsing attributes in process `syz.2.1088'. [ 342.807492][ T9465] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1088'. [ 342.983386][ T9308] chnl_net:caif_netlink_parms(): no params data found [ 343.059953][ T9473] netlink: 'syz.1.1091': attribute type 12 has an invalid length. [ 343.296627][ T9478] syz_tun: left promiscuous mode [ 343.311044][ T9478] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.318747][ T9478] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.478733][ T9478] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 343.535294][ T9478] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 344.396523][ T9478] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.409936][ T9478] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.480474][ T9478] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.553933][ T9478] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.718548][ T9486] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 344.804590][ T9308] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.812677][ T9308] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.819844][ T9308] bridge_slave_0: entered allmulticast mode [ 344.828242][ T9308] bridge_slave_0: entered promiscuous mode [ 344.861557][ T9504] bond0: (slave syz_tun): Releasing backup interface [ 344.882230][ T9308] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.893612][ T9308] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.903481][ T9308] bridge_slave_1: entered allmulticast mode [ 344.912123][ T9308] bridge_slave_1: entered promiscuous mode [ 344.982509][ T9308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 344.999503][ T9308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.079675][ T9308] team0: Port device team_slave_0 added [ 345.094909][ T9308] team0: Port device team_slave_1 added [ 345.160095][ T9308] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 345.167080][ T9308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 345.960206][ T9308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 346.177972][ T9513] IPv6: sit1: Disabled Multicast RS [ 346.198159][ T9308] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 346.217148][ T9308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.310034][ T9308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.456532][ T9308] hsr_slave_0: entered promiscuous mode [ 347.474512][ T9308] hsr_slave_1: entered promiscuous mode [ 347.490767][ T9308] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 347.498331][ T9308] Cannot create hsr debugfs directory [ 347.893102][ T9539] use of bytesused == 0 is deprecated and will be removed in the future, [ 347.940030][ T9539] use the actual size instead. [ 348.431567][ T9308] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 348.463211][ T9308] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 348.488920][ T9308] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 348.506062][ T9308] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 348.572340][ T9551] overlayfs: failed to clone lowerpath [ 348.667755][ T9308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 349.315418][ T9308] 8021q: adding VLAN 0 to HW filter on device team0 [ 349.347948][ T6425] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.355115][ T6425] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.391790][ T6425] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.398952][ T6425] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.948036][ T9308] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 350.027106][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 350.027121][ T30] audit: type=1326 audit(1746097295.387:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9577 comm="syz.0.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6118e969 code=0x7fc00000 [ 350.063702][ T9308] veth0_vlan: entered promiscuous mode [ 350.089828][ T9308] veth1_vlan: entered promiscuous mode [ 350.175262][ T9308] veth0_macvtap: entered promiscuous mode [ 350.198743][ T9308] veth1_macvtap: entered promiscuous mode [ 350.239232][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.256590][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.298266][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.308999][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.373914][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.412354][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.432790][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.443640][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.456881][ T9308] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 350.466814][ T9595] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1131'. [ 350.506294][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.530165][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.540393][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.557920][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.572725][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.585134][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.595233][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.621370][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.633017][ T9308] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 350.692252][ T30] audit: type=1326 audit(1746097296.047:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9577 comm="syz.0.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fae6118e969 code=0x7fc00000 [ 350.762756][ T30] audit: type=1326 audit(1746097296.047:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9577 comm="syz.0.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6118e969 code=0x7fc00000 [ 350.767336][ T9308] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.824174][ T9603] loop0: detected capacity change from 0 to 512 [ 350.830582][ T30] audit: type=1326 audit(1746097296.047:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9577 comm="syz.0.1124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae6118e969 code=0x7fc00000 [ 350.871168][ T9308] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.886993][ T9308] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.895927][ T9308] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.914119][ T9603] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.1134: corrupted in-inode xattr: invalid ea_ino [ 350.931818][ T9603] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1134: couldn't read orphan inode 15 (err -117) [ 350.958885][ T9603] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 352.511112][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.740250][ T5992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 352.756279][ T5992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 352.925234][ T9626] netlink: 'syz.4.1140': attribute type 4 has an invalid length. [ 353.396887][ T9627] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1138'. [ 353.405968][ T9627] openvswitch: netlink: Flow key attr not present in new flow. [ 353.511196][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.580149][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.720133][ T5885] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 354.067845][ T5885] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 354.085823][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 354.110617][ T5885] usb 5-1: Product: syz [ 354.135417][ T5885] usb 5-1: Manufacturer: syz [ 354.188081][ T5885] usb 5-1: SerialNumber: syz [ 354.888823][ T5885] r8152-cfgselector 5-1: Unknown version 0x0000 [ 354.911724][ T5885] r8152-cfgselector 5-1: config 0 descriptor?? [ 355.094065][ T5992] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.324586][ T5992] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.356585][ T5885] r8152-cfgselector 5-1: USB disconnect, device number 10 [ 355.507093][ T5992] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.673033][ T5992] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 355.960351][ T5883] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 356.080829][ T5992] bridge_slave_1: left allmulticast mode [ 356.086524][ T5992] bridge_slave_1: left promiscuous mode [ 356.113643][ T5992] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.132243][ T5883] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 356.156836][ T5883] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 356.170613][ T5992] bridge_slave_0: left allmulticast mode [ 356.176263][ T5992] bridge_slave_0: left promiscuous mode [ 356.212644][ T5133] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 356.221903][ T5133] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 356.230551][ T5133] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 356.268965][ T5133] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 356.279091][ T5133] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 356.300421][ T5992] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.308075][ T5883] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 13155, setting to 64 [ 356.644081][ T9671] loop4: detected capacity change from 0 to 256 [ 356.660499][ T9671] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 356.958254][ T9671] FAT-fs (loop4): Directory bread(block 64) failed [ 356.958528][ T5883] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 356.964854][ T9671] FAT-fs (loop4): Directory bread(block 65) failed [ 356.964973][ T9671] FAT-fs (loop4): Directory bread(block 66) failed [ 356.965008][ T9671] FAT-fs (loop4): Directory bread(block 67) failed [ 356.965099][ T9671] FAT-fs (loop4): Directory bread(block 68) failed [ 356.992222][ T5883] usb 1-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 356.997554][ T9671] FAT-fs (loop4): Directory bread(block 69) failed [ 357.020120][ T9671] FAT-fs (loop4): Directory bread(block 70) failed [ 357.027698][ T9671] FAT-fs (loop4): Directory bread(block 71) failed [ 357.034584][ T9671] FAT-fs (loop4): Directory bread(block 72) failed [ 357.041185][ T9671] FAT-fs (loop4): Directory bread(block 73) failed [ 357.271859][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 357.279901][ T5883] usb 1-1: Product: syz [ 357.286812][ T5883] usb 1-1: Manufacturer: syz [ 357.291442][ T5883] usb 1-1: SerialNumber: syz [ 357.301255][ T5883] usb 1-1: config 0 descriptor?? [ 357.307035][ T9656] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 358.350845][ T5841] Bluetooth: hci2: command tx timeout [ 359.290651][ T5883] rc_core: IR keymap rc-imon-rsc not found [ 359.304268][ T5883] Registered IR keymap rc-empty [ 359.311243][ T5883] rc rc0: iMON Station as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 359.322621][ T5883] input: iMON Station as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input12 [ 359.339091][ T5883] usb 1-1: USB disconnect, device number 7 [ 359.387800][ T9691] loop4: detected capacity change from 0 to 1024 [ 359.503258][ T9691] hfsplus: xattr search failed [ 359.771325][ T5992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 359.792364][ T5992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 359.809367][ T5992] bond0 (unregistering): Released all slaves [ 360.380290][ T5841] Bluetooth: hci2: command tx timeout [ 361.151287][ T9700] hfsplus: node 4:3 still has 1 user(s)! [ 361.254428][ T9714] overlayfs: failed to clone upperpath [ 362.230183][ T5992] hsr_slave_0: left promiscuous mode [ 362.282159][ T5992] hsr_slave_1: left promiscuous mode [ 362.310170][ T5992] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 362.357612][ T5992] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 362.460061][ T5841] Bluetooth: hci2: command tx timeout [ 362.468408][ T5992] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 362.530281][ T5992] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 362.556927][ T5133] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 362.565862][ T5133] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 362.573697][ T5133] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 362.585394][ T5133] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 362.593727][ T5133] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 362.710058][ T5992] veth1_macvtap: left promiscuous mode [ 362.715638][ T5992] veth0_macvtap: left promiscuous mode [ 362.772181][ T5992] veth1_vlan: left promiscuous mode [ 362.777525][ T5992] veth0_vlan: left promiscuous mode [ 363.293478][ T30] audit: type=1326 audit(1746097308.657:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.354205][ T9733] capability: warning: `syz.2.1175' uses 32-bit capabilities (legacy support in use) [ 363.380301][ T30] audit: type=1326 audit(1746097308.657:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.512639][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 363.522729][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 363.540801][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 363.570219][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 363.584599][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 363.584785][ T30] audit: type=1326 audit(1746097308.687:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.668131][ T30] audit: type=1326 audit(1746097308.687:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.694530][ T30] audit: type=1326 audit(1746097308.687:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.717280][ T30] audit: type=1326 audit(1746097308.687:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.739660][ T30] audit: type=1326 audit(1746097308.697:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.765149][ T9744] overlayfs: failed to clone upperpath [ 363.767769][ T30] audit: type=1326 audit(1746097308.697:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.803812][ T30] audit: type=1326 audit(1746097308.707:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 363.835445][ T30] audit: type=1326 audit(1746097308.707:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.2.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ce998e969 code=0x7ffc0000 [ 364.600258][ T5841] Bluetooth: hci2: command tx timeout [ 364.621592][ T5841] Bluetooth: hci3: command tx timeout [ 365.660337][ T5841] Bluetooth: hci1: command tx timeout [ 365.806385][ T5992] team0 (unregistering): Port device team_slave_1 removed [ 365.926391][ T5992] team0 (unregistering): Port device team_slave_0 removed [ 366.262432][ T9766] xt_CT: You must specify a L4 protocol and not use inversions on it [ 366.313055][ T9766] syz.0.1186: attempt to access beyond end of device [ 366.313055][ T9766] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 366.353556][ T9766] EXT4-fs (loop1): unable to read superblock [ 366.782277][ T5841] Bluetooth: hci3: command tx timeout [ 367.735796][ T9666] chnl_net:caif_netlink_parms(): no params data found [ 367.740293][ T5841] Bluetooth: hci1: command tx timeout [ 367.798763][ T9787] xt_hashlimit: overflow, rate too high: 0 [ 368.032777][ T9794] netlink: 'syz.2.1192': attribute type 11 has an invalid length. [ 368.866931][ T5841] Bluetooth: hci3: command tx timeout [ 369.534893][ T9810] tipc: Failed to remove unknown binding: 66,1,1/0:1394631221/1394631223 [ 369.547356][ T9810] tipc: Failed to remove unknown binding: 66,1,1/0:1394631221/1394631223 [ 369.558823][ T9810] tipc: Failed to remove unknown binding: 66,1,1/0:1394631221/1394631223 [ 369.609699][ T9666] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.624529][ T9666] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.640372][ T9666] bridge_slave_0: entered allmulticast mode [ 369.653297][ T9666] bridge_slave_0: entered promiscuous mode [ 369.716189][ T9666] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.724150][ T9666] bridge0: port 2(bridge_slave_1) entered disabled state [ 369.732742][ T9666] bridge_slave_1: entered allmulticast mode [ 369.740718][ T9666] bridge_slave_1: entered promiscuous mode [ 369.805326][ T9818] overlayfs: failed to clone upperpath [ 369.819326][ T9666] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 369.820167][ T5841] Bluetooth: hci1: command tx timeout [ 369.881917][ T9666] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 369.998454][ T9823] loop0: detected capacity change from 0 to 8 [ 370.257712][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 370.257758][ T30] audit: type=1800 audit(1746097315.577:76): pid=9823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1201" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 370.813653][ T9666] team0: Port device team_slave_0 added [ 370.829381][ T9666] team0: Port device team_slave_1 added [ 370.942443][ T5841] Bluetooth: hci3: command tx timeout [ 371.280852][ T9666] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 371.293262][ T9666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 371.325865][ T9666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 371.339416][ T9666] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 372.040033][ T5841] Bluetooth: hci1: command tx timeout [ 372.063242][ T9666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 372.187733][ T9666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 372.261250][ T9740] chnl_net:caif_netlink_parms(): no params data found [ 372.324910][ T13] ================================================================== [ 372.326868][ T9852] loop0: detected capacity change from 0 to 2048 [ 372.333010][ T13] BUG: KASAN: global-out-of-bounds in fib6_clean_node+0x35d/0x590 [ 372.333046][ T13] Read of size 8 at addr ffffffff99d13828 by task kworker/u8:1/13 [ 372.333065][ T13] [ 372.333077][ T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 372.333106][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 372.333123][ T13] Workqueue: events_unbound linkwatch_event [ 372.333156][ T13] Call Trace: [ 372.333166][ T13] [ 372.333175][ T13] dump_stack_lvl+0x189/0x250 [ 372.333211][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.333239][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.333266][ T13] ? __kasan_check_byte+0x12/0x40 [ 372.333296][ T13] ? __pfx_dump_stack_lvl+0x10/0x10 [ 372.333329][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.333353][ T13] ? rcu_is_watching+0x15/0xb0 [ 372.333389][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.333416][ T13] ? lock_release+0x4b/0x3e0 [ 372.333452][ T13] ? __virt_addr_valid+0x18c/0x540 [ 372.333483][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.333510][ T13] ? __virt_addr_valid+0x469/0x540 [ 372.333547][ T13] print_report+0xb4/0x290 [ 372.333576][ T13] ? fib6_clean_node+0x35d/0x590 [ 372.333599][ T13] kasan_report+0x118/0x150 [ 372.333627][ T13] ? rt6_multipath_rebalance+0xf7/0x8b0 [ 372.333656][ T13] ? fib6_clean_node+0x35d/0x590 [ 372.333686][ T13] fib6_clean_node+0x35d/0x590 [ 372.333713][ T13] ? __pfx_fib6_clean_node+0x10/0x10 [ 372.333742][ T13] ? __local_bh_enable_ip+0x12d/0x1c0 [ 372.333779][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.333809][ T13] fib6_walk_continue+0x67b/0x910 [ 372.333843][ T13] fib6_walk+0x149/0x290 [ 372.333869][ T13] __fib6_clean_all+0x234/0x380 [ 372.333891][ T13] ? __fib6_clean_all+0x9b/0x380 [ 372.333914][ T13] ? __pfx_fib6_ifdown+0x10/0x10 [ 372.333940][ T13] ? __pfx___fib6_clean_all+0x10/0x10 [ 372.333966][ T13] ? __pfx_fib6_clean_node+0x10/0x10 [ 372.333991][ T13] ? __pfx_fib6_ifdown+0x10/0x10 [ 372.334016][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.334043][ T13] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 372.334074][ T13] ? __pfx___mutex_lock+0x10/0x10 [ 372.334104][ T13] rt6_sync_down_dev+0xf9/0x150 [ 372.334131][ T13] ? __pfx_rt6_sync_down_dev+0x10/0x10 [ 372.334160][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.334187][ T13] ? addrconf_link_ready+0x119/0x170 [ 372.334216][ T13] addrconf_notify+0x929/0x1010 [ 372.334245][ T13] notifier_call_chain+0x1b6/0x3e0 [ 372.334275][ T13] netif_state_change+0x284/0x3a0 [ 372.334299][ T13] ? __pfx_netif_state_change+0x10/0x10 [ 372.334320][ T13] ? dev_deactivate+0x129/0x1b0 [ 372.334349][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.334377][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.334404][ T13] ? rfc2863_policy+0x1c6/0x3e0 [ 372.334435][ T13] linkwatch_do_dev+0x117/0x170 [ 372.334466][ T13] __linkwatch_run_queue+0x56d/0x7e0 [ 372.334501][ T13] ? __pfx___linkwatch_run_queue+0x10/0x10 [ 372.334531][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.334566][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 372.334588][ T13] ? process_scheduled_works+0x9ec/0x17a0 [ 372.334623][ T13] ? process_scheduled_works+0x9ec/0x17a0 [ 372.334661][ T13] linkwatch_event+0x4c/0x60 [ 372.334690][ T13] process_scheduled_works+0xade/0x17a0 [ 372.334746][ T13] ? __pfx_process_scheduled_works+0x10/0x10 [ 372.334787][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.334820][ T13] worker_thread+0x8a0/0xda0 [ 372.334861][ T13] kthread+0x711/0x8a0 [ 372.334890][ T13] ? __pfx_worker_thread+0x10/0x10 [ 372.334912][ T13] ? __pfx_kthread+0x10/0x10 [ 372.334939][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.334967][ T13] ? __pfx_kthread+0x10/0x10 [ 372.334992][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 372.335014][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.335041][ T13] ? lockdep_hardirqs_on+0x9c/0x150 [ 372.335067][ T13] ? __pfx_kthread+0x10/0x10 [ 372.335093][ T13] ret_from_fork+0x4e/0x80 [ 372.335117][ T13] ? __pfx_kthread+0x10/0x10 [ 372.335144][ T13] ret_from_fork_asm+0x1a/0x30 [ 372.335177][ T13] [ 372.335185][ T13] [ 372.744476][ T13] The buggy address belongs to the variable: [ 372.750442][ T13] binder_devices+0x8/0x20 [ 372.754870][ T13] [ 372.757182][ T13] The buggy address belongs to the physical page: [ 372.763579][ T13] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x19d13 [ 372.772328][ T13] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 372.780227][ T13] raw: 00fff00000002000 ffffea00006744c8 ffffea00006744c8 0000000000000000 [ 372.788808][ T13] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 372.797380][ T13] page dumped because: kasan: bad access detected [ 372.803780][ T13] page_owner info is not present (never set?) [ 372.809826][ T13] [ 372.812136][ T13] Memory state around the buggy address: [ 372.817751][ T13] ffffffff99d13700: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 372.825803][ T13] ffffffff99d13780: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 [ 372.833854][ T13] >ffffffff99d13800: f9 f9 f9 f9 00 f9 f9 f9 00 00 f9 f9 00 00 00 00 [ 372.841901][ T13] ^ [ 372.847256][ T13] ffffffff99d13880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 372.855310][ T13] ffffffff99d13900: 00 00 00 00 00 00 00 00 00 00 04 f9 f9 f9 f9 f9 [ 372.863358][ T13] ================================================================== [ 372.871502][ T13] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 372.878707][ T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) [ 372.890697][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 372.900759][ T13] Workqueue: events_unbound linkwatch_event [ 372.906680][ T13] Call Trace: [ 372.909957][ T13] [ 372.912900][ T13] dump_stack_lvl+0x99/0x250 [ 372.917499][ T13] ? __asan_memcpy+0x40/0x70 [ 372.922089][ T13] ? __pfx_dump_stack_lvl+0x10/0x10 [ 372.927297][ T13] ? __pfx__printk+0x10/0x10 [ 372.931889][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.937524][ T13] panic+0x2db/0x790 [ 372.941423][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.947058][ T13] ? __pfx_panic+0x10/0x10 [ 372.951483][ T13] ? _raw_spin_unlock_irqrestore+0xa8/0x110 [ 372.957373][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 372.963000][ T13] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 372.968889][ T13] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 372.975209][ T13] ? print_memory_metadata+0x314/0x400 [ 372.980674][ T13] ? fib6_clean_node+0x35d/0x590 [ 372.985613][ T13] check_panic_on_warn+0x89/0xb0 [ 372.990554][ T13] ? fib6_clean_node+0x35d/0x590 [ 372.995489][ T13] end_report+0x78/0x160 [ 372.999736][ T13] kasan_report+0x129/0x150 [ 373.004249][ T13] ? rt6_multipath_rebalance+0xf7/0x8b0 [ 373.009802][ T13] ? fib6_clean_node+0x35d/0x590 [ 373.014742][ T13] fib6_clean_node+0x35d/0x590 [ 373.019505][ T13] ? __pfx_fib6_clean_node+0x10/0x10 [ 373.024794][ T13] ? __local_bh_enable_ip+0x12d/0x1c0 [ 373.030173][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.035807][ T13] fib6_walk_continue+0x67b/0x910 [ 373.040839][ T13] fib6_walk+0x149/0x290 [ 373.045077][ T13] __fib6_clean_all+0x234/0x380 [ 373.049919][ T13] ? __fib6_clean_all+0x9b/0x380 [ 373.054851][ T13] ? __pfx_fib6_ifdown+0x10/0x10 [ 373.059787][ T13] ? __pfx___fib6_clean_all+0x10/0x10 [ 373.065154][ T13] ? __pfx_fib6_clean_node+0x10/0x10 [ 373.070437][ T13] ? __pfx_fib6_ifdown+0x10/0x10 [ 373.075369][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.080998][ T13] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 373.086632][ T13] ? __pfx___mutex_lock+0x10/0x10 [ 373.091657][ T13] rt6_sync_down_dev+0xf9/0x150 [ 373.096543][ T13] ? __pfx_rt6_sync_down_dev+0x10/0x10 [ 373.102003][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.107637][ T13] ? addrconf_link_ready+0x119/0x170 [ 373.112925][ T13] addrconf_notify+0x929/0x1010 [ 373.117778][ T13] notifier_call_chain+0x1b6/0x3e0 [ 373.122891][ T13] netif_state_change+0x284/0x3a0 [ 373.127916][ T13] ? __pfx_netif_state_change+0x10/0x10 [ 373.133462][ T13] ? dev_deactivate+0x129/0x1b0 [ 373.138312][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.143944][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.149574][ T13] ? rfc2863_policy+0x1c6/0x3e0 [ 373.154429][ T13] linkwatch_do_dev+0x117/0x170 [ 373.159288][ T13] __linkwatch_run_queue+0x56d/0x7e0 [ 373.164580][ T13] ? __pfx___linkwatch_run_queue+0x10/0x10 [ 373.170389][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.176020][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 373.181213][ T13] ? process_scheduled_works+0x9ec/0x17a0 [ 373.186939][ T13] ? process_scheduled_works+0x9ec/0x17a0 [ 373.192668][ T13] linkwatch_event+0x4c/0x60 [ 373.197259][ T13] process_scheduled_works+0xade/0x17a0 [ 373.202834][ T13] ? __pfx_process_scheduled_works+0x10/0x10 [ 373.208828][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.214473][ T13] worker_thread+0x8a0/0xda0 [ 373.219077][ T13] kthread+0x711/0x8a0 [ 373.223147][ T13] ? __pfx_worker_thread+0x10/0x10 [ 373.228249][ T13] ? __pfx_kthread+0x10/0x10 [ 373.232842][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.238473][ T13] ? __pfx_kthread+0x10/0x10 [ 373.243061][ T13] ? _raw_spin_unlock_irq+0x23/0x50 [ 373.248252][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 373.253886][ T13] ? lockdep_hardirqs_on+0x9c/0x150 [ 373.259082][ T13] ? __pfx_kthread+0x10/0x10 [ 373.263671][ T13] ret_from_fork+0x4e/0x80 [ 373.268080][ T13] ? __pfx_kthread+0x10/0x10 [ 373.272670][ T13] ret_from_fork_asm+0x1a/0x30 [ 373.277438][ T13] [ 373.280690][ T13] Kernel Offset: disabled [ 373.285010][ T13] Rebooting in 86400 seconds..