last executing test programs: 37.520012112s ago: executing program 2 (id=551): r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @mcast2, 0x1}}}, 0x30) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='#'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 15.758023859s ago: executing program 1 (id=604): r0 = socket$inet_udp(0x2, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}, @printk={@i, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffea3}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x11, 0x0, &(0x7f0000000000)="229dc900"/17, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_netfilter(0x10, 0x3, 0xc) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000b40), 0x2b842ac, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x0}) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x15) ioctl$TIOCVHANGUP(r2, 0x5437, 0x2) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000ac0)=@filter={'filter\x00', 0xc, 0x4, 0x2a0, 0xffffffff, 0x0, 0x0, 0x2, 0x98, 0xffffffff, 0x208, 0x208, 0x208, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@set={{0x40}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300) 14.371633964s ago: executing program 1 (id=605): creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) r3 = memfd_create(&(0x7f0000000080)='\xf3e\t\xa9\xff\vty\x01senux\x00', 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}}) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r4 = creat(&(0x7f0000000300)='./file0\x00', 0x0) write$FUSE_LSEEK(r4, &(0x7f0000000380)={0x18}, 0xfdef) 14.174268154s ago: executing program 1 (id=608): unshare(0x20400) r0 = fanotify_init(0x200, 0x0) r1 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0) r2 = dup(r1) fanotify_mark(r0, 0x1, 0x4800105a, r2, 0x0) r3 = memfd_create(&(0x7f0000002280)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x01k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3F\x958\xf7\xa1c\x81k\'^&\xd9\x82]\x18]\xb2\xbe\xdc\xcd\xe4j\xad;\xd1q$\xb2\xe4\xec\xa9\x15\xbfy\xb7\xe1\xedq\xed\x13F\x85T\xe39\xa4R^#\xc0K\xcd\xe5\xf2\x9a@^\n(\xd5\n5\xcb\xe7~V\xc9\x8b@r\x1c1\xc7.,E\x82L\xf6\xd5\xfe\x9a\x84\xc3\xea\xa4*\xa2\xa3\x12\xce\xb9{X\va\\\xa2\xc6\x88\x9c\xc7%\x0e\x16(\v\xc3\xeam:\xc3@\xa6S|\xe9\xf1$\x11+Y\x1f\xecQ\x86\a\xf3', 0x0) r4 = dup(r3) write$cgroup_pid(r4, &(0x7f0000000000), 0x12) sendfile(r4, r4, &(0x7f0000000040), 0x2) 14.028761663s ago: executing program 1 (id=610): epoll_create1(0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {}]}}) mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x101800, 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100) 13.925894796s ago: executing program 2 (id=552): openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1e3381, 0x0) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000000)="240000001a005f0414f9f4070009040081000000000003400000000008000f0001000000", 0x24) r1 = socket$netlink(0x10, 0x3, 0x4) stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r2, 0xee01) writev(r1, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c5602117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000b0c10000000214e224e0000", 0x58}], 0x1) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) r4 = socket(0x2, 0x80805, 0x0) r5 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="b016c80000e0", @ANYRES16=r5, @ANYBLOB="010026bd7000fcdbdf25170000001c000380080003007b00000008000300ff07000008000300cd0800001c0009800800020000000000080001000800000008000200ffff0000300001800d0001006574683a68737230000000000c00028008000400060000000d0001007564703a73797a320000000038000180340002800800030081000000080001001a0000000800030002000000080002000900000008000200bee3000008000400c9000000140001801000010069623a6d6163766c616e3100"], 0xc8}, 0x1, 0x0, 0x0, 0x4080}, 0x4000001) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r6, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @empty}}}, 0x118) 13.799471857s ago: executing program 1 (id=613): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000300)={[{@prjquota}, {@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@nolazytime}, {@errors_continue}, {@grpjquota}]}, 0x1, 0x46a, &(0x7f0000000980)="$eJzs289vFFUcAPDvzLZFQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUACzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl93tLpRd6H4+yTbv7bzpe9+deTNv5s0EMLD2Zn+SiPsi4mJEjNayKyp5oazctSvnZv+9cm42iUrl3b+TarmrV87NFmWL9bbkmfE0Iv0iyStZbfHM2RMz5fL86Tw/uXTyw8nFM2dfOHZy5uj80flT04cOHTww9fJL0y+uS5xZfFd3f7KwZ9eb7194e/bwhQ9+/T7Jv4+GODox3EGZvVng/1SqGpc93U1ld4GtdelkqI8NoSuliBjK9+eLMRqluL7xRuONz/vaOOC2ys5Nm1ovXq4AG1gS/W4B0B/FiT67/i0+PRp63BEuv1q7AMrivpZ/akuGIs3LDDdc366nvRFxePm/b7JP3MR9CACAbv2YjX+ebzb+S6N+jLgtnxsai4j7I2J7RDwQETsi4sGIeCgidkbEw51Ve7xINE4N3Tj+SS/daoztZOO/V/K5rdXjv2L0F2OlPLe1Gv9wcuRYeX5//puMx/CmLD/Vpo6fXv/jq1bL6sd/2Ser//CqyaX00lDDDbq5maWZjiagOnD5s4jdQ83iT1ZmApKI2BURu7v719uKxLFnv9vTqlDT+POx8JrWYZ6p8m3EM7XtvxwN8ReS9vOTk/dEeX7/ZLFX3Oi338+/06r+W4p/HWTbf/Pq/b+xyFhSP1+72H0d5//8suU1zdrxN9//R5L3qsejkfy7j2eWlk5PRYwkb9XWqv9++vq6Rb4on8U/vq95/9+er5PF/0hEZDvxoxHxWEQ8nrf9iYh4MiL2tYn/l9eeOt5l/Embf7eusvjnmh7/VprQsP27T5RO/PxDq/o72/4Hq6nx/Jvq8W8NnTbwVn47AAAAuFuk1Wfgk3RiJZ2mExO1Z/h3xOa0vLC49NyRhY9OzdWelR+L4bS40zVadz90KlnOnyaO6tX3dH6vuFh+IL9v/HXp3mp+YnahPNfn2GHQbanr/9t3Xu//mb9Kq8uuzIh4vwM2Dv0ZBldj/0/71A6g95z/YXDp/zC49H8YXM36/6cN+VKP2gL0lvM/DK61+n/P3kYCes75HwaX/g8Dqd278cnNv/Iv0d9ELN/+KtI7ItLblRjpoINs6MSNx4oh4wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAu9H8AAAD//xjg70M=") chdir(&(0x7f0000000000)='./file0\x00') r0 = creat(0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00'}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r3, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r3, 0x0) readv(r2, &(0x7f0000000080)=[{0x0}], 0x1) mount(0x0, &(0x7f0000000580)='./bus\x00', 0x0, 0x1000, 0x0) open(0x0, 0x185102, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000e00)={[{@user_xattr}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@dioread_lock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@commit={'commit', 0x3d, 0x1}}, {@data_writeback}, {@usrquota}, {@noauto_da_alloc}], [{@subj_user={'subj_user', 0x3d, '@('}}, {@fowner_eq}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@dont_hash}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==") r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r4, 0x0, 0x0) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000100)) 13.684455784s ago: executing program 4 (id=614): ioperm(0x2, 0x6, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.empty_time\x00', 0x275a, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f00000000c0)=r0}, 0x20) getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000300)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) r3 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(r3, 0x107, 0xf, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6gre0\x00', 0x0}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000010000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48) sendto$packet(r3, &(0x7f00000002c0)="05031400d3fc122c28000000000000000000", 0x12, 0x5, &(0x7f0000000140)={0x11, 0x18, r4, 0x1, 0x0, 0x6, @multicast}, 0x14) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) ioctl$HIDIOCGCOLLECTIONINDEX(r0, 0x40184810, &(0x7f0000000500)={0x3, 0xffffffff, 0x100, 0x816, 0xffffffff}) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r6}]}, 0x28}}, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x14, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0x1}, @exit, @generic={0x66, 0x8, 0x6, 0x6, 0x80000001}, @cb_func={0x18, 0xa, 0x4, 0x0, 0xfffffffffffffffe}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x61}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @btf_id={0x18, 0x3}]}, &(0x7f0000000200)='syzkaller\x00', 0x8, 0x77, &(0x7f0000000240)=""/119, 0x41000, 0x0, '\x00', r2, 0x11, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x5, 0x5, 0x0, 0x7}, 0x10, 0xffffffffffffffff, r0, 0x0, &(0x7f0000000380), 0x0, 0x10, 0x5}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r9, r10, &(0x7f0000000140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x6, 0x0, 0x0}) io_uring_enter(r8, 0x22, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='rxrpc_rx_ack\x00', r7}, 0x10) openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x541b, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000000)={0x405}) 13.168038011s ago: executing program 1 (id=617): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1c, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x1, 0x2}, 0x48) 12.99240024s ago: executing program 2 (id=620): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x74, &(0x7f0000000180)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f0000000000)=[@tclass={{0x14, 0x29, 0x43, 0x401}}], 0x18}}], 0x1, 0x0) 12.984593494s ago: executing program 4 (id=621): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_XFRM_DREG={0x8}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 12.873376465s ago: executing program 2 (id=622): epoll_create1(0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {}]}}) mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x101800, 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100) 12.768606638s ago: executing program 4 (id=625): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040), 0x0, 0x6, r0}, 0x38) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file2\x00', 0x800, &(0x7f0000000640)=ANY=[@ANYBLOB="6e616d65636173653d312c756d61736b3d30303030303030303030303030303030303030303031312c696f636861727365743d63703835302c666d61736b3d30303030303030303030303030303032303030303030302c616c6c6f775f7574696d653d30303030303030303030303030303030303030303031302c6572726f72733d72656d6f756e742d726f2c616c6c6f775f7574696d653d30303030303030303030303030303030303130303030302c6572726f72733d72656d6f756e742d726f2c646973636172642c696f636861727365743d63703836342c00325cef5c716413d6c54015bed18df4e4d27f4f36fa8654689aba0ba5fe59fd"], 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==") r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000000c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x2) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, 0x0) getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r6}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00'}, 0x10) 12.599760564s ago: executing program 2 (id=626): syz_mount_image$minix(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x1000002, &(0x7f0000002900)=ANY=[@ANYBLOB="002ecbc55fe6d6100837adda58fa7d10ab54aee93b992510be054d731ab7da7e75676e729a84f3b6a90100db5e477dbfee9ea3db9e2cdf0af3e9f7718732aaccc2158ad1dc498162eb5e87e3ec955164b6a97fb2a48d7a569258274a727cb0c7227e8f51529264e568b34e6f7ee018b3562d8fdd26e1b83ab2b09862ea8ac241fca01893c02becc286b2b17bd8c515b3dd02562333f6a7273bc91c9841bf3cb673bc8942336c5cebffbb08f82ba108af50c8dabb9628fc8e59c207395f370146898f1f3400f50f5e0566363558fe2c744cbebda08fe49b2155b62fcbb938b0d78d5e36b5e6b7d1c01f8b6423066333a94bb51f311c1d70dc272c6528d8057273e9bffbc8747d7c8a65b368828d39c69fc42125281702192328142ebb5b396e66db522ca6f2ae2ca64ab0d9d3f0eeb890d6b5a376ab004afb2ccc83293222ce378ef0e8d88e873ee168d615985aaabc293ce789dd163747e965405c11730f23faf8053fb37e93d5a54cdce54c1ce09598258ec5892938c5a16cf0c548695c973b45a0bc95feff28efd824744057c5da581fe9215d1a9e358a9da84b4ceb0f586c2ddbabbe2347dd728b8e05ecf90b4c7c9861ce1af7709c9babcdc2bd2175a8496a48942dc2755a5ed6296745ec0810e42050e657b2c0965d423077136da0140277053c8ce91d0000000000000000000000f81a60f8321a29d95e555edc5822e904e5b3821224bb704efb9aea0f736fa06f46b1023fc644c7879a6315e96f6695f65fef95d6dbf22d80c068a20fc98bad02dbeb3c9f478063d2f2f8fd5e8af7a5d5937e5626c71efa3369e99787e78597c01acfa3b273102993abd03263ae4115a65254d32c517eddeb58bbc458d025fdc566906ac145a9db74f46d10805e6c7560f6740cf29445f6aec713655cdd27032c6413f342d8e76782bdc2d96870cf7e84d15838c48aa6af77086acec169846791fbb50b0f648adbc6f4058870827efcf4da44b43c62f3", @ANYBLOB="86e65fc95cec3737ffc083e9420e0fda32ad9e60822bfec34b914022040a90f8741ca4d99221eeaef6d92e8595aacab6491e0f137f25a1eb6ce98ef49a462828f95b2b068d0d761d5b739c59f7553d6f322aa98313062ead06b1ad3b6575bd1804ab3d04d07d4692003ea4284df89a58c389ecd40e7168cf59c6200e16312d9aaa8722fb6a41995420c131b395b247f1e00fa27a838f52cecfdbf295c4f590e11c0121e67f19efbfe3041bbaa77cef1561d494e645805ba55eb8463cf1b56c08e44d71830924371064c7dd3fe5219c8af052190d7376aa62bf5edc726143be953f1494b0f2ac4591e4676317241150e315770ce42000ae7d8d7a416575697ce99892636ff8f3947eeaf6e73defb3c85aba7ba589d4bba6fb05b84fed5d7a3e6fc3692ee0e37c7515caaf9815bad099d93d420ec27e0da0eb2566233ce799632051375cd5b545428d3209708dd8bc9aed1af2b2dd96d8d7617fac7f5f006e165cd1add85134b939cf15175850d2f58d89ab6d4f0aa93ae8ad8f9d4f428b007af33a69188e661ef662cacd512ef14955045acfd4ab4ab699881d2365236c7dd59f7a28f5579b480600f3070bfe97f59e609da493e6750153bca6cad17312baa4879e0fde2f81ae15ce236f64fb898ad4ba6071403b0cafd642e2648d4e3218949dd9e906c76609ac9efe8c6176ad5e9a2f139d7b6e7e248dadbdf1cc74c05ce3ad93359b3928ec022e6ed2512c66bc64087f22a9bc10961477f5ad8acca7d2fbb242d52703ec70225d76713dfd7dc1ce24ab3aede0f39f2740181efdbaf4dd912701fd8c568d8d0daea80a4c9a93a9e28ba48f1dbafaf2e279c0d83c327e045e20d37abc0ecacd0fd6220295c16e0f4849096f0d5a7d337c8460553a5d5b63ed01a55047e22c98e9df86bd22e4ec55b7c311497d97b30709634c58c2eb751a724f6086d562b9c1d3f5fbba7d5c78a9ed08c924ab085ecaf50cb2a0437174550ea20bdba86364bc9453fb4af21f6cac1268118be3eca0ea7d6f94447e7b2cb6247f42836caa7da504f60314182201790974ac7b648a57b8d87b7af022266b3e3fb6303583fa876de471b1d8ac73f0af724581271be1ba839261e7b50f42e1d3c44856f0a5b3e148a7783ed2ed70ee435cec055be29b7997d2e2bb52e39e413b570d383febe08c38310ca77b3622cc45c1a79f0de240f23c0a9a28ea6fc2030f927a1e07fe15ae8e70e170a7152ce5475e199b780390c971c9148f72eff33cac7f0cb23850f1d7f2494733f86bf52df43c2a44b412c5f0cd830e45a9fa097d4f7508fa6e1f33ddf6953b6dbce69aa70f078c4112636c3a902252a17b197ecb8f05beb5a276e0c297990b240bf0156601deb9105be5529e4c6923f14a8c7e1fe6a04cd229194a0b974d473ce6726fc481bb7f4e172eb661162d221a6837849fd618849da2d300d25db9cb8386efba1c099edd5ac31bf9fbda2a8a3b824cbe2e953710555f579d8fcf51b6d14bb098cdb68d25b9962cb163b78b89ddcb201f8882e036d60c2348a52536d06f1dc891fcdb6a6baab4ad69051ae5eefd73f0f67eb0f254dd3b460a2cf56a796d7a16d67e6818119cc8c40facc305657bfa74bdfee0faa0eec37cf000ecce3f86cc6f6cb40ad12a46a0184391fe32616531b35fd3bf1c3d28d00aa052fd7c2c1891448db260db1a9717281a25bf705514aaee649e0630da06fe202e3949674554373d878e13d90f2dc3fcf3143f1cf9605f694b7854038409573d12eb872befe1132f79d4d7a9b1964fc1cd5214fb99a0ffd1e88936d01b052479e777340b29dc97c5b02e8ddee2a848ab31cac8696b6cc6f7630f2aaca9b8032780b68f2e26d42ea1b86b40fd499c394cf8880d3ee6fa4fc6dd4ff236d0a82641a95767ae8f9ef5ed219891f78db23a977a017da0b0c1914334cf3c919ba02eae35d7e98b96c6a9e7e0a6f0f6747cf91c008ebe56522e7dbdf7a942b16e01427ba658543b4438686a62015bcdfffcd05ef587d3ce8a916a6ab0a80c17096a3180a57bc20bdadd9b5380a59567bb4a0b10fcdc5c98a4168753489c45dbf922962dd7a8968de0fc2ad6d4abfd1fcc530a8eea9f025ef6b7442a7a340d1f8b477db5d4e65d864ff2cc559640b47f47381c1d2de06e957199db1dadc94ae0a320b6829ec3e7506856869979f791c2122e6991b3789a87ada5f5169040344b94841e296dc963d38e775cdc5e65eee3bd059e55c5cc1fb31f7061acc19e0b8dcf72b583578fd5557bcc6dbf8b5e0b7185e7d7dca2c08589c8f8d57a8df8b015942f853a69d7ba492337b04c5f3e6e19ec5fbc28aa100174c71912681576dd014bd4d496abcfdf75289dde158bae37686b042df4de5de3dd19105887f3e4e291a30c1f19061bbea43ea75afb678b1377c2bd189b86bf60b1084dcd91d23197e944f691153df147d5051f2d5ed1b0b55677c1e7a6d99aaefc08db70e7d4b5a59e0d8fcffa8fd76d42e4c326b1df840538662c60c046d219beeb81a62c28565cf2a71742bc702a5c9bad03dd69d00da46478bb48d0a85e333c651245ea387f286cc9114f97cbfcdfe0dce4e37da4a41943785781123dace55d34ede0a855b36972ed1442b1404df80f9532a0db809948bd241f3383d56c8a6ef57a9e5549c12f2677a960bf54d7cbaf6560bd86a91ad793bedddbb704324126b5ea2f145b8aeb17d1ef863cde3a3e2749f5bbcbd45673269d8421cc1eb90ec66f7764bb657de407119146d74b460c727c0ffe7a1f85db6f43dea39a1b81bc6f65cfeb8ecba31dae17f16c4d726f4bf778b235ae38c3270c663d1391a4fc48990383dd240714612358ba3d8dfe2dd6f3347146d3e93082a49bdeeec58263a6f7d34e2ed759eb9b0fa298ac063c09ddf39c86d426d1bdbd173cb3283e99cdc301b13557250615e89e870ee820783eec14398fe91996359ff4bfd39f3a36cd5bd697200f5db1b1c4a58bf60d55f99b323450004277e90a32b0ab09327091afe269a871504da4ca79ebdddaa2d246bcbdf3c57c13184cda844255e03b1437ef5e79545b764ec6dd666b17dd0648806805d09e12c68d794a6da81d70454b09fded5d98aaa17d69e0e343995307785cf40e8993dc72d5f2b7ee69efe86ee897d1d0d46a51898c73d09a709fc9180c71d6cae0a6161b4bcd39bc090dd319165d73e312108a1b4b2515c572e03bd4be6184717037e29868d33f7ccc2885af1beae10bef038df839b7cbc126b1baf8f2e14007e49f2d4a95626c625ecdba3333c69cbae6416a18a75769a7020ecdc96630e0a3c920de9329d6bb6b605f6eb5c2ba273bf5efa977bece3bd4ad848fcd2f11a4103f9abed1eee1b7ea2ad1ebb75327125a1eb5f62c6bcd45fcdac8edc6a29aed4a906d86da215b492ff1a726aa4a317af822060a674b9774464d53a477061117cf3a5d38d91bf3df21dfc398ef04f565c53abd7ebb1b41e2bc5bbc5f218598010c829039852216b19d0762cdd7dce5e7620403313180b04a97651350a7c2bf6380363528d733a74a64594d7a801d3fb3fc80cad52a77d5b8518ef89310f8509bef1933ef303562380bb1e381d49b2c08cc56efa1983c63f60107f378704ae1e89b9dfee5b7478e5e6e5dfb62f75387fe010818be933b0504545513739db06db38abc16387f1b7a4f3908a6a2119432997718506a7e750e40215f6d63787aa74cfe039b3d38dec31b9dfbb3ef901a6f66357d60ee51e06f8b72555092b79be38ec8952bda7dc78dc37ef1f35d0506f6a58a1dfe288b5d388df12c5f6f5eeefcc6c4ace03643e7b600904623891d8e31b2ef23fd8137690621f3deaed46cee675b6d968bccb784add5d0ede8e0289a163b00f5a42573936864efcfb2357b6bb5f4e1872aec8f9d7be2059f1d98a3da288016497e5b358dec464e64dfb21edcd591ac769e100db57b3654c3008644839a929063a3c142606efe3edf19f63ef934d7a949bfcf85dcd6b6fd7a64e786f9ddbd1f8bb86ed4203676cc57f4cc32ccbed9888d7be95903dbcf1d60c6e93e7d5683cfd58950f589284e6950651a8624a5bdb4c23d662ff0554914e0c1f1d5e9b189e566d6daba050749cab9e694fb801efd5f6f342cb077912a846536909a9b3b11d95df8983ddc9448f7b1b89017ec4860bd317467d08e6c0656585d4013270fdb5aed829ba2a44725b552014ac4127edb29adf23956e4ed96ef23f052e4ac88252d5c7842b7e255988d2415fb3a46500c686bc3ea214e5c552b916aa0800cd83bce02e2731c8145a28c4fd19891c5e032e762e1f3a183e091bd5475f682593a0d6ac7697d32ec78142699b9664b7f41194daca4867e9d1dce20c3781b03c18a6d5dcc5f716d8d3fa38ed9604b4a8afc0fefa03b02063a33861d8f17574c6801e6b0bb34c54db351554f3b9f7ae6be472cad47aa41a28382bc5e61a001b5b32c7113a363d6a392e757510858313cb6d14d27e34c8e22486376a6c51bdde8827f2005772ec868b67be57f97d9d341074fc5cdef9678b3b72bcd509d53c9244a85bf790e9cf3dcdece8d66c3bbd5baba730ddff52bbb7a66bfe421684192653479b3588a9b4319c57060eb3fb6a7eec73a51bb5836f50944a5d38a81811b0130ecda2966944f475adb4d828a01c88f7dd29de8ae38265bd382d5e9afd9ee27c378cf56e5e4195ca8a4d46f6c28e1e5e9b4a7a3f6942102dfc249020e79e10061ba420ff2d1181ae6020c9ed2f9f386b8b56bf487b9ef0fe86f4443ac720325720b13596efb718ff28082eafd42353321faad5d4ecc427ac9e9a51950c1e4fe8151d8905108eda21082c09b7858dffbea8ad6bad372e8b37949e4d1b5efde2a1974f1d8e05220ae58bf30cd9b914da9a65b08ad806187cc4385994646811851978a1f9a573f8b01db05941db6b7daedca083981b775cce43228e36e27b591be6c435974b6d0e6c082b08a9d07fd3c138431d8238db64cbaabeff4c522d0504329d913afb4f173d19d8c9c84421199074a91aa0c9ece65ddb46032a6dfcb15f09f582c8b6b4adbcaa2f83727eafa9e01a59fa17d481e3afd4a3e94f860be0c8e6d0fe1031c384b0357784f6d170ab328506e22add3dcf367763c2d9e09737aff5ff4836dd7fbd571548bfb94144403c906a5f2763b619df470843ed660f3c48e6d2f6574c6ccff2ef3dd103ed2b60d643f9a9f8435d8878bbfdfa28414935ba08557e8a21a44df75f21dd7be31013a692729649114e2585be2dfddbfe5f2deb6ab8d0cc4e245ae3b1d99d4d4e6c167d798c438664599e10e839864f6beb76d8d193b1cdde48e185fcb897aebc659f14890b96b3cc044f32f24f8564fb8e5e6bf92a4365051561e0236916f8c9ff5115793eea703452ca42bfd6bdc3ad80c36e38d090bb8a992ab44ac41c7f661b586cf64ad3822b626c5418a8619a0697c5fd27a59f82b188c38006daa29d3ae07acd4c8bfcb3a3a11428fa92b03d1ee330ce4142b97894222244d43c4bfb8a0d202f7d2fddd32a6fd56a8f32974aa6d036bc641d6fbd85b54be459845f4aaff42d8ae4315d35b08e7cedff13cdf1eb8b3b76e1e82aa91564ef26d8ecb7d757d081a1455f14c6f5b0a53c8e4376083303427ad743b83d28d85724bdb65cada011b2500b058ea5b9124c07824c2b22595cbbfe9287155896f323bf2914334dc4e9db35717f0f6ef50cd4192a9b05b2fdba5840bbc81914b8fe1f34bef54c6f2e1068f8d1a9b51b7b1d9226287cfd7b50eb746a9e2b289fe43d02d8031928992f1b22409221e4557285d440dc2a20b677e8f6160eeb81fc0beca14482c7e6d62105df6b5e9ef5d8607d759513bdd3d", @ANYRESOCT, @ANYRES64, @ANYRES8, @ANYRESDEC, @ANYRES16, @ANYBLOB="6fb7580105bd2aa4171a74a5fa1a7b074da50e0ab86953e675526c6e2f43b10bb45f511db96f53a17039584d315bb6ab0100838d"], 0x1, 0x1d5, &(0x7f0000000140)="$eJzs201u00AYxvHHjuO05ftrwwYkFrAhhjQSdEcPwAXYVa2pKlxADZtWSJAN9+AY7LgJF0gkOIGRHUeJQ+xMbMUOzf8ntR6P+3imUt7JJEoEYGPdjH71JUvN+DwMwy8PJb15LcnJjbrVzBDAqoTWqOizuPO7t/JTAP4Pjd/z+1uZBf5j3LBNVgGn6MQArNhwvxHvA35a0q8/nw8HyU/TcP8w3LelRnIylXelLaN834qP9x1pMJVvKX0D62vG/uX7KP9Y6fy26fyT8Xdm8jvGeTs+PnmUzl+RdFXSNUnXJd1IXmvdknR7zvhHM+PfMxwfKCN69LVTPUZlm863s68/WJCPquftSeA/W2rUiWaSf14w7yb5Tsn8bsF8K8m3Dz8ERzPXJmvYq4J3B/LZ/9T/chbVf7bJ24dl6t8pWf/AJuudX7w7CAL/bPmGXShFY1Ma441k1BMt04tT32qfc3WN7fWYRnaj5oUJwMp5n04/er3zi6cnpwfH/rH/vtPde9nd7XRf7HnxvtwrszsHsM5Gz/Wuf9Yz+/v8jwQBAAAAAAAAAAAAAIA63JF0t+5JAAAAAKhEFV8nqvt/BAAAAAAAAAAAAAAAAAAAAC6LvwEAAP//y0I8NA==") 11.780271415s ago: executing program 2 (id=631): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x74, &(0x7f0000000180)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f0000000000)=[@tclass={{0x14, 0x29, 0x43, 0x401}}], 0x18}}], 0x1, 0x0) 11.227375585s ago: executing program 4 (id=635): epoll_create1(0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {}]}}) mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x101800, 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100) 11.085030573s ago: executing program 3 (id=636): unshare(0x2a020480) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x24) 11.060710167s ago: executing program 4 (id=637): bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x4}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000004c0), 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000d4ffffff0000000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x0, 0x0, 0x72, 0x0, &(0x7f0000000180)=""/114, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000280)="bf", 0x2, 0x8000}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 10.938117112s ago: executing program 3 (id=638): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x0, 0x35}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x90) 10.755155928s ago: executing program 3 (id=639): creat(&(0x7f0000000040)='./file0\x00', 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000040)={0x0, 0x1, 0x0, "093d4a3b5b7bc69a21cfb7f5eaac460300000000000000a667693addcb249341"}) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) syz_open_dev$dri(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) eventfd2(0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) socket$inet6(0xa, 0x3, 0x2) msgget$private(0x0, 0x0) msgget$private(0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000000400), &(0x7f0000000180)) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_', @ANYRESDEC=0x0]) write$FUSE_NOTIFY_INVAL_INODE(r1, &(0x7f00000000c0)={0x28}, 0x28) openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x180800, 0x0) r2 = syz_open_dev$vim2m(&(0x7f0000000580), 0x80000000000000, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000180)={0x11, 0x2, 0x0, "0f4ae0fd3fff4fbeebe20abce46edb7ae55b52d3ce7526e1d9ced5341a2000"}) socket$nl_netfilter(0x10, 0x3, 0xc) 10.000465391s ago: executing program 4 (id=642): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x74, &(0x7f0000000180)=[{&(0x7f0000000100)="8000102e7577d401", 0x8}], 0x1, &(0x7f0000000000)=[@tclass={{0x14, 0x29, 0x43, 0x401}}], 0x18}}], 0x1, 0x0) 9.63030259s ago: executing program 3 (id=645): epoll_create1(0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {}]}}) mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x101800, 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00') read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100) 9.4595596s ago: executing program 3 (id=647): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000340), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010000000084010000000600000006000b000a"], 0x1c}}, 0x0) 7.480340263s ago: executing program 3 (id=655): r0 = socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x2c}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000340)="f40000ffffff890000000000000000000000ffffff8d00000100"/40, 0x28}], 0x1}, 0x0) 2.30187183s ago: executing program 0 (id=673): r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) r3 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) write$cgroup_pid(r2, &(0x7f0000000140), 0x12) r4 = openat$cgroup_int(r3, &(0x7f0000000040)='cpu.weight\x00', 0x2, 0x0) sendfile(r4, r2, 0x0, 0x10000e006) 2.201546654s ago: executing program 0 (id=674): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xffffbffa}, [@call={0x85, 0x0, 0x0, 0x2c}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.156724796s ago: executing program 0 (id=675): socket$inet6(0xa, 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000001300), 0x4) ioctl$int_in(r0, 0x5452, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000001340)=@ccm_128={{}, "46f43a78642c5c26", "ef883bc78a38b0cae66066a355130be8", "cb125933", "db736cc6cf0a94d9"}, 0x28) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000180)=0x4000000, 0x4) sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) poll(&(0x7f0000000040)=[{}], 0x1, 0x800) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x41}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000020240), 0x10010) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r2, 0x0) ioctl$FS_IOC_GETFSMAP(r2, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000002"]) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r1, 0xe0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000230, 0x0, &(0x7f0000001640), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) sendto$inet6(r0, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x8000000000000001) 1.220456311s ago: executing program 0 (id=676): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000400)="3f4e55f1", 0x4) sendto$unix(r3, &(0x7f0000000080), 0xffffff9d, 0x0, 0x0, 0x0) recvfrom(r3, &(0x7f00000014c0)=""/4117, 0x1015, 0x0, 0x0, 0x0) 283.348078ms ago: executing program 0 (id=677): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000740)=ANY=[@ANYBLOB="004194945be222fbc28c5e9c7fda61d2e2f93f70f58d1b514d971f47a25c12f5d9d5b4491c91d1e4bee7e44fb21726d572b06c4e31355405d86573a5766019fcafec6894ba751183829f4cf4477e2ede07c6daa44459312c6746e7c3ba84012140a5133ed28047141a3110281571bf78d953f51392704a7ffa66f788dca2a3871a728dbc52a03e36af963d1bb4b9af18b13416bc58dcb29cb06bbff809e2270adec566b982cfed52a295ec507621b63d7f698e1835280c0ee1ff95852c3ab8a3"], 0x2, 0x580, &(0x7f0000000180)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwmJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhSLnJNzv5Joojc3yZ38ftDec8957nvec6CF5/0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDiq6/eHL2SDroWAAAAQD99/fbro2PyfwAAAPhIu6P/HwAAAAAAAAAGXYosvh8p1k6tp5PF9w3VWwuLb63NTE5t/7ORVPzyWBGf/6leGbt67aXx619ofv733++1C/Ha7Ts3668sPXy0PL+yMj9Xn1lcuLc0N7/rEnr9/WYvFi+g/vDNt+bu31+pj12+2nV5rfaX48+cq0188dWzt5qxM5NTU7c7YoYq//fdtzDCAwAA4GgbjiyuRYo7F3+aTkVEFr3nwju0HfTbSNTy/Lt4iJnJqeJBGguzi6v5xelmIlzrzomHmznyPuTiPalFnM7rOiyjBwAAYPcqkcWnIsWFp+vp2Yg41syDP1csDLhzAbV9qOQ2hiLiTERcigHI2QEAAOCAHY8sXo8Uv2rU4rkyry7y/69ETBx05QAAAIA9MRRZXI8UH0ysp1oxHiAiXpyZnKrfulv/2uL9pY7Y6VT2qA/6/ID9ZGwCAAAAh0A1sjhV9Pivp+cPujIAAABAX4xEFv+IFJ99+dvFunJRrEv/3MSXTt6Y6lxh7vwO5eSxlyPi4i7n5FfKtQan03RK2ZbSnuzJwwEAAACFasriz5Hiwz9Wi++Xytw8DR10zQAAAIA9k7L4XqT48vR6Spv2pT/Wsb9/y6DP/e9v/Ueqryw9ery88OCN1W2vn6je/NbK6vLsve0vb+xd2DUcYqd9DAEAAGAXKimLv0eK3zbea+Wd5R4A5QiAdqL57o12blpNm64W7QbPFu0GrTkEz4yNdR5vm7L+D+vj1cr7Huv9sQEAAOBISSmL4Ujxmd98vNz7/0Rs6YMu434XKW4svVDGZcN5XHOaQK34u3p/oTE/msdORoqfN5qxUcQeL2PPtGOv5LG/zsud7Y6tlrFn27FjeezTSPHG8vaxH2vHXs1jlyPFT35Ub8aeyGNPlrHn2rGX7y015vr2ggEAAOAQqKQsfhEpfvjPemvKf3f/f7u3/d132v39Wxbo+w99/r32/9c6zj0p2yGOl+0VQzu0V7wWKS48/0LzeYq2guawgo29DtrtFX+LFMvf6I4dLmNPt2Ov7PrFAgAAwCHSHP//+7u/bA25L3Pg8uv2+f8nNq8P2Kf8v3NPwvyeK4/ffnO20ZhfHqSD70ZE15l0SCrm4OgelP+onhyW+vR60Nv/gwAAcBTk+f/dSLH2wfut/u4y/y+Hyrfz/w+/087/JzYX1Kf8/3THuYlyvYHKUER19eGjyvmI6srjtz+/8HD2wfyD+cWr4y+Nj46PX782Vhludu63j3p+VwAAADCo8vx/NFL89Qc/bs3P303//4nNBfUp/z/TcS6/Z7vTLz/zp14fHwAAAI6EPP//WaT4w8X3Wuvodef/Hev/v9OeZ3/p0xujBVqtA33K/892nKsV940Y2aNnBwAAAAAAAAAAAAAAAAAAgMOikrL4V6R4vzqUygX/d7X+39zmgvo0//9cx7m52J/9/3p+qQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCgsshiIVJ88vx6ejk/8c2Ik52fAAAAwMD7dwAAAP//GBMbFQ==") unlink(&(0x7f0000000100)='./file1\x00') 0s ago: executing program 0 (id=678): socket$nl_route(0x10, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) socket$inet6(0xa, 0x80002, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='jbd2_handle_stats\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x26e1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000002c0)=ANY=[@ANYRES8=r2], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r4, 0x541c, &(0x7f0000000000)) kernel console output (not intermixed with test programs): ed pid=5220 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 80.363744][ T29] audit: type=1326 audit(1719275325.035:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5220 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 80.492321][ T29] audit: type=1326 audit(1719275325.035:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5220 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 80.557929][ T2841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.579678][ T29] audit: type=1326 audit(1719275325.035:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5220 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2714d6cba7 code=0x7ffc0000 [ 80.606187][ T2841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.620064][ T5232] loop0: detected capacity change from 0 to 1024 [ 80.673366][ T29] audit: type=1326 audit(1719275325.055:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5220 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2714d11569 code=0x7ffc0000 [ 80.776470][ T5232] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.813397][ T29] audit: type=1326 audit(1719275325.055:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5220 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 80.839288][ T29] audit: type=1326 audit(1719275325.055:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5220 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2714d6cba7 code=0x7ffc0000 [ 80.948050][ T5240] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 80.953716][ T5232] overlayfs: failed to verify upper root origin [ 81.161990][ T5091] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.413262][ T9] IPVS: starting estimator thread 0... [ 81.539771][ T5255] IPVS: using max 20 ests per chain, 48000 per kthread [ 81.646767][ T5263] netlink: 'syz.4.31': attribute type 2 has an invalid length. [ 81.683306][ T5265] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.723665][ T5268] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3 [ 81.780422][ T5265] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.353427][ T5284] netlink: 'syz.4.40': attribute type 1 has an invalid length. [ 82.390682][ T5284] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.40'. [ 83.493068][ T5296] netlink: 'syz.0.44': attribute type 2 has an invalid length. [ 84.008276][ T5324] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3 [ 84.167050][ T5328] loop4: detected capacity change from 0 to 256 [ 84.175244][ T5331] loop0: detected capacity change from 0 to 128 [ 84.225908][ T5328] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 84.240428][ T5330] netlink: 'syz.2.60': attribute type 2 has an invalid length. [ 84.254031][ T5331] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 84.268308][ T5331] ext4 filesystem being mounted at /root/syzkaller.fKaFad/9/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 84.337212][ T5331] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz.0.62: No space for directory leaf checksum. Please run e2fsck -D. [ 84.501741][ T5331] EXT4-fs error (device loop0): __ext4_find_entry:1651: inode #2: comm syz.0.62: checksumming directory block 0 [ 85.501951][ T5349] loop3: detected capacity change from 0 to 512 [ 85.582866][ T5349] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 85.600699][ T5091] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 85.647677][ T5349] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 85.701695][ T5349] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.69: bg 0: block 18: invalid block bitmap [ 85.733966][ T5349] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 85.802872][ T5349] EXT4-fs (loop3): 1 truncate cleaned up [ 85.818168][ T5349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 85.853301][ T5349] ext2 filesystem being mounted at /root/syzkaller.qWQJdR/10/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.873301][ T5359] trusted_key: syz.0.70 sent an empty control message without MSG_MORE. [ 85.968955][ T5363] netlink: 'syz.4.73': attribute type 2 has an invalid length. [ 86.081878][ T5093] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.269729][ T5374] capability: warning: `syz.0.80' uses deprecated v2 capabilities in a way that may be insecure [ 86.584183][ T5384] tipc: Started in network mode [ 86.760474][ T5384] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 87.219225][ T5384] tipc: Enabled bearer , priority 10 [ 87.296297][ T25] cfg80211: failed to load regulatory.db [ 87.318255][ T5384] loop4: detected capacity change from 0 to 22 [ 87.353563][ T5388] tipc: Resetting bearer [ 87.389298][ T5384] romfs: Unknown parameter '•·‹ìÛ34ôï°ñãbЯ)ës[°‹S6ô·~Xö:"²ëæÉËGdæìmåôº*' [ 87.525009][ T5388] tipc: Disabling bearer [ 87.574848][ T29] kauditd_printk_skb: 63 callbacks suppressed [ 87.574868][ T29] audit: type=1804 audit(1719275332.475:75): pid=5401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.89" name="/root/syzkaller.fKaFad/13/file0/bus" dev="hugetlbfs" ino=8364 res=1 errno=0 [ 87.606228][ T5400] loop3: detected capacity change from 0 to 4096 [ 87.644811][ T5400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.669579][ T29] audit: type=1804 audit(1719275332.525:76): pid=5401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.89" name="/root/syzkaller.fKaFad/13/file0/bus" dev="hugetlbfs" ino=8364 res=1 errno=0 [ 87.727114][ T29] audit: type=1804 audit(1719275332.525:77): pid=5401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.89" name="/root/syzkaller.fKaFad/13/file0/bus" dev="hugetlbfs" ino=8364 res=1 errno=0 [ 87.771942][ T5400] fs-verity: sha512 using implementation "sha512-avx2" [ 87.941058][ T5093] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.927300][ T5433] loop3: detected capacity change from 0 to 8 [ 90.027247][ T5435] loop2: detected capacity change from 0 to 1024 [ 90.191967][ T5437] tipc: Started in network mode [ 90.200621][ T5435] hfsplus: small dir entry [ 90.202425][ T5437] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 90.236300][ T5437] tipc: Enabled bearer , priority 10 [ 90.252475][ T5438] netlink: 'syz.3.103': attribute type 2 has an invalid length. [ 90.288699][ T5443] tipc: Resetting bearer [ 90.304767][ T5437] loop1: detected capacity change from 0 to 22 [ 90.316043][ T5437] romfs: Unknown parameter '•·‹ìÛ34ôï°ñãbЯ)ës[°‹S6ô·~Xö:"²ëæÉËGdæìmåôº*' [ 90.341523][ T5443] tipc: Disabling bearer [ 90.584151][ T5454] loop4: detected capacity change from 0 to 256 [ 90.660268][ T5454] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d) [ 90.798093][ T5462] loop0: detected capacity change from 0 to 2048 [ 90.837772][ T5462] udf: Unknown parameter 'adiç1Ë"czrÇo¨9¾­«nicb' [ 91.290565][ T5478] netlink: 'syz.2.117': attribute type 25 has an invalid length. [ 91.356761][ T5478] netlink: 'syz.2.117': attribute type 7 has an invalid length. [ 91.585326][ T5485] loop1: detected capacity change from 0 to 1024 [ 92.047754][ T29] audit: type=1804 audit(1719275336.945:78): pid=5487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.120" name="/root/syzkaller.fKaFad/22/file0/bus" dev="hugetlbfs" ino=8468 res=1 errno=0 [ 92.177896][ T5485] hfsplus: small dir entry [ 92.226878][ T29] audit: type=1804 audit(1719275336.985:79): pid=5487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.120" name="/root/syzkaller.fKaFad/22/file0/bus" dev="hugetlbfs" ino=8468 res=1 errno=0 [ 92.259364][ T29] audit: type=1804 audit(1719275337.005:80): pid=5487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.120" name="/root/syzkaller.fKaFad/22/file0/bus" dev="hugetlbfs" ino=8468 res=1 errno=0 [ 92.968372][ T5509] mmap: syz.4.130 (5509) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 93.257249][ T5526] netlink: 'syz.3.132': attribute type 25 has an invalid length. [ 93.267303][ T5526] netlink: 'syz.3.132': attribute type 7 has an invalid length. [ 93.589327][ T29] audit: type=1804 audit(1719275338.485:81): pid=5533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.134" name="/root/syzkaller.zGizvT/26/file0/bus" dev="hugetlbfs" ino=7847 res=1 errno=0 [ 93.700005][ T29] audit: type=1804 audit(1719275338.525:82): pid=5533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.134" name="/root/syzkaller.zGizvT/26/file0/bus" dev="hugetlbfs" ino=7847 res=1 errno=0 [ 93.732376][ T29] audit: type=1804 audit(1719275338.525:83): pid=5533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.134" name="/root/syzkaller.zGizvT/26/file0/bus" dev="hugetlbfs" ino=7847 res=1 errno=0 [ 93.777017][ T5539] loop3: detected capacity change from 0 to 1024 [ 93.876552][ T5539] hfsplus: small dir entry [ 94.298863][ T5561] input: syz1 as /devices/virtual/input/input5 [ 94.384010][ T5564] netlink: 'syz.1.146': attribute type 25 has an invalid length. [ 94.420661][ T5564] netlink: 'syz.1.146': attribute type 7 has an invalid length. [ 94.564576][ T5530] loop4: detected capacity change from 0 to 32768 [ 94.598137][ T5530] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.133 (5530) [ 94.669483][ T5530] BTRFS info (device loop4): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 94.700451][ T5530] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 94.739261][ T5530] BTRFS info (device loop4): using free-space-tree [ 94.779925][ T25] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 94.986922][ T25] usb 3-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config [ 95.004309][ T5603] loop3: detected capacity change from 0 to 512 [ 95.029219][ T25] usb 3-1: config 16 has 0 interfaces, different from the descriptor's value: 1 [ 95.051968][ T25] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 95.077076][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.106076][ T5603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 95.162932][ T5603] ext4 filesystem being mounted at /root/syzkaller.qWQJdR/28/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.272272][ T5614] input: syz1 as /devices/virtual/input/input6 [ 95.336769][ T5102] BTRFS info (device loop4): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 96.136025][ T29] audit: type=1804 audit(1719275340.595:84): pid=5603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.158" name="/root/syzkaller.qWQJdR/28/file0/bus" dev="loop3" ino=16 res=1 errno=0 [ 96.551069][ T5093] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.815345][ T5639] netlink: 'syz.4.162': attribute type 25 has an invalid length. [ 96.823876][ T5639] netlink: 'syz.4.162': attribute type 7 has an invalid length. [ 98.070843][ T25] usb 3-1: string descriptor 0 read error: -71 [ 98.094441][ T25] usb 3-1: USB disconnect, device number 2 [ 98.218184][ T29] audit: type=1326 audit(1719275343.105:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 98.258295][ T29] audit: type=1326 audit(1719275343.105:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 98.338220][ T29] audit: type=1326 audit(1719275343.105:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 98.438648][ T29] audit: type=1326 audit(1719275343.115:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 98.463474][ T29] audit: type=1326 audit(1719275343.115:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 98.521101][ T29] audit: type=1326 audit(1719275343.185:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 98.599643][ T29] kauditd_printk_skb: 81 callbacks suppressed [ 98.599662][ T29] audit: type=1326 audit(1719275343.495:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feeeed11569 code=0x7ffc0000 [ 98.716536][ T5659] netlink: 8 bytes leftover after parsing attributes in process `syz.2.174'. [ 98.726592][ T29] audit: type=1326 audit(1719275343.505:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 98.758195][ T29] audit: type=1326 audit(1719275343.575:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feeeed6cba7 code=0x7ffc0000 [ 98.760596][ T5660] loop1: detected capacity change from 0 to 128 [ 98.798403][ T29] audit: type=1326 audit(1719275343.575:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feeeed11569 code=0x7ffc0000 [ 98.845522][ T5660] ======================================================= [ 98.845522][ T5660] WARNING: The mand mount option has been deprecated and [ 98.845522][ T5660] and is ignored by this kernel. Remove the mand [ 98.845522][ T5660] option from the mount to silence this warning. [ 98.845522][ T5660] ======================================================= [ 98.862151][ T29] audit: type=1326 audit(1719275343.575:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feeeed6cba7 code=0x7ffc0000 [ 98.968736][ T5664] loop2: detected capacity change from 0 to 256 [ 98.976095][ T29] audit: type=1326 audit(1719275343.575:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feeeed11569 code=0x7ffc0000 [ 99.014410][ T5660] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 99.055809][ T5666] loop0: detected capacity change from 0 to 512 [ 99.061110][ T5660] FAT-fs (loop1): Filesystem has been set read-only [ 99.079219][ T29] audit: type=1326 audit(1719275343.575:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feeeed6cba7 code=0x7ffc0000 [ 99.144855][ T29] audit: type=1326 audit(1719275343.575:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feeeed11569 code=0x7ffc0000 [ 99.171197][ T29] audit: type=1326 audit(1719275343.575:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feeeed6cba7 code=0x7ffc0000 [ 99.195119][ T5092] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 99.206690][ T29] audit: type=1326 audit(1719275343.575:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.0.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feeeed11569 code=0x7ffc0000 [ 99.253756][ T5666] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.289334][ T5666] ext4 filesystem being mounted at /root/syzkaller.fKaFad/36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 99.645398][ T5651] loop4: detected capacity change from 0 to 32768 [ 99.665772][ T5651] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.172 (5651) [ 100.384719][ T5091] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.576882][ T5651] BTRFS info (device loop4): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 100.600023][ T5651] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 100.608815][ T5651] BTRFS info (device loop4): using free-space-tree [ 100.842938][ T5714] netlink: 8 bytes leftover after parsing attributes in process `syz.1.188'. [ 100.895738][ T5715] loop3: detected capacity change from 0 to 512 [ 100.943370][ T5718] loop2: detected capacity change from 0 to 256 [ 101.031678][ T5715] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.099886][ T5715] ext4 filesystem being mounted at /root/syzkaller.qWQJdR/36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.144360][ T5102] BTRFS info (device loop4): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 101.181157][ T5715] EXT4-fs error (device loop3): ext4_map_blocks:580: inode #2: block 11: comm syz.3.190: lblock 16 mapped to illegal pblock 11 (length 18) [ 101.560017][ T5724] loop1: detected capacity change from 0 to 256 [ 101.937178][ T5724] FAT-fs (loop1): Directory bread(block 64) failed [ 101.946330][ T5093] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.985471][ T5724] FAT-fs (loop1): Directory bread(block 65) failed [ 101.993648][ T5724] FAT-fs (loop1): Directory bread(block 66) failed [ 102.000703][ T5724] FAT-fs (loop1): Directory bread(block 67) failed [ 102.007363][ T5724] FAT-fs (loop1): Directory bread(block 68) failed [ 102.014014][ T5724] FAT-fs (loop1): Directory bread(block 69) failed [ 102.025982][ T5724] FAT-fs (loop1): Directory bread(block 70) failed [ 102.034459][ T5724] FAT-fs (loop1): Directory bread(block 71) failed [ 102.041285][ T5724] FAT-fs (loop1): Directory bread(block 72) failed [ 102.047851][ T5724] FAT-fs (loop1): Directory bread(block 73) failed [ 102.265442][ T5734] loop3: detected capacity change from 0 to 2048 [ 102.333060][ T5734] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 103.968416][ T58] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 104.110191][ T29] kauditd_printk_skb: 59 callbacks suppressed [ 104.110216][ T29] audit: type=1800 audit(1719275348.885:241): pid=5741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.195" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 104.186045][ T5093] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.421492][ T29] audit: type=1326 audit(1719275349.325:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.482741][ T5749] loop2: detected capacity change from 0 to 2048 [ 104.494028][ T58] usb 1-1: New USB device found, idVendor=0bc3, idProduct=0001, bcdDevice=68.24 [ 104.509363][ T29] audit: type=1326 audit(1719275349.365:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.525041][ T58] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.566872][ T29] audit: type=1326 audit(1719275349.415:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.593720][ T58] usb 1-1: Product: syz [ 104.603895][ T58] usb 1-1: Manufacturer: syz [ 104.619414][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 104.631904][ T58] usb 1-1: SerialNumber: syz [ 104.651074][ T29] audit: type=1326 audit(1719275349.415:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.686229][ T29] audit: type=1326 audit(1719275349.415:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.690455][ T58] usb 1-1: config 0 descriptor?? [ 104.721351][ T5756] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 104.778207][ T29] audit: type=1326 audit(1719275349.415:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.784176][ T58] ipw 1-1:0.0: IPWireless converter converter detected [ 104.816034][ T5749] NILFS (loop2): error -2 truncating bmap (ino=16) [ 104.827960][ T5760] loop4: detected capacity change from 0 to 256 [ 104.828912][ T29] audit: type=1326 audit(1719275349.415:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.864693][ T5761] netlink: 8 bytes leftover after parsing attributes in process `syz.3.204'. [ 104.888646][ T29] audit: type=1326 audit(1719275349.415:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 104.937120][ T29] audit: type=1326 audit(1719275349.415:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.1.199" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f65e7375d39 code=0x7ffc0000 [ 105.004515][ T5095] usb 1-1: USB disconnect, device number 2 [ 105.013342][ T5095] ipw 1-1:0.0: device disconnected [ 105.131880][ T5770] loop1: detected capacity change from 0 to 256 [ 105.149609][ T5770] FAT-fs (loop1): Unrecognized mount option "nnonumtail=1" or missing value [ 105.161431][ T5764] 9pnet: Could not find request transport: {‚;‹wà±ï$|á œfd [ 105.255260][ T5777] loop3: detected capacity change from 0 to 512 [ 105.299024][ T5777] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 105.438301][ T5771] kvm: emulating exchange as write [ 105.448576][ T5783] 9pnet_fd: Insufficient options for proto=fd [ 105.473821][ T5783] netlink: 12 bytes leftover after parsing attributes in process `syz.4.212'. [ 105.492515][ T5785] loop3: detected capacity change from 0 to 256 [ 105.548201][ T5785] FAT-fs (loop3): Directory bread(block 64) failed [ 105.558738][ T5785] FAT-fs (loop3): Directory bread(block 65) failed [ 105.568241][ T5785] FAT-fs (loop3): Directory bread(block 66) failed [ 105.578886][ T5785] FAT-fs (loop3): Directory bread(block 67) failed [ 105.585918][ T5785] FAT-fs (loop3): Directory bread(block 68) failed [ 105.598218][ T5785] FAT-fs (loop3): Directory bread(block 69) failed [ 105.605333][ T5785] FAT-fs (loop3): Directory bread(block 70) failed [ 105.637053][ T5785] FAT-fs (loop3): Directory bread(block 71) failed [ 105.666148][ T5785] FAT-fs (loop3): Directory bread(block 72) failed [ 105.694487][ T5785] FAT-fs (loop3): Directory bread(block 73) failed [ 105.906641][ T5793] loop0: detected capacity change from 0 to 256 [ 106.055580][ T5797] loop3: detected capacity change from 0 to 128 [ 106.118475][ T5797] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 106.139518][ T5797] FAT-fs (loop3): Filesystem has been set read-only [ 106.146497][ T5803] loop0: detected capacity change from 0 to 164 [ 106.211700][ T5093] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006) [ 106.252209][ T5807] loop4: detected capacity change from 0 to 512 [ 106.343603][ T5807] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.363055][ T5807] ext4 filesystem being mounted at /root/syzkaller.KQG9Lm/33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.458403][ T5807] EXT4-fs error (device loop4): ext4_map_blocks:580: inode #2: block 11: comm syz.4.223: lblock 16 mapped to illegal pblock 11 (length 18) [ 106.501460][ T5822] loop3: detected capacity change from 0 to 256 [ 106.533658][ T5102] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.645865][ T5822] FAT-fs (loop3): Directory bread(block 64) failed [ 106.677529][ T5822] FAT-fs (loop3): Directory bread(block 65) failed [ 106.684664][ T5822] FAT-fs (loop3): Directory bread(block 66) failed [ 106.700962][ T5822] FAT-fs (loop3): Directory bread(block 67) failed [ 106.708562][ T5822] FAT-fs (loop3): Directory bread(block 68) failed [ 106.716614][ T5822] FAT-fs (loop3): Directory bread(block 69) failed [ 106.726484][ T5822] FAT-fs (loop3): Directory bread(block 70) failed [ 106.737035][ T5822] FAT-fs (loop3): Directory bread(block 71) failed [ 106.748996][ T5822] FAT-fs (loop3): Directory bread(block 72) failed [ 106.757576][ T5822] FAT-fs (loop3): Directory bread(block 73) failed [ 106.785567][ T5828] loop4: detected capacity change from 0 to 8 [ 106.925641][ T5828] SQUASHFS error: lzo decompression failed, data probably corrupt [ 106.926881][ T5830] loop0: detected capacity change from 0 to 256 [ 106.945050][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 106.950360][ T5828] SQUASHFS error: Failed to read block 0x1c0: -5 [ 106.975777][ T5828] SQUASHFS error: Unable to read metadata cache entry [1be] [ 107.011019][ T5831] SQUASHFS error: Unable to read metadata cache entry [1be] [ 107.203472][ T5836] loop1: detected capacity change from 0 to 1024 [ 107.269918][ T5836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.328551][ T5845] loop2: detected capacity change from 0 to 164 [ 107.429684][ T5836] loop1: detected capacity change from 1024 to 0 [ 107.461190][ T5850] syz.1.234: attempt to access beyond end of device [ 107.461190][ T5850] loop1: rw=12288, sector=164, nr_sectors = 2 limit=0 [ 107.486502][ T5850] EXT4-fs error (device loop1): ext4_acquire_dquot:6858: comm syz.1.234: Failed to acquire dquot type 0 [ 107.517283][ T5850] syz.1.234: attempt to access beyond end of device [ 107.517283][ T5850] loop1: rw=2049, sector=2, nr_sectors = 2 limit=0 [ 107.544183][ T5850] Buffer I/O error on dev loop1, logical block 1, lost sync page write [ 107.558063][ T5850] EXT4-fs (loop1): I/O error while writing superblock [ 107.692024][ T5092] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.756729][ T5092] syz-executor: attempt to access beyond end of device [ 107.756729][ T5092] loop1: rw=2049, sector=2, nr_sectors = 2 limit=0 [ 107.805165][ T5092] Buffer I/O error on dev loop1, logical block 1, lost sync page write [ 107.836123][ T5867] loop0: detected capacity change from 0 to 8 [ 107.839426][ T5092] EXT4-fs (loop1): I/O error while writing superblock [ 107.914269][ T5867] SQUASHFS error: lzo decompression failed, data probably corrupt [ 107.953047][ T5867] SQUASHFS error: Failed to read block 0x1c0: -5 [ 107.986005][ T5867] SQUASHFS error: Unable to read metadata cache entry [1be] [ 108.017015][ T5867] SQUASHFS error: Unable to read metadata cache entry [1be] [ 108.281962][ T5882] loop2: detected capacity change from 0 to 164 [ 108.376494][ T5873] loop1: detected capacity change from 0 to 8 [ 108.399016][ T5873] squashfs: Unknown parameter './cgroup' [ 108.594378][ T5894] loop4: detected capacity change from 0 to 1024 [ 108.661067][ T5894] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.699962][ T5909] netlink: 8 bytes leftover after parsing attributes in process `syz.1.257'. [ 108.834671][ T5894] loop4: detected capacity change from 1024 to 0 [ 108.867594][ T5915] syz.4.254: attempt to access beyond end of device [ 108.867594][ T5915] loop4: rw=12288, sector=164, nr_sectors = 2 limit=0 [ 108.912087][ T5915] EXT4-fs error (device loop4): ext4_acquire_dquot:6858: comm syz.4.254: Failed to acquire dquot type 0 [ 108.924004][ T5915] syz.4.254: attempt to access beyond end of device [ 108.924004][ T5915] loop4: rw=2049, sector=2, nr_sectors = 2 limit=0 [ 108.937318][ T5915] Buffer I/O error on dev loop4, logical block 1, lost sync page write [ 108.964496][ T5915] EXT4-fs (loop4): I/O error while writing superblock [ 109.029361][ T5919] loop1: detected capacity change from 0 to 512 [ 109.042247][ T5102] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.052692][ T5919] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 109.074767][ T5102] syz-executor: attempt to access beyond end of device [ 109.074767][ T5102] loop4: rw=2049, sector=2, nr_sectors = 2 limit=0 [ 109.099875][ T5102] Buffer I/O error on dev loop4, logical block 1, lost sync page write [ 109.108210][ T5102] EXT4-fs (loop4): I/O error while writing superblock [ 109.661437][ T5937] loop2: detected capacity change from 0 to 1024 [ 109.808274][ T5937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.421418][ T5094] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.471463][ T5946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.274'. [ 110.659548][ T5095] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 110.881054][ T5095] usb 5-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config [ 110.912014][ T5095] usb 5-1: config 16 has 0 interfaces, different from the descriptor's value: 1 [ 110.949404][ T5095] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 110.991230][ T5095] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.983812][ T5961] ptrace attach of "./syz-executor exec"[5093] was attempted by "./syz-executor exec"[5961] [ 113.022139][ T5954] loop1: detected capacity change from 0 to 32768 [ 113.035358][ T5954] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.277 (5954) [ 113.104065][ T5954] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 113.119809][ T5954] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 113.149537][ T5954] BTRFS info (device loop1): using free-space-tree [ 113.216450][ T5973] loop0: detected capacity change from 0 to 512 [ 113.254531][ T5973] EXT4-fs warning (device loop0): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 113.473300][ T5092] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 113.738819][ T5095] usb 5-1: string descriptor 0 read error: -71 [ 113.748622][ T5095] usb 5-1: USB disconnect, device number 2 [ 113.886149][ T5991] loop0: detected capacity change from 0 to 1024 [ 113.986943][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 113.995981][ T0] NOHZ tick-stop error: local softirq work is pending, handler #09!!! [ 114.005918][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 114.011268][ T5991] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 114.014902][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 115.013500][ T6007] ptrace attach of "./syz-executor exec"[5091] was attempted by "./syz-executor exec"[6007] [ 115.070761][ T5990] loop2: detected capacity change from 0 to 32768 [ 115.226293][ T5990] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 115.270232][ T6003] loop1: detected capacity change from 0 to 32768 [ 115.351148][ T6003] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 115.949820][ T6003] XFS (loop1): Ending clean mount [ 115.958016][ T5990] XFS (loop2): Ending clean mount [ 116.034835][ T5990] XFS (loop2): Quotacheck needed: Please wait. [ 116.361087][ T5092] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 116.444785][ T5990] XFS (loop2): Quotacheck: Done. [ 116.639159][ T25] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 116.677463][ T5094] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 116.780259][ T6045] loop4: detected capacity change from 0 to 1024 [ 116.854082][ T25] usb 1-1: config 16 has an invalid descriptor of length 115, skipping remainder of the config [ 116.888963][ T25] usb 1-1: config 16 has 0 interfaces, different from the descriptor's value: 1 [ 116.919634][ T25] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 116.928802][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.949177][ T6045] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 117.109530][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 119.487421][ T25] usb 1-1: string descriptor 0 read error: -71 [ 119.496800][ T25] usb 1-1: USB disconnect, device number 3 [ 119.532184][ T6073] ALSA: mixer_oss: invalid OSS volume 'ÒrpA&7ߵюeÁ]|ÈIÇÜï*Æ ÏE¢aì' [ 119.559330][ T6073] ALSA: mixer_oss: invalid OSS volume '' [ 119.881019][ T6063] loop1: detected capacity change from 0 to 32768 [ 119.953152][ T6063] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 120.003537][ T25] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 120.035852][ T6096] netlink: 12 bytes leftover after parsing attributes in process `syz.2.320'. [ 120.059654][ T6096] netlink: 'syz.2.320': attribute type 30 has an invalid length. [ 120.098417][ T6063] XFS (loop1): Ending clean mount [ 120.209218][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 120.238301][ T25] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 120.270208][ T25] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.293183][ T5092] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 120.299293][ T25] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 120.309216][ T6077] loop4: detected capacity change from 0 to 32768 [ 120.319444][ T25] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 120.339252][ T25] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 120.361621][ T25] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 120.386992][ T25] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 120.397664][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.406052][ T25] usb 1-1: Product: syz [ 120.411049][ T25] usb 1-1: Manufacturer: syz [ 120.415845][ T25] usb 1-1: SerialNumber: syz [ 120.425389][ T6077] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 120.639248][ T6077] XFS (loop4): Ending clean mount [ 120.653596][ T5103] Bluetooth: hci0: adv larger than maximum supported [ 120.653690][ T5103] Bluetooth: hci0: Unknown advertising packet type: 0x40 [ 120.662256][ T5103] Bluetooth: hci0: Malformed LE Event: 0x0d [ 120.663095][ T6077] XFS (loop4): Quotacheck needed: Please wait. [ 120.675554][ T25] cdc_ncm 1-1:1.0: bind() failure [ 120.709216][ T25] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 120.716285][ T25] cdc_ncm 1-1:1.1: bind() failure [ 120.726645][ T25] usb 1-1: USB disconnect, device number 4 [ 120.775708][ T6077] XFS (loop4): Quotacheck: Done. [ 120.928888][ T5102] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 121.000104][ T6092] loop3: detected capacity change from 0 to 32768 [ 121.104246][ T6092] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 121.245597][ T6092] XFS (loop3): Ending clean mount [ 121.287457][ T6092] XFS (loop3): Quotacheck needed: Please wait. [ 121.442026][ T6092] XFS (loop3): Quotacheck: Done. [ 121.443900][ T6126] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 121.579761][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 121.580813][ T6092] capability: warning: `syz.3.321' uses 32-bit capabilities (legacy support in use) [ 121.589254][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 121.774014][ T5093] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 121.910392][ T25] usb 5-1: new low-speed USB device number 3 using dummy_hcd [ 122.204463][ T25] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 122.249630][ T25] usb 5-1: string descriptor 0 read error: -22 [ 122.256012][ T25] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 122.291531][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.332709][ T25] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 122.615734][ T6153] loop2: detected capacity change from 0 to 64 [ 123.377786][ T6156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.337'. [ 123.677205][ T6153] Trying to free block not in datazone [ 123.849754][ T6164] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 124.057988][ T6168] loop0: detected capacity change from 0 to 64 [ 124.120925][ T6158] loop4: detected capacity change from 0 to 64 [ 124.226775][ T6170] loop2: detected capacity change from 0 to 4096 [ 124.269764][ T6170] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 124.441947][ T6158] Trying to free block not in datazone [ 124.555605][ T6170] ntfs3: loop2: mft corrupted [ 124.579234][ T6170] ntfs3: loop2: Failed to load $Extend (-22). [ 124.603751][ T6170] ntfs3: loop2: Failed to initialize $Extend. [ 124.740092][ T6170] ntfs3: loop2: ino=1e, "file1" failed to parse mft record [ 124.789145][ T6170] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 124.819305][ T6170] ntfs3: loop2: ino=1e, "file1" attr_set_size [ 125.227214][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 125.245368][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 125.257597][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 125.267624][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 125.279861][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 125.288790][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 125.575376][ T62] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.634751][ T6189] loop3: detected capacity change from 0 to 256 [ 125.817638][ T6194] loop0: detected capacity change from 0 to 1024 [ 125.866778][ T62] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.893276][ T6194] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 126.108839][ T62] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.216570][ T62] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.349957][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 126.445752][ T6202] Bluetooth: MGMT ver 1.23 [ 126.680208][ T5095] usb 5-1: USB disconnect, device number 3 [ 126.784792][ T6213] loop3: detected capacity change from 0 to 128 [ 126.945895][ T6180] chnl_net:caif_netlink_parms(): no params data found [ 127.012260][ T62] bridge_slave_1: left allmulticast mode [ 127.036565][ T62] bridge_slave_1: left promiscuous mode [ 127.052988][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.182237][ T62] bridge_slave_0: left allmulticast mode [ 127.200547][ T62] bridge_slave_0: left promiscuous mode [ 127.215220][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.348493][ T54] Bluetooth: hci1: command tx timeout [ 128.188286][ T6237] ip6t_rpfilter: unknown options [ 128.451423][ T6247] loop0: detected capacity change from 0 to 256 [ 128.742157][ T6253] loop0: detected capacity change from 0 to 4096 [ 128.762973][ T6253] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 128.967641][ T29] kauditd_printk_skb: 94 callbacks suppressed [ 128.967663][ T29] audit: type=1800 audit(1719275373.875:341): pid=6253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.377" name="file1" dev="loop0" ino=33 res=0 errno=0 [ 128.999797][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 129.023601][ T29] audit: type=1804 audit(1719275373.925:342): pid=6253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.377" name="/root/syzkaller.fKaFad/79/file0/file1" dev="loop0" ino=33 res=1 errno=0 [ 129.064317][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 129.081302][ T62] bond0 (unregistering): Released all slaves [ 129.313205][ T62] tipc: Left network mode [ 129.431526][ T54] Bluetooth: hci1: command tx timeout [ 129.720206][ T6269] ip6t_rpfilter: unknown options [ 130.473051][ T6180] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.506542][ T6180] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.549436][ T6180] bridge_slave_0: entered allmulticast mode [ 130.607774][ T6180] bridge_slave_0: entered promiscuous mode [ 130.666368][ T6180] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.729353][ T6180] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.736813][ T6180] bridge_slave_1: entered allmulticast mode [ 130.758577][ T6180] bridge_slave_1: entered promiscuous mode [ 131.086875][ T6180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.500688][ T54] Bluetooth: hci1: command tx timeout [ 131.721328][ T6180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.737049][ T6262] loop0: detected capacity change from 0 to 32768 [ 131.789504][ T6262] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.378 (6262) [ 131.904705][ T6262] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 131.941265][ T6262] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 131.951603][ T6262] BTRFS info (device loop0): using free-space-tree [ 132.045204][ T62] hsr_slave_0: left promiscuous mode [ 132.057962][ T62] hsr_slave_1: left promiscuous mode [ 132.068212][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.086583][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.097419][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.109309][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 132.213407][ T62] veth1_macvtap: left promiscuous mode [ 132.227670][ T62] veth0_macvtap: left promiscuous mode [ 132.241627][ T62] veth1_vlan: left promiscuous mode [ 132.248427][ T62] veth0_vlan: left promiscuous mode [ 132.268486][ T6262] BTRFS info (device loop0): rebuilding free space tree [ 132.684604][ T5148] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 132.949520][ T5148] usb 4-1: device descriptor read/64, error -71 [ 133.026366][ T5091] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 133.345493][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.357902][ T5148] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 133.358495][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.522273][ T5148] usb 4-1: device descriptor read/64, error -71 [ 133.583758][ T54] Bluetooth: hci1: command tx timeout [ 133.643164][ T5148] usb usb4-port1: attempt power cycle [ 133.682548][ T62] team0 (unregistering): Port device team_slave_1 removed [ 133.742138][ T62] team0 (unregistering): Port device team_slave_0 removed [ 134.079281][ T5148] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 134.112185][ T5148] usb 4-1: device descriptor read/8, error -71 [ 134.262858][ T6180] team0: Port device team_slave_0 added [ 134.278162][ T6306] netem: incorrect gi model size [ 134.285847][ T6306] netem: change failed [ 134.389698][ T5148] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 134.625272][ T5148] usb 4-1: device descriptor read/8, error -71 [ 134.645951][ T29] audit: type=1326 audit(1719275379.535:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 134.652525][ T6180] team0: Port device team_slave_1 added [ 134.689190][ T29] audit: type=1326 audit(1719275379.575:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 134.733846][ T29] audit: type=1326 audit(1719275379.575:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 134.825761][ T5148] usb usb4-port1: unable to enumerate USB device [ 135.197421][ T29] audit: type=1326 audit(1719275379.575:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 135.491993][ T29] audit: type=1326 audit(1719275379.575:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 135.532728][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::1]:20002. Sending cookies. [ 135.569085][ T6180] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 135.609796][ T6180] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.637568][ T29] audit: type=1326 audit(1719275379.575:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 135.665788][ T6180] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 135.676864][ T29] audit: type=1326 audit(1719275379.575:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 135.718160][ T6180] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 135.728018][ T6180] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.756622][ T29] audit: type=1326 audit(1719275379.575:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 135.781473][ T29] audit: type=1326 audit(1719275379.575:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 135.804314][ T6180] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 135.817129][ T29] audit: type=1326 audit(1719275379.575:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feeeed75d39 code=0x7ffc0000 [ 136.095227][ T6180] hsr_slave_0: entered promiscuous mode [ 136.106566][ T6357] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 136.125454][ T6180] hsr_slave_1: entered promiscuous mode [ 136.144711][ T6180] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 136.169989][ T6180] Cannot create hsr debugfs directory [ 136.184970][ T6352] netem: incorrect gi model size [ 136.199388][ T6352] netem: change failed [ 136.519362][ T6369] loop3: detected capacity change from 0 to 128 [ 136.590447][ T6369] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 136.626301][ T6369] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 138.926274][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.0.417'. [ 138.980636][ T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 139.067479][ T6383] loop0: detected capacity change from 0 to 64 [ 139.095767][ T6383] Trying to free block not in datazone [ 139.169985][ T25] usb 3-1: device descriptor read/64, error -71 [ 139.268819][ T6390] netem: incorrect gi model size [ 139.280475][ T6390] netem: change failed [ 139.667952][ T6180] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 139.691435][ T6180] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 139.720944][ T6401] loop2: detected capacity change from 0 to 4096 [ 139.727598][ T6180] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 139.735215][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 139.748009][ T6401] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 139.771308][ T6403] loop0: detected capacity change from 0 to 2048 [ 139.780791][ T6180] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 139.794227][ T6403] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 139.871347][ T6401] ntfs3: loop2: ino=1b, "file0" attr_set_size [ 139.880295][ T6401] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 139.921040][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 139.952524][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.984095][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 140.020781][ T8] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 140.048698][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.088896][ T8] usb 4-1: config 0 descriptor?? [ 140.237449][ T6413] loop0: detected capacity change from 0 to 2048 [ 140.257065][ T6180] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.275175][ T6413] loop0: p1 < > p3 p4 < > [ 140.292741][ T6413] loop0: p3 start 4284289 is beyond EOD, truncated [ 140.342320][ T6180] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.387986][ T5095] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.395335][ T5095] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.463676][ T5095] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.471011][ T5095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.568650][ T8] microsoft 0003:045E:07DA.0001: No inputs registered, leaving [ 140.605304][ T8] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 140.638173][ T8] microsoft 0003:045E:07DA.0001: no inputs found [ 140.653253][ T8] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway [ 140.808608][ T6431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 140.829596][ T6431] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.096967][ T6440] loop2: detected capacity change from 0 to 256 [ 141.188371][ T6440] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 141.190816][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::1]:20002. Sending cookies. [ 141.221218][ T6440] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 141.236142][ T6440] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 141.326539][ T6442] loop0: detected capacity change from 0 to 4096 [ 141.344611][ T6180] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.366593][ T6442] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 141.479485][ T8] usb 4-1: USB disconnect, device number 6 [ 141.544279][ T6442] ntfs3: loop0: ino=1b, "file0" attr_set_size [ 141.562188][ T6442] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 141.624754][ T6180] veth0_vlan: entered promiscuous mode [ 141.670510][ T6180] veth1_vlan: entered promiscuous mode [ 141.828542][ T6180] veth0_macvtap: entered promiscuous mode [ 142.091950][ T6180] veth1_macvtap: entered promiscuous mode [ 142.740110][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.767080][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.777705][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.799161][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.809139][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.829119][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.839002][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 142.894858][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 142.910812][ T6180] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 142.971174][ T6465] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 143.037105][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.072160][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.106892][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.158585][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.199853][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.234902][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.272357][ T6475] loop0: detected capacity change from 0 to 128 [ 143.281553][ T6180] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.305197][ T6475] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 143.333835][ T6180] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.360960][ T6475] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 143.380112][ T6180] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 143.429613][ T6180] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.445884][ T6180] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.470759][ T6180] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.511411][ T6180] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.518908][ T6479] loop2: detected capacity change from 0 to 256 [ 143.637032][ T6479] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 143.687871][ T6479] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 143.752620][ T6479] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 143.904836][ T2416] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.939215][ T2416] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.959217][ T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 144.008650][ T6491] loop3: detected capacity change from 0 to 256 [ 144.314397][ T6497] loop2: detected capacity change from 0 to 1024 [ 144.340387][ T6497] EXT4-fs: Ignoring removed orlov option [ 144.348907][ T6497] EXT4-fs: Ignoring removed nomblk_io_submit option [ 144.365816][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 144.381050][ T25] usb 1-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=56.a0 [ 144.391254][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.408181][ T25] usb 1-1: Product: syz [ 144.414913][ T25] usb 1-1: Manufacturer: syz [ 144.426423][ T25] usb 1-1: SerialNumber: syz [ 144.427811][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 144.443195][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 144.462523][ T25] usb 1-1: config 0 descriptor?? [ 145.136851][ T6497] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.279836][ T25] kaweth 1-1:0.0: Firmware present in device. [ 145.416554][ T25] kaweth 1-1:0.0: Statistics collection: 0 [ 145.423550][ T25] kaweth 1-1:0.0: Multicast filter limit: 0 [ 145.449799][ T25] kaweth 1-1:0.0: MTU: 0 [ 145.456546][ T6510] process 'syz.2.467' launched './file0/file0' with NULL argv: empty string added [ 145.459450][ T25] kaweth 1-1:0.0: Read MAC address 00:00:00:00:00:00 [ 145.868298][ T5094] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.032045][ T25] kaweth 1-1:0.0: Error setting receive filter [ 146.039402][ T25] kaweth 1-1:0.0: probe with driver kaweth failed with error -5 [ 146.066284][ T25] usb 1-1: USB disconnect, device number 5 [ 146.110037][ T6525] loop2: detected capacity change from 0 to 2048 [ 146.118130][ T6525] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576 [ 146.173757][ T6525] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 147.414292][ T6545] loop0: detected capacity change from 0 to 256 [ 147.773037][ T6565] loop2: detected capacity change from 0 to 512 [ 147.784982][ T6565] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 147.808885][ T6565] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 147.848894][ T6565] EXT4-fs (loop2): 1 truncate cleaned up [ 147.868032][ T6565] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 147.984818][ T5094] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.139573][ T5148] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 148.349302][ T5148] usb 4-1: Using ep0 maxpacket: 8 [ 148.360142][ T5148] usb 4-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=56.a0 [ 148.369944][ T5148] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.378058][ T5148] usb 4-1: Product: syz [ 148.383372][ T5148] usb 4-1: Manufacturer: syz [ 148.394339][ T5148] usb 4-1: SerialNumber: syz [ 148.405404][ T5148] usb 4-1: config 0 descriptor?? [ 148.852021][ T5148] kaweth 4-1:0.0: Firmware present in device. [ 148.876688][ T5148] kaweth 4-1:0.0: Statistics collection: 0 [ 148.889493][ T5148] kaweth 4-1:0.0: Multicast filter limit: 0 [ 148.895844][ T5148] kaweth 4-1:0.0: MTU: 0 [ 148.906509][ T5148] kaweth 4-1:0.0: Read MAC address 00:00:00:00:00:00 [ 149.309742][ T5147] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 149.660489][ T5147] usb 1-1: device descriptor read/64, error -71 [ 149.811548][ T6591] loop2: detected capacity change from 0 to 32768 [ 149.848297][ T6591] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.499 (6591) [ 149.885641][ T5148] kaweth 4-1:0.0: Error setting receive filter [ 149.894332][ T5148] kaweth 4-1:0.0: probe with driver kaweth failed with error -5 [ 149.925650][ T5148] usb 4-1: USB disconnect, device number 7 [ 149.942530][ T6591] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 149.954254][ T5147] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 149.966808][ T6591] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 149.985226][ T6591] BTRFS info (device loop2): using free-space-tree [ 150.004510][ T6610] netlink: 830 bytes leftover after parsing attributes in process `syz.1.505'. [ 150.129268][ T5147] usb 1-1: device descriptor read/64, error -71 [ 150.182607][ T5103] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 150.194417][ T5103] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 150.220094][ T5103] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 150.231617][ T5103] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 150.246378][ T5103] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 150.254198][ T5103] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 150.274749][ T5147] usb usb1-port1: attempt power cycle [ 150.433227][ T52] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.452186][ T5094] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 150.608073][ T52] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.729272][ T5147] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 150.790759][ T52] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.801768][ T5147] usb 1-1: device descriptor read/8, error -71 [ 150.935755][ T52] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.110955][ T5147] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 151.146376][ T6628] chnl_net:caif_netlink_parms(): no params data found [ 151.149983][ T5147] usb 1-1: device descriptor read/8, error -71 [ 151.290163][ T5147] usb usb1-port1: unable to enumerate USB device [ 151.445111][ T52] bridge_slave_1: left allmulticast mode [ 151.468186][ T52] bridge_slave_1: left promiscuous mode [ 151.481807][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.508939][ T52] bridge_slave_0: left allmulticast mode [ 151.519223][ T52] bridge_slave_0: left promiscuous mode [ 151.645429][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.350940][ T5103] Bluetooth: hci4: command tx timeout [ 152.921101][ T6652] loop3: detected capacity change from 0 to 40427 [ 152.941393][ T6652] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 152.974973][ T6652] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 153.067989][ T6652] F2FS-fs (loop3): Found nat_bits in checkpoint [ 153.196346][ T6663] loop1: detected capacity change from 0 to 32768 [ 153.219555][ T6663] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.518 (6663) [ 153.230231][ T6652] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 153.257487][ T6677] dlm: no locking on control device [ 153.292678][ T6663] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 153.335088][ T6663] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 153.376254][ T6663] BTRFS info (device loop1): using free-space-tree [ 153.389256][ T6652] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 153.403188][ T6652] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 153.771506][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 153.816585][ T6180] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 153.828613][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 153.952230][ T52] bond0 (unregistering): Released all slaves [ 154.270650][ T6628] bridge0: port 1(bridge_slave_0) entered blocking state [ 154.278509][ T6628] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.332911][ T6628] bridge_slave_0: entered allmulticast mode [ 154.354772][ T6628] bridge_slave_0: entered promiscuous mode [ 154.379418][ T5103] Bluetooth: hci4: command tx timeout [ 154.395921][ T6704] loop1: detected capacity change from 0 to 256 [ 154.425860][ T52] tipc: Left network mode [ 154.452487][ T6628] bridge0: port 2(bridge_slave_1) entered blocking state [ 154.481459][ T6628] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.488884][ T6628] bridge_slave_1: entered allmulticast mode [ 154.550931][ T6628] bridge_slave_1: entered promiscuous mode [ 154.989349][ T6710] netlink: 830 bytes leftover after parsing attributes in process `syz.2.529'. [ 155.059557][ T6628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.115529][ T6628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 155.273455][ T29] kauditd_printk_skb: 110 callbacks suppressed [ 155.273475][ T29] audit: type=1326 audit(1719275400.175:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 155.355808][ T29] audit: type=1326 audit(1719275400.175:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 155.410755][ T29] audit: type=1326 audit(1719275400.225:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 155.478623][ T29] audit: type=1326 audit(1719275400.225:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 155.626953][ T29] audit: type=1326 audit(1719275400.225:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 155.683848][ T6628] team0: Port device team_slave_0 added [ 155.696700][ T29] audit: type=1326 audit(1719275400.225:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2714d75d39 code=0x7ffc0000 [ 155.725479][ T6700] loop0: detected capacity change from 0 to 40427 [ 155.747095][ T6628] team0: Port device team_slave_1 added [ 155.759768][ T6700] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 155.769725][ T6700] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 155.791104][ T29] audit: type=1326 audit(1719275400.225:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2714d6cba7 code=0x7ffc0000 [ 155.835422][ T29] audit: type=1326 audit(1719275400.225:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2714d11569 code=0x7ffc0000 [ 155.857799][ T6700] F2FS-fs (loop0): invalid crc value [ 155.863588][ T52] hsr_slave_0: left promiscuous mode [ 155.909511][ T52] hsr_slave_1: left promiscuous mode [ 155.919629][ T29] audit: type=1326 audit(1719275400.225:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2714d6cba7 code=0x7ffc0000 [ 155.940575][ T6700] F2FS-fs (loop0): Found nat_bits in checkpoint [ 155.951413][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 155.969116][ T29] audit: type=1326 audit(1719275400.225:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.2.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2714d11569 code=0x7ffc0000 [ 155.973999][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.024705][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 156.045022][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.125011][ T52] veth1_macvtap: left promiscuous mode [ 156.130981][ T52] veth0_macvtap: left promiscuous mode [ 156.131137][ T6700] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 156.136749][ T52] veth1_vlan: left promiscuous mode [ 156.149366][ T52] veth0_vlan: left promiscuous mode [ 156.158052][ T6700] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 156.309596][ T5091] syz-executor: attempt to access beyond end of device [ 156.309596][ T5091] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 156.334913][ T5091] syz-executor: attempt to access beyond end of device [ 156.334913][ T5091] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 156.423410][ T5091] syz-executor: attempt to access beyond end of device [ 156.423410][ T5091] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 156.471515][ T5091] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 156.483406][ T5103] Bluetooth: hci4: command tx timeout [ 156.762757][ T6723] loop2: detected capacity change from 0 to 32768 [ 157.285904][ T52] team0 (unregistering): Port device team_slave_1 removed [ 157.345002][ T52] team0 (unregistering): Port device team_slave_0 removed [ 157.938087][ T6737] netlink: 830 bytes leftover after parsing attributes in process `syz.1.539'. [ 158.213817][ T6628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 158.240664][ T6628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.301685][ T6747] netlink: 210596 bytes leftover after parsing attributes in process `syz.1.544'. [ 158.323579][ T6628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 158.363942][ T6628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 158.384922][ T6628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 158.467224][ T6628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 158.539722][ T5103] Bluetooth: hci4: command tx timeout [ 158.653452][ T6628] hsr_slave_0: entered promiscuous mode [ 158.711373][ T6628] hsr_slave_1: entered promiscuous mode [ 158.739181][ T6628] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 158.759198][ T6628] Cannot create hsr debugfs directory [ 159.086450][ T5094] syz-executor (5094) used greatest stack depth: 18672 bytes left [ 159.255391][ T52] IPVS: stop unused estimator thread 0... [ 160.507037][ T6753] loop3: detected capacity change from 0 to 40427 [ 160.526069][ T6753] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 160.539192][ T6753] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 160.576212][ T6753] F2FS-fs (loop3): invalid crc value [ 160.623747][ T6753] F2FS-fs (loop3): Found nat_bits in checkpoint [ 160.687875][ T1096] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.745266][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 160.784665][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 160.797274][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 160.815937][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 160.824572][ T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 160.834141][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 160.893720][ T6753] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 160.928649][ T6753] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 160.989927][ T1096] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.053896][ T5103] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 161.070629][ T5103] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 161.083211][ T5103] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 161.097919][ T5103] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 161.117151][ T5103] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 161.136204][ T5103] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 161.155655][ T1096] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.175803][ T5093] syz-executor: attempt to access beyond end of device [ 161.175803][ T5093] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 161.209480][ T5093] syz-executor: attempt to access beyond end of device [ 161.209480][ T5093] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 161.264633][ T5093] syz-executor: attempt to access beyond end of device [ 161.264633][ T5093] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 161.282786][ T5093] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 161.401053][ T1096] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.406140][ T6771] loop1: detected capacity change from 0 to 32768 [ 161.430422][ T6771] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.554 (6771) [ 161.452426][ T6771] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 161.462962][ T6771] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 161.472000][ T6771] BTRFS info (device loop1): using free-space-tree [ 161.916117][ T6628] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 161.929294][ T6628] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 161.956711][ T6628] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 161.968725][ T6628] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 162.034580][ T1096] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.203922][ T1096] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.243262][ T6180] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 162.608730][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 162.620951][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 162.629317][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 162.660902][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 162.668883][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 162.670576][ T1096] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.687059][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 162.847948][ T1096] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.909458][ T6768] chnl_net:caif_netlink_parms(): no params data found [ 162.944355][ T5103] Bluetooth: hci0: command tx timeout [ 163.270808][ T5103] Bluetooth: hci3: command tx timeout [ 163.311181][ T6768] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.318526][ T6768] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.326403][ T6768] bridge_slave_0: entered allmulticast mode [ 163.334158][ T6768] bridge_slave_0: entered promiscuous mode [ 163.345781][ T6768] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.353253][ T6768] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.360846][ T6768] bridge_slave_1: entered allmulticast mode [ 163.369562][ T6768] bridge_slave_1: entered promiscuous mode [ 163.438948][ T6773] chnl_net:caif_netlink_parms(): no params data found [ 163.508998][ T6768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 163.527381][ T1096] bridge_slave_1: left allmulticast mode [ 163.533696][ T1096] bridge_slave_1: left promiscuous mode [ 163.539891][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.549978][ T1096] bridge_slave_0: left allmulticast mode [ 163.555740][ T1096] bridge_slave_0: left promiscuous mode [ 163.559356][ T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 163.564705][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.586517][ T1096] bridge_slave_1: left allmulticast mode [ 163.593550][ T1096] bridge_slave_1: left promiscuous mode [ 163.600893][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.614119][ T1096] bridge_slave_0: left allmulticast mode [ 163.620558][ T1096] bridge_slave_0: left promiscuous mode [ 163.626350][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.763904][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 163.791208][ T25] usb 2-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d [ 163.808023][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.816385][ T25] usb 2-1: Product: syz [ 163.829222][ T25] usb 2-1: Manufacturer: syz [ 163.834793][ T25] usb 2-1: SerialNumber: syz [ 163.843846][ T25] usb 2-1: config 0 descriptor?? [ 163.853568][ T25] usb 2-1: Found UVC 0.00 device syz (468c:90ea) [ 163.860642][ T25] usb 2-1: No valid video chain found. [ 164.100377][ T5095] usb 2-1: USB disconnect, device number 2 [ 164.487827][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 164.502841][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 164.513888][ T1096] bond0 (unregistering): Released all slaves [ 164.672936][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 164.694759][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 164.734255][ T1096] bond0 (unregistering): Released all slaves [ 164.779478][ T5103] Bluetooth: hci2: command tx timeout [ 164.854792][ T6768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 165.012994][ T6768] team0: Port device team_slave_0 added [ 165.019259][ T5103] Bluetooth: hci0: command tx timeout [ 165.061579][ T6768] team0: Port device team_slave_1 added [ 165.156198][ T6773] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.165208][ T6773] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.175106][ T6773] bridge_slave_0: entered allmulticast mode [ 165.182831][ T6773] bridge_slave_0: entered promiscuous mode [ 165.232145][ T6768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 165.239280][ T6768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.275556][ T6768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 165.290134][ T6773] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.303672][ T6773] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.314021][ T6773] bridge_slave_1: entered allmulticast mode [ 165.325915][ T6773] bridge_slave_1: entered promiscuous mode [ 165.339667][ T5103] Bluetooth: hci3: command tx timeout [ 165.363059][ T6768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 165.370857][ T6768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.398860][ T6768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 165.496932][ T6773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 165.528570][ T6773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 165.707252][ T6628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 165.775821][ T6768] hsr_slave_0: entered promiscuous mode [ 165.795800][ T6768] hsr_slave_1: entered promiscuous mode [ 165.806221][ T6768] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 165.814245][ T6768] Cannot create hsr debugfs directory [ 165.823276][ T6823] netlink: 48 bytes leftover after parsing attributes in process `syz.1.564'. [ 165.848913][ T6773] team0: Port device team_slave_0 added [ 165.916103][ T6773] team0: Port device team_slave_1 added [ 165.939556][ T6795] chnl_net:caif_netlink_parms(): no params data found [ 166.119719][ T6773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.126743][ T6773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.169845][ T6773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.199952][ T1096] hsr_slave_0: left promiscuous mode [ 166.209542][ T1096] hsr_slave_1: left promiscuous mode [ 166.219579][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.227059][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 166.250263][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.257729][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 166.289258][ T1096] hsr_slave_0: left promiscuous mode [ 166.297215][ T1096] hsr_slave_1: left promiscuous mode [ 166.311233][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.318728][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 166.340189][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.347693][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 166.453078][ T1096] veth1_macvtap: left promiscuous mode [ 166.458706][ T1096] veth0_macvtap: left promiscuous mode [ 166.465859][ T1096] veth1_vlan: left promiscuous mode [ 166.475580][ T1096] veth0_vlan: left promiscuous mode [ 166.490583][ T1096] veth1_macvtap: left promiscuous mode [ 166.496346][ T1096] veth0_macvtap: left promiscuous mode [ 166.509428][ T1096] veth1_vlan: left promiscuous mode [ 166.514855][ T1096] veth0_vlan: left promiscuous mode [ 166.665992][ T6831] loop1: detected capacity change from 0 to 32768 [ 166.702606][ T6831] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 166.740917][ T6831] XFS (loop1): Ending clean mount [ 166.860449][ T5103] Bluetooth: hci2: command tx timeout [ 166.947686][ T6180] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 167.102250][ T5103] Bluetooth: hci0: command tx timeout [ 167.425844][ T5103] Bluetooth: hci3: command tx timeout [ 167.762601][ T1096] team0 (unregistering): Port device team_slave_1 removed [ 167.828562][ T1096] team0 (unregistering): Port device team_slave_0 removed [ 168.154172][ T6854] loop1: detected capacity change from 0 to 512 [ 168.175772][ T6854] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 168.205476][ T6854] EXT4-fs (loop1): orphan cleanup on readonly fs [ 168.296918][ T6854] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.573: bg 0: block 248: padding at end of block bitmap is not set [ 168.317474][ T6854] __quota_error: 14 callbacks suppressed [ 168.317502][ T6854] Quota error (device loop1): write_blk: dquota write failed [ 168.331926][ T6854] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 168.342098][ T6854] EXT4-fs error (device loop1): ext4_acquire_dquot:6858: comm syz.1.573: Failed to acquire dquot type 1 [ 168.367495][ T6854] EXT4-fs (loop1): 1 truncate cleaned up [ 168.407527][ T6854] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 168.952734][ T5103] Bluetooth: hci2: command tx timeout [ 168.969555][ T29] audit: type=1800 audit(1719275413.865:487): pid=6854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.573" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 169.003114][ T6854] syz.1.573 (6854) used greatest stack depth: 18616 bytes left [ 169.162874][ T6180] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.196856][ T5103] Bluetooth: hci0: command tx timeout [ 169.443469][ T1096] team0 (unregistering): Port device team_slave_1 removed [ 169.518662][ T5103] Bluetooth: hci3: command tx timeout [ 169.543883][ T1096] team0 (unregistering): Port device team_slave_0 removed [ 169.561412][ T6861] nfs: Unexpected value for 'ac' [ 169.899591][ T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 170.094599][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.106342][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.116448][ T8] usb 2-1: New USB device found, idVendor=0eef, idProduct=c002, bcdDevice= 0.00 [ 170.129105][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.153307][ T8] usb 2-1: config 0 descriptor?? [ 170.247339][ T6773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 170.254908][ T6773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.289183][ T6773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 170.490444][ T6628] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.607081][ T8] hid (null): nested delimiters [ 170.616411][ T8] hid-generic 0003:0EEF:C002.0002: nested delimiters [ 170.618058][ T6773] hsr_slave_0: entered promiscuous mode [ 170.623315][ T8] hid-generic 0003:0EEF:C002.0002: item 0 2 2 10 parsing failed [ 170.624358][ T8] hid-generic 0003:0EEF:C002.0002: probe with driver hid-generic failed with error -22 [ 170.649314][ T6773] hsr_slave_1: entered promiscuous mode [ 170.669505][ T6795] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.683548][ T6795] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.692688][ T6795] bridge_slave_0: entered allmulticast mode [ 170.700748][ T6795] bridge_slave_0: entered promiscuous mode [ 170.736125][ T6795] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.745154][ T6795] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.752733][ T6795] bridge_slave_1: entered allmulticast mode [ 170.769708][ T6795] bridge_slave_1: entered promiscuous mode [ 170.817936][ T8] usb 2-1: USB disconnect, device number 3 [ 170.851285][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.858507][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.932999][ T6795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 170.952450][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.959755][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 171.018725][ T6795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.028553][ T5103] Bluetooth: hci2: command tx timeout [ 171.187003][ T6795] team0: Port device team_slave_0 added [ 171.218570][ T6795] team0: Port device team_slave_1 added [ 171.398058][ T6795] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.405561][ T6795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.433220][ T6795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.446896][ T6795] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.454172][ T6795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.481091][ T6795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.699355][ T6795] hsr_slave_0: entered promiscuous mode [ 171.708853][ T6795] hsr_slave_1: entered promiscuous mode [ 171.715949][ T6795] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 171.724653][ T6795] Cannot create hsr debugfs directory [ 171.987344][ T6768] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 172.000624][ T6768] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 172.068259][ T6768] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 172.151251][ T6768] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 172.325774][ T1096] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.521975][ T1096] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.597204][ T1096] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.761106][ T1096] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.802146][ T6628] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.927654][ T6885] loop1: detected capacity change from 0 to 40427 [ 172.938317][ T6885] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 172.946394][ T6885] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 172.984544][ T6885] F2FS-fs (loop1): Found nat_bits in checkpoint [ 173.065026][ T6885] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 173.072371][ T6885] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 173.630218][ T6773] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 173.709876][ T6773] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 173.731109][ T6773] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 173.844844][ T6773] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 173.862669][ T1096] bridge_slave_1: left allmulticast mode [ 173.868400][ T1096] bridge_slave_1: left promiscuous mode [ 173.890920][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.915490][ T1096] bridge_slave_0: left allmulticast mode [ 173.923364][ T1096] bridge_slave_0: left promiscuous mode [ 173.929347][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.298612][ T29] audit: type=1800 audit(1719275419.195:488): pid=6898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.584" name="bus" dev="sda1" ino=1946 res=0 errno=0 [ 174.511272][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 174.526709][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 174.538629][ T1096] bond0 (unregistering): Released all slaves [ 175.105960][ T6909] Driver unsupported XDP return value 0 on prog (id 102) dev N/A, expect packet loss! [ 175.130385][ T6768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.153904][ T1096] hsr_slave_0: left promiscuous mode [ 175.160711][ T1096] hsr_slave_1: left promiscuous mode [ 175.166809][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 175.174781][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 175.182902][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 175.191395][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 175.213080][ T1096] veth1_macvtap: left promiscuous mode [ 175.218767][ T1096] veth0_macvtap: left promiscuous mode [ 175.224732][ T1096] veth1_vlan: left promiscuous mode [ 175.230242][ T1096] veth0_vlan: left promiscuous mode [ 175.806834][ T1096] team0 (unregistering): Port device team_slave_1 removed [ 175.868682][ T1096] team0 (unregistering): Port device team_slave_0 removed [ 176.528123][ T6795] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 176.550677][ T5095] kernel write not supported for file /snd/seq (pid: 5095 comm: kworker/1:3) [ 176.572707][ T6795] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 176.617350][ T6768] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.673062][ T6913] loop1: detected capacity change from 0 to 512 [ 176.679847][ T6795] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 176.693504][ T6795] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 176.713422][ T6628] veth0_vlan: entered promiscuous mode [ 176.724687][ T6913] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.742235][ T6913] ext4 filesystem being mounted at /root/syzkaller.vfs0Qn/61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.801468][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.808709][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.831448][ T6913] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.591: corrupted inode contents [ 176.871853][ T6628] veth1_vlan: entered promiscuous mode [ 176.883576][ T6913] EXT4-fs error (device loop1): ext4_dirty_inode:5935: inode #2: comm syz.1.591: mark_inode_dirty error [ 176.897660][ T6913] EXT4-fs error (device loop1): ext4_do_update_inode:5075: inode #2: comm syz.1.591: corrupted inode contents [ 176.915242][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.922453][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.936048][ T6913] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.591: mark_inode_dirty error [ 177.068194][ T6773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.071489][ T1096] IPVS: stop unused estimator thread 0... [ 177.096429][ T6180] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.250540][ T6773] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.264055][ T6918] loop1: detected capacity change from 0 to 2048 [ 177.286945][ T6628] veth0_macvtap: entered promiscuous mode [ 177.325679][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.332999][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.384861][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.392093][ T5145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.405677][ T6628] veth1_macvtap: entered promiscuous mode [ 177.586986][ T6795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.609749][ T6628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.626756][ T6925] nfs: Unexpected value for 'ac' [ 177.639291][ T6628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.660839][ T6628] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 177.724828][ T6628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.736849][ T6628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.753500][ T6628] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 177.815117][ T6628] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.833823][ T6628] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.844576][ T6628] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.858526][ T6628] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.900134][ T6795] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.949968][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.957148][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.002741][ T6768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.065727][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.073107][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.362481][ T2784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 178.380215][ T2784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 178.481466][ T6930] loop1: detected capacity change from 0 to 32768 [ 178.529482][ T6768] veth0_vlan: entered promiscuous mode [ 178.554193][ T6930] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 178.564468][ T2784] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 178.583333][ T2784] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 178.638274][ T6773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.694943][ T6930] XFS (loop1): Ending clean mount [ 178.697865][ T6768] veth1_vlan: entered promiscuous mode [ 178.834466][ T6180] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 179.068175][ T6795] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.161601][ T6950] loop4: detected capacity change from 0 to 256 [ 179.202447][ T6950] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 179.251960][ T6768] veth0_macvtap: entered promiscuous mode [ 179.270844][ T6773] veth0_vlan: entered promiscuous mode [ 179.300551][ T6768] veth1_macvtap: entered promiscuous mode [ 179.357411][ T6773] veth1_vlan: entered promiscuous mode [ 179.456950][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.471095][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.481248][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.497227][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.509784][ T6768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 179.526093][ T6795] veth0_vlan: entered promiscuous mode [ 179.539273][ T58] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 179.554102][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.566088][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.576645][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.587355][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.598790][ T6768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 179.627317][ T6768] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.638900][ T6768] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.650082][ T6768] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.658926][ T6768] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.679070][ T6795] veth1_vlan: entered promiscuous mode [ 179.752074][ T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 10 [ 179.767048][ T58] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 179.791447][ T6773] veth0_macvtap: entered promiscuous mode [ 179.807044][ T58] usb 2-1: New USB device found, idVendor=0d46, idProduct=0081, bcdDevice=19.82 [ 179.810915][ T6962] loop4: detected capacity change from 0 to 1024 [ 179.817481][ T58] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 179.843540][ T58] usb 2-1: Product: syz [ 179.848005][ T58] usb 2-1: Manufacturer: syz [ 179.854221][ T58] usb 2-1: SerialNumber: syz [ 179.870727][ T6773] veth1_macvtap: entered promiscuous mode [ 179.877840][ T58] usb 2-1: config 0 descriptor?? [ 179.893107][ T58] kobil_sct 2-1:0.0: KOBIL USB smart card terminal converter detected [ 179.926957][ T58] usb 2-1: KOBIL USB smart card terminal converter now attached to ttyUSB0 [ 179.994722][ T6773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.006561][ T6773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.016724][ T6773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.029658][ T6773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.040131][ T6773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.050639][ T6773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.064721][ T6773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.066772][ T52] hfsplus: b-tree write err: -5, ino 4 [ 180.114932][ T6773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.128298][ T6773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.142118][ T930] usb 2-1: USB disconnect, device number 4 [ 180.148119][ T6773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.158658][ T6773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.170935][ T930] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0 [ 180.176472][ T6773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.184901][ T930] kobil_sct 2-1:0.0: device disconnected [ 180.197525][ T6773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.215545][ T6773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.254589][ T6773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.264923][ T6773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.274682][ T6773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.283737][ T6773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.305712][ T2784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.328940][ T2784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.461691][ T6795] veth0_macvtap: entered promiscuous mode [ 180.488450][ T2784] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.512276][ T6795] veth1_macvtap: entered promiscuous mode [ 180.526627][ T2784] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.716792][ T2796] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.726213][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.742211][ T2796] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.750223][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.776479][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.787580][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.798188][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.810238][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.821419][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 180.837081][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.855527][ T6795] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.962406][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.976953][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.993524][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.005612][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.022258][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.037277][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 181.279214][ T6795] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 181.309585][ T6795] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.213785][ T6795] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.401108][ T6795] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.412538][ T6795] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.424353][ T6795] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.444923][ T6795] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.474211][ T6978] loop0: detected capacity change from 0 to 256 [ 182.532456][ T6978] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 182.569186][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.589318][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.826936][ T2784] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.869223][ T2784] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.049719][ T2796] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.065989][ T2796] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.187877][ T6992] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 1029 (only 8 groups) [ 183.393117][ T2784] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.704567][ T2784] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.938036][ T2784] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.029903][ T7017] loop4: detected capacity change from 0 to 256 [ 184.048158][ T7017] exfat: Deprecated parameter 'namecase' [ 184.150082][ T2784] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.171425][ T7017] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 185.020919][ T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 185.034151][ T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 185.044058][ T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 185.063049][ T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 185.071343][ T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 185.080760][ T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 185.253094][ T2784] bridge_slave_1: left allmulticast mode [ 185.278493][ T2784] bridge_slave_1: left promiscuous mode [ 185.298546][ T2784] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.326784][ T2784] bridge_slave_0: left allmulticast mode [ 185.333162][ T2784] bridge_slave_0: left promiscuous mode [ 185.339055][ T2784] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.958569][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 185.985269][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 186.005994][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 186.014486][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 186.026636][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 186.034292][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 186.326393][ T2784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 186.351600][ T2784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 186.363878][ T2784] bond0 (unregistering): Released all slaves [ 187.083519][ T2784] hsr_slave_0: left promiscuous mode [ 187.093398][ T2784] hsr_slave_1: left promiscuous mode [ 187.108594][ T2784] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 187.137310][ T2784] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 187.152183][ T2784] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 187.174824][ T2784] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 187.182722][ T5103] Bluetooth: hci1: command tx timeout [ 187.267280][ T2784] veth1_macvtap: left promiscuous mode [ 187.288121][ T2784] veth0_macvtap: left promiscuous mode [ 187.311012][ T2784] veth1_vlan: left promiscuous mode [ 187.316444][ T2784] veth0_vlan: left promiscuous mode [ 187.441592][ T7059] libceph: resolve '0.' (ret=-3): failed [ 187.551400][ T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 187.570360][ T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 187.580259][ T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 187.589253][ T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 187.597106][ T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 187.610323][ T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 188.140865][ T54] Bluetooth: hci3: command tx timeout [ 188.215412][ T2784] team0 (unregistering): Port device team_slave_1 removed [ 188.275511][ T2784] team0 (unregistering): Port device team_slave_0 removed [ 189.259245][ T54] Bluetooth: hci1: command tx timeout [ 189.588150][ T7080] loop0: detected capacity change from 0 to 4096 [ 189.636214][ T7080] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 189.661360][ T54] Bluetooth: hci2: command tx timeout [ 189.700802][ T7027] chnl_net:caif_netlink_parms(): no params data found [ 189.734226][ T7080] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 189.941222][ T7042] chnl_net:caif_netlink_parms(): no params data found [ 189.972496][ T5103] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 189.993844][ T5103] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 190.004752][ T5103] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 190.021543][ T5103] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 190.038310][ T5103] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 190.046442][ T6768] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 190.053929][ T5103] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 190.065081][ T6768] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 190.219541][ T54] Bluetooth: hci3: command tx timeout [ 190.306914][ T7027] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.317987][ T7100] netlink: 8 bytes leftover after parsing attributes in process `syz.0.660'. [ 190.319944][ T7027] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.327303][ T7100] netlink: 8 bytes leftover after parsing attributes in process `syz.0.660'. [ 190.345947][ T7027] bridge_slave_0: entered allmulticast mode [ 190.353881][ T7027] bridge_slave_0: entered promiscuous mode [ 190.408109][ T7060] chnl_net:caif_netlink_parms(): no params data found [ 190.451221][ T7027] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.478330][ T7027] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.496149][ T7027] bridge_slave_1: entered allmulticast mode [ 190.507616][ T7027] bridge_slave_1: entered promiscuous mode [ 190.670566][ T7042] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.685909][ T7042] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.694027][ T7042] bridge_slave_0: entered allmulticast mode [ 190.713443][ T7042] bridge_slave_0: entered promiscuous mode [ 190.824261][ T7042] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.844262][ T7042] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.857008][ T7042] bridge_slave_1: entered allmulticast mode [ 190.868881][ T7042] bridge_slave_1: entered promiscuous mode [ 190.937742][ T2784] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.983870][ T7027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.082005][ T7027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.156139][ T2784] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.295536][ T7042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.339287][ T54] Bluetooth: hci1: command tx timeout [ 191.398534][ T7109] loop0: detected capacity change from 0 to 1024 [ 191.453307][ T29] audit: type=1800 audit(1719275436.355:489): pid=7109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.662" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 191.480494][ T2784] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.513249][ T7060] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.529294][ T7060] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.536812][ T7060] bridge_slave_0: entered allmulticast mode [ 191.549816][ T7060] bridge_slave_0: entered promiscuous mode [ 191.569146][ T7042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.672745][ T2784] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.696530][ T7060] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.704112][ T7060] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.712991][ T7060] bridge_slave_1: entered allmulticast mode [ 191.720770][ T7060] bridge_slave_1: entered promiscuous mode [ 191.749351][ T54] Bluetooth: hci2: command tx timeout [ 191.765682][ T7027] team0: Port device team_slave_0 added [ 191.776071][ T7114] warning: `syz.0.664' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 191.843644][ T7042] team0: Port device team_slave_0 added [ 191.858105][ T7042] team0: Port device team_slave_1 added [ 191.875616][ T7027] team0: Port device team_slave_1 added [ 191.944884][ T7060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 192.018312][ T7027] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.027644][ T7027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.068360][ T7027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.092742][ T7060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 192.139545][ T54] Bluetooth: hci4: command tx timeout [ 192.154283][ T7027] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.161732][ T7027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.188342][ T7027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.274474][ T7060] team0: Port device team_slave_0 added [ 192.292240][ T7042] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.299394][ T54] Bluetooth: hci3: command tx timeout [ 192.308454][ T7042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.337953][ T7042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.378517][ T7060] team0: Port device team_slave_1 added [ 192.397874][ T7042] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.405437][ T7042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.431845][ T7042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.547692][ T7060] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.556202][ T7060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.582537][ T7060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.651310][ T2784] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.699456][ T7060] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.706464][ T7060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.744644][ T7060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.835905][ T2784] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.898304][ T7027] hsr_slave_0: entered promiscuous mode [ 192.905447][ T7027] hsr_slave_1: entered promiscuous mode [ 192.912863][ T7027] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.923652][ T7027] Cannot create hsr debugfs directory [ 192.948981][ T2784] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.973466][ T7042] hsr_slave_0: entered promiscuous mode [ 192.980674][ T7042] hsr_slave_1: entered promiscuous mode [ 192.987100][ T7042] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 193.000227][ T7042] Cannot create hsr debugfs directory [ 193.055093][ T2784] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.130817][ T7087] chnl_net:caif_netlink_parms(): no params data found [ 193.262394][ T7060] hsr_slave_0: entered promiscuous mode [ 193.276591][ T7060] hsr_slave_1: entered promiscuous mode [ 193.283729][ T7060] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 193.291639][ T7060] Cannot create hsr debugfs directory [ 193.419464][ T54] Bluetooth: hci1: command tx timeout [ 193.542278][ T7087] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.551609][ T7087] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.558940][ T7087] bridge_slave_0: entered allmulticast mode [ 193.566320][ T7087] bridge_slave_0: entered promiscuous mode [ 193.637033][ T7087] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.644563][ T7087] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.652821][ T7087] bridge_slave_1: entered allmulticast mode [ 193.661344][ T7087] bridge_slave_1: entered promiscuous mode [ 193.785618][ T2784] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.820066][ T54] Bluetooth: hci2: command tx timeout [ 193.859751][ T7087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 193.941545][ T2784] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.959536][ T7087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.076660][ T2784] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.151509][ T7087] team0: Port device team_slave_0 added [ 194.183429][ T2784] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.214541][ T7087] team0: Port device team_slave_1 added [ 194.239299][ T54] Bluetooth: hci4: command tx timeout [ 194.370098][ T7087] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.377203][ T7087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.405408][ T7087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.416447][ T54] Bluetooth: hci3: command tx timeout [ 194.498698][ T7087] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.518650][ T7087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.546288][ T7087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.739831][ T2784] bridge_slave_1: left allmulticast mode [ 194.759150][ T2784] bridge_slave_1: left promiscuous mode [ 194.765127][ T2784] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.775752][ T2784] bridge_slave_0: left allmulticast mode [ 194.782237][ T2784] bridge_slave_0: left promiscuous mode [ 194.788096][ T2784] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.796436][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.805654][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.823020][ T2784] bridge_slave_1: left allmulticast mode [ 194.828851][ T2784] bridge_slave_1: left promiscuous mode [ 194.834647][ T2784] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.845722][ T2784] bridge_slave_0: left allmulticast mode [ 194.852344][ T2784] bridge_slave_0: left promiscuous mode [ 194.858120][ T2784] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.871048][ T2784] bridge_slave_1: left allmulticast mode [ 194.876923][ T2784] bridge_slave_1: left promiscuous mode [ 194.883007][ T2784] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.893072][ T2784] bridge_slave_0: left allmulticast mode [ 194.898768][ T2784] bridge_slave_0: left promiscuous mode [ 194.905052][ T2784] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.909602][ T54] Bluetooth: hci2: command tx timeout [ 196.118936][ T2784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.136520][ T2784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.148012][ T2784] bond0 (unregistering): Released all slaves [ 196.299746][ T54] Bluetooth: hci4: command tx timeout [ 196.322472][ T2784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.371616][ T2784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.385355][ T2784] bond0 (unregistering): Released all slaves [ 196.443949][ T7151] loop0: detected capacity change from 0 to 512 [ 196.465698][ T7151] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 196.489109][ T7151] UDF-fs: Scanning with blocksize 512 failed [ 196.511829][ T7151] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 196.519441][ T7151] UDF-fs: Scanning with blocksize 1024 failed [ 196.526405][ T7151] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 196.534152][ T7151] UDF-fs: Scanning with blocksize 2048 failed [ 196.541292][ T7151] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 196.568106][ T7151] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 196.614887][ T2784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 196.633609][ T2784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 196.650654][ T2784] bond0 (unregistering): Released all slaves [ 196.666814][ T6768] BUG: unable to handle page fault for address: ffffffffffffffeb [ 196.666837][ T6768] #PF: supervisor read access in kernel mode [ 196.666846][ T6768] #PF: error_code(0x0000) - not-present page [ 196.666855][ T6768] PGD e136067 P4D e136067 PUD e138067 PMD 0 [ 196.666880][ T6768] Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI [ 196.666902][ T6768] CPU: 1 UID: 0 PID: 6768 Comm: syz-executor Not tainted 6.10.0-rc5-next-20240624-syzkaller #0 [ 196.666920][ T6768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 196.666931][ T6768] RIP: 0010:__brelse+0x38/0xa0 [ 196.666958][ T6768] Code: 48 83 c3 60 48 89 df be 04 00 00 00 e8 a1 e9 dc ff 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 75 44 <8b> 2b 31 ff 89 ee e8 0d 49 76 ff 85 ed 74 17 e8 c4 44 76 ff 48 89 [ 196.666974][ T6768] RSP: 0018:ffffc90004267c68 EFLAGS: 00010246 [ 196.666988][ T6768] RAX: 0000000000000000 RBX: ffffffffffffffeb RCX: dffffc0000000000 [ 196.667000][ T6768] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffffffffeb [ 196.667010][ T6768] RBP: 0000000000000008 R08: ffffffffffffffee R09: 1ffffffffffffffd [ 196.667021][ T6768] R10: dffffc0000000000 R11: fffffbfffffffffe R12: 0000000000000008 [ 196.667032][ T6768] R13: ffff88807c714ce0 R14: 0000000000000000 R15: dffffc0000000000 [ 196.667044][ T6768] FS: 0000555577d48500(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 196.667058][ T6768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.667069][ T6768] CR2: ffffffffffffffeb CR3: 00000000606f0000 CR4: 00000000003506f0 [ 196.667083][ T6768] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 196.667092][ T6768] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 196.667103][ T6768] Call Trace: [ 196.667109][ T6768] [ 196.667116][ T6768] ? __die_body+0x88/0xe0 [ 196.667141][ T6768] ? page_fault_oops+0x8e4/0xcc0 [ 196.667165][ T6768] ? __pfx_page_fault_oops+0x10/0x10 [ 196.667184][ T6768] ? is_prefetch+0x4ed/0x780 [ 196.667202][ T6768] ? schedule+0x90/0x320 [ 196.667222][ T6768] ? schedule+0x90/0x320 [ 196.667240][ T6768] ? schedule+0x155/0x320 [ 196.667259][ T6768] ? __pfx_is_prefetch+0x10/0x10 [ 196.667284][ T6768] ? __bad_area_nosemaphore+0x118/0x770 [ 196.667301][ T6768] ? __pfx_bit_wait_io+0x10/0x10 [ 196.667326][ T6768] ? __pfx_bit_wait_io+0x10/0x10 [ 196.667348][ T6768] ? __pfx___bad_area_nosemaphore+0x10/0x10 [ 196.667366][ T6768] ? spurious_kernel_fault+0x11e/0x5d0 [ 196.667398][ T6768] ? exc_page_fault+0x5c8/0x8c0 [ 196.667425][ T6768] ? asm_exc_page_fault+0x26/0x30 [ 196.667449][ T6768] ? __brelse+0x38/0xa0 [ 196.667465][ T6768] ? __brelse+0x1f/0xa0 [ 196.667481][ T6768] udf_sb_free_partitions+0x1d5/0x540 [ 196.667504][ T6768] udf_put_super+0x113/0x160 [ 196.667528][ T6768] ? __pfx_udf_put_super+0x10/0x10 [ 196.667546][ T6768] generic_shutdown_super+0x136/0x2d0 [ 196.667566][ T6768] kill_block_super+0x44/0x90 [ 196.667585][ T6768] deactivate_locked_super+0xc4/0x130 [ 196.667602][ T6768] cleanup_mnt+0x41f/0x4b0 [ 196.667625][ T6768] ? lockdep_hardirqs_on+0x99/0x150 [ 196.667652][ T6768] task_work_run+0x24f/0x310 [ 196.667679][ T6768] ? __pfx_task_work_run+0x10/0x10 [ 196.667702][ T6768] ? __x64_sys_umount+0x123/0x170 [ 196.667721][ T6768] ? syscall_exit_to_user_mode+0xa3/0x370 [ 196.667738][ T6768] syscall_exit_to_user_mode+0x168/0x370 [ 196.667755][ T6768] do_syscall_64+0x100/0x230 [ 196.667771][ T6768] ? clear_bhb_loop+0x35/0x90 [ 196.667793][ T6768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.667816][ T6768] RIP: 0033:0x7fad91577067 [ 196.667836][ T6768] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 196.667849][ T6768] RSP: 002b:00007fff927ff008 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 196.667864][ T6768] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fad91577067 [ 196.667875][ T6768] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff927ff0c0 [ 196.667885][ T6768] RBP: 00007fff927ff0c0 R08: 0000000000000000 R09: 0000000000000000 [ 196.667895][ T6768] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff92800170 [ 196.667906][ T6768] R13: 00007fad915e3672 R14: 000000000002ff25 R15: 00007fff928001b0 [ 196.667925][ T6768] [ 196.667930][ T6768] Modules linked in: [ 196.667945][ T6768] CR2: ffffffffffffffeb [ 196.667956][ T6768] ---[ end trace 0000000000000000 ]--- [ 197.088552][ T6768] RIP: 0010:__brelse+0x38/0xa0 [ 197.093379][ T6768] Code: 48 83 c3 60 48 89 df be 04 00 00 00 e8 a1 e9 dc ff 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 75 44 <8b> 2b 31 ff 89 ee e8 0d 49 76 ff 85 ed 74 17 e8 c4 44 76 ff 48 89 [ 197.113006][ T6768] RSP: 0018:ffffc90004267c68 EFLAGS: 00010246 [ 197.119119][ T6768] RAX: 0000000000000000 RBX: ffffffffffffffeb RCX: dffffc0000000000 [ 197.127107][ T6768] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffffffffffeb [ 197.135121][ T6768] RBP: 0000000000000008 R08: ffffffffffffffee R09: 1ffffffffffffffd [ 197.143103][ T6768] R10: dffffc0000000000 R11: fffffbfffffffffe R12: 0000000000000008 [ 197.151089][ T6768] R13: ffff88807c714ce0 R14: 0000000000000000 R15: dffffc0000000000 [ 197.159077][ T6768] FS: 0000555577d48500(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 197.168032][ T6768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.174632][ T6768] CR2: ffffffffffffffeb CR3: 00000000606f0000 CR4: 00000000003506f0 [ 197.182621][ T6768] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 197.190607][ T6768] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 197.198599][ T6768] Kernel panic - not syncing: Fatal exception [ 197.205027][ T6768] Kernel Offset: disabled [ 197.209378][ T6768] Rebooting in 86400 seconds..