last executing test programs: 7m29.372165469s ago: executing program 0 (id=299): socket$kcm(0x2d, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB], 0x0}, 0x94) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x4000001) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x398}}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, &(0x7f0000000140)=0x90) socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) 7m27.545489997s ago: executing program 0 (id=301): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='comm\x00') read$FUSE(r0, &(0x7f0000000980)={0x2020}, 0x2020) 7m27.314762895s ago: executing program 0 (id=306): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x3816c2, 0x2) r2 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r2, 0x800442d3, &(0x7f0000000340)={0x9, 0x2, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 'veth1_to_bond\x00'}) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000000001809c995", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) 7m26.053364907s ago: executing program 0 (id=308): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x800) 7m25.89571766s ago: executing program 0 (id=310): socket$kcm(0x2d, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB], 0x0}, 0x94) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x4000001) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x398}}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, &(0x7f0000000140)=0x90) socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) 7m25.560923248s ago: executing program 0 (id=312): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sched_setaffinity(0x0, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 7m10.34074429s ago: executing program 32 (id=312): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sched_setaffinity(0x0, 0x0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 15.964614538s ago: executing program 4 (id=1316): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006"], 0x40}}, 0x0) 15.118793556s ago: executing program 4 (id=1320): fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) getrlimit(0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) socket$inet(0x2, 0x2, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="1c0000005200010025bd7000040000000200", @ANYBLOB], 0x1c}}, 0x800) 11.946698793s ago: executing program 2 (id=1324): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk") mkdirat(0xffffffffffffff9c, 0x0, 0x181) unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 11.903593047s ago: executing program 4 (id=1325): syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000000c0), 0x3, 0x4ec, &(0x7f0000000e40)="$eJzs3c1rXF0ZAPDnTjJN0qYmVRdVsBatpEU7kzS2DS5qBNFVwVr3MSaTEDLJhMykbUKRFP8AQfxCV67cCK5FkP4JIhR050JElKJtXbjwfedlZu68bdOZfLzNZNLM7wcn99yPuc9zEu7JnDmXuQH0rIsRMR0RfRFxJSJG0u2ZtMR2o9SOe/7s4VytJFGt3v13Ekm6rXmuJF2eSV82GBHf/mbE95I345Y3t5Zni8XCerqer6ys5cubW1eXVmYXC4uF1enJiRtTN6euT40fWltvff0fP/3hr79x6w9fuv+3mX9d/n4treF036vt2I/tfR7XaHq2/rto6o+I9YMEO8b60vZku50IAAD7UnuP//GI+FxEvPhFt7MBAAAAOqH61eH4fxJRBQAAAE6s6I8YjiSTS+8FGI5MJpdr3MP7yTidKZbKlS8ulDZW5xv3yo5GNrOwVCyMp/cKj0Y2qa1P1Osv16/tWJ+MiHMR8eORofp6bq5UnO/2hx8AAADQI87E6+P//440xv8AAADACTPa7QQAAACAjjP+BwAAgJOv7fg/6T/aRAAAAIBO+Nbt27VSbT7/ev7e5sZy6d7V+UJ5ObeyMZebK62v5RZLpcX6d/at7HW+Yqm09uVY3XiQrxTKlXx5c2tmpbSxWpmpP9d7puA50QAAAHD0zn328V+SiNj+ylC91JxK9+1jrD7d2eyATsoc7PCkU3kAR6+v2wkAXeMGX+hd5uOBPQb2P9mxfsCPDQAAgONg7FNvNf9vPhDeYQby0LvM/0Pv+mjz/0OHngdw9Mz/Q48b2PuQwXY7/njIuQAAAB0zXC9JJpfOBQ5HJpPLRZytPxYgmywsFQvjEfGxiPjzSHagtj7R7aQBAAAAAAAAAAAAAAAAAAAAAAAA4B1TrSZRBQAAAE60iMw/k/RB/mMjl4Z3fj5wKvnfSH0ZEfd/efdnD2YrlfWJ2vb/fLi98vN0+7XmFgAAAKAj2j6g+3XNcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAh+n5s4dzzXKUcZ9+LSJGW8Xvj8H6cvB3IxFx+kUS/a+8LomIvkOIv/0oIs63ip/U0orRNIud8TMRMdTl+GcOIT70sse1/me6dv1ld1x/mbhYX7a+/vrT8raeXmzX/2Wa/V+9n2vV/53d/dSDzcqnn/w23/qQbGN/f+v+pxk/ecv+97vf2dpqt6/6q4ixPf7/1GLlKytr+fLm1tWlldnFwmJhdXJy4sbUzanrU+P5haViIf3ZMsaPPvP799vFf/oo4nTL+I3+d7f2X3rzdAOtYrz35MGzT+wS//LnW//9z+8Sv/a7/0L6f6C2f6xZ327UX3XhN3+6sFv759u0f6+//+V2J93hyp0f/H2fhwIAR6C8ubU8WywW1t+NSkTjXflxyUelU5W/Ho80Olzp63iIO+mFfuCXd7dfAgAADt/LN/27HHSkdwQAAAAAAAAAAAAAAAAAAABA7+n495wNvP7NAoPdayoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwK4+CAAA///Dps5k") lsetxattr$security_ima(&(0x7f0000000140)='./file1\x00', &(0x7f00000000c0), &(0x7f00000003c0)=ANY=[@ANYBLOB="03020d0000000a0369f080ea71a736ae4c29eb1568447cccf91f2ed11bd5315b092bcc989a86f1a92546335cef15c96439b66f69fec38f7a0ca54c392f7768c673de63668f9050d6a84348ff4810e94caba26d870873c73965713c7fdaefc187b2d978c17e470f98e865f26544763f6863352b62f7210d03276b8a8f5d84e39eb811cf77f8d3f3beeb0c3ca45f35c4314b47bd20ef039f88abe4ef8cbd591c4d1a8f43981cce6d19328fa6bbc7cde9785442bb8aa2f8a4fe9a922b1b801f3f2d23b0da636ce89a62921936efccc0036d5421b35b5de30b2d0e0e6cdfb65269fcc6cbf8e7040bd3d3f902212515a31192041055722986e7d9aa438ef32e2971472db6aabde3cb7a7e47b8eb34bbb93569d15bbf46c1073fa3da800f7f58c08bbc50c4afefbefc67a4e9902c3f9e7e74cdf1c9af3ad274f341c405cc6c55885a7a13d7edefcb666ee962b15ed4f3a9407f15b8459d2f8f0fd3630f2105890d8e907b3e0757d85ad58c715f939a4b156dc40bbb3473969f7c10d8b24a61537a98c7c1"], 0x372, 0x1) 10.950820053s ago: executing program 2 (id=1326): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000001400)=0x7) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000480)={[{@jqfmt_vfsold}, {@abort}, {@debug}, {@noload}, {@grpid}, {@noblock_validity}, {@noquota}, {@lazytime}, {@usrjquota}]}, 0xff, 0x46c, &(0x7f0000000940)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==") io_setup(0x9, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="02142000110000000040000000000000030005000000000002000000ffffffff0000000000000000080012000000010000000000000000000600000000000027b20e97a6a9ecae000000ee00000000000000000000000000fc020000000000000000000000000000030006000000000002000000e00000010000000000000000010018"], 0x88}}, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x2, 0xf, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x1, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@empty, @in6=@private2}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x80}}, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet_smc(0x2b, 0x1, 0x0) io_submit(0x0, 0x0, &(0x7f0000000280)) sendto$inet(r5, 0x0, 0x0, 0x200047ee, 0x0, 0x0) chdir(&(0x7f0000000040)='./file0\x00') r6 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) getdents64(r6, &(0x7f0000001f80)=""/4096, 0x1000) 10.902277098s ago: executing program 4 (id=1327): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mknod$loop(0x0, 0xffff8000, 0x0) r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000004850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r0, 0x0, 0x2) fchdir(r3) r4 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80) socket$inet(0x2, 0xa, 0x0) ftruncate(r4, 0x2007ffb) sendfile(r4, r4, 0x0, 0x1000000201005) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r4) r6 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r6, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4) r7 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'erspan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x54, r5, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKINFO_PORT={0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x8000) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) timer_create(0x5, 0x0, &(0x7f00000003c0)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) mincore(&(0x7f0000ffd000/0x2000)=nil, 0x2000, &(0x7f0000000400)=""/164) faccessat(r3, &(0x7f0000000380)='./bus\x00', 0x90) accept$inet(r9, 0x0, 0x0) 10.668020496s ago: executing program 3 (id=1328): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kmem_cache_free\x00'}, 0x18) r4 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_AVC(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000005304"], 0x14}, 0x1, 0x0, 0x0, 0x24000841}, 0x4008840) 10.597889842s ago: executing program 1 (id=1329): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{0x14, 0x1, 0x5, 0xf}, {0x24, 0x0, 0x7}, {0x6, 0x8, 0x3, 0x7ffffdbd}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf) madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe) inotify_init() r3 = timerfd_create(0x8, 0x0) r4 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000100)={0x90000004}) clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000100}) 9.287175248s ago: executing program 3 (id=1330): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40012022, 0x0) fspick(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {}, 0xa}}, 0x26) sendmmsg$inet(r5, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) 9.14069063s ago: executing program 2 (id=1331): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x418, @loopback}}) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000004c0)='./file0/../file0\x00', &(0x7f0000000180), 0x0, 0x0) 7.581220177s ago: executing program 1 (id=1332): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x210c11, &(0x7f00000000c0)=ANY=[], 0x2, 0x223, &(0x7f0000000580)="$eJzsmc9r1EAUx78zm82mVRQPevCyHgoq2GySVelFpF48VYRWxONiY2lNu7K7SLcgtH+Af4Dg3+GhJw/evHnw5EEFoQf36EGEjkwys5lNjDEGvPg+0Ml3fr15bzJ5A10QBPHf8vnTt4/Pby2tXQFwEgtoqfajhh5hgRvjP7xoNJV8s3Pq2WHWHgMgRFq3Sta3AbxebgD7iVkh0tnfBbCgbK6Bx1pyDxyXlb4PBlf7KtLZIRgeqOYtQ/fnlIhC9rAfrT/ajEJPFr4sAll0ATHj/+SAYR2Ao5Zghv/D8d7jXgQMEhGFWjSFXifXlRFOcVcisFW8f7F/yxw3jC3gwGnd76qnZ+yfDw5f6S4YVpVeQguu67ZVNfSN+M9bqf1G8tqM+MuDTIRTZXB9cWaxrp2bFQP8pTgWua591A/Q/qtXUFXIz698sPSj+hK8nZ9ll9lxam8dy7bID3racm5y+DY/68tMy/uVoiUY/ukJ/yMRJy4Aua5381G0krbovDYYjs/O2LmQ7M+d7GHTJ7DwSODothpy0chPlnErdEbbTzrD8d7i5nZvI9wId4Kge9276nnXgo68d7xOnKF/k/+cOD/NG/abBWNtZmO3NxoN/F1gNPCn9SApjYy7+qr/dZrmJwccl34Ioa+XOGx1UbLMGkz98ZfyWeQJQRAEQRAEQRAEQRAEQRBENVrACaANBvW/ymP9a5XIYQV38XQO+BkAAP//cctcFQ==") syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0) 7.53487895s ago: executing program 3 (id=1333): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='auxv\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x1) execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ppoll(0x0, 0x0, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000180)={[0xffffffffffffff68]}, 0x8) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x400) preadv(r0, &(0x7f0000000500)=[{0x0}], 0x1, 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000002ac0)='net/ipv6_route\x00') read$char_usb(r5, &(0x7f0000000040)=""/4122, 0x101a) 6.887538533s ago: executing program 2 (id=1334): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000080)="c4e27d9811c4c1fde69762ec7cd166baa000ed0f20e035200000000f22e0f2af0f78e50f01cbc4c1d9c27df20b26650fc71c583ef26c", 0x36}], 0x1, 0x59, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000240)={{0x1, 0x0, 0x80, {0xdddd0000, 0xeeee8000}}, "cdb372b4dfe02964a59572ecc37526989e90f15cc175ae8c93ae45591f356c6884a1eb49a1ccc74c2260aded1979bfd746a27408d1220c39493a1d3b65f5306464393183b3b654e5237f83855fde05bc36e88baa2c07c6acd1e5d8c2b3736f1ec8fb98c1b5c20bae0c02c146f4182375c277e8647f577021416f8ba515ffa35cddd261d521df3e841a9179cda39879511c2e9ab06778ce9ffa6f2c9370d7af33bc74d16360a42aa2ced6433463ef4bbed671371e8eba18f2aa973f65ff1b5b35c7c67638ba4aaa64a717f556fe32f70ab1f227b75eaace9c63811a4abc99987e6c8964cfac90a0ca3384510dc63e3e3935540ce749bfa6a8785ee00fe862262ce28ff980e350a64be310b5f576ccfb5a2ba166b324b4bbe9f23030a79f16f20258d077d87f7b1e5b8ca402ce6e51b3236729fde5e6f96d7a94c8db3cc00fdab35e2544ebb424632bb9d82cbfb21146bfeb80e5f5e26ed89a6c521920b5c02cd9cf8063e1ef18919946124f64f749f5c2e3d603af2b7a2d2d24acb6ebe5f47b988dc51e690d9aea44fece3a353bae1b80dcae49c8cb6443978623b0ec80cd0feb0a134a51fdd2b1912a45c6ca41414273268c676bbef4ab3e2f7ac5e061d6dcf0041af2cc971a27b616444ae913033933ed4b1d89b96c8ee9edc86ee12d5917695796906d4822fb3a931df763e3a8e8893ae4749765bdbae4377ce47fb5e26890cb5178c03dd0df248bf35caf84f3cea3d778086065dbb0cd51ea04f28dd6ce80820fda0ffa3f33d38adb2d68d41db8ab27d4cad8b7abb026827738fb9c59d043199cd27c2bdf9711acb36926c730e216de7ad2de0326676916586ec8325f4b13735e34c4d60bd27e2fde3edc95dc59cb69c1dc25569da425488b6b6e9a63b17964ce1fa57bf2c7508ed199cf64a5cbc23b01cdf08b1ad4337f1b0aa02a6c137fb90e32fd7e204966170aa80fca868a45d496be7758c47f83760208793eb1600b6ebf4d1d2dcaa2b741f1c0b9f8844b9e68ec7f7123083c6926a1e95fe9b75f16064f213f69f8f1a97b66961279a6aa3498f146f7e517c2f5a9c0b0673b93dca4fe0c48d53c8f5f89bb7ab0476e00a13e020370077a55c28abccb585bcbdf29966a4db1c3ab0f3f58e54640032484e08072aac638b9c9dc9655a525e9016d9b24358ba477695875e3abd484ff3adb92069825841c3bd1870f708cc25288ee5cc4a6d7fab62eaa724a7acb4ee5952db977b4da11597891f5c5af6086ddf387deb19ce0995ba175f830c94b5adac04d8618a262b3059fe96d5b18690e5adf3e592ae77fed8214ef468d0cacdbbdb1712cff009e03146b57bab5b8302a5ed0f75f59c63877ad8fea5ec596c667ffc2337343e1726e79985bf7c663f8dca6ae731dd96486568d0c0e4c3a3860d7250e04373cc55018eda3ac9077cd2c5317df8992b548e34344ca97a9ed3b6f8bf1a97e060231657706c9e8ce8f03805b111d4bf1a559f4cf0822a20cd9ce06b56c5f051317e187d76a303af82d2053286d5d3cee381602170f5bb4036fb34c080992e9f7d509aa230935233dac608f533ae2a26c5e5710e6c2ed1bf61303cc3c47465791333dae385f91de77c3357fbedbbb64ae3b868ee90b98ab647fa0dcc85bfbab33058667b95106519c7ba80246f73391919fb575dedfe436fb190e828fd58ac25537a4ba5ef0a97c595ce67a740d1cfd84a05d3462d9203dd6ea94f60dc03a29c3c81aa25dce4b330fa7500234016373add8120018ea6b5fac8597fcc8404c793658db3277e2a7e042cb56420002922183f14af74d970dec12a781763c1d9d69cf664b065a9b09491b1ff043e9c9a2098975c17e82a5d06b9f1081c43a539669e95991d866f3105e0b327ab8659e23bf1b196603c7406221e47494b765a114077187295dfafc261ea9ad3064b3449c6e8ef5e2517f609995adf82710d6c23a83e06f61c8186017afa6b2de5b28082770edfc81ee72e46fd1365d0a7583e3609ce420e54cc7a2d57542b924c6c5c9c896d068912adf22a97b3547502d0181d2c69729c539921ab16c466ba6d1d518c3e787fb0e9f708c9a1bc6d428355f0a3bd574397a6f8eda6a1503854a1bd4004719db60a9b3fefe434464d9f2aaddf44ee98c503ac606b7d4d8bac4efa557a77fa5a31ed8c8b48cd1ee6e4e7731ffb273bf21838f4e0cb8eec8a2cbd8acd40c15fcc3959ec3b4ea86680fb1e65743acfc164c6ae830f81a00c83102085d6ae8c7b4424ee0e86673015d98449252de73a25bfbe1697ff06aecf299b2a0e7ce452ba6bcba6b6da2c494cf0ce51cbb555cc2a371bf5a595748486825b0798221f40d2c29396431d13a03248874b893c7880d3b87cf845858a31f68fe57b032e3e0204fd4fb23fd5b2357d8e4f6052dd058b3bf6cd913b4341446e62895d6a367e4233e25ef3aabfb7f35a7804938e3181b6f551ac4a947ff016a12dffb53e7101b6ee911fac7637b2786cf95a4611376d0ac7b1e61c763040550e0c00ddb39a11086e08941c518a5ebedcff2c9477f7be26ad4dc48d837b85d082b4a54c8ec3f1caff75f7fb8f1282df6c5b336c2e56c0f35d9c5dd38fc91001e950f5fb41b58a620a9ee5e6b001a637aad4ec9ffd09eb762fd0d1d8058ca0e544329ee8693547095264c46d9b716fe56ff991b28dc056caefb0d08c0c509ab0eafeffc280684f8654b18323eddff28b4e778a674b4d5b85df786bb12ca24e1980e56032d1d32eb472954eed24b99bbc404dc920e16d4f8e792d6fe581efa82420085155ab9716dc642b44e2a9215cdaaf3df4fa5ad66a26804ad87b7520c132fdb595ea560eb408b5d519cb31c2c6ed2a16fe971d7ca71b7530af7478f06509cc988b96b27dd3e667ce4b08ca685ae818527103addba74d71d094e7a58325658343b989a1d973fc9f1cfebe848c35279cfff728928f77af22430daee46cc9242fa4afe5197e6b42811396f9136fbd545826e020a910fa790acf9292472b7ee3b34723d6f56781d5c061be6e535e49bfcc292a1208645c730b6aadc94e56f05c6f8ca71c7fde81b687190accb75b08f131d61d6536cb3810eb2b6006336f700f1e6ea8104de9c9c6c9f4566a3783d253e3153e9550b91d547430bbe6dc2b586ad5eb67c7add5b009fa44c416bfbe28e524ee6a2d0b016331037010fa882db5d35cfa359d1c7a173cf913e11b8888d0f37b75011f26ce9f97b132dd6f50cbf4bd7d1f9201c55b7ebc08c4e2df4a3b35d2980bf8ee63b8091fed356f764c0bbcc95a91afeb4a2c1deb3fc0c44fa76d768fed87d737bb3380794e4b67932e7492e6558ca53599a446664031ef83e6a6d5362d89eac11c767932f477201d2953b4bb6058f4a3baca2968719edbf41ca5da5be2efeb9bceb38e2f1394ff41d9e93ecc746175b8e5fa2f5bf903663cebc1266ca7a2f8c57340c1ef42e4fc8a85d76ce24237d16f1ac13d32bfd1121017e9a72ad3fb0e952a296ff9a79bdc5be6d8691696720d97daa7c27fb9489e47584c00c854779de5980490afbacad0d0774a7f13e424b0ea955a87b7e296a40eca7ab8f45ae76170da77fff6b554c50dcdc6a261e8ebb7d2f24583023d001ff218ec7844fb4640736f04e9f7d968aa74bef26f65eae961a4857a946d3b221818a798d65bf74f8c0ac1b4529e36183c49606890643573722d467f4c464e68069955e561ccfd4423c2a240cfbb96efb668844ba0a1ceb910ad4ef06cd0f13f7ffa85744bdd0dd16ca27f62179b3916868187421b6d9f9c698d6542a02d4c124373ce0f10cbbc6b9a18385d99519f06a24aa9a4f5560157880233ee8352f2e9de0ffa333bb50932587a70153a37f25263693b86dd6a61f7d1f40cac0f205b65fa2faa3098254fb084160c271addea6711ecae589870450b941db419bb27c8b597982b704ba0ea0189e7b5cd6b72e3529cd77e4a79c752f2f7af6aa43ec9eb0bbefc91a02a85871771189c1f9a0742e8e6fc2d71575e20631dee592f0ed44c9d8f6a22e7d7844445066ca5e8bb97dd5c2ca0365d7c33563ceca884e8e14ba21733c4d2415c1be9369298fbd616fd792bd767555aa2deec8f45e92e10fcc88079cf0093ca2e38adc797845548005a0660b5cbf6423d966ebdccb6ce9d5d476bfd562dff0dd1f8e576d424c0f5cbfe68a3a571e860e5665861a133bc8eb3d9838e9a88f18edb12dfec18a488ad1177ca22f6f763beee9c1e0dd61344997dbbc6de56800f15d2b04a4d83a0b79adb12c54aa7c418d8fd0c96b5797a003b8313d14093fdadd4b530233dd1176e86090e0cc5401d6f98529de8bb6094b8e2f02b53f562a4c115655dc2619811d8caade655b767a5d4fac6c10784bf5bb06e9f535fd1304f383e39bbc5ce58a5f2f9deb9af1d6df6b491fbcbb9053f9bc73da0ae2e815ae72aff41c71ab7adc71074dfa6906724f18b74a344f7911994ee8ee843fd991de053dd9fae152d02b4fe0818c6313aee7df2f32009221f6c2d0ef9b53b7c2e795d64dcae34e5fab88e6b112b935fa836c6868f72077c57a42a940d3c0a667f3d0b674a3de2aa8c3443748c3a5ac949f72ed49220a9cbf0896794f58e12b74a1d7c7bbf8bec7d8aa055855c34a6c25d6fddd22a73725ca3daf8e357b8173508be65d329a4b97820cdb1c7a98d222a839b4da2a33ac687ab4004f5e1d90be7dad53a50ab4d6bc04135e0a9f31af27dc75eae3b9e7fd7459455a4cdd7faf94c5fe701d66d2006719b9acb72db3c89ca61bddea7c0be7ec769ec1cbfae11a77f36a59966f042e5dd32ece56932b083f0cb68c92194c6a4ca0267186b5f3ebaa25f63b6a1b60a2a5c78b9b5b488962b2ce4854b51ab2bc001231b6be3fcdc5563b0950165da87745e387c1205ba818287a8cebfaae10ff461c2933d775c6cddaa936d1907e29b5b4e1ef0a000aafab5363dd692560a291a71f06552647144cac4884a8ae8f2dade616384eeafa54f84737d1613beb945faaa4a316ee2e2a3a094187b5edba42358e930c89bfeaf4620bada8aa6d6c8800d1b19548a308b8310a0b51c8ccc7db60aa2a04fd8b21769a32eded238f93f476b69a6548a8a17aee1d0c4476db41e4eba24d9351d3f98fac043f423ffead379b6cbfb05aaf705ff0dca6e5f6ba36d00d1bc98714a92c8ac1e7cbf441521c98e2b913dd7a5d8595e0479537029de96e2991652243fe3093594720a0538b1687711bf0bc46a1453ebe60c5d33bd798b66f19e69c90e55c2b68b62d1a759a3519630798dd4434fa658b013e28fe9befca82abc1f89a3b246f2fd44df84f88dab2792fc67b3ef2ef8eef84e441e2a7ff5a83e3784a5636a7d4775f5b3063d8e190bfcedcd8083d864d0cbb2fcca7af05cee2be552d89c801e760348dadf01ee4dbb9fb09d5b6c993ab9ac9ff7d5e1e104ab3a894f6cc9067ad64c5a97d3e12efd17820b3c07e4ce302a20fd4c5b5de8752bc4e609fbe9e6cebe713f309229883790ab6dffc22864f7b02fd9026a07299f8cf1e799acdd448428199165abf20eee23988cfcad773c7bc483f941f994c07f255e6cd72e7198f34bcbcbd801abb84e6e383d7bf6e217ee0281f4691beba5d17ef8bd59d7474540dda647ca3bdb8e280a2e6b7a7688bc677a25b2186b1e59e637737366733d75f02a597b7cabb18e75a1722d2327f4f2f101955ca88636ae97d5740ba61d7867c5141becd39f7fc5abb5b96142e0995046c2ab369ac46c18159d5a3569df964e69e7686471ac756bf0515fee78904fe8fcec2096b5f3e", "8f9bea13d6c1793efefda669a3bfc1a1f2d2afea1c14a5b35aac4a522cce409cb88f5802ab78a0dc4ad9e13501a073e6fc60f1778eecc8a6f5299ba9f7dcdab9079dc269bb0d7bb287afa53a930cfb99ca80b3c23dd58d7a4d8ceadf2787fc4f8c638dcd55f8e962ef362db8ae2d407ea8f04c151b89947d52c901335b5ca070883017289368b02ae4676286906bf2f984ae3b2f4ce4d345ea814a725ef388f09b6b6dcc519515885e6e5062d9cd7e801d8a14b1c5b86c404a3bcfb968a48710eb7c451630b0e3895739f51e1379f25a9848fd01021cc53ab10691091090b2cad44133a51465c16c2257cdde467cdae5616e809ad2f3ca71a0b4ae46b5b62142b1d6f782c4286dbea20f02bae71821c1c956172806c55069c3e33f8811a31a44856a1d0521c3e81c12b6dcae2b0e5f006a9468614031c6ad977aa589e4076f55a5528d7b408fd429da83d78bc7dbb794b4117379334fb9167b872d0459a457ae425f768052a583f23ff60a29f11659756f40240b1939fb8b72c3fbe3963680fdcc09900ab387757c9146d223ccdfd5aa26682d39aee3e4b327748d02f82964c117fd480804952654de00db09934cd5c1786b35453f18515ec8f28ee9aee0bfd367eafdfccb54ed29fd08bbea75ed8b6a93c23cb337ae900ba89dcbb3d87191e1e56de67175572aa09f2eaa4fc1f31055b08ce99c30dadc63c743de7fc3e5e0511c98d6b37132f66f09577f6a5f9d113865830876d2f33887136d976525d195790184b7eeaf82169128911c37856b5e75db9999269b252f12d07c62236fac6835a3c13261c527d03d33df946ddfa40c85548ddb9179cf5d963246e215fa0f76472f9f24493aad8db71422f1d1c31a454980f2499294f858de9e8a4937f832b21104c843d084ba15466453f9fd830a1d7d5dbe801ef67c2d6ba52cefcaffa798dd47e9d1e94729956b62ccaf200ff3c32e41cabf86de920f74e1c9e00391909b622505388a3d297b4095f5aa3c17ef5e68c4b3ff18855fd13ff2fe3b1746155d149baaead01ce8d975730b235b1fca6a158f219d3256489d1421e9a008434ae4acc01e583a3145633bd217a6b74d4165fddc31499b6bde7341aad811e80ee6aefdb5aa993926b57d90c0098babdf172c2ec2fe85ba0b75bdc898ba9a2dc7383533b70f3eae8c5c91526a9d5aa99f4a91c9a4235b05558f9871f1e2254a2300e7bd5b4c0fa0bae78e00a53400ca2d1bd03f9d47c82a0e8a17519b53ab0274dd5fcab49ef76a567c156b947b38744657321da66d2983024a67adc00adcde04f35fc2cfeb39c0adcaa508ee7cb8b7a6b73b4deeba620538003f11f390d108c466a2058db84b122b62844f6aebf2d119ea050ba34a1152c439b4ee0491d9417398ec2b7154bdb39ffadb6385c52108f61cc0847cc8e499b3009b00ea000d1c84848c8213d82aa2c87d9c7b15fdf23454190b5c18f563985383a42c2d600155970c15cde8da2d14ef5908704966c286d59a5141bff15ed1e8b7c1252d8cbd641c70f8129ca870fa1235155cf642095b20d88de5c0a0ac6e8969c05996481d1e8e7f9cae627ad6cd374bffa2c8714c84e735384c4064c2e194f26ea16d3d99259cc394d2c4553578ad251c3fe2b88b316dd3533b644ec59390868fe5e7f79fa721ae8dd5ded8ceefaad3879b8c5577bb831079b44fab7db38f0b61d74ed192b2c61cfe6bed13049db2c6b85434e46194230ab022f7d74be00a844023d9b423eb03ccfc0ad3e61b950cd9801941fd8e5d4b90154ae9f173b42fcd658190758f21af8ff9086d4eb12bc3496bfecd99211c1048b3ce4dd25f0934d7f17d45f50084c4ef7c31625080a1c1cec43922d89d1945f675d980e8f2b374c198fb6e857d099c33aeececaac17ab9c12c343051e7dd2f8786883339dbc643af493745974a4da505844e0419dbddb4eca492713d006a5ff47d78dfac1642acab8caa7bda595b6b9532edf6da9ee99711822fabf8e8783dc8f156d1490f40ed6aedb4f97ce55269a2070b4aa3fc51ef22d9fa8342a03ef1b27831f83ade237f4344797eb29f9bbc6aced4005f4b379a1e0b060b4f9cbfce975b9bb2b53e1228c91753a7dfe6d67282d565c1ef42a15c1ff0d49f1128694336eaa277fd691de0748740241edb9250ab53e53523b2217fd4d554fe482c35d8ebdce8c2d053ea2b035a5e8f9ea2e683b24e418698e48b6bb8275c6938c61a6fcafb1f7c73a344db76bdc8cafb1a10b13121e62e3d9b92ad50241ec0908d73255cb72ab5d144757a55c116343e6e6c61bb0999615ddca343e02a5e3438cc9f66b1619c4467b12e615918d2f27392977775c165530dc0059bb41bd6103e612ef5bcd7f2df54ab86a05836b0bb685c05e935da8dfe4144217603c6e4f703d8062af788c7acf61285baaf7c7043a0602fbe8d61daabcf07156f7ee60debca3787d1f4b60f39c341df2908bf7944a5753883626920f1e82eeb374409fa0b331053a9c6bd3ab48682d228ec04d7cb3eb94917d00bc97b46ec14f1681013969cda5ea2c95fa390b3d6422ce0ac242690fbf352d757c9fbc66d06b0e4578e43f032c5f033d54618d178ef0fabdb00108d23cae66bd4ce059709b01e5b8ffec5595865a1c77c0bd8a1f2cb5f13d2b49450b23d021f64247966fd07bee6538fb0565b7eb41489566bc066107a345d705335bc918fe2e3c4edc50872fd25933aaa908cd78eec4e414d46c035c734af8a5b8d47fe62a4a9c49da0cf6547cc8d6702a2468c8d6fbe0ec7d90888d0bf3a0c7c42507d0baf458ce087d4c7725f42edad430abf233b064186c111b4c1fc2861e74426a31d04e2ade9d7acd8f0ac376b712d1eb20175b93b6900291b5625f90276f0857af6b0d108ddb0d772f501e687196c7caafc90010403596a6b5735e28ec6363896c8719e6002dcea716038e7b773c250c98aae730a7f39d995d0c737ff6e29c7a548c69896355b73d50eff7f7a1238f66601d10e4ccc6fb5e924a59bb41da1eba811f5acb22e8bc3719f3568d0fdc0868b29df0727f5cd50290a1845e22d523cde3002560fef504bd2c9a291c7a81a4f2b5b8a015f379009e3e8baed5d35c4a03e09afd37d7fe9d86e86eb53701ae8016d5a19ce5e96e11549ba09e3c2a6700ea84796091f6ca47d4c68fb1e6f4448e1b72f6d4b8af491b635208b31356140db8134e5a1594e47c7ad68dcd2399f49731c60f5f6c101955d4c31275df3d4ce3207e8dc03b87cae229f1f1d09f0064ef7b0727f787efef0369222717129287a9b3a375e6aadd40b6fdaea3d43cd59febe098b7f80d72343bb147a20b22b5de8fbd32bf4ce64f3ad2510dad9c243327e7c706b06004d1cb82e9cc113d74bb9cb820e360c9a8992b884a65234b93250f7ff8e7271983c6505cdf0524b5a8e60f8b3d86281a903ee62d3010d62a788d360182c1106486ee1673f5b7da5a2a154cbe53697305907f64140283f78b9b3b78d2a420586bbac1f72b4388258a0e7c1cc26048cbf3e47c593e9d3300e98931801efc3bdd0ed74e0d3b4f881c66b71a401d9719a1231394ffd04b35bb3c5dcc5ee18696e8327ef9f0f7d8ee218662ec6e747d5c009ba9462d0fba519be8f5f951a5bc077a6eaca928536f35e5929863357cc025fb80c5806d3b7a9f2645e1f6d3239bf763e9ff16fe6bf30d6139f2a117fa1db0d6d2c6aaecf1cacc1b28b24587c9bfd48e52f37651cc97c35d3dc3834b7f973213d0edefdf42a239da89bf1b735767f9e38119de3fd24dbdb34c38068888dc8ff11d19b1950772e283903ce51b1c13e86d58b283dc8f8a3c9456115b19a0561f3aa9c7eca553c4e5bfc20b5da4b32e607a57c2577ab2a65cedb2dd754a2363b37b138ea37e2e3546eea289da7475850e393e7331416bcf4ec75f0c6e654df1fc513e0dcc52ba57e9a128d148cf42d35fb9c7168c959e1ed6e4811fba1662c22194101a6d8787e037a35888117c854a2ef8f685076771ab5aefc8135cfa4c2a25680c6566e0fd19eee7cc86ece140efb6fab4200eabc09d834239abf5f48b46ea51797ee393693270da94c3e73859c01d1042e2eff0b1c4ed41ea560f38b8483d94b9dace687bbe8993fc4e2872b686bf299bb0dce34874d940fd2c36b5270aedd09e5e5a952d70f191e011c7e269219477fe8f5ded564f14fda6461b64d84ec32543a7ed663d8d27d8b8893942e0b7167f3f7b936f8f1fe623248d9815c5969f3a22f0fdefb527d9a870d7ece5430a9adcfee9eef05d235a0c87989965b20bad18c96d696e817c95693fec426ff81f1250e81c244058722243cb3e2df722ac46554a368a90a81206628fcc889cca832a8d4ed20188db0005b1b1c494e3dcce0622dd72ee35f4b4ac447909937bf67807344f5a629230752645aee6c70a885a80ea0e491fdef70648bfa0060ad78b122f2cc0637feb6c5754073d71326bb5a5c0b8c9890fffab1360d647d3a7b4e4bfb29c3162f311d7a1a41c3c5f739542ec723fff2c1e086dd79b1f22f3ff5a512e7ec7dfa54cc6883ae22b949139b1f029f8674ea97c5fb8125a3dafebddd524acdd1618c9f9b9fdf0ea659c4bd4b8da12cae75d1f5ae611b8fa7fd23ff0ff7dcf8a10540120d03d72db15d0775075c1c30ba7e6a07ee6633fa6fa396ca3a5799a7905db5d49e8e8ce00eb7a9af5f2c60749bc28c4b188054e21f44f28d2d1258326ae27a1b14d4704ffb93ff506bbf07e0e4e1bf2502fce11eeb83b9c491a68db0744a61ec449f5338c0b40d77ed16de2d935320bbd2cea2a164f26e7b619ddd81448009adeadfdcdead9df5a1c6da9aca64f373dfaf7cb940aac9f5eedb7a5d49eb74dc0e0819b05f328e9a4ddf3ef0a27cf01a853e02bc69970a32930c48509d726600dc7ee95e119d4cb28f87aa13b7ff846c338b5f9090586ff7bd983721d4a4b5a2e9a3e1495644483bf14861d524196f0d73265688794d6b3b4ce8b3f994c56a82a02a35aeaf9f79c08f5280a6ba0187eae965e412f14cb379869c997564b0a37349dc535882d5d4054d18bf44cbfccbdb8b377761096c974b3dde6a9dc767937bc3430a7fb614671e73ea867b4cd499f2581766510ad70811cda49b69b5afd380ae2ad43281e6640d4f20b2615f3c0b20f7d45c69a9cbbe7933776e07043b141664c059f1c6de17d44eed8b6242d6e8e8b3b86cff4306a9657e6d6f0c429f52138c6c5f7d155bc713432ca75bbf77c3a2c06e546474a7c327d10c46be64e6729643a9455420c48677a23c92f05e3e56f7fecbee4dea0b9eac600739cd068305bb6aea50d5d1042f821e78f2942d603c46a1e4541756bac183b640935dffe8309e3e90a170ca3d126375a0177b1d94b72b622607af60a2cfb9b63464689237fcdbb752e89335aa96c615a59e39fcd89a3a39445e78fb5dd491e29f638c162c886a762b16850863305496ca80974c3d39892a255f9a26b438662e6bc67e1d5115acff5bee940368df7e182ac1cc24331adb6e155ecfa1257d2f47a6b959f2bcf2dfbf86613c7761746ed85fd7e2a3c7c8602ee5143b100bd0a5026146becd255004fd8728bcfad605fad03e754ff1245e7716884e7e6898158ca4e9ba58cf09d8afe65fc18c2529b43a14e7eb7451b8072d68124be7b9133301d840191435de4704e2dda8ccfa87013f733aa10431faf7e46be7a391809af91e5e98d63c80a13c4b4fbb95b44ae5540f62f43036daef02b5dd404c0b08d46fa66fbdf0b4ed839494aa4c85194dac555e4061481c6717a33067"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6.770826372s ago: executing program 1 (id=1335): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000280)={0x1, 0x0, [{0xd, 0x40, 0x1, 0x8, 0x80000000, 0x2, 0x2}]}) 6.770450192s ago: executing program 3 (id=1336): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x91000, &(0x7f00000007c0)=ANY=[@ANYRES64, @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=0,shortname=mixed,uni_xlate=0,shortname=winnt,\x00'], 0x96, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="14000000045f000000e2", @ANYRES32=r1, @ANYBLOB='\x00'/19, @ANYRES32, @ANYBLOB="00000000020000000000000000"], 0x50) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x80002, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$packet(0x11, 0x3, 0x300) close(r4) 6.628800514s ago: executing program 2 (id=1337): socket$nl_route(0x10, 0x3, 0x0) gettid() syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1d1, &(0x7f0000000440)="$eJzslj2v0lAYx//nlBQwGhNHFwdJ1MHSFjUuJLI4OZj4QhxMJFIJUsRAByEx6Cdwd3Nw9wuY6OqHMOiiC04615yXliOhCNwL3OQ+v4Sn/1POy9PnNP9TEARxbPn+7c8k/l39UQBwEiXk9f2f1qwPN/p/Lfx6+fnWzfqbh++/5CdOcdGccbz6+jkAn2oWonTsv6NL+noXPNX3wHFJ6zoYHK0fgeO+1gEYHmj91NA90d9xnrTDwHncC5tCuCJ4IvgiVObzm75maBr5MeP/wXDUaYRh0N+i+F/9pjWOqpGfuV8OVLauUT8PHJ7WFTDc0fo68kltVEmM5z+bm81vLX1+G9uuiEhljVFnTmVulQ1gszQAdlh7j1f6ld3mO5QhLEiR7OiOV9+BQO5IpLGG2GQvPt5QY5I78Vi1ZZ/TGRPG4xWXsLFR5VN/it8xXDD8SVnJW3nUlKPu8/JgOLrc7jZaQSt45vuVa+4V173ql6URqbjE/4rSn07M5l94JglsZuNFI4r6nopp21dxkeNy6X8cF8+rtnBTe27egqGZ/nF5ld7b+ZCZPUEQxP44ByY9WfpyIvRpAuNb9/YecyQIgiAIgiAIgiAI4mD8DQAA//80kEvd") chdir(&(0x7f0000000000)='./file0\x00') rename(0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="080000000400000004000000a40000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32], 0x50) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r3}, 0x18) io_setup(0xaa, &(0x7f0000000000)=0x0) io_pgetevents(r4, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={[0x1]}, 0x8}) capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb, 0x3}) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x48940, 0x10c) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) 6.628542453s ago: executing program 1 (id=1338): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x7}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 6.42454669s ago: executing program 1 (id=1339): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f0000000580)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x9, 0x8000400, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x4fed0) syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000100)=0x5, 0x4) sendmsg$NFNL_MSG_CTHELPER_DEL(0xffffffffffffffff, 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000000c0)={0x9}, 0x10) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f0000000200)=[@enter_looper], 0x2, 0x0, &(0x7f0000000580)="de54"}) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYRESOCT=r4, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x4000000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, 0xffffffffffffffff, 0x0, 0x100ddc3}, 0x18) 5.265796564s ago: executing program 2 (id=1340): socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{0x14, 0x1, 0x5, 0xf}, {0x24, 0x0, 0x7}, {0x6, 0x8, 0x3, 0x7ffffdbd}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf) madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe) inotify_init() r3 = timerfd_create(0x8, 0x0) r4 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000100)={0x90000004}) clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000000100}) 5.263009054s ago: executing program 3 (id=1341): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40012022, 0x0) fspick(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {}, 0xa}}, 0x26) sendmmsg$inet(r5, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) 5.098799357s ago: executing program 4 (id=1342): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x418, @loopback}}) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000004c0)='./file0/../file0\x00', &(0x7f0000000180), 0x0, 0x0) 1.415929286s ago: executing program 4 (id=1343): bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[], 0x48) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @local}, 0xc) 1.412581066s ago: executing program 3 (id=1344): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_udp(0xa, 0x2, 0x0) r4 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x2, 0x81}}, 0x2e) getsockopt(r4, 0x111, 0x3, 0x0, &(0x7f0000000080)) r5 = getpid() process_vm_readv(r5, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=") fchdir(0xffffffffffffffff) r6 = syz_open_dev$loop(&(0x7f0000000000), 0x3, 0x60000) ioctl$BLKIOOPT(r6, 0x1279, &(0x7f00000001c0)) mount(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x0, 0x0) gettid() 0s ago: executing program 1 (id=1345): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x63) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) kernel console output (not intermixed with test programs): [ 162.463584][ T6765] syz_tun: entered promiscuous mode [ 162.484893][ T6765] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 162.500715][ T6769] netlink: 'syz.1.298': attribute type 3 has an invalid length. [ 162.510879][ T6769] netlink: 'syz.1.298': attribute type 3 has an invalid length. [ 162.518799][ T6769] netlink: 12 bytes leftover after parsing attributes in process `syz.1.298'. [ 164.187871][ T6797] netlink: 'syz.0.308': attribute type 10 has an invalid length. [ 164.260434][ T5859] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 164.270269][ T28] audit: type=1326 audit(1754659677.989:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.308620][ T6799] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 164.314698][ T28] audit: type=1326 audit(1754659677.989:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.354058][ T28] audit: type=1326 audit(1754659677.989:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.387448][ T28] audit: type=1326 audit(1754659677.989:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.411429][ T28] audit: type=1326 audit(1754659677.989:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.434032][ T28] audit: type=1326 audit(1754659677.999:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.464795][ T28] audit: type=1326 audit(1754659677.999:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.497609][ T5859] usb 4-1: Using ep0 maxpacket: 16 [ 164.512653][ T5859] usb 4-1: config 4 has an invalid interface number: 51 but max is 0 [ 164.517349][ T28] audit: type=1326 audit(1754659677.999:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.522262][ T5859] usb 4-1: config 4 has no interface number 0 [ 164.551736][ T28] audit: type=1326 audit(1754659677.999:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.570117][ T5859] usb 4-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16 [ 164.588721][ T6807] netlink: 'syz.1.311': attribute type 10 has an invalid length. [ 164.598112][ T28] audit: type=1326 audit(1754659677.999:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6798 comm="syz.1.309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 164.604375][ T5859] usb 4-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 164.624850][ T6807] syz_tun: entered promiscuous mode [ 164.660615][ T5859] usb 4-1: config 4 interface 51 has no altsetting 0 [ 164.667318][ T6807] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 164.688213][ T5859] usb 4-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76 [ 164.706886][ T5859] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.724948][ T5859] usb 4-1: Product: syz [ 164.732335][ T5859] usb 4-1: Manufacturer: syz [ 164.737005][ T5859] usb 4-1: SerialNumber: syz [ 164.767727][ T6795] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 164.796617][ T6795] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 165.025750][ T6795] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 165.034384][ T6795] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 165.317024][ T6795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.457558][ T6795] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.701215][ T6795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.754260][ T6795] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.793626][ T6815] netlink: 72 bytes leftover after parsing attributes in process `syz.2.314'. [ 165.884214][ T5859] cdc_eem 4-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.3-1, CDC EEM Device, be:12:ad:04:f6:23 [ 166.230648][ T6795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.096299][ T6795] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.615443][ T5859] usb 4-1: USB disconnect, device number 6 [ 167.633214][ T5859] cdc_eem 4-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.3-1, CDC EEM Device [ 168.143487][ T6851] loop2: detected capacity change from 0 to 512 [ 168.352675][ T6851] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.365763][ T6851] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 171.170906][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.479704][ T6883] loop3: detected capacity change from 0 to 512 [ 171.509536][ T6883] EXT4-fs: Ignoring removed bh option [ 171.536418][ T6883] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 171.618365][ T6883] EXT4-fs (loop3): 1 truncate cleaned up [ 171.631697][ T6883] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 172.615535][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.700717][ T6902] loop3: detected capacity change from 0 to 512 [ 173.817883][ T6902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 173.840849][ T6902] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.276881][ T6908] overlayfs: failed to resolve './file1': -2 [ 175.649675][ T6914] loop2: detected capacity change from 0 to 512 [ 175.957635][ T6914] EXT4-fs (loop2): Test dummy encryption mode enabled [ 175.979237][ T6914] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2244: inode #15: comm syz.2.333: corrupted in-inode xattr: invalid ea_ino [ 176.011069][ T6914] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.333: couldn't read orphan inode 15 (err -117) [ 176.074149][ T6914] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.134908][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 176.436204][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.835968][ T6929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.336'. [ 176.869291][ T6927] loop3: detected capacity change from 0 to 256 [ 176.915968][ T6927] FAT-fs (loop3): Directory bread(block 64) failed [ 176.923127][ T6927] FAT-fs (loop3): Directory bread(block 65) failed [ 176.930072][ T6927] FAT-fs (loop3): Directory bread(block 66) failed [ 176.936642][ T6927] FAT-fs (loop3): Directory bread(block 67) failed [ 176.943461][ T6927] FAT-fs (loop3): Directory bread(block 68) failed [ 176.950237][ T6927] FAT-fs (loop3): Directory bread(block 69) failed [ 176.957617][ T6927] FAT-fs (loop3): Directory bread(block 70) failed [ 176.964444][ T6927] FAT-fs (loop3): Directory bread(block 71) failed [ 176.971316][ T6927] FAT-fs (loop3): Directory bread(block 72) failed [ 176.978043][ T6927] FAT-fs (loop3): Directory bread(block 73) failed [ 178.015588][ T6934] loop3: detected capacity change from 0 to 512 [ 178.092629][ T6934] EXT4-fs (loop3): #blocks per group too big: 466944 [ 180.075906][ T6809] Set syz1 is full, maxelem 65536 reached [ 180.350508][ T6961] loop2: detected capacity change from 0 to 512 [ 180.397107][ T6961] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 180.620317][ T6961] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.344: bad orphan inode 15 [ 180.680566][ T6961] ext4_test_bit(bit=14, block=18) = 1 [ 180.686133][ T6961] is_bad_inode(inode)=0 [ 180.690451][ T6961] NEXT_ORPHAN(inode)=1023 [ 180.694883][ T6961] max_ino=32 [ 180.698233][ T6961] i_nlink=0 [ 180.792823][ T6961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 180.807340][ T6961] ext2 filesystem being mounted at /78/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 181.254499][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 181.477042][ T6972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.347'. [ 181.584847][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 181.595561][ T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 181.604826][ T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 181.613832][ T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 181.626396][ T50] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 181.634890][ T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 181.848960][ T6809] bond0: (slave syz_tun): Releasing backup interface [ 183.264897][ T6989] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 183.324636][ T6973] chnl_net:caif_netlink_parms(): no params data found [ 183.591086][ T6973] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.598593][ T6973] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.615340][ T6973] bridge_slave_0: entered allmulticast mode [ 184.849949][ T5797] Bluetooth: hci4: command tx timeout [ 185.499755][ T6973] bridge_slave_0: entered promiscuous mode [ 185.509259][ T6973] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.547343][ T6973] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.555755][ T6973] bridge_slave_1: entered allmulticast mode [ 185.570192][ T6973] bridge_slave_1: entered promiscuous mode [ 185.689055][ T6973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.702380][ T6973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.774949][ T6973] team0: Port device team_slave_0 added [ 185.784005][ T6973] team0: Port device team_slave_1 added [ 185.828649][ T6973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 185.836079][ T6973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.863736][ T6973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 185.889416][ T6973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 185.899773][ T6973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.932280][ T6973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.035270][ T6973] hsr_slave_0: entered promiscuous mode [ 186.044594][ T6973] hsr_slave_1: entered promiscuous mode [ 186.051330][ T6973] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 186.058930][ T6973] Cannot create hsr debugfs directory [ 186.411716][ T7014] netlink: 4 bytes leftover after parsing attributes in process `syz.3.355'. [ 186.973070][ T6973] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 186.989376][ T6973] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 187.014317][ T6973] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 187.043251][ T6973] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 187.402494][ T6973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.467054][ T6973] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.510486][ T5797] Bluetooth: hci4: command tx timeout [ 187.529629][ T1133] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.537825][ T1133] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.681941][ T143] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.689171][ T143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.823574][ T7038] loop2: detected capacity change from 0 to 512 [ 187.860610][ T7038] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 187.894587][ T7038] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 187.940482][ T7043] netlink: 4 bytes leftover after parsing attributes in process `syz.3.363'. [ 187.952888][ T7038] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:478: comm syz.2.361: Invalid block bitmap block 0 in block_group 0 [ 187.978257][ T7038] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6642: Corrupt filesystem [ 188.007430][ T7038] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #11: comm syz.2.361: attempt to clear invalid blocks 983261 len 1 [ 188.061608][ T7038] EXT4-fs error (device loop2): __ext4_get_inode_loc:4483: comm syz.2.361: Invalid inode table block 0 in block_group 0 [ 188.080027][ T7038] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 188.136185][ T7038] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 188.167442][ T7038] EXT4-fs error (device loop2): __ext4_get_inode_loc:4483: comm syz.2.361: Invalid inode table block 0 in block_group 0 [ 188.193895][ T7038] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 188.208756][ T7038] EXT4-fs error (device loop2): ext4_truncate:4288: inode #11: comm syz.2.361: mark_inode_dirty error [ 188.249011][ T7038] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 188.281005][ T7038] EXT4-fs error (device loop2): __ext4_get_inode_loc:4483: comm syz.2.361: Invalid inode table block 0 in block_group 0 [ 188.334808][ T7038] EXT4-fs (loop2): 1 truncate cleaned up [ 188.359260][ T7038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.532856][ T7042] wg2: entered promiscuous mode [ 188.537837][ T7042] wg2: entered allmulticast mode [ 188.786167][ T6973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 188.806122][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.991166][ T7058] syz.3.367[7058] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 188.991329][ T7058] syz.3.367[7058] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 189.590286][ T5797] Bluetooth: hci4: command tx timeout [ 189.873383][ T7076] loop2: detected capacity change from 0 to 512 [ 190.113822][ T7076] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 190.128894][ T7076] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 190.704933][ T6973] veth0_vlan: entered promiscuous mode [ 191.002379][ T6973] veth1_vlan: entered promiscuous mode [ 191.042430][ T7083] netlink: 4 bytes leftover after parsing attributes in process `syz.1.372'. [ 191.226036][ T6973] veth0_macvtap: entered promiscuous mode [ 191.265675][ T6973] veth1_macvtap: entered promiscuous mode [ 191.324065][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 191.324081][ T28] audit: type=1326 audit(1754659705.059:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 191.376028][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.393264][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.406329][ T28] audit: type=1326 audit(1754659705.099:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 191.435772][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.454240][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.466123][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 191.478527][ T28] audit: type=1326 audit(1754659705.099:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 191.643603][ T28] audit: type=1326 audit(1754659705.099:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 191.680041][ T5797] Bluetooth: hci4: command tx timeout [ 191.719677][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.765519][ T28] audit: type=1326 audit(1754659705.099:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 191.799471][ T6973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 191.862701][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 191.907699][ T28] audit: type=1326 audit(1754659705.099:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 191.939970][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 191.957655][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 191.996811][ T28] audit: type=1326 audit(1754659705.099:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 192.021354][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.050010][ T6973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.086890][ T6973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.101070][ T28] audit: type=1326 audit(1754659705.099:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 192.147687][ T6973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 192.192220][ T6973] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.212237][ T28] audit: type=1326 audit(1754659705.109:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 192.234765][ T28] audit: type=1326 audit(1754659705.109:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7084 comm="syz.1.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 192.239779][ T6973] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.276543][ T6973] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.322543][ T6973] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.339587][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.551596][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 192.559489][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 192.804199][ T7095] fuse: Bad value for 'user_id' [ 192.847243][ T7095] capability: warning: `syz.3.378' uses deprecated v2 capabilities in a way that may be insecure [ 193.573272][ T6015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.625923][ T6015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.979960][ T787] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 194.114139][ T7104] netlink: 892 bytes leftover after parsing attributes in process `syz.4.380'. [ 194.190695][ T787] usb 3-1: Using ep0 maxpacket: 16 [ 194.198259][ T787] usb 3-1: config 4 has an invalid interface number: 51 but max is 0 [ 194.207875][ T787] usb 3-1: config 4 has no interface number 0 [ 194.220113][ T787] usb 3-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16 [ 194.245703][ T787] usb 3-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 194.259926][ T787] usb 3-1: config 4 interface 51 has no altsetting 0 [ 194.272036][ T787] usb 3-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76 [ 194.283477][ T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.283545][ T7108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.381'. [ 194.292301][ T787] usb 3-1: Product: syz [ 194.305286][ T787] usb 3-1: Manufacturer: syz [ 194.310288][ T787] usb 3-1: SerialNumber: syz [ 194.321713][ T7097] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 194.339510][ T7097] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 194.653873][ T7097] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 194.679767][ T7097] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 194.712954][ T787] cdc_eem 3-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.2-1, CDC EEM Device, d6:6c:5d:bf:21:f4 [ 194.746149][ T7115] loop3: detected capacity change from 0 to 256 [ 194.817218][ T7115] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d) [ 194.875388][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.891748][ T7115] exFAT-fs (loop3): error, found bogus dentry(11) beyond unused empty group(10) (start_clu : 5, cur_clu : 5) [ 194.926270][ T7097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.935847][ T7115] exFAT-fs (loop3): Filesystem has been set read-only [ 194.958048][ T7097] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 194.972940][ T7097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.995916][ T7097] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 195.408534][ T7097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 195.437930][ T7097] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 195.461841][ T7132] syz.4.387[7132] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.461984][ T7132] syz.4.387[7132] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.698749][ T787] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 196.092992][ T787] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 196.246895][ T787] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 196.298567][ T23] usb 3-1: USB disconnect, device number 7 [ 196.631535][ T23] cdc_eem 3-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.2-1, CDC EEM Device [ 196.644193][ T787] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 196.653982][ T787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 196.664243][ T787] usb 4-1: SerialNumber: syz [ 196.764487][ T7147] netlink: 4 bytes leftover after parsing attributes in process `syz.1.391'. [ 196.934534][ T787] usb 4-1: 0:2 : does not exist [ 197.196068][ T787] usb 4-1: USB disconnect, device number 7 [ 197.303211][ T5809] udevd[5809]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 197.527275][ T7159] loop2: detected capacity change from 0 to 8192 [ 198.160532][ T7171] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 198.169631][ T7171] FAT-fs (loop2): Filesystem has been set read-only [ 200.510322][ T7193] netlink: 4 bytes leftover after parsing attributes in process `syz.1.401'. [ 200.609678][ T7195] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 201.156970][ T7212] loop4: detected capacity change from 0 to 512 [ 201.180479][ T7212] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 201.208759][ T7212] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c11c, mo2=0102] [ 201.222139][ T7212] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.407: corrupted in-inode xattr: e_value size too large [ 201.240029][ T7212] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.407: couldn't read orphan inode 15 (err -117) [ 201.273596][ T7212] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.900204][ T7224] loop3: detected capacity change from 0 to 512 [ 201.909085][ T7224] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 201.952009][ T7224] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 201.975613][ T7224] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.101922][ T7224] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 202.112634][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.131205][ T7224] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 16 with error 28 [ 202.152020][ T7224] EXT4-fs (loop3): This should not happen!! Data will be lost [ 202.152020][ T7224] [ 202.165013][ T7224] EXT4-fs (loop3): Total free blocks count 0 [ 202.173974][ T7224] EXT4-fs (loop3): Free/Dirty block details [ 202.224546][ T7224] EXT4-fs (loop3): free_blocks=39626 [ 202.240261][ T7224] EXT4-fs (loop3): dirty_blocks=16 [ 202.275460][ T7228] netlink: 4 bytes leftover after parsing attributes in process `syz.4.412'. [ 202.277866][ T7224] EXT4-fs (loop3): Block reservation details [ 202.310551][ T7224] EXT4-fs (loop3): i_reserved_data_blocks=16 [ 202.508787][ T7233] tipc: Started in network mode [ 202.513969][ T7233] tipc: Node identity 9610d8ca605e, cluster identity 4711 [ 202.521963][ T7233] tipc: Enabled bearer , priority 0 [ 202.539361][ T7229] tipc: Resetting bearer [ 202.572506][ T7235] netlink: 868 bytes leftover after parsing attributes in process `syz.2.415'. [ 202.738326][ T7239] overlayfs: failed to clone upperpath [ 202.932033][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.550089][ T5876] tipc: Node number set to 4132362442 [ 207.035179][ T7229] tipc: Disabling bearer [ 207.089970][ T7258] netlink: 4 bytes leftover after parsing attributes in process `syz.1.422'. [ 212.614227][ T7285] netlink: 868 bytes leftover after parsing attributes in process `syz.2.431'. [ 212.624446][ T7290] loop4: detected capacity change from 0 to 512 [ 212.644364][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.433'. [ 212.657014][ T7290] EXT4-fs: Ignoring removed orlov option [ 212.699430][ T7290] ext2: Unknown parameter 'obj_role' [ 213.214871][ T7299] netlink: 384 bytes leftover after parsing attributes in process `syz.4.430'. [ 215.079704][ T7305] netlink: 'syz.3.436': attribute type 10 has an invalid length. [ 215.184705][ T7305] syz_tun: entered promiscuous mode [ 215.231915][ T7305] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 215.334005][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 215.334022][ T28] audit: type=1326 audit(1754659729.069:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 215.449948][ T28] audit: type=1326 audit(1754659729.069:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 215.493248][ T28] audit: type=1326 audit(1754659729.099:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 215.571073][ T28] audit: type=1326 audit(1754659729.109:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 215.636623][ T28] audit: type=1326 audit(1754659729.109:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 215.694795][ T7317] netlink: 4 bytes leftover after parsing attributes in process `syz.4.442'. [ 215.726113][ T28] audit: type=1326 audit(1754659729.109:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 215.768504][ T7322] netlink: 868 bytes leftover after parsing attributes in process `syz.2.443'. [ 215.807303][ T28] audit: type=1326 audit(1754659729.109:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 215.839738][ T28] audit: type=1326 audit(1754659729.109:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 216.094510][ T28] audit: type=1326 audit(1754659729.109:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 216.206123][ T28] audit: type=1326 audit(1754659729.139:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.2.439" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 217.306073][ T7334] loop4: detected capacity change from 0 to 512 [ 217.331122][ T7334] EXT4-fs: Ignoring removed orlov option [ 217.336893][ T7334] ext2: Unknown parameter 'obj_role' [ 217.423825][ T7292] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 217.433878][ T5103] Bluetooth: hci1: command 0x0406 tx timeout [ 217.464353][ T5103] Bluetooth: hci3: command 0x0406 tx timeout [ 217.546359][ T7340] netlink: 'syz.3.450': attribute type 10 has an invalid length. [ 217.781730][ T7344] netlink: 384 bytes leftover after parsing attributes in process `syz.4.447'. [ 218.610950][ T7353] netlink: 4 bytes leftover after parsing attributes in process `syz.2.454'. [ 218.654866][ T7356] netlink: 860 bytes leftover after parsing attributes in process `syz.4.453'. [ 220.206516][ T7370] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 220.615787][ T7378] loop2: detected capacity change from 0 to 512 [ 220.630864][ T7378] EXT4-fs: Ignoring removed orlov option [ 220.636665][ T7378] ext2: Unknown parameter 'obj_role' [ 221.025559][ T7380] netlink: 384 bytes leftover after parsing attributes in process `syz.2.462'. [ 222.131302][ T7390] netlink: 860 bytes leftover after parsing attributes in process `syz.2.465'. [ 222.182504][ T7392] netlink: 4 bytes leftover after parsing attributes in process `syz.1.466'. [ 222.533564][ T7376] loop3: detected capacity change from 0 to 40427 [ 222.570005][ T7376] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 222.586398][ T7376] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 222.626721][ T7376] F2FS-fs (loop3): invalid crc value [ 222.699143][ T7376] F2FS-fs (loop3): Mismatch valid blocks 0 vs. 1 [ 222.820106][ T7376] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-117) [ 223.163653][ T7408] loop2: detected capacity change from 0 to 128 [ 223.388933][ T7408] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 223.431809][ T7408] ext4 filesystem being mounted at /113/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 223.787195][ T7420] overlayfs: failed to resolve './file0': -2 [ 225.096326][ T5792] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 225.305757][ T7428] vlan2: entered allmulticast mode [ 226.547841][ T7441] syz.4.480[7441] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 226.547986][ T7441] syz.4.480[7441] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 227.773263][ T7453] loop4: detected capacity change from 0 to 512 [ 227.837611][ T7453] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 227.948904][ T7453] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.962037][ T7453] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 228.685597][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.017421][ T7467] loop4: detected capacity change from 0 to 512 [ 229.095294][ T7467] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 229.230712][ T7467] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.485: bad orphan inode 15 [ 229.295597][ T7467] ext4_test_bit(bit=14, block=18) = 1 [ 229.301352][ T7467] is_bad_inode(inode)=0 [ 229.305565][ T7467] NEXT_ORPHAN(inode)=1023 [ 229.310095][ T7467] max_ino=32 [ 229.313336][ T7467] i_nlink=0 [ 229.323628][ T7467] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 229.355770][ T7467] ext2 filesystem being mounted at /25/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 229.900893][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 231.285073][ T7477] loop4: detected capacity change from 0 to 256 [ 231.296476][ T7479] input: syz0 as /devices/virtual/input/input8 [ 231.393515][ T7477] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 232.620965][ T7483] netlink: 'syz.2.491': attribute type 10 has an invalid length. [ 237.105881][ T7511] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 237.178197][ T7511] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 240.946718][ T7547] netlink: 772 bytes leftover after parsing attributes in process `syz.3.509'. [ 242.906562][ T7572] syz.2.514 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 245.486126][ T7589] loop3: detected capacity change from 0 to 256 [ 245.613956][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 245.614001][ T28] audit: type=1107 audit(1754659759.319:65): pid=7580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 246.158038][ T7589] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 246.181867][ T7593] netlink: 772 bytes leftover after parsing attributes in process `syz.1.522'. [ 246.314922][ T28] audit: type=1326 audit(1754659760.049:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.377378][ T28] audit: type=1326 audit(1754659760.059:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.431148][ T28] audit: type=1326 audit(1754659760.059:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.467000][ T28] audit: type=1326 audit(1754659760.059:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.500829][ T28] audit: type=1326 audit(1754659760.059:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.529195][ T28] audit: type=1326 audit(1754659760.059:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.654984][ T28] audit: type=1326 audit(1754659760.079:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.725832][ T28] audit: type=1326 audit(1754659760.079:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.765304][ T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 246.789939][ T28] audit: type=1326 audit(1754659760.079:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7596 comm="syz.2.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 246.988097][ T23] usb 5-1: Using ep0 maxpacket: 16 [ 247.070069][ T23] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 247.238095][ T23] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 247.456803][ T23] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 247.503591][ T23] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 247.538131][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.583572][ T23] usb 5-1: Product: syz [ 247.587934][ T23] usb 5-1: Manufacturer: syz [ 247.649908][ T23] usb 5-1: SerialNumber: syz [ 247.789541][ T7616] loop2: detected capacity change from 0 to 2048 [ 247.872616][ T7616] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 247.975100][ T7624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.532'. [ 248.065854][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.196506][ T23] usb 5-1: USB disconnect, device number 2 [ 248.278443][ T7342] udevd[7342]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 248.479564][ T7635] loop2: detected capacity change from 0 to 128 [ 248.595360][ T7635] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 248.652878][ T7635] ext4 filesystem being mounted at /130/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 248.835864][ T5792] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 250.663310][ T7658] netlink: 4 bytes leftover after parsing attributes in process `syz.2.542'. [ 250.915981][ T7663] netlink: 'syz.2.543': attribute type 10 has an invalid length. [ 253.270785][ T7687] netlink: 4 bytes leftover after parsing attributes in process `syz.3.551'. [ 253.558169][ T7693] netlink: 'syz.3.554': attribute type 10 has an invalid length. [ 255.899310][ T7721] netlink: 8 bytes leftover after parsing attributes in process `syz.1.565'. [ 256.380916][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.365922][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 257.365941][ T28] audit: type=1107 audit(1754659770.329:77): pid=7731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='¯' [ 257.630882][ T7742] loop4: detected capacity change from 0 to 512 [ 257.831053][ T7742] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 258.519233][ T7742] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.572: bad orphan inode 15 [ 258.542968][ T7742] ext4_test_bit(bit=14, block=18) = 1 [ 258.548453][ T7742] is_bad_inode(inode)=0 [ 258.553165][ T7742] NEXT_ORPHAN(inode)=1023 [ 258.557552][ T7742] max_ino=32 [ 258.560856][ T7742] i_nlink=0 [ 258.570374][ T7742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 258.615524][ T7742] ext2 filesystem being mounted at /46/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 258.910731][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 259.158235][ T7756] loop2: detected capacity change from 0 to 128 [ 259.434094][ T7756] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 259.506662][ T7756] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 259.957048][ T7763] netlink: 8 bytes leftover after parsing attributes in process `syz.1.577'. [ 260.173890][ T28] audit: type=1326 audit(1754659773.809:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 260.328164][ T28] audit: type=1326 audit(1754659773.809:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 260.459634][ T28] audit: type=1326 audit(1754659773.809:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 261.043861][ T28] audit: type=1326 audit(1754659773.809:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 261.703870][ T5792] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 262.280549][ T7779] loop2: detected capacity change from 0 to 512 [ 262.306713][ T7779] EXT4-fs (loop2): Test dummy encryption mode enabled [ 262.359546][ T7779] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2244: inode #15: comm syz.2.582: corrupted in-inode xattr: invalid ea_ino [ 262.385811][ T7779] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.582: couldn't read orphan inode 15 (err -117) [ 262.403368][ T7779] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 263.611602][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.220754][ T7800] netlink: 8 bytes leftover after parsing attributes in process `syz.2.589'. [ 266.090843][ T7813] overlayfs: failed to clone upperpath [ 266.988972][ T7819] overlayfs: failed to resolve './file1': -2 [ 267.008833][ T7825] loop4: detected capacity change from 0 to 1024 [ 267.017713][ T7825] ext4: Unknown parameter 'nouser_xattr' [ 267.609648][ T7260] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 268.610953][ T7845] veth0_vlan: entered allmulticast mode [ 268.758586][ T28] audit: type=1326 audit(1754659782.489:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7847 comm="syz.1.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 268.802434][ T28] audit: type=1326 audit(1754659782.489:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7847 comm="syz.1.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 268.839928][ T7850] netlink: 'syz.4.604': attribute type 10 has an invalid length. [ 268.868123][ T7850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 268.899312][ T28] audit: type=1326 audit(1754659782.489:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7847 comm="syz.1.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 268.932900][ T7850] team0: Port device bond0 added [ 268.938630][ T7845] ÿÿÿÿÿÿ: renamed from vlan1 [ 270.081882][ T7863] loop4: detected capacity change from 0 to 512 [ 270.090549][ T7863] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 270.105000][ T7863] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c11c, mo2=0102] [ 270.140304][ T7863] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.610: corrupted in-inode xattr: e_value size too large [ 270.162058][ T7863] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.610: couldn't read orphan inode 15 (err -117) [ 270.176772][ T7863] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 270.176925][ T28] audit: type=1326 audit(1754659784.914:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 270.456394][ T28] audit: type=1326 audit(1754659784.914:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.129607][ T28] audit: type=1326 audit(1754659785.224:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.360548][ T28] audit: type=1326 audit(1754659785.224:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.431768][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.439683][ T28] audit: type=1326 audit(1754659785.224:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.464343][ T28] audit: type=1326 audit(1754659785.224:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.486882][ T28] audit: type=1326 audit(1754659785.224:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7866 comm="syz.3.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.797927][ T7884] netlink: 'syz.1.618': attribute type 10 has an invalid length. [ 273.854031][ T28] kauditd_printk_skb: 47 callbacks suppressed [ 273.854045][ T28] audit: type=1326 audit(1754659788.594:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7878 comm="syz.3.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.886769][ T28] audit: type=1326 audit(1754659788.594:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7878 comm="syz.3.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.919036][ T28] audit: type=1326 audit(1754659788.654:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7878 comm="syz.3.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 273.935605][ T7887] loop2: detected capacity change from 0 to 128 [ 273.952789][ T28] audit: type=1326 audit(1754659788.654:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7878 comm="syz.3.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 274.146701][ T7887] FAT-fs (loop2): bogus number of reserved sectors [ 274.164751][ T7887] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 274.232260][ T28] audit: type=1326 audit(1754659788.654:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7878 comm="syz.3.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 274.245904][ T7887] FAT-fs (loop2): Can't find a valid FAT filesystem [ 274.719867][ T28] audit: type=1326 audit(1754659788.684:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7878 comm="syz.3.615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 275.889323][ T7903] loop2: detected capacity change from 0 to 512 [ 276.019996][ T7903] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.032937][ T7903] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 276.134873][ T7901] loop3: detected capacity change from 0 to 8192 [ 278.554872][ T7919] fuse: Bad value for 'fd' [ 278.745948][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.802730][ T7899] syz_tun: left promiscuous mode [ 278.971242][ T7899] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.184752][ T7899] bridge_slave_1: left allmulticast mode [ 281.357774][ T7899] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 281.405198][ T7899] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 281.875783][ T7899] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.885388][ T7899] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.894336][ T7899] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 281.903345][ T7899] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.207420][ T28] audit: type=1326 audit(1754659797.942:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 282.260317][ T28] audit: type=1326 audit(1754659797.942:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 282.311453][ T28] audit: type=1326 audit(1754659797.942:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc6ff98d550 code=0x7ffc0000 [ 282.369542][ T28] audit: type=1326 audit(1754659797.942:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fc6ff990417 code=0x7ffc0000 [ 282.741945][ T28] audit: type=1326 audit(1754659797.942:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 283.184805][ T28] audit: type=1326 audit(1754659797.942:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fc6ff990417 code=0x7ffc0000 [ 283.218051][ T28] audit: type=1326 audit(1754659797.942:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc6ff98d84a code=0x7ffc0000 [ 283.250829][ T28] audit: type=1326 audit(1754659797.942:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 283.580153][ T28] audit: type=1326 audit(1754659797.942:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 284.409864][ T28] audit: type=1326 audit(1754659797.942:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7936 comm="syz.4.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 284.461844][ T7951] loop2: detected capacity change from 0 to 512 [ 284.646374][ T7951] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 284.695745][ T7958] loop3: detected capacity change from 0 to 512 [ 284.712699][ T7958] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 284.744552][ T7958] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c11c, mo2=0102] [ 284.757146][ T7958] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.634: corrupted in-inode xattr: e_value size too large [ 284.780540][ T7951] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 284.791846][ T7958] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.634: couldn't read orphan inode 15 (err -117) [ 284.806278][ T7958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.083202][ T7965] loop4: detected capacity change from 0 to 512 [ 287.095539][ T7965] EXT4-fs: Ignoring removed orlov option [ 287.117512][ T7965] ext2: Unknown parameter 'obj_role' [ 287.491839][ T7967] netlink: 384 bytes leftover after parsing attributes in process `syz.4.635'. [ 287.501308][ T7967] netlink: 'syz.4.635': attribute type 2 has an invalid length. [ 288.038055][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.247006][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.269599][ T7973] veth0: entered promiscuous mode [ 288.279173][ T7971] veth0: left promiscuous mode [ 288.319590][ T7974] netlink: 'syz.2.636': attribute type 10 has an invalid length. [ 289.147282][ T7987] loop3: detected capacity change from 0 to 256 [ 289.184189][ T7987] exfat: Deprecated parameter 'utf8' [ 289.300701][ T7987] exfat: Deprecated parameter 'utf8' [ 289.308092][ T7987] exfat: Deprecated parameter 'utf8' [ 289.339083][ T7987] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d) [ 291.290816][ T7995] netlink: 'syz.1.646': attribute type 10 has an invalid length. [ 291.369672][ T7995] 8021q: adding VLAN 0 to HW filter on device bond0 [ 291.405479][ T7995] team0: Port device bond0 added [ 291.601839][ T8006] netlink: 'syz.3.650': attribute type 10 has an invalid length. [ 291.619893][ T8006] syz_tun: entered promiscuous mode [ 291.706837][ T8008] input: syz0 as /devices/virtual/input/input12 [ 293.180113][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 293.389986][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 293.405744][ T9] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 293.440334][ T9] usb 4-1: config 0 has no interface number 0 [ 293.463718][ T9] usb 4-1: config 0 interface 184 has no altsetting 0 [ 293.500666][ T9] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 293.520432][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.545810][ T9] usb 4-1: Product: syz [ 294.368745][ T9] usb 4-1: Manufacturer: syz [ 294.373535][ T9] usb 4-1: SerialNumber: syz [ 294.383134][ T9] usb 4-1: config 0 descriptor?? [ 294.396016][ T9] smsc75xx v1.0.0 [ 294.581344][ T8031] netlink: 'syz.2.658': attribute type 10 has an invalid length. [ 294.654009][ T8031] 8021q: adding VLAN 0 to HW filter on device bond0 [ 294.672124][ T8031] team0: Port device bond0 added [ 295.056445][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32 [ 295.100826][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32 [ 295.125638][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind [ 295.176913][ T9] smsc75xx: probe of 4-1:0.184 failed with error -32 [ 295.238339][ T9] usb 4-1: USB disconnect, device number 8 [ 295.932249][ T8051] loop2: detected capacity change from 0 to 128 [ 298.472655][ T8051] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 298.486545][ T8051] ext4 filesystem being mounted at /162/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 298.895042][ T5792] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 299.127898][ T8065] netlink: 'syz.1.671': attribute type 10 has an invalid length. [ 299.650326][ T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 299.851809][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 299.935834][ T8087] loop4: detected capacity change from 0 to 128 [ 300.002987][ T8087] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 300.016917][ T8087] ext4 filesystem being mounted at /76/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 301.409898][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 301.409915][ T28] audit: type=1107 audit(1754659818.145:171): pid=8093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 301.428954][ T9] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 301.437408][ T9] usb 4-1: config 0 has no interface number 0 [ 301.443903][ T9] usb 4-1: config 0 interface 184 has no altsetting 0 [ 301.515299][ T9] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 301.537436][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.565425][ T9] usb 4-1: Product: syz [ 301.587247][ T9] usb 4-1: Manufacturer: syz [ 301.603943][ T9] usb 4-1: SerialNumber: syz [ 301.625029][ T9] usb 4-1: config 0 descriptor?? [ 301.654858][ T9] smsc75xx v1.0.0 [ 302.337783][ T6973] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 302.760045][ T9] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 302.854226][ T9] smsc75xx: probe of 4-1:0.184 failed with error -71 [ 302.871493][ T9] usb 4-1: USB disconnect, device number 9 [ 303.290144][ T8113] batadv_slave_0: entered promiscuous mode [ 303.830377][ T8104] batadv_slave_0: left promiscuous mode [ 304.553436][ T50] Bluetooth: hci4: command 0x0406 tx timeout [ 305.332227][ T8129] overlayfs: failed to clone upperpath [ 307.996745][ T8147] loop4: detected capacity change from 0 to 512 [ 308.068786][ T8147] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.201299][ T8147] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 309.999318][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.066101][ T8176] loop4: detected capacity change from 0 to 1024 [ 312.122545][ T8176] EXT4-fs (loop4): Test dummy encryption mode enabled [ 312.161750][ T8176] EXT4-fs (loop4): stripe (9) is not aligned with cluster size (16), stripe is disabled [ 312.190451][ T8180] fuse: Bad value for 'fd' [ 312.213262][ T8176] EXT4-fs error (device loop4): ext4_quota_enable:7129: inode #3: comm syz.4.702: iget: bad extra_isize 2 (inode size 1024) [ 312.234941][ T8176] EXT4-fs error (device loop4): ext4_quota_enable:7132: comm syz.4.702: Bad quota inode: 3, type: 0 [ 312.376308][ T8176] EXT4-fs warning (device loop4): ext4_enable_quotas:7173: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 312.682044][ T8176] EXT4-fs (loop4): mount failed [ 313.257644][ T8191] loop3: detected capacity change from 0 to 512 [ 313.378506][ T8198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.702'. [ 313.391658][ T8191] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.469055][ T8191] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 314.776362][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.640103][ T7922] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 315.831583][ T7922] usb 5-1: Using ep0 maxpacket: 32 [ 315.844285][ T7922] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 315.865050][ T7922] usb 5-1: config 0 has no interface number 0 [ 315.871868][ T7922] usb 5-1: config 0 interface 184 has no altsetting 0 [ 315.891423][ T7922] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 315.900981][ T7922] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.909314][ T7922] usb 5-1: Product: syz [ 315.916006][ T7922] usb 5-1: Manufacturer: syz [ 315.920893][ T7922] usb 5-1: SerialNumber: syz [ 315.938827][ T7922] usb 5-1: config 0 descriptor?? [ 315.962648][ T7922] smsc75xx v1.0.0 [ 316.394000][ T7922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32 [ 316.423745][ T7922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32 [ 316.444769][ T7922] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind [ 316.472824][ T7922] smsc75xx: probe of 5-1:0.184 failed with error -32 [ 316.509333][ T7922] usb 5-1: USB disconnect, device number 3 [ 316.544405][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.3.726'. [ 316.568903][ T8242] netem: change failed [ 320.252922][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.676249][ T8271] netlink: 'syz.3.736': attribute type 9 has an invalid length. [ 320.716906][ T8271] netlink: 'syz.3.736': attribute type 6 has an invalid length. [ 322.200821][ T8283] netlink: 892 bytes leftover after parsing attributes in process `syz.2.740'. [ 322.992208][ T8301] loop4: detected capacity change from 0 to 16 [ 323.015811][ T8301] erofs: (device loop4): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 323.342585][ T8300] netlink: 212 bytes leftover after parsing attributes in process `syz.4.744'. [ 324.459857][ T23] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 324.926560][ T8308] netlink: 'syz.4.748': attribute type 10 has an invalid length. [ 324.938589][ T8308] syz_tun: entered promiscuous mode [ 324.939982][ T23] usb 4-1: Using ep0 maxpacket: 32 [ 324.951691][ T23] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 324.960164][ T23] usb 4-1: config 0 has no interface number 0 [ 324.966405][ T23] usb 4-1: config 0 interface 184 has no altsetting 0 [ 324.967743][ T8308] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 325.246140][ T23] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 325.260010][ T28] audit: type=1107 audit(1754659846.775:172): pid=8304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 325.290949][ T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.317290][ T23] usb 4-1: Product: syz [ 325.330180][ T23] usb 4-1: Manufacturer: syz [ 325.434321][ T23] usb 4-1: SerialNumber: syz [ 325.479519][ T23] usb 4-1: config 0 descriptor?? [ 325.500185][ T23] usb 4-1: can't set config #0, error -71 [ 325.542876][ T23] usb 4-1: USB disconnect, device number 10 [ 326.676680][ T8326] netlink: 892 bytes leftover after parsing attributes in process `syz.2.753'. [ 326.867508][ T8330] loop4: detected capacity change from 0 to 512 [ 326.888376][ T8332] netlink: 'syz.2.757': attribute type 10 has an invalid length. [ 327.238663][ T8330] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.755: iget: bad i_size value: 38620345925642 [ 327.570900][ T8330] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.755: couldn't read orphan inode 15 (err -117) [ 327.687543][ T8330] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.636397][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.630607][ T8355] fuse: Bad value for 'fd' [ 329.683095][ T8358] loop4: detected capacity change from 0 to 128 [ 331.249696][ T8358] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 331.265341][ T8358] ext4 filesystem being mounted at /91/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 332.269034][ T6973] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 332.611829][ T8371] netlink: 'syz.3.768': attribute type 10 has an invalid length. [ 332.646750][ T8371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 332.854750][ T8371] team0: Port device bond0 added [ 334.603960][ T8396] fuse: Bad value for 'fd' [ 335.149607][ T8407] netlink: 'syz.4.780': attribute type 10 has an invalid length. [ 337.102731][ T8436] fuse: Bad value for 'fd' [ 341.267476][ T8466] loop3: detected capacity change from 0 to 512 [ 341.352661][ T8466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 341.367833][ T8466] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 341.816379][ T8476] netlink: 4 bytes leftover after parsing attributes in process `syz.2.803'. [ 342.688785][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.912597][ T8486] fuse: Bad value for 'fd' [ 346.543688][ T8499] tipc: Enabling of bearer rejected, failed to enable media [ 346.978925][ T8514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.816'. [ 347.006818][ T8514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.816'. [ 347.706497][ T8524] loop4: detected capacity change from 0 to 512 [ 348.646082][ T8524] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 348.659519][ T8524] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 348.971035][ T8524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.817'. [ 349.497831][ T8529] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 350.471127][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.686720][ T8544] process 'syz.3.826' launched '/dev/fd/8' with NULL argv: empty string added [ 350.802577][ T8544] loop3: detected capacity change from 0 to 512 [ 350.818590][ T8544] EXT4-fs: Ignoring removed mblk_io_submit option [ 350.905332][ T28] audit: type=1326 audit(1754659878.477:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.242643][ T8544] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.826: invalid indirect mapped block 10 (level 1) [ 351.264474][ T8544] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.826: invalid indirect mapped block 8 (level 1) [ 351.274021][ T28] audit: type=1326 audit(1754659878.477:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.308183][ T8544] EXT4-fs (loop3): 1 truncate cleaned up [ 351.313267][ T28] audit: type=1326 audit(1754659878.487:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=148 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.315572][ T8544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 351.356584][ T8544] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.360110][ T28] audit: type=1326 audit(1754659878.487:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.442522][ T28] audit: type=1326 audit(1754659878.487:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.465434][ T28] audit: type=1326 audit(1754659878.487:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.495593][ T28] audit: type=1326 audit(1754659878.487:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.515233][ T8456] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 351.519443][ T28] audit: type=1326 audit(1754659878.487:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.557842][ T28] audit: type=1326 audit(1754659878.487:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 351.609383][ T28] audit: type=1326 audit(1754659878.487:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8541 comm="syz.3.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 353.450308][ T8576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.836'. [ 356.935703][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.4.849'. [ 357.049887][ T5913] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 357.255800][ T5913] usb 4-1: Using ep0 maxpacket: 32 [ 358.044752][ T5913] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 358.053764][ T5913] usb 4-1: config 0 has no interface number 0 [ 358.071526][ T5913] usb 4-1: config 0 interface 184 has no altsetting 0 [ 358.092896][ T5913] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 358.107237][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.115805][ T5913] usb 4-1: Product: syz [ 358.124616][ T5913] usb 4-1: Manufacturer: syz [ 358.129440][ T5913] usb 4-1: SerialNumber: syz [ 358.238522][ T5913] usb 4-1: config 0 descriptor?? [ 358.246376][ T5913] smsc75xx v1.0.0 [ 358.258817][ T5913] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 358.269320][ T5913] smsc75xx: probe of 4-1:0.184 failed with error -22 [ 359.920121][ T5858] usb 4-1: USB disconnect, device number 11 [ 360.136729][ T28] kauditd_printk_skb: 16 callbacks suppressed [ 360.136744][ T28] audit: type=1107 audit(1754659887.877:199): pid=8627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 360.178786][ T8641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.860'. [ 361.089373][ T8650] loop3: detected capacity change from 0 to 512 [ 361.183575][ T8456] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 370.320036][ T28] audit: type=1107 audit(1754659899.050:200): pid=8683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 375.659594][ T8722] netlink: 212 bytes leftover after parsing attributes in process `syz.1.883'. [ 379.260711][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.461348][ T8755] 9pnet_fd: Insufficient options for proto=fd [ 379.471831][ T8755] ipt_REJECT: TCP_RESET invalid for non-tcp [ 386.020935][ T8787] 8021q: adding VLAN 0 to HW filter on device team0 [ 386.252024][ T8795] loop4: detected capacity change from 0 to 512 [ 387.093430][ T8795] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 387.106816][ T8795] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 387.554610][ T8787] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 389.208559][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.362396][ T8826] overlayfs: failed to clone upperpath [ 392.978742][ T28] audit: type=1107 audit(1754659927.266:201): pid=8840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 396.582874][ T8880] overlayfs: failed to clone upperpath [ 396.662612][ T8881] overlayfs: failed to clone upperpath [ 397.461613][ T28] audit: type=1107 audit(1754659934.196:202): pid=8875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 399.329010][ T8895] netlink: 'syz.4.933': attribute type 10 has an invalid length. [ 399.588633][ T8897] 8021q: adding VLAN 0 to HW filter on device bond0 [ 399.638675][ T8897] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 407.851966][ T8916] bridge0: entered promiscuous mode [ 409.269959][ T8929] loop3: detected capacity change from 0 to 16 [ 409.390549][ T8929] erofs: (device loop3): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 409.573265][ T8928] netlink: 212 bytes leftover after parsing attributes in process `syz.3.941'. [ 413.577598][ T8945] loop3: detected capacity change from 0 to 512 [ 413.923986][ T8945] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 414.120476][ T8952] serio: Serial port ttyS3 [ 414.476822][ T8945] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 415.114533][ T8956] loop4: detected capacity change from 0 to 512 [ 415.123016][ T8956] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 415.224989][ T8956] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c11c, mo2=0102] [ 415.233758][ T8956] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.949: corrupted in-inode xattr: e_value size too large [ 415.251593][ T8956] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.949: couldn't read orphan inode 15 (err -117) [ 415.270541][ T8956] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 416.334307][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 417.714541][ T8975] loop4: detected capacity change from 0 to 512 [ 417.903252][ T8975] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 417.972983][ T8975] ext4 filesystem being mounted at /143/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 420.378783][ T8986] netlink: 212 bytes leftover after parsing attributes in process `syz.2.956'. [ 420.641335][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.848125][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 422.249883][ T787] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 422.429856][ T787] usb 4-1: Using ep0 maxpacket: 16 [ 422.437105][ T787] usb 4-1: config 4 has an invalid interface number: 51 but max is 0 [ 422.445429][ T787] usb 4-1: config 4 has no interface number 0 [ 422.451700][ T787] usb 4-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16 [ 422.461713][ T787] usb 4-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 422.472149][ T787] usb 4-1: config 4 interface 51 has no altsetting 0 [ 422.482776][ T787] usb 4-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76 [ 422.492092][ T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 422.500378][ T787] usb 4-1: Product: syz [ 422.504668][ T787] usb 4-1: Manufacturer: syz [ 422.509580][ T787] usb 4-1: SerialNumber: syz [ 422.518472][ T9000] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 422.526097][ T9000] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 422.740429][ T9000] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 422.748144][ T9000] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 422.778059][ T787] cdc_eem 4-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.3-1, CDC EEM Device, 1e:31:94:a3:7f:b3 [ 422.991717][ T9000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 423.050469][ T9000] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 423.085005][ T9000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 423.110437][ T9000] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 423.766771][ T9000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 424.173688][ T9000] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 424.617177][ T7922] usb 4-1: USB disconnect, device number 12 [ 424.643264][ T7922] cdc_eem 4-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.3-1, CDC EEM Device [ 424.708071][ T9033] loop4: detected capacity change from 0 to 512 [ 424.890208][ T9033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 424.964212][ T9033] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 426.068861][ T9050] loop3: detected capacity change from 0 to 16 [ 426.132622][ T9050] erofs: (device loop3): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 426.199991][ T9048] netlink: 212 bytes leftover after parsing attributes in process `syz.3.969'. [ 427.434660][ T9061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.972'. [ 432.209999][ T28] audit: type=1326 audit(1754659971.942:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9092 comm="syz.3.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 432.332472][ T28] audit: type=1326 audit(1754659971.942:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9092 comm="syz.3.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 432.463596][ T28] audit: type=1326 audit(1754659971.942:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9092 comm="syz.3.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 432.572871][ T9098] loop3: detected capacity change from 0 to 1024 [ 432.592162][ T28] audit: type=1326 audit(1754659971.942:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9092 comm="syz.3.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 432.627670][ T9098] ext4: Unknown parameter 'nouser_xattr' [ 433.779263][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 434.427978][ T9109] loop3: detected capacity change from 0 to 512 [ 434.709347][ T9109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 434.722904][ T9109] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 434.770165][ T9108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.984'. [ 435.247811][ T9116] loop4: detected capacity change from 0 to 256 [ 435.396590][ T28] audit: type=1800 audit(1754659975.132:207): pid=9116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.987" name=F15BBA4E66BB75FBD5 dev="loop4" ino=1048599 res=0 errno=0 [ 436.373446][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.604282][ T9127] loop4: detected capacity change from 0 to 128 [ 436.689217][ T9127] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 436.733589][ T9127] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 439.767400][ T6973] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 440.800351][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.971920][ T9163] loop3: detected capacity change from 0 to 512 [ 442.074735][ T9163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 442.088059][ T9163] ext4 filesystem being mounted at /223/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 442.705158][ T28] audit: type=1107 audit(1754659982.072:208): pid=9152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 444.228368][ T9189] netlink: 212 bytes leftover after parsing attributes in process `syz.1.1005'. [ 444.270004][ T5858] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 444.490045][ T5858] usb 5-1: Using ep0 maxpacket: 16 [ 444.607140][ T5858] usb 5-1: config 4 has an invalid interface number: 51 but max is 0 [ 444.635914][ T5858] usb 5-1: config 4 has no interface number 0 [ 444.656233][ T5858] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16 [ 444.699867][ T5858] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 444.734142][ T5858] usb 5-1: config 4 interface 51 has no altsetting 0 [ 444.754610][ T5858] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76 [ 444.783204][ T5858] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 444.801764][ T5858] usb 5-1: Product: syz [ 444.822193][ T5858] usb 5-1: Manufacturer: syz [ 444.845429][ T5858] usb 5-1: SerialNumber: syz [ 444.869123][ T9185] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 444.906146][ T9185] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 445.139354][ T9185] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 445.167850][ T9185] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 445.222773][ T5858] cdc_eem 5-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.4-1, CDC EEM Device, b2:58:f1:82:78:d1 [ 445.428058][ T9185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 445.470321][ T9185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 445.495290][ T9185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 445.540697][ T9185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 446.170054][ T9185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 446.178914][ T9185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 446.244216][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 447.185420][ T5858] usb 5-1: USB disconnect, device number 4 [ 447.206844][ T5858] cdc_eem 5-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.4-1, CDC EEM Device [ 447.980704][ T28] audit: type=1326 audit(1754659988.566:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9209 comm="syz.3.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 448.009929][ T28] audit: type=1326 audit(1754659988.566:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9209 comm="syz.3.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05fc18ebe9 code=0x7ffc0000 [ 450.076985][ T9228] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR [ 450.785962][ T28] audit: type=1107 audit(1754659991.526:211): pid=9226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 451.214933][ T9261] lo: entered promiscuous mode [ 451.219919][ T9261] lo: entered allmulticast mode [ 451.225767][ T9261] tunl0: entered promiscuous mode [ 451.230949][ T9261] tunl0: entered allmulticast mode [ 451.237219][ T9261] gre0: entered promiscuous mode [ 451.242278][ T9261] gre0: entered allmulticast mode [ 451.248744][ T9261] gretap0: entered promiscuous mode [ 451.254045][ T9261] gretap0: entered allmulticast mode [ 451.261134][ T9261] erspan0: entered promiscuous mode [ 451.266429][ T9261] erspan0: entered allmulticast mode [ 451.273667][ T9261] ip_vti0: entered promiscuous mode [ 451.278988][ T9261] ip_vti0: entered allmulticast mode [ 451.286497][ T9261] ip6_vti0: entered promiscuous mode [ 451.292111][ T9261] ip6_vti0: entered allmulticast mode [ 451.299562][ T9261] sit0: entered promiscuous mode [ 451.304798][ T9261] sit0: entered allmulticast mode [ 451.312223][ T9261] ip6tnl0: entered promiscuous mode [ 451.317554][ T9261] ip6tnl0: entered allmulticast mode [ 451.325031][ T9261] ip6gre0: entered promiscuous mode [ 451.330574][ T9261] ip6gre0: entered allmulticast mode [ 451.338320][ T9261] syz_tun: entered allmulticast mode [ 451.346936][ T9261] ip6gretap0: entered promiscuous mode [ 451.352566][ T9261] ip6gretap0: entered allmulticast mode [ 451.359882][ T9261] bridge0: entered promiscuous mode [ 451.365225][ T9261] bridge0: entered allmulticast mode [ 451.372296][ T9261] vcan0: entered promiscuous mode [ 451.377456][ T9261] vcan0: entered allmulticast mode [ 451.384044][ T9261] bond0: entered promiscuous mode [ 451.389166][ T9261] bond_slave_0: entered promiscuous mode [ 451.395423][ T9261] bond_slave_1: entered promiscuous mode [ 451.402055][ T9261] bond0: entered allmulticast mode [ 451.407341][ T9261] bond_slave_0: entered allmulticast mode [ 451.413285][ T9261] bond_slave_1: entered allmulticast mode [ 451.423394][ T9261] 8021q: adding VLAN 0 to HW filter on device bond0 [ 451.432549][ T9261] team0: entered promiscuous mode [ 451.437932][ T9261] team_slave_0: entered promiscuous mode [ 451.444303][ T9261] team_slave_1: entered promiscuous mode [ 451.450937][ T9261] team0: entered allmulticast mode [ 451.456183][ T9261] team_slave_0: entered allmulticast mode [ 451.462116][ T9261] team_slave_1: entered allmulticast mode [ 451.470237][ T9261] dummy0: entered promiscuous mode [ 451.475478][ T9261] dummy0: entered allmulticast mode [ 451.482540][ T9261] nlmon0: entered promiscuous mode [ 451.488417][ T9261] nlmon0: entered allmulticast mode [ 452.520020][ T9261] caif0: entered promiscuous mode [ 452.525177][ T9261] caif0: entered allmulticast mode [ 452.530511][ T9261] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 453.399484][ T9260] fuse: Bad value for 'fd' [ 453.780243][ T9271] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1023'. [ 456.089936][ T5913] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 456.284951][ T9289] syz.2.1028[9289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 456.285093][ T9289] syz.2.1028[9289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 456.300319][ T5913] usb 5-1: Using ep0 maxpacket: 16 [ 456.329105][ T5913] usb 5-1: config 4 has an invalid interface number: 51 but max is 0 [ 456.349819][ T5913] usb 5-1: config 4 has no interface number 0 [ 456.359363][ T5913] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16 [ 456.390213][ T5913] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 456.415994][ T5913] usb 5-1: config 4 interface 51 has no altsetting 0 [ 456.434434][ T5913] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76 [ 456.459807][ T5913] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 456.467833][ T5913] usb 5-1: Product: syz [ 456.473417][ T5913] usb 5-1: Manufacturer: syz [ 456.478083][ T5913] usb 5-1: SerialNumber: syz [ 456.498726][ T9280] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 456.507065][ T9280] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 456.885799][ T9280] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 457.059197][ T9280] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 457.410485][ T9299] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 457.931744][ T9299] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 457.942271][ T5913] cdc_eem 5-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.4-1, CDC EEM Device, 82:a2:97:18:78:fd [ 458.005430][ T9280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 458.080557][ T9280] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 459.531482][ T9299] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 459.575923][ T9299] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 459.701010][ T9310] fuse: Bad value for 'fd' [ 460.235163][ T5858] usb 5-1: USB disconnect, device number 5 [ 460.270123][ T5858] cdc_eem 5-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.4-1, CDC EEM Device [ 460.420059][ T9324] loop3: detected capacity change from 0 to 512 [ 460.543554][ T9324] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 460.577295][ T9324] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 463.512988][ T9358] xt_NFQUEUE: number of total queues is 0 [ 463.646426][ T9363] loop4: detected capacity change from 0 to 16 [ 463.776627][ T9363] erofs: (device loop4): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 463.865364][ T9361] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1042'. [ 465.759649][ T9380] fuse: Bad value for 'fd' [ 465.894499][ T9384] loop4: detected capacity change from 0 to 1024 [ 465.947260][ T9384] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 466.300692][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.409523][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.572470][ T9392] loop4: detected capacity change from 0 to 512 [ 466.607450][ T9392] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1048: iget: bad i_size value: 38620345925642 [ 466.640451][ T9392] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1048: couldn't read orphan inode 15 (err -117) [ 466.723726][ T9392] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 466.960854][ T9400] loop3: detected capacity change from 0 to 512 [ 466.983917][ T9400] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 467.022739][ T9400] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1051: bad orphan inode 11 [ 467.043511][ T9400] ext4_test_bit(bit=10, block=4) = 1 [ 467.068156][ T9400] is_bad_inode(inode)=0 [ 467.083361][ T9400] NEXT_ORPHAN(inode)=2080374784 [ 467.088285][ T9400] max_ino=32 [ 467.130003][ T9400] i_nlink=0 [ 467.133676][ T9400] EXT4-fs (loop3): 1 truncate cleaned up [ 467.154440][ T9400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 467.400285][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.054789][ T9416] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 468.324434][ T9387] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set [ 473.527382][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 473.636515][ T9444] overlayfs: failed to clone upperpath [ 474.882529][ T28] audit: type=1326 audit(1754660016.625:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 475.154266][ T28] audit: type=1326 audit(1754660016.645:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 475.243367][ T28] audit: type=1326 audit(1754660016.715:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 475.409977][ T28] audit: type=1326 audit(1754660016.765:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 475.777505][ T28] audit: type=1326 audit(1754660016.765:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 475.812365][ T28] audit: type=1326 audit(1754660016.825:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 475.899932][ T28] audit: type=1326 audit(1754660016.825:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 475.924336][ T28] audit: type=1326 audit(1754660016.825:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.2.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 476.057252][ T9482] loop4: detected capacity change from 0 to 512 [ 476.179358][ T9482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 476.324349][ T9482] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1077'. [ 477.058104][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.653682][ T9512] loop4: detected capacity change from 0 to 16 [ 479.670360][ T9512] erofs: (device loop4): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 479.958015][ T9509] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1082'. [ 482.724832][ T28] audit: type=1326 audit(1754660025.449:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 482.795614][ T28] audit: type=1326 audit(1754660025.449:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 482.847822][ T28] audit: type=1326 audit(1754660025.449:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 482.873560][ T28] audit: type=1326 audit(1754660025.449:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 482.897122][ T28] audit: type=1326 audit(1754660025.449:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 482.924046][ T28] audit: type=1326 audit(1754660025.449:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 482.947437][ T28] audit: type=1326 audit(1754660025.449:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc6ff990b07 code=0x7ffc0000 [ 482.981643][ T28] audit: type=1326 audit(1754660025.449:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc6ff990a7c code=0x7ffc0000 [ 483.010377][ T28] audit: type=1326 audit(1754660025.449:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc6ff9909b4 code=0x7ffc0000 [ 483.046860][ T28] audit: type=1326 audit(1754660025.449:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9531 comm="syz.4.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fc6ff9909b4 code=0x7ffc0000 [ 484.151492][ T9547] loop3: detected capacity change from 0 to 512 [ 484.278888][ T9547] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1095: iget: bad i_size value: 38620345925642 [ 484.320704][ T9547] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1095: couldn't read orphan inode 15 (err -117) [ 484.414248][ T9547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 484.678364][ T9559] loop4: detected capacity change from 0 to 512 [ 486.545966][ T9555] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 487.285266][ T9559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.298114][ T9559] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 487.557964][ T9555] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 487.594036][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.751596][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.930061][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 487.930077][ T28] audit: type=1326 audit(1754660032.670:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.2.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 489.459982][ T28] audit: type=1326 audit(1754660032.700:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.2.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 489.567944][ T28] audit: type=1326 audit(1754660032.700:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.2.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 489.609801][ T28] audit: type=1326 audit(1754660032.700:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.2.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 489.788980][ T9589] loop3: detected capacity change from 0 to 512 [ 489.811525][ T28] audit: type=1326 audit(1754660032.700:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9579 comm="syz.2.1105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 490.023158][ T9589] EXT4-fs (loop3): #blocks per group too big: 466944 [ 490.887552][ T9596] sch_fq: defrate 0 ignored. [ 494.365157][ T9616] netlink: 212 bytes leftover after parsing attributes in process `syz.1.1111'. [ 496.429759][ T9634] loop4: detected capacity change from 0 to 128 [ 499.497178][ T9634] EXT4-fs: error -4 creating inode table initialization thread [ 499.508220][ T9634] EXT4-fs (loop4): mount failed [ 499.760049][ T28] audit: type=1326 audit(1754660045.420:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 499.790148][ T28] audit: type=1326 audit(1754660045.420:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 499.819991][ T28] audit: type=1326 audit(1754660045.420:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 499.849565][ T28] audit: type=1326 audit(1754660045.420:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 500.036561][ T28] audit: type=1326 audit(1754660045.420:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 500.101389][ T28] audit: type=1326 audit(1754660045.420:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 500.148559][ T28] audit: type=1326 audit(1754660045.420:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 500.273626][ T28] audit: type=1326 audit(1754660045.420:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 500.300325][ T28] audit: type=1326 audit(1754660045.420:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 500.326575][ T28] audit: type=1326 audit(1754660045.420:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.1.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 500.961456][ T9657] loop4: detected capacity change from 0 to 512 [ 501.634943][ T9657] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 501.830345][ T9657] ext4 filesystem being mounted at /184/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 502.073825][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.332784][ T9669] loop3: detected capacity change from 0 to 1024 [ 502.383569][ T9669] ext4: Unknown parameter 'nouser_xattr' [ 502.873331][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 502.976289][ T9677] loop3: detected capacity change from 0 to 512 [ 503.006244][ T9677] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 503.096135][ T9677] EXT4-fs (loop3): 1 orphan inode deleted [ 503.122829][ T9677] EXT4-fs (loop3): 1 truncate cleaned up [ 503.358092][ T9677] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 504.232464][ T9687] loop4: detected capacity change from 0 to 128 [ 505.792983][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.385325][ T9727] block device autoloading is deprecated and will be removed. [ 507.389998][ T5858] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 507.614730][ T5858] usb 4-1: Using ep0 maxpacket: 8 [ 509.555597][ T5858] usb 4-1: unable to get BOS descriptor or descriptor too short [ 509.565688][ T5858] usb 4-1: config 12 interface 0 altsetting 7 endpoint 0x3 has invalid wMaxPacketSize 0 [ 509.575956][ T5858] usb 4-1: config 12 interface 0 altsetting 7 bulk endpoint 0x3 has invalid maxpacket 0 [ 509.585821][ T5858] usb 4-1: config 12 interface 0 has no altsetting 0 [ 510.244183][ T5858] usb 4-1: string descriptor 0 read error: -71 [ 510.255914][ T5858] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5 [ 510.277276][ T5858] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.312151][ T5858] usb 4-1: can't set config #12, error -71 [ 510.325760][ T5858] usb 4-1: USB disconnect, device number 13 [ 510.361418][ T28] kauditd_printk_skb: 18 callbacks suppressed [ 510.361434][ T28] audit: type=1326 audit(1754660056.090:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 510.449812][ T28] audit: type=1326 audit(1754660056.100:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 510.519854][ T28] audit: type=1326 audit(1754660056.100:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 510.602171][ T28] audit: type=1326 audit(1754660056.100:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 511.970960][ T28] audit: type=1326 audit(1754660056.100:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 512.002117][ T28] audit: type=1326 audit(1754660056.100:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 512.352126][ T28] audit: type=1326 audit(1754660056.100:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 512.479512][ T28] audit: type=1326 audit(1754660056.180:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9736 comm="syz.1.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7ffc0000 [ 513.010158][ T5913] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 513.106086][ T28] audit: type=1326 audit(1754660058.830:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.2.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 513.129777][ T28] audit: type=1326 audit(1754660058.830:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9760 comm="syz.2.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcad6d8ebe9 code=0x7ffc0000 [ 513.311275][ T9764] loop4: detected capacity change from 0 to 128 [ 513.519196][ T9764] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 513.535384][ T9764] ext4 filesystem being mounted at /195/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 514.403546][ T9772] netlink: 'syz.1.1161': attribute type 10 has an invalid length. [ 514.561064][ T5913] usb 4-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c [ 514.579783][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.734777][ T9776] tipc: Started in network mode [ 514.754707][ T9776] tipc: Node identity 7f000001, cluster identity 4711 [ 514.775757][ T9776] tipc: Enabled bearer , priority 10 [ 514.814128][ T9776] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 514.843814][ T9776] tipc: Enabled bearer , priority 10 [ 515.307505][ T5913] usb 4-1: Product: syz [ 515.313079][ T5913] usb 4-1: Manufacturer: syz [ 515.314792][ T6973] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 515.318092][ T5913] usb 4-1: SerialNumber: syz [ 515.335187][ T5913] usb 4-1: config 0 descriptor?? [ 515.427160][ T28] kauditd_printk_skb: 104 callbacks suppressed [ 515.427177][ T28] audit: type=1326 audit(1754660061.160:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 515.461967][ T9779] loop4: detected capacity change from 0 to 512 [ 515.477796][ T28] audit: type=1326 audit(1754660061.190:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 515.518511][ T28] audit: type=1326 audit(1754660061.190:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 515.576529][ T5913] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61 [ 515.599108][ T9779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 515.615050][ T28] audit: type=1326 audit(1754660061.190:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 515.648049][ T5913] asix: probe of 4-1:0.0 failed with error -61 [ 515.650035][ T9779] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 515.666472][ T28] audit: type=1326 audit(1754660061.190:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 516.354983][ T787] tipc: Node number set to 2130706433 [ 517.110191][ T28] audit: type=1326 audit(1754660061.190:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 517.192804][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.205816][ T28] audit: type=1326 audit(1754660061.190:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 517.244840][ T28] audit: type=1326 audit(1754660061.190:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 517.273396][ T28] audit: type=1326 audit(1754660061.190:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 517.296156][ T28] audit: type=1326 audit(1754660061.190:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9773 comm="syz.1.1162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa787d8ebe9 code=0x7fc00000 [ 519.480737][ T7921] usb 4-1: USB disconnect, device number 14 [ 527.417529][ T9825] loop3: detected capacity change from 0 to 40427 [ 527.457799][ T9825] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 527.480147][ T9825] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 527.585338][ T9825] F2FS-fs (loop3): Found nat_bits in checkpoint [ 527.844132][ T9855] loop4: detected capacity change from 0 to 128 [ 528.120843][ T9855] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 528.135144][ T9855] ext4 filesystem being mounted at /203/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 530.556305][ T6973] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 531.851075][ T9884] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1187'. [ 531.945840][ T9884] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1187'. [ 532.895963][ T9895] loop3: detected capacity change from 0 to 128 [ 532.982563][ T9895] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 533.001461][ T9895] ext4 filesystem being mounted at /254/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 533.764580][ T5798] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 537.419995][ T9922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1202'. [ 537.432166][ T9926] bridge1: entered allmulticast mode [ 538.386308][ T9934] netlink: 'syz.2.1207': attribute type 10 has an invalid length. [ 538.450087][ T786] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 538.657637][ T786] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 538.679821][ T786] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 538.703916][ T786] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 538.714387][ T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 538.734018][ T786] usb 4-1: Product: syz [ 538.738251][ T786] usb 4-1: Manufacturer: syz [ 538.750170][ T786] usb 4-1: SerialNumber: syz [ 538.770757][ T786] usb 4-1: config 0 descriptor?? [ 538.786954][ T9932] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 538.795181][ T9932] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 539.041931][ T9932] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 539.082996][ T9932] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 541.579885][ T786] dm9601 4-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 542.324844][ T786] usb 4-1: USB disconnect, device number 15 [ 543.145342][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 543.145358][ T28] audit: type=1326 audit(1754660093.875:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9953 comm="syz.4.1213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 543.195798][ T28] audit: type=1326 audit(1754660093.875:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9953 comm="syz.4.1213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 543.245266][ T28] audit: type=1326 audit(1754660093.935:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9953 comm="syz.4.1213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 543.310077][ T28] audit: type=1326 audit(1754660093.935:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9953 comm="syz.4.1213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 543.402817][ T28] audit: type=1326 audit(1754660093.935:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9953 comm="syz.4.1213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6ff98ebe9 code=0x7ffc0000 [ 543.622002][ T9965] fuse: Bad value for 'fd' [ 544.259202][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state [ 544.266689][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.794284][ T9981] loop4: detected capacity change from 0 to 256 [ 546.807589][ T9992] fuse: Bad value for 'fd' [ 546.818822][ T9303] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 550.549830][ T786] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 550.609060][T10015] netlink: 'syz.2.1233': attribute type 10 has an invalid length. [ 551.925615][ T786] usb 5-1: Using ep0 maxpacket: 8 [ 551.933927][ T786] usb 5-1: device descriptor read/all, error -71 [ 554.166318][T10038] fuse: Bad value for 'fd' [ 554.263541][T10054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1241'. [ 560.736779][T10097] loop3: detected capacity change from 0 to 512 [ 560.917626][T10097] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 561.086982][T10097] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 561.103314][T10097] EXT4-fs (loop3): 1 truncate cleaned up [ 561.117734][T10097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 562.996968][T10102] fuse: Bad value for 'fd' [ 563.011309][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.513914][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 565.603624][T10120] loop4: detected capacity change from 0 to 512 [ 566.713971][T10120] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 566.726701][T10120] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 566.801208][T10127] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 568.143028][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.288739][T10137] netlink: 'syz.4.1264': attribute type 10 has an invalid length. [ 570.373166][T10148] Cannot find add_set index 0 as target [ 574.064204][T10159] fuse: Bad value for 'fd' [ 574.876190][T10163] loop3: detected capacity change from 0 to 2048 [ 576.201621][T10163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 576.239307][T10163] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 576.488263][T10163] fs-verity: sha512 using implementation "sha512-avx2" [ 577.395827][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.426901][T10184] loop4: detected capacity change from 0 to 512 [ 577.478722][T10184] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.1276: corrupted in-inode xattr: invalid ea_ino [ 577.499585][T10184] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1276: couldn't read orphan inode 15 (err -117) [ 577.567495][T10184] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 577.642554][T10184] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.293950][T10194] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1279'. [ 580.463362][T10204] loop4: detected capacity change from 0 to 128 [ 582.581800][T10229] loop4: detected capacity change from 0 to 512 [ 582.669078][T10229] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.1290: corrupted in-inode xattr: invalid ea_ino [ 582.760395][T10229] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1290: couldn't read orphan inode 15 (err -117) [ 582.815392][T10229] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 582.876672][T10229] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.049854][T10235] Cannot find add_set index 0 as target [ 583.189440][T10237] loop4: detected capacity change from 0 to 16 [ 583.241551][T10237] erofs: (device loop4): mounted with root inode @ nid 36. [ 585.085085][T10244] netlink: 212 bytes leftover after parsing attributes in process `syz.1.1294'. [ 586.109888][ T5913] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 586.159060][T10256] netlink: 'syz.2.1299': attribute type 10 has an invalid length. [ 586.274104][T10258] loop3: detected capacity change from 0 to 512 [ 586.302776][T10258] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 586.323105][ T5913] usb 5-1: config 0 has an invalid interface number: 152 but max is 0 [ 586.354841][ T5913] usb 5-1: config 0 has no interface number 0 [ 586.372245][T10258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c11c, mo2=0102] [ 586.382334][T10258] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.1300: corrupted in-inode xattr: e_value size too large [ 586.397161][T10258] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1300: couldn't read orphan inode 15 (err -117) [ 586.413111][T10258] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 586.672708][ T5913] usb 5-1: config 0 interface 152 altsetting 7 endpoint 0xA has invalid maxpacket 1024, setting to 64 [ 586.684214][ T5913] usb 5-1: config 0 interface 152 has no altsetting 0 [ 586.700028][ T5913] usb 5-1: New USB device found, idVendor=0e7e, idProduct=1001, bcdDevice=a3.17 [ 586.709159][ T5913] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.682834][ T5913] usb 5-1: Product: syz [ 587.687064][ T5913] usb 5-1: Manufacturer: syz [ 587.691781][ T5913] usb 5-1: SerialNumber: syz [ 587.700178][ T5913] usb 5-1: config 0 descriptor?? [ 587.706016][T10250] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 587.884478][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.766375][ T5913] cdc_subset: probe of 5-1:0.152 failed with error -71 [ 588.811099][ T5913] usb 5-1: USB disconnect, device number 8 [ 590.183835][T10292] loop3: detected capacity change from 0 to 512 [ 590.217102][T10292] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 590.250488][T10292] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c11c, mo2=0102] [ 590.270674][T10292] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.1312: corrupted in-inode xattr: e_value size too large [ 590.287361][T10292] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1312: couldn't read orphan inode 15 (err -117) [ 590.311287][T10292] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 591.685962][T10303] overlayfs: failed to clone upperpath [ 594.224011][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.310706][T10311] syz.4.1316[10311] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 594.310847][T10311] syz.4.1316[10311] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 595.153046][T10324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1320'. [ 595.320308][ T7921] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 595.622737][ T7921] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 595.746735][ T7921] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 595.974021][ T7921] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 596.022319][ T7921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 596.056955][ T7921] usb 4-1: SerialNumber: syz [ 596.455509][ T7921] usb 4-1: 0:2 : does not exist [ 597.559432][ T7921] usb 4-1: unit 255 not found! [ 597.583241][ T7921] usb 4-1: USB disconnect, device number 16 [ 597.859049][T10160] udevd[10160]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 598.133617][T10334] loop3: detected capacity change from 0 to 256 [ 598.255602][T10336] loop4: detected capacity change from 0 to 512 [ 598.272324][T10160] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 598.472750][T10336] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 598.497845][T10336] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 599.207428][ T6973] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 600.346852][ T28] audit: type=1107 audit(1754660158.993:416): pid=10347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 603.384141][T10376] loop3: detected capacity change from 0 to 256 [ 603.464779][T10160] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 609.988835][T10409] loop3: detected capacity change from 0 to 1024 [ 610.000888][T10409] EXT4-fs: Ignoring removed orlov option [ 610.228576][T10409] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 610.482952][T10409] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 611.204744][T10416] [ 611.207142][T10416] ============================================ [ 611.213314][T10416] WARNING: possible recursive locking detected [ 611.219493][T10416] 6.6.101-syzkaller #0 Not tainted [ 611.224617][T10416] -------------------------------------------- [ 611.230781][T10416] syz.1.1345/10416 is trying to acquire lock: [ 611.236898][T10416] ffff88802eaa8238 (&trie->lock){..-.}-{2:2}, at: trie_delete_elem+0x96/0x6a0 [ 611.245852][T10416] [ 611.245852][T10416] but task is already holding lock: [ 611.253242][T10416] ffff88802eaafa38 (&trie->lock){..-.}-{2:2}, at: trie_update_elem+0xca/0xea0 [ 611.262245][T10416] [ 611.262245][T10416] other info that might help us debug this: [ 611.270313][T10416] Possible unsafe locking scenario: [ 611.270313][T10416] [ 611.277778][T10416] CPU0 [ 611.281063][T10416] ---- [ 611.284350][T10416] lock(&trie->lock); [ 611.288429][T10416] lock(&trie->lock); [ 611.292526][T10416] [ 611.292526][T10416] *** DEADLOCK *** [ 611.292526][T10416] [ 611.300823][T10416] May be due to missing lock nesting notation [ 611.300823][T10416] [ 611.309148][T10416] 3 locks held by syz.1.1345/10416: [ 611.314353][T10416] #0: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: bpf_map_update_value+0x41d/0x720 [ 611.324319][T10416] #1: ffff88802eaafa38 (&trie->lock){..-.}-{2:2}, at: trie_update_elem+0xca/0xea0 [ 611.333654][T10416] #2: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0xfd/0x420 [ 611.342994][T10416] [ 611.342994][T10416] stack backtrace: [ 611.348910][T10416] CPU: 1 PID: 10416 Comm: syz.1.1345 Not tainted 6.6.101-syzkaller #0 [ 611.357078][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 611.367169][T10416] Call Trace: [ 611.370472][T10416] [ 611.373415][T10416] dump_stack_lvl+0x16c/0x230 [ 611.378114][T10416] ? show_regs_print_info+0x20/0x20 [ 611.383358][T10416] ? print_deadlock_bug+0x435/0x5d0 [ 611.388619][T10416] __lock_acquire+0x5d40/0x7c80 [ 611.393540][T10416] ? mark_lock+0x94/0x320 [ 611.397893][T10416] ? verify_lock_unused+0x140/0x140 [ 611.403116][T10416] ? __lock_acquire+0x1260/0x7c80 [ 611.408192][T10416] lock_acquire+0x197/0x410 [ 611.412721][T10416] ? trie_delete_elem+0x96/0x6a0 [ 611.417683][T10416] ? verify_lock_unused+0x140/0x140 [ 611.422934][T10416] ? read_lock_is_recursive+0x20/0x20 [ 611.428326][T10416] _raw_spin_lock_irqsave+0xa8/0xf0 [ 611.433636][T10416] ? trie_delete_elem+0x96/0x6a0 [ 611.438599][T10416] ? _raw_spin_lock+0x40/0x40 [ 611.443322][T10416] trie_delete_elem+0x96/0x6a0 [ 611.448106][T10416] ? __cant_sleep+0x210/0x210 [ 611.452804][T10416] bpf_prog_8c8ab8634bca3061+0x42/0x4c [ 611.458290][T10416] bpf_trace_run4+0x1f9/0x420 [ 611.462979][T10416] ? bpf_trace_run4+0xfd/0x420 [ 611.467761][T10416] ? bpf_trace_run3+0x400/0x400 [ 611.472639][T10416] ? percpu_ref_put+0xef/0x180 [ 611.477421][T10416] ? __memcg_kmem_charge_page+0x264/0x380 [ 611.483161][T10416] __alloc_pages+0x429/0x460 [ 611.487779][T10416] ? zone_statistics+0x170/0x170 [ 611.492770][T10416] ? bpf_map_get_memcg+0x4e/0x4e0 [ 611.497905][T10416] ? __lock_acquire+0x7c80/0x7c80 [ 611.502975][T10416] ? __rwlock_init+0x150/0x150 [ 611.507766][T10416] __kmalloc_large_node+0x8c/0x1e0 [ 611.512926][T10416] ? bpf_map_kmalloc_node+0xbc/0x1b0 [ 611.518266][T10416] __kmalloc_node+0x10f/0x230 [ 611.522966][T10416] ? _raw_spin_lock+0x40/0x40 [ 611.527765][T10416] bpf_map_kmalloc_node+0xbc/0x1b0 [ 611.532915][T10416] trie_update_elem+0x166/0xea0 [ 611.537800][T10416] ? asm_exc_page_fault+0x26/0x30 [ 611.542973][T10416] bpf_map_update_value+0x660/0x720 [ 611.548215][T10416] map_update_elem+0x57b/0x700 [ 611.553011][T10416] __sys_bpf+0x652/0x800 [ 611.557359][T10416] ? bpf_link_show_fdinfo+0x350/0x350 [ 611.562756][T10416] ? lock_chain_count+0x20/0x20 [ 611.567630][T10416] __x64_sys_bpf+0x7c/0x90 [ 611.572094][T10416] do_syscall_64+0x55/0xb0 [ 611.576553][T10416] ? clear_bhb_loop+0x40/0x90 [ 611.581243][T10416] ? clear_bhb_loop+0x40/0x90 [ 611.585944][T10416] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 611.591866][T10416] RIP: 0033:0x7fa787d8ebe9 [ 611.596294][T10416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 611.615921][T10416] RSP: 002b:00007fa788c3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 611.624402][T10416] RAX: ffffffffffffffda RBX: 00007fa787fb5fa0 RCX: 00007fa787d8ebe9 [ 611.632400][T10416] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 0000000000000002 [ 611.640389][T10416] RBP: 00007fa787e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 611.648464][T10416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 611.656448][T10416] R13: 00007fa787fb6038 R14: 00007fa787fb5fa0 R15: 00007ffedfade328 [ 611.664466][T10416] [ 612.315259][ T5798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.