last executing test programs: 17.731825526s ago: executing program 3 (id=2082): openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_setup(0x1, &(0x7f0000000240)=0x0) io_submit(r0, 0x0, &(0x7f0000000100)) 17.421296272s ago: executing program 3 (id=2084): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text16={0x10, 0x0}], 0x1, 0x31, 0x0, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0xfffffffffffffdc4, &(0x7f00000002c0)=0x4400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000004740)=""/102400, 0x19000) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(0xffffffffffffffff, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r1, 0x0, 0x0) sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='mountinfo\x00') fsopen(0x0, 0x1) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) read$FUSE(r2, &(0x7f0000000580)={0x2020}, 0x2020) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r4, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32], 0x448}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) sendmsg$BATADV_CMD_GET_VLAN(r2, &(0x7f0000002680)={&(0x7f00000025c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002640)={&(0x7f0000002600)=ANY=[@ANYBLOB="3cdaa532", @ANYRES16=0x0, @ANYBLOB="00022dbd7000fcdbdf251100000005002a0000000000050038000000000008002c0000000100080032003edf00000500"], 0x3c}, 0x1, 0x0, 0x0, 0x44080}, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) socket$tipc(0x1e, 0x5, 0x0) socket$tipc(0x1e, 0x2, 0x0) 11.391743897s ago: executing program 4 (id=2099): bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400100bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000001200), &(0x7f0000001240), 0x2, 0x0) bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0xffffffffffffffa9) timer_create(0x2, &(0x7f00000006c0)={0x0, 0x12, 0x0, @thr={&(0x7f0000000380)="a1961d2c7b0f2aa33466ce1204fe75ed0ed21f619aa6546f63104857520b1b", &(0x7f00000005c0)="a6ae9a7dc7ed2171bc81649516ba64b1f1a836c5b827e47b3d65e0eaf30aa56599687e897bee5f2cded735665e938d7a29c0416817108b00dfd55b9dfefad7871c35c285b218de81bf748b1ddc7a268ea70644951d82cc8f13034f479c07998c06dc09fcee0a63253d83bc3a15a325e17807c2543b2ec6e35326b00e0c0dc1c0b0c99d5ef0e1c02e5b6108d5f8e0e7c94b5193a593904a9ff9667b56708a52e8cd46f714d4aa1b591f363fcc53136ed97909a6f89aa2d44bfe1b4bee8731f3e7644136457b25b8fc77602f787188aa3fe9c0e73efd1e6857e86dae"}}, &(0x7f0000000540)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r2, 0x0, 0x10) unshare(0x22020000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='rpc_pipefs\x00', 0x0, 0x0) unshare(0x40020000) rmdir(&(0x7f0000000740)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x45) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='cgroup2\x00', 0x4002, 0x0) mount(&(0x7f0000001e80), &(0x7f0000000200)='./file0\x00', &(0x7f0000000580)='nfs\x00', 0x4080, &(0x7f0000000700)='\x00') pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000440)='./file0\x00') getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0) 10.738387823s ago: executing program 3 (id=2100): socket$inet_dccp(0x2, 0x6, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe) connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) writev(r3, &(0x7f0000000240)=[{0x0}], 0x1) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0xfea7) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x21, 0xe8, &(0x7f0000000080)="91d0855610584d76da140848e9cc11a866e556e7e591393fa5001d157f3ad1057f", &(0x7f00000000c0)=""/232, 0x6, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x3}, 0x50) 9.60900058s ago: executing program 3 (id=2103): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @loopback}]}]}, @IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}]}, 0x50}}, 0x0) 9.60685572s ago: executing program 2 (id=2104): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)) syz_open_procfs$namespace(r1, &(0x7f00000001c0)='ns/time\x00') 9.37631792s ago: executing program 3 (id=2105): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d414000000010902120001000040000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00010c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x28, "875c45b4a38400a32916847ee8f9785f7f5227c5623a62f92aebe72a2f48dd0c5ab3b7f388401fe4"}, 0x0, 0x0, 0x0, 0x0}) 9.092526534s ago: executing program 4 (id=2107): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000540)={'wg1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newlink={0x60, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x28, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x2}}]}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x60}, 0x1, 0xba01}, 0x0) 9.054242237s ago: executing program 2 (id=2108): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x11, &(0x7f0000000500)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nouid32}, {@noblock_validity}, {@noload}, {@data_writeback}]}, 0x1, 0x631, &(0x7f0000001940)="$eJzs3c1vVFUbAPDn3k6/3/edQt6ouJBGYyBRWlrAEGMC3bgiBD92riotBBkooTVaJLFNcGNi3LgwceVC/C+UxK0Lty7cuDIkxBgWYlDG3Jk7ZTrt9Hs6pf39kmnvndM557lNn54zZ86ZCWDPGsy+pBEHIuJaElGsKytEXjhY/bn7f9w8n92SKJff+j2Jmx8nc/V1Jfn3/vzB/xQj+SmN2N+xtN3p2RuXx0ulyev5+fDMlWvD07M3jly6Mn5x8uLk1dFXRk+eOH7i5MjRTV1fHtPf2Zczt977oPjp2Xe++ephMvLtL2eTOB2P8tiy62p8bPemWs5+Z4NRrnqwqCCNOLnJuneKP4u1v5OK7uwPIim0MyLWI42IUxHRGRFPRzE64nGyFuOTN9oaHNBS5SQqfdRgGdh7kmhadKkn/yexVE9LYwK2Q20cUHtuv9zz4KXSVg5JgG1yb6w6V1fN/c6IqOV/oTo3GD2VuYG++0n9PE9lXm1zM3NVWRs//nD2VnaLJvNwQGvMzddmuRv7/6SSmwNRfQ7Qdz9dlP9j+SggzV8neLOx4jVOng82nMt/2D5z8xHxTN7/d8Wa8z/Nc7eW/+9usH35DwAAAAAAAFvnzlhEvLzc+r90Yf1P1zLrf/oj4vQWtL/663/p3fwg2YLmgDr3xiJeW3b978Ia34GO/Oy/lfUAncmFS6XJoxHxv4g4HJ3d2flIQ731K4SPfLb/y2bt16//y25Z+7W1gHlNdwsNa4kmxmfGN3vdQMS9+YhnK+t/D+b3LF7/k/X/yTL9f5bf19bYxv4Xb59rVrZ6/gOtUv464tCy/f/j4Xay8vtzDFfGA8O1UcFSz330+XfN2pf/0D5Z/9+3cv53J/Xv1zO9vvq7IuLYbKHcrHyj4/+u5O2OWv2ZD8dnZq6PRHQlZ5beP7q+mGG3quVDLV+y/D/8wsrzfwvj/7o87I2IuTW2+dSj/l+blen/oX2y/J9Yuf8vLu7/138wenvg+2btn1tT/3+80qcfzu8x/wf1lr4fx1oTtC3hAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMATLo2I/0SSDi0cp+nQUER/RPw/+tLS1PTMSxem3r86kZVVPv8/rX3Sb7F6ntQ+/3+g7ny04fxYROyLiC86eivnQ+enShPtvngAAAAAAAAAAAAAAAAAAADYIfore/7L3Y37/zO/dbQ7OqDlCvl3+Q57T2HDjyx3b2kgwLbbeP4DT7L5deV/Z0tjAbZf8/x/8LBc0XD368+3PCZgexj/w961wfz3cgHsAvp/2KvWOKfX0+o4gHbQ/wMAAAAAwK6y7+Cdn5OImHu1t3LLdOVlvW2NDGi1tN0BAG1jDS/sXYWpdkcAtIsN/UCycPRX42b/iuar/5PWBAQAAAAAAAAAAAAALHHoQPP9//YGwO628v5/a/thN1th//9yye/tAmAXaf7RH/p+2O08xwdW6+3t/wcAAAAAAAAAAACAHaDnxuXxUmny+vTsk3dwameEsb6DufHN1VPu3glXsfjgUWtq7oyInXGBW3CQJVupNFkuR6z+w7W34GhjzO39twQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADz2bwAAAP///UcgJw==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r4 = dup(r3) sendmsg$netlink(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000540)=ANY=[], 0x100}, {&(0x7f0000000580)=ANY=[], 0x1f88}, {&(0x7f0000000780)=ANY=[@ANYBLOB="b80000000000000000000000000000007a7e2caaa8d55a685325b1464e1a765a114c13e78ecb27b6c329f58788b8698a9d6e4b9d8a7f60a60ee95742dba513af0a39d8a48b102754bc39b3fc90bf269a2d57957ad381018b1f99d11a229c2d49f90f6beb5a6e4ef93f171fd20f451100e1bcf0464d0000800c9884f00d485f0b170949eb707b7c2094a8b32642c478414b3fb097fe4f0c6be94f627119a25ffd76c35e798eb68595c9c573f051d7f67a7df2d159c97d6ee88a2b4387182ca5d6220000000000001e22552865abeea7bd0768f771faa5025a2425f92fb5b8a6a13d221326f2bbd33e7f59ee88aea454ec21d0e5efc5a7c6d51fc86a329dd69b95d2cba7887445a45dbe0b0bb7a51b2b3460ed9629e08648b1eccb653edad1939c44b9a82e0a82c9ba50ef9fff7b5ce4a8b5c3484b35b9e26f5a5acccb6265bbed84c0626a1825b800700601576f992142ede3500ffef187aea511ba3aec37d9158a336b3fa454e6272cbac87d2375a0f8e8ae17c1f67178f9c38a687cbd5f4477271081"], 0xb8}], 0x3}, 0x0) tkill(0x0, 0x7) 7.815685173s ago: executing program 0 (id=2110): syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r0, 0x0, 0x0) 7.815506933s ago: executing program 4 (id=2111): socket$inet6_tcp(0xa, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x401}}}, 0x7) 7.590798042s ago: executing program 4 (id=2113): msgget$private(0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f00000008c0)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000180)=ANY=[@ANYRES32=r0]) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000019000100000000000000000080200000001100050000000008000100ac1e000108000400", @ANYRES32=0x0], 0x2c}}, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000013c0)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x1, "8fcb9c49a280b1"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r4, 0xd000943e, &(0x7f0000003700)={r6, r5, "ee101fe3e995826349ea9adde0e5bb210053fdd39c297bd9e292f10a2124f43b32f86885adc9f4db8a797978ce32b1aaa01248cf5ad443aedd2958ed0b8b903eea473357b5e6cdccdaf0e544d8f9750a3e8094b4f61bae7ce8dc0bbd3128f6e3bb09ffe96ed18ac85f5121237fadd1a4c79eff9ee55920ac5e78ac6abc8f2767d412c4add0962ca60dceedf299a556b1d86cd12ce0498703f326ddee9fffd13dcdf8e7691541c41ce58a727d7fa471308e29e8002c75b772429bacc707c2511facd220e185460e85613e5520d41dd4a110b763a99bd6e54ba8210013a8a17d188c1458fadcd33fc0e12d31c9603ac491a6d37f3508cec298cbab494c322d4b3d", "16aaf8e9228e74760edf2d47c1094e78f09fa838daa83b01c85f5d0976ae4ee63e0f4b73052a3072912549f3c6d3b54893503afbf84d9aeaaf48cdfe113d6140804abb3cc5e4430a62554529e6d81a74488af61543945b45729b5206332e338d93f939245ad08f69a6f459e3b705871521a22b8b7ee863266cc7fbda3172cf6f3ad6622be3badd59d1d862133f1931ba260139bc726bcc17fc9a93ff23d346032c22be7a9611ddc50a6ea4627e6f09555727d51d555ba14c69a62fcd402f81e1c61abfd1b885badac34588b8d70f708fe8e6d8b4e9ea4bb5280cdc1d0a61d3d366d0ddeb2c2d85f48812a08f8f174a7cd9b04bc8286f2b9f50ff030145dc19d71f346f5aa14b60826f7f1c539796f0c9dd786fb5c742ada5165caa5e332fa8957975b7c791d92293a43fee20c90f258fad401161827ea95add6b1f770a0d0efccf84b0e08995330d163acd5ac2a108fe8922ca6ddb0194ebb8601f0b17f7f7fd5edd0d595f2e2f392657577306862c0629bc751206ecc19a8acbe89515b06d0dc3ea960616f862dbf49f78a67a44bb9fca0f1a11080d13ca655c68a1fd864d89700ccf0596635010eff60f9d3ea468fbf948d13a63731c9bf73365881e876ff3c429b29d7ca77dc4cb1778d395de2f20c61f3a6b3031312596536def8cead41e607e137ec2b8d83d4fcd638df6773200b3af57e1df530b739388e3dd5d87feb3921b7567adb2e1a91ef470338f6fc5190394ebe19c3cf7288931d03b0069b7d24e2386f4160597ce7934314c6eea935130505a0370b3d9353c45bc07acde671f6b807fd143afaf73ba172fb01edd8c43049d4649ab34de7f4043860ad1f1de1fa9820becfb4f78a2cbe5a8e114666fe79d0716e7019a2ff7998461ce22556c6a1675307a3d375f53bfd4beaf68cbf9005efee68f54b0e21124c19e8ae4dc843be9854bdff57917fb95146622139af2a9c3ac41fc42cc7131fbf4336c2c0bf3dcc39050161d8da59d9095f0b43185dfcde98bc7f1a946644e6af6294b1e260d8b03fef966ac09bea5fa20993b86ea8ecfd4d7e2cc87603d7a5f23722aeef2bd1916e238ea614d66dd55db6738cbc24fff4b4f4dc2b06311508b33c266a4665717bb6d11e9a84a71f89fb87f4eb20a61bbc0db55513cae42bef9210e3b8731f5a86247dcd44b1ef65a41cfb748a8416e4fff72bd18758d37b5ab7773f8e7950bb64efe5c971da1c1babc971837d22fa8f58eff7643db10bdfbe95d55cea8c1232ed33787a42add47e41aaa28d7b2f9e7913cbedf4bc8bc76c8c8840fde6f2487bdf94bf11c602bedda0e5db3f327e18937cfd740b69d4770155a7321bf8141c92bcf1b03b403c9f8785bb76b467319cc8d678e78e52ccdfab3617b2bf7ca29e7bbc189dd1c90f401041879113a542b3ad8f05f679a633357471506ef9fd2e93b9fbecae7800a2bc93974a8f4ad8e610f59104947c008e9bc5aa17f8e05b5724013cb62c721578e933117ab6e2e96d5987cae0edb0176931f8f591ecca59b28b79e0a8d3ee248b3e14271a979ef1bdb3c693bea2bba32d31daaec5c451ff65b22176ef4e2f1a8e55251b83f635594248c343f7fcf979787599309e01e0c4dd8c7776ec230c2b2c6a40e2c39b7583f5b9b596a19f38e50094566509a2af91a62a95a4c53ee8f6aa548bacc66cb588aa40207fe3cd2fced520a0c839169a0ee77592c03b57f21cb04b758b2618a09c11b71c1c5537cd1d75836638fd0e8e584aa781f4d3b4d284ef8c6fb115f61ba4b8a0bf9df83278f5248723ded9ec5f1309f43b1f99ce6b6147b2eec5c7c28033ac492fe4bffc7294c7c5dc42ea71420b8813ed2e96060654dae874cef9133bf8a953f299f92537168bcddfd2840f68d55a4619c7ba774880b343819aff259528f29f88b76ed5ac643852d4165e4d367e1d8f4524b74d48c0798b07385539410e2455a6e67bcb69355ba35dd857ba607bceb3b47a1516977e20880f94c30b98febaf948752c3146d71f4849d303a743f8a3503fda146ee3ead4763863607e3d33a89b2a9cd096c631ca15bf432405eb2ee965a50065bd4ef9eaf0cc7a49cc83cd0976ce72b79f85b3288ffa0b5083032cae54945f84cf8a7af1e3c500eb7a79ade6c3cb4de2c8715e4c4c08f7f203ed0dfd2380445d19f88bb3f23819ba191ecd2b9d71388395283fe859089607d3caa4403f062194eb4caf345f5b87c99ee8739850fa66162468c324861e8c71b88fde8725001b3a401c05f6ac0f6773a7b4ab8907c52fbe242d7bb627c4e209f922c3ccac9b6565d6e64f20cbea1e95a9262c9f132049b9334dd76c3f251f214584982225925d02fdd0e22e8ec4d88f4aa3cdd5468e9567d53e00b0198d91719d654b8a24e9e1591a55c205236f646aa29901ac69e3fe7cc012012caf150e27b26da2e5da1209db0fb15486ff314339595f2d67aca9ad0d5f36b77f74313a7c2a81614970edaaa5c3baa22d6972cd96d61708d663eb35eecdb48b0f4858deb38b1c2fd87c68808ccbcf1bb2c7f8df54b79c875e2da364117cd8cdac64ca712044280632be6dac8075a1e87b5dd43eaea86fdc5b6c5b5b696208b2229a88488647f7332b2a45de2ae8a9485f943734829d5d377f46c3084db345308d2a7ae943c5652ea4fd9ca49a2ccf0cfc914b61d87bbe14fd0ed49fd7b4ae308c31b65fcf9818bfd10e2e325d3e3dec24bf9b824a145caffe6158e7f8100e03ef0e491ca055f15431b48cc716b657eb02dc48c6f57e8e24e939cdb1a120b680e19eab3bc5908b9c23d76a4778c402088cc08dc544350cf7e4c788fda9d51de12c26cec3a4dd574f7f08f47605193c5a81f609fbec9ac9fa774c7664daceba59063e0fa4c2b888f147bbb95cf0bec4caf3094927430d9931620b1cd53fd675ecf33e09215076c3ce78df043db411218cf131253c1638da78755934b1b1d51e20ffbbe02ae3dcfa95f7ab73b30fe5edf6e66828a69c36e594588c39386fab5a6b0f8b1012363ef932c54434f2629fd65c20fcaaf416597dbe373b05607f3e7d0e131e2626ae87a00d6074c873885b5d0f3ae257dab882bc9ede5d8fd6b23bc562fc3ff9eb9e400af8af55d4f09c93a915d90ecc6d4a2c1c291913be85e9da83047668422fad449f5a0f07cf66d7cdbfd9a12b47ee799d0ccac142f8afcc00e2b7aae9c38ba626538bcccd56c3a167aa647fc18e9401a58d70dd108a81db40a35134734f1431beaffd59eba7290dec6b243d04badfb6c3d5281645d37bca93a4aedcfce448d8a7848862a54466346d4e2296a03b685817e637ffe34b3ebf155aa26aabd6e8f6c85633eb32e01ac8baab721c35aaaddf7eec42eec65efedf3fbe6a6f76f4f465b7f9bd8d27e0e0d4e6f9780e73ac9cfb03db5e0d3674891a78c294b9cd8d20a5fed4cb9265e9bdd05b99e9597e87883f60ba4a95a90b006abb867755190d308400e250d602e01d33f9bb0c25f48dad20dedd257388a9a7ab5b436d3d37ece5f2bf5ab116a5c858a2a8e77fa5b1da2a9b5b598c58e3a7a71b860e3c0b678b0776925cddd8ef7555ee09fd1777466c1d9002d641fd15a54ed3bf7b8972b8de3ef9f2f9cf3559d7a148332ba63d8d4a3492cfe38927179d5849c46d5cb2e8307070426ff8ff808d4c4c5cac316f5ac2387dd59f794ffba2ee3b425e7a595573d035bf676540f4594057fb7fec987477c383c0b2cd7061a7cae98303b1b02bda6d56587023fea8135fbd93faa173a89e47f1fee96bc89a0d20c74ad3fca60794fd03bed2543d1164289a4bf5c3c5df09935970675a14d7279b82fe8c89a549997b6529f6a1e6096c1af658a26cef7dbf997769a53aed0f4b4fc88e54ba874616c3dc2a119269a88b0c3771a76469d83bf34f707d81fc2c1637872fb70a9dcbe878a23b68ba01215720026895492e6342439a33313b3b58c63781a37cf94761220a5d9b0b75a7c20641e27cc554984f26285b061c12d2f3dfc17bcb47a21e8face7793219e280f68e7525f99e1e780ad6ba1d7d0d213bf830595d3f04471b32e6786ed1616c36a6cf5455d5b6de3be7f97585c3203485cb862490fb5cb46fd798b98233ce0cb9278ab5a744a740b66afb91312b708669c223ddf35232c7ae57e166ef86775c010d00318e057d7a9cd16fed14f9f6c2377840234df4ee506facc8006bbfb4429cf4e1e0463e6098bf4fe768ea417ce56845084b4ab4b301e3d472155161272262cdf01036b1f6632e33d301d7b7881ec8ee2195850a066131e708d1f2243c0fe7d5d9f68311190079155417e96c75fe630c31c1eb88dfea522b93c6447c84173e1b75fa213cafa2edc50e52d92ac08f0e4179b19d25e9f29c753528d7a5b732c8ab4c827a634aed53e8aa3842d2ce72d628ad9a0b2435a98603125d5c6a5ad600b14e1e635a467b8d8740767b35235e71ebe5a303c16f29971a16e3687f82658e6d6cce57cca19a31aa1c3b7965bce524467fc48a14915a38f6db6bd391247016f71e702a9f93a22270906f4c8effc757b3fb3b83ec7fd6c010b1a59c7c6f37c680c8982ebdd176d4e7605bd11e8d24b444cfcb7359e010b499bd4db16a756b9d8b94b5df456636ba721c64144adcefcc6feeb76b0aaeac6ab330e6b0aa1bb5203d06cbe17adddc303b8a6252597e50e71f615ce50faabe5a1280c941e00e6c07df17381a8df5bf5801c50b3ff9b76116796b3e7885e736e8f488ea7cfacd3a27895db133348a43dac87874994527b35edee2d3b2216dd8b94c615c73ab8ccfa42d58bff2907d540cc846ac809d95863ec6e8cfc1d0439ddcbf81ae1186bacb20882dd82fd915f768bd3261f9848265596e2ee8999f6eb019ee81956d93584deba2cb95ce283319550fa0e8d8e0c2606847407baf2ed6aed508e8ff40bdeb366e171841113abaabbec9864778ccb0e5034cb559937b62314e7d90e28f9f2b365c3efa67102a9aa68bb02afe7931f0ef3dc1698818120d149eabe8fbea8b96edfccc917cbce8854b7ddaa045d0a77c532d705044b0cfdb3d79084be61206ac1b55d90fb78b55a85a0e317b7b0abed576a1001a61ecdd9fd993da27167c572c1a3f169991e07ef9156acbf650a1f5098618592ed2bb3995bc3ad3aa7aa8d5551f8928c575f4cb31d6fe0d644ab8f9a9ffdbd5ff3448d27acf8fa08e8b2914a4d3a1a4c11a0c71732152eb026ad8d205b91c9a39bafe09dba27c9de60a07b0b75b1095e0a94bd48cc2a8c426c4682c162e76994cd6ca03d1b91c675d0d5323c6d321b665a3c5e59a6436158f5424641c5d1253ca2c12706441b5c5bcfeb70b224f42700b1d163505a3eb6aa91a584c845f8ccc03847bb174c39d571c0e9fada207d64c31800"}) ioctl$USBDEVFS_FORBID_SUSPEND(r4, 0x4008550d) socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0x0, 0x300) r7 = syz_open_procfs(0x0, &(0x7f00000003c0)='timerslack_ns\x00') write$cgroup_int(r7, 0x0, 0x0) r8 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, &(0x7f0000000500)) syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) 7.411056127s ago: executing program 2 (id=2114): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)) r0 = socket(0x2, 0x2, 0x0) bind$unix(r0, 0x0, 0x0) 6.450705939s ago: executing program 3 (id=2116): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x9, 0x16, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) readv(0xffffffffffffffff, &(0x7f0000002940)=[{&(0x7f0000001380)=""/97, 0x61}, {&(0x7f0000002980)=""/51, 0x33}, {&(0x7f0000002880)=""/147, 0x93}], 0x3) read$char_usb(0xffffffffffffffff, &(0x7f0000001840)=""/4090, 0xffa) creat(&(0x7f0000002840)='./file0\x00', 0x10) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/dev\x00') read$FUSE(r1, &(0x7f0000000140)={0x2020}, 0x2020) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r4, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000540)={r5, 0x1, 0x0, 0x0, 0x0, [0x0], [0x0, 0x4]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3fe, 0xb, 0xb2}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000500)={0x0, 0x0, r7}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 6.450109189s ago: executing program 2 (id=2117): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001439) ioctl$PPPIOCATTACH(0xffffffffffffffff, 0x4004743d, &(0x7f0000000240)) close(r0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100108500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x10) writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f0000000280)="fa8e", 0x2}], 0x1) fcntl$lock(r2, 0x0, &(0x7f0000002000)={0x1, 0x0, 0x7ff, 0x4, 0xffffffffffffffff}) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f00000031c0)={0x0, 0x4}) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000080)) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x0, &(0x7f0000000440)}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc000ff}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000680)={0x2, &(0x7f0000000400)=[{0xd61d, 0x2, 0x8, 0x1}, {0x2, 0x7, 0x3, 0x7ff}]}) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r5, &(0x7f0000010140)={0x237, 0x7d, 0x0, {{0x500, 0xf6, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox%\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\v\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x17, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x0fX\x05\x02\xb6n\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x237) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f00000003c0)={r6, 0x7, 0x2}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f00000004c0)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0xd}, 0x90) ftruncate(0xffffffffffffffff, 0xc17a) r7 = socket$netlink(0x10, 0x3, 0x2) sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r1], 0x24}, 0x1, 0x0, 0x0, 0x20008001}, 0x20000004) fcntl$dupfd(r1, 0x406, r2) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000440)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000080)={r8, 0x3, r4, 0x5}) bpf$PROG_LOAD(0x5, 0x0, 0x0) 5.249123932s ago: executing program 2 (id=2120): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() sched_setscheduler(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, 0x0, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) setsockopt$sock_int(r3, 0x1, 0x0, &(0x7f0000000000), 0x4) shutdown(0xffffffffffffffff, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 4.030542975s ago: executing program 2 (id=2121): r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000100)={0x0, 0x0, {0x0, 0x1, 0x3, 0x80000000}}) syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x80c002000104082, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000003, 0x13, r4, 0x19d20000) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read(r5, &(0x7f0000000040)=""/148, 0xffffff96) 3.990774309s ago: executing program 0 (id=2122): prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006}]}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r0, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0xb6, 0x0, &(0x7f00000000c0)) 3.990145119s ago: executing program 1 (id=2123): socket$inet6_tcp(0xa, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x401}}}, 0x7) 3.766841389s ago: executing program 4 (id=2124): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x11, &(0x7f0000000500)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nouid32}, {@noblock_validity}, {@noload}, {@data_writeback}]}, 0x1, 0x631, &(0x7f0000001940)="$eJzs3c1vVFUbAPDn3k6/3/edQt6ouJBGYyBRWlrAEGMC3bgiBD92riotBBkooTVaJLFNcGNi3LgwceVC/C+UxK0Lty7cuDIkxBgWYlDG3Jk7ZTrt9Hs6pf39kmnvndM557lNn54zZ86ZCWDPGsy+pBEHIuJaElGsKytEXjhY/bn7f9w8n92SKJff+j2Jmx8nc/V1Jfn3/vzB/xQj+SmN2N+xtN3p2RuXx0ulyev5+fDMlWvD07M3jly6Mn5x8uLk1dFXRk+eOH7i5MjRTV1fHtPf2Zczt977oPjp2Xe++ephMvLtL2eTOB2P8tiy62p8bPemWs5+Z4NRrnqwqCCNOLnJuneKP4u1v5OK7uwPIim0MyLWI42IUxHRGRFPRzE64nGyFuOTN9oaHNBS5SQqfdRgGdh7kmhadKkn/yexVE9LYwK2Q20cUHtuv9zz4KXSVg5JgG1yb6w6V1fN/c6IqOV/oTo3GD2VuYG++0n9PE9lXm1zM3NVWRs//nD2VnaLJvNwQGvMzddmuRv7/6SSmwNRfQ7Qdz9dlP9j+SggzV8neLOx4jVOng82nMt/2D5z8xHxTN7/d8Wa8z/Nc7eW/+9usH35DwAAAAAAAFvnzlhEvLzc+r90Yf1P1zLrf/oj4vQWtL/663/p3fwg2YLmgDr3xiJeW3b978Ia34GO/Oy/lfUAncmFS6XJoxHxv4g4HJ3d2flIQ731K4SPfLb/y2bt16//y25Z+7W1gHlNdwsNa4kmxmfGN3vdQMS9+YhnK+t/D+b3LF7/k/X/yTL9f5bf19bYxv4Xb59rVrZ6/gOtUv464tCy/f/j4Xay8vtzDFfGA8O1UcFSz330+XfN2pf/0D5Z/9+3cv53J/Xv1zO9vvq7IuLYbKHcrHyj4/+u5O2OWv2ZD8dnZq6PRHQlZ5beP7q+mGG3quVDLV+y/D/8wsrzfwvj/7o87I2IuTW2+dSj/l+blen/oX2y/J9Yuf8vLu7/138wenvg+2btn1tT/3+80qcfzu8x/wf1lr4fx1oTtC3hAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMATLo2I/0SSDi0cp+nQUER/RPw/+tLS1PTMSxem3r86kZVVPv8/rX3Sb7F6ntQ+/3+g7ny04fxYROyLiC86eivnQ+enShPtvngAAAAAAAAAAAAAAAAAAADYIfore/7L3Y37/zO/dbQ7OqDlCvl3+Q57T2HDjyx3b2kgwLbbeP4DT7L5deV/Z0tjAbZf8/x/8LBc0XD368+3PCZgexj/w961wfz3cgHsAvp/2KvWOKfX0+o4gHbQ/wMAAAAAwK6y7+Cdn5OImHu1t3LLdOVlvW2NDGi1tN0BAG1jDS/sXYWpdkcAtIsN/UCycPRX42b/iuar/5PWBAQAAAAAAAAAAAAALHHoQPP9//YGwO628v5/a/thN1th//9yye/tAmAXaf7RH/p+2O08xwdW6+3t/wcAAAAAAAAAAACAHaDnxuXxUmny+vTsk3dwameEsb6DufHN1VPu3glXsfjgUWtq7oyInXGBW3CQJVupNFkuR6z+w7W34GhjzO39twQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADz2bwAAAP///UcgJw==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r4 = dup(r3) sendmsg$netlink(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000540)=ANY=[], 0x100}, {&(0x7f0000000580)=ANY=[], 0x1f88}, {&(0x7f0000000780)=ANY=[@ANYBLOB="b80000000000000000000000000000007a7e2caaa8d55a685325b1464e1a765a114c13e78ecb27b6c329f58788b8698a9d6e4b9d8a7f60a60ee95742dba513af0a39d8a48b102754bc39b3fc90bf269a2d57957ad381018b1f99d11a229c2d49f90f6beb5a6e4ef93f171fd20f451100e1bcf0464d0000800c9884f00d485f0b170949eb707b7c2094a8b32642c478414b3fb097fe4f0c6be94f627119a25ffd76c35e798eb68595c9c573f051d7f67a7df2d159c97d6ee88a2b4387182ca5d6220000000000001e22552865abeea7bd0768f771faa5025a2425f92fb5b8a6a13d221326f2bbd33e7f59ee88aea454ec21d0e5efc5a7c6d51fc86a329dd69b95d2cba7887445a45dbe0b0bb7a51b2b3460ed9629e08648b1eccb653edad1939c44b9a82e0a82c9ba50ef9fff7b5ce4a8b5c3484b35b9e26f5a5acccb6265bbed84c0626a1825b800700601576f992142ede3500ffef187aea511ba3aec37d9158a336b3fa454e6272cbac87d2375a0f8e8ae17c1f67178f9c38a687cbd5f4477271081"], 0xb8}], 0x3}, 0x0) tkill(0x0, 0x7) 3.75016662s ago: executing program 0 (id=2125): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000700), 0x3, 0x0) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000040)) close_range(r0, 0xffffffffffffffff, 0x0) 3.088086696s ago: executing program 0 (id=2126): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x3, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x9f}}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x90) 3.064023469s ago: executing program 1 (id=2127): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)) r0 = socket(0x2, 0x2, 0x0) bind$unix(r0, 0x0, 0x0) 2.654937743s ago: executing program 1 (id=2128): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @loopback}]}]}, @IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}]}, 0x50}}, 0x0) 2.652110304s ago: executing program 0 (id=2129): r0 = syz_io_uring_setup(0xd8, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r1, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[0xffffffffffffffff]}, 0x1) 2.439923301s ago: executing program 4 (id=2130): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001439) ioctl$PPPIOCATTACH(0xffffffffffffffff, 0x4004743d, &(0x7f0000000240)) close(r0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100108500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x10) writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f0000000280)="fa8e", 0x2}], 0x1) fcntl$lock(r2, 0x0, &(0x7f0000002000)={0x1, 0x0, 0x7ff, 0x4, 0xffffffffffffffff}) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f00000031c0)={0x0, 0x4}) fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000080)) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x0, &(0x7f0000000440)}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc000ff}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000680)={0x2, &(0x7f0000000400)=[{0xd61d, 0x2, 0x8, 0x1}, {0x2, 0x7, 0x3, 0x7ff}]}) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r5, &(0x7f0000010140)={0x237, 0x7d, 0x0, {{0x500, 0xf6, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox%\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\v\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x17, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x0fX\x05\x02\xb6n\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x237) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f00000003c0)={r6, 0x7, 0x2}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f00000004c0)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0xd}, 0x90) ftruncate(0xffffffffffffffff, 0xc17a) r7 = socket$netlink(0x10, 0x3, 0x2) sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r1], 0x24}, 0x1, 0x0, 0x0, 0x20008001}, 0x20000004) fcntl$dupfd(r1, 0x406, r2) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000440)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000080)={r8, 0x3, r4, 0x5}) bpf$PROG_LOAD(0x5, 0x0, 0x0) 2.34088378s ago: executing program 1 (id=2131): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() sched_setscheduler(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, 0x0, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) setsockopt$sock_int(r3, 0x1, 0x0, &(0x7f0000000000), 0x4) shutdown(r3, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) 2.206838551s ago: executing program 0 (id=2132): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0x2000010, &(0x7f0000001080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRESOCT, @ANYRESOCT, @ANYRESDEC=0x0, @ANYBLOB="2c756d61736b3d30300000000030303030303030303030303030303030302c6769643d69676710b01c1f9d6e6f72652c6e6f6164696e6963622c756e64656c6574652c6e6f7672732c6c617374626c6f636b3d30303030303030303030303030303030303030312c7569643d69676e6f72652c6e6f7374726963742c616e63686f723d30303030303030303030303030303030303030352c766f6c756d653d303030303030386ee5eef62188e3303030303030303030308930302c756e1202682e87dc70c6e7ea5ddae3187388c671a93c7e"], 0x1, 0xc43, &(0x7f0000000200)="$eJzs3U9sHNd9B/DfGy7Fpd1WTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUWRFi2KFCV/Pjb13Z19b/a9easZiuCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8ev7EybSDgrV9aAwAsC8ujn31xKmdXP8BgMfG5Z3++x8AAAAAAAAAAAAAAHhYUhTxVKSYu7iWJqrnHfUL7f6bt8ZHRreuNpiqmn1V+fKrfvLU6TNfenH4bDcvtGc+pP6D9tl4fezy+cYrszfm5qcWFqYmG+Mz7auzk1M73sNu6292rDoAjRtv3Jy8dm2hceqF03e8fGvog4EnjwydG37u+LPdsuMjo6NjG0XqveV3e/eF7WZ4HIoijkeK57/309SKiCJ2fyzq+zv2mw1WnThWdWJ8ZLTqyHS7NbNYvnipeyCKiEZPpWb3GG09FlHr39c+bK8ZsVQ2v2zwsbJ7Y3Ot+daV6anGpdb8YnuxPTtzKXVaW/anEUWcTRHLEbE6cPfu+qOIWqT4zuG1dCUi+rrH4YvVxODt21HsYR93oGxnoz9iuXgExuwAG4giXosUP3v3aFzN55nqXPOFiNfK/EHE22W+HJHKD8aZiPe3+BzxaKpFEX9Zjv+5tTRZnQ+655ULX2t8ZebabE/Z7nnlI14f7jpTPKTrw+Cm3B8H/NxUjyJa1Rl/Ld3/NzsAAAAAAAAAAAAAAAAAPGiDUcRnIsWr//En1bziqOalHz43/IdDv9o7Z/yZe+ynLPtCRCwVO5uTeyhPDLyULqX0kOcSf5zVo4g/zfP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsVL7x1Ny9G7pnh75npjMCI6q8J21/7trpm+vr6+3kidbOacyLmUcznnSs7VnFHk+jmbOSdyLuVczrmSczVn9OX6OZs5J3Iu5VzOuZJzNWfUcv2czZwTOZdyLudcybmaMw7I2r0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+TIor4RaT49jfWUqSIaEZMRCdXBh526wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0kAq4vuRovFHzdvbahGRqv87jpZ/nInmoTI/Gc3hMl+O5vmcrSprzW89hPazO/2piB9HioH6O7cHPI9/f+fZ7Y9BvP3NjWefrXWyr/vi0AcDTx45fG549Dee2e5x2qoBxy60Z27eaoyPjI6O9Wyu5Xf/ZM+2ofy+xYPpOhGx8OZbb7Smp6fm7/9B+RHYRfVH6EGqfVx66kH1IGoHohkPp+/3cLhvf85Q7KXy+v9+pPjd9/6ze8HvXP/r8SudZxvD/PM/27j+v7R5Rzu8/tc218vX//KavtX1/6mebS/l70b6axH1xRtz/Uci6gtvvnW8faN1fer61MyZEye+PDz85dMn+g9F1K+1p6d6Hj2QwwUAAAAAAAAAAAAAAACwf1IRvx8pWj9eS42IuFXN1xo6N/zc8Wf7oq+ab3XHvO3Xxy6fb7wye2NufmphYWqyMT7Tvjo7ObXTt6tX073GR0b3pDP3NLjH7R+svzI79+Z8+/ofL275+hP181cWFudbV7d+OQajiGj2bjlWNXh8ZLRq9HS7NVNVvbTlZPqPrj8V8V+R4uqZRvp83pbn/2+e4X/H/P+lzTvao/n/n+jZVr5nSkX8PFL8zl89E5+v2vlE3HXMcrm/ixTHzn4ul4tDZbluGzr3FejMDCzL/l+k+Kdf3Fm2Ox/yqY2yJ3d8YB8R5fgfjhTf/4vvxm/mbXfe/2Hr8X9i847ud/zXP3z8n+7Z9sQd9yvYddfJ4388Urz81DvxW3nbh93/o3vvjaO58O37c+zR3/9P9Wwbyu/72w+m6wAAAAAAAAAAAI+0/lTE30eKH47W0ot5205+/29y84726Pe/Pt2zbfLBrFd0zwe7PqgAAAAAcED0pyJ+EimuL75zew71nfO/e+Z//t7G/M+RtOnV6ud8v1bdN+BB/vyv11B+34nddxsAAAAAAAAAAAAAAAAAAAAOlJSKeDGvpz5Rzeef3HY99ZVI8er/PJ/LpSNlue468EPVn/WLszPHz09Pz15tLbauTE81xuZaV6fKuk9HirW//VyuW1Trq3fXm++s8b6xFvt8pBj9h27Zzlrs3bXJn94oe7Is+4lI8d//eGfZ7jrWn9ooe6os+zeR4uv/snXZIxtlT5dlvxspfvT1RrfsE2XZ7v1RP71R9oWrs8UejAoAAAAAAAAAAAAAAAAAAAAfN/2piD+PFP97Y/n2XP68/n9/z9PK29/sWe9/k1vVOv9D1fr/2z2+n/X/q/sKLG33rgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HhKUcRbkWLu4lpaGSifd9QvtGdu3hofGd262mCqavZV5cuv+slTp8986cXhs9388PoP2mfi9bHL5xuvzN6Ym59aWJiabIzPtK/OTk7teA+7rb/ZseoANG68cXPy2rWFxqkXTt/x8q2hDwaePDJ0bvi54892y46PjI6O9ZSp9d/3u98lbbP9UBTx15Hi+e/9NP1wIKKI3R+Le3x29tpg1YljVSfGR0arjky3WzOL5YuXugeiiGj0VGp2j9E+jMWuNCOWyuaXDT5Wdm9srjXfujI91bjUml9sL7ZnZy6lTmvL/jSiiLMpYjkiVgfu3l1/FPFGpPjO4bX0rwMRfd3j8MWLY189cWr7dhR72McdKNvZ6I9YLj7qmK2vr6/vXzsPuoEo4p8jxc/ePRr/NhBRi85XfCHitTJ/EPF2dMY7lR+MMxHvb/E54tFUiyL+vxz/c2vp3YHyfNA9r1z4WuMrM9dme8p2zyuP/PVhPx3w60k9ivhRdcZfS//u7zUAAAAAAAAAAAAAAADAAVLEr0eKl947mqr5wbfnFLdnrjcut65Md6b1def+dedMr6+vrzdSJ5s5J3Iu5VzOuZJzNWcUuX7OZpn19fWJ/Hwp53LOlZyrOaMv18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxQObuAQAAAAAAAAAAAAAAAAAAj5ei+i/Ft7+xltYHOutLT0QnV6wH+tj7ZQAAAP//5dj8GA==") setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r0 = open(&(0x7f00000000c0)='./bus\x00', 0xca942, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x6) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(0xffffffffffffffff, &(0x7f00000011c0)=""/102390, 0x18ff6) mkdir(0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) open(0x0, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='sched_switch\x00', r1}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r3, 0x400448e1, &(0x7f0000000240)={0x0, 0x0, "be5e08"}) timer_settime(0x0, 0x0, &(0x7f00000004c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) getpid() ftruncate(r0, 0x8002007ffb) 1.040992831s ago: executing program 1 (id=2133): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x4, &(0x7f0000000100)) 0s ago: executing program 1 (id=2134): msgget$private(0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f00000008c0)={{0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000180)=ANY=[@ANYRES32=r0]) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000019000100000000000000000080200000001100050000000008000100ac1e000108000400", @ANYRES32=0x0], 0x2c}}, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f00000013c0)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x1, "8fcb9c49a280b1"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r4, 0xd000943e, &(0x7f0000003700)={r6, r5, "ee101fe3e995826349ea9adde0e5bb210053fdd39c297bd9e292f10a2124f43b32f86885adc9f4db8a797978ce32b1aaa01248cf5ad443aedd2958ed0b8b903eea473357b5e6cdccdaf0e544d8f9750a3e8094b4f61bae7ce8dc0bbd3128f6e3bb09ffe96ed18ac85f5121237fadd1a4c79eff9ee55920ac5e78ac6abc8f2767d412c4add0962ca60dceedf299a556b1d86cd12ce0498703f326ddee9fffd13dcdf8e7691541c41ce58a727d7fa471308e29e8002c75b772429bacc707c2511facd220e185460e85613e5520d41dd4a110b763a99bd6e54ba8210013a8a17d188c1458fadcd33fc0e12d31c9603ac491a6d37f3508cec298cbab494c322d4b3d", "16aaf8e9228e74760edf2d47c1094e78f09fa838daa83b01c85f5d0976ae4ee63e0f4b73052a3072912549f3c6d3b54893503afbf84d9aeaaf48cdfe113d6140804abb3cc5e4430a62554529e6d81a74488af61543945b45729b5206332e338d93f939245ad08f69a6f459e3b705871521a22b8b7ee863266cc7fbda3172cf6f3ad6622be3badd59d1d862133f1931ba260139bc726bcc17fc9a93ff23d346032c22be7a9611ddc50a6ea4627e6f09555727d51d555ba14c69a62fcd402f81e1c61abfd1b885badac34588b8d70f708fe8e6d8b4e9ea4bb5280cdc1d0a61d3d366d0ddeb2c2d85f48812a08f8f174a7cd9b04bc8286f2b9f50ff030145dc19d71f346f5aa14b60826f7f1c539796f0c9dd786fb5c742ada5165caa5e332fa8957975b7c791d92293a43fee20c90f258fad401161827ea95add6b1f770a0d0efccf84b0e08995330d163acd5ac2a108fe8922ca6ddb0194ebb8601f0b17f7f7fd5edd0d595f2e2f392657577306862c0629bc751206ecc19a8acbe89515b06d0dc3ea960616f862dbf49f78a67a44bb9fca0f1a11080d13ca655c68a1fd864d89700ccf0596635010eff60f9d3ea468fbf948d13a63731c9bf73365881e876ff3c429b29d7ca77dc4cb1778d395de2f20c61f3a6b3031312596536def8cead41e607e137ec2b8d83d4fcd638df6773200b3af57e1df530b739388e3dd5d87feb3921b7567adb2e1a91ef470338f6fc5190394ebe19c3cf7288931d03b0069b7d24e2386f4160597ce7934314c6eea935130505a0370b3d9353c45bc07acde671f6b807fd143afaf73ba172fb01edd8c43049d4649ab34de7f4043860ad1f1de1fa9820becfb4f78a2cbe5a8e114666fe79d0716e7019a2ff7998461ce22556c6a1675307a3d375f53bfd4beaf68cbf9005efee68f54b0e21124c19e8ae4dc843be9854bdff57917fb95146622139af2a9c3ac41fc42cc7131fbf4336c2c0bf3dcc39050161d8da59d9095f0b43185dfcde98bc7f1a946644e6af6294b1e260d8b03fef966ac09bea5fa20993b86ea8ecfd4d7e2cc87603d7a5f23722aeef2bd1916e238ea614d66dd55db6738cbc24fff4b4f4dc2b06311508b33c266a4665717bb6d11e9a84a71f89fb87f4eb20a61bbc0db55513cae42bef9210e3b8731f5a86247dcd44b1ef65a41cfb748a8416e4fff72bd18758d37b5ab7773f8e7950bb64efe5c971da1c1babc971837d22fa8f58eff7643db10bdfbe95d55cea8c1232ed33787a42add47e41aaa28d7b2f9e7913cbedf4bc8bc76c8c8840fde6f2487bdf94bf11c602bedda0e5db3f327e18937cfd740b69d4770155a7321bf8141c92bcf1b03b403c9f8785bb76b467319cc8d678e78e52ccdfab3617b2bf7ca29e7bbc189dd1c90f401041879113a542b3ad8f05f679a633357471506ef9fd2e93b9fbecae7800a2bc93974a8f4ad8e610f59104947c008e9bc5aa17f8e05b5724013cb62c721578e933117ab6e2e96d5987cae0edb0176931f8f591ecca59b28b79e0a8d3ee248b3e14271a979ef1bdb3c693bea2bba32d31daaec5c451ff65b22176ef4e2f1a8e55251b83f635594248c343f7fcf979787599309e01e0c4dd8c7776ec230c2b2c6a40e2c39b7583f5b9b596a19f38e50094566509a2af91a62a95a4c53ee8f6aa548bacc66cb588aa40207fe3cd2fced520a0c839169a0ee77592c03b57f21cb04b758b2618a09c11b71c1c5537cd1d75836638fd0e8e584aa781f4d3b4d284ef8c6fb115f61ba4b8a0bf9df83278f5248723ded9ec5f1309f43b1f99ce6b6147b2eec5c7c28033ac492fe4bffc7294c7c5dc42ea71420b8813ed2e96060654dae874cef9133bf8a953f299f92537168bcddfd2840f68d55a4619c7ba774880b343819aff259528f29f88b76ed5ac643852d4165e4d367e1d8f4524b74d48c0798b07385539410e2455a6e67bcb69355ba35dd857ba607bceb3b47a1516977e20880f94c30b98febaf948752c3146d71f4849d303a743f8a3503fda146ee3ead4763863607e3d33a89b2a9cd096c631ca15bf432405eb2ee965a50065bd4ef9eaf0cc7a49cc83cd0976ce72b79f85b3288ffa0b5083032cae54945f84cf8a7af1e3c500eb7a79ade6c3cb4de2c8715e4c4c08f7f203ed0dfd2380445d19f88bb3f23819ba191ecd2b9d71388395283fe859089607d3caa4403f062194eb4caf345f5b87c99ee8739850fa66162468c324861e8c71b88fde8725001b3a401c05f6ac0f6773a7b4ab8907c52fbe242d7bb627c4e209f922c3ccac9b6565d6e64f20cbea1e95a9262c9f132049b9334dd76c3f251f214584982225925d02fdd0e22e8ec4d88f4aa3cdd5468e9567d53e00b0198d91719d654b8a24e9e1591a55c205236f646aa29901ac69e3fe7cc012012caf150e27b26da2e5da1209db0fb15486ff314339595f2d67aca9ad0d5f36b77f74313a7c2a81614970edaaa5c3baa22d6972cd96d61708d663eb35eecdb48b0f4858deb38b1c2fd87c68808ccbcf1bb2c7f8df54b79c875e2da364117cd8cdac64ca712044280632be6dac8075a1e87b5dd43eaea86fdc5b6c5b5b696208b2229a88488647f7332b2a45de2ae8a9485f943734829d5d377f46c3084db345308d2a7ae943c5652ea4fd9ca49a2ccf0cfc914b61d87bbe14fd0ed49fd7b4ae308c31b65fcf9818bfd10e2e325d3e3dec24bf9b824a145caffe6158e7f8100e03ef0e491ca055f15431b48cc716b657eb02dc48c6f57e8e24e939cdb1a120b680e19eab3bc5908b9c23d76a4778c402088cc08dc544350cf7e4c788fda9d51de12c26cec3a4dd574f7f08f47605193c5a81f609fbec9ac9fa774c7664daceba59063e0fa4c2b888f147bbb95cf0bec4caf3094927430d9931620b1cd53fd675ecf33e09215076c3ce78df043db411218cf131253c1638da78755934b1b1d51e20ffbbe02ae3dcfa95f7ab73b30fe5edf6e66828a69c36e594588c39386fab5a6b0f8b1012363ef932c54434f2629fd65c20fcaaf416597dbe373b05607f3e7d0e131e2626ae87a00d6074c873885b5d0f3ae257dab882bc9ede5d8fd6b23bc562fc3ff9eb9e400af8af55d4f09c93a915d90ecc6d4a2c1c291913be85e9da83047668422fad449f5a0f07cf66d7cdbfd9a12b47ee799d0ccac142f8afcc00e2b7aae9c38ba626538bcccd56c3a167aa647fc18e9401a58d70dd108a81db40a35134734f1431beaffd59eba7290dec6b243d04badfb6c3d5281645d37bca93a4aedcfce448d8a7848862a54466346d4e2296a03b685817e637ffe34b3ebf155aa26aabd6e8f6c85633eb32e01ac8baab721c35aaaddf7eec42eec65efedf3fbe6a6f76f4f465b7f9bd8d27e0e0d4e6f9780e73ac9cfb03db5e0d3674891a78c294b9cd8d20a5fed4cb9265e9bdd05b99e9597e87883f60ba4a95a90b006abb867755190d308400e250d602e01d33f9bb0c25f48dad20dedd257388a9a7ab5b436d3d37ece5f2bf5ab116a5c858a2a8e77fa5b1da2a9b5b598c58e3a7a71b860e3c0b678b0776925cddd8ef7555ee09fd1777466c1d9002d641fd15a54ed3bf7b8972b8de3ef9f2f9cf3559d7a148332ba63d8d4a3492cfe38927179d5849c46d5cb2e8307070426ff8ff808d4c4c5cac316f5ac2387dd59f794ffba2ee3b425e7a595573d035bf676540f4594057fb7fec987477c383c0b2cd7061a7cae98303b1b02bda6d56587023fea8135fbd93faa173a89e47f1fee96bc89a0d20c74ad3fca60794fd03bed2543d1164289a4bf5c3c5df09935970675a14d7279b82fe8c89a549997b6529f6a1e6096c1af658a26cef7dbf997769a53aed0f4b4fc88e54ba874616c3dc2a119269a88b0c3771a76469d83bf34f707d81fc2c1637872fb70a9dcbe878a23b68ba01215720026895492e6342439a33313b3b58c63781a37cf94761220a5d9b0b75a7c20641e27cc554984f26285b061c12d2f3dfc17bcb47a21e8face7793219e280f68e7525f99e1e780ad6ba1d7d0d213bf830595d3f04471b32e6786ed1616c36a6cf5455d5b6de3be7f97585c3203485cb862490fb5cb46fd798b98233ce0cb9278ab5a744a740b66afb91312b708669c223ddf35232c7ae57e166ef86775c010d00318e057d7a9cd16fed14f9f6c2377840234df4ee506facc8006bbfb4429cf4e1e0463e6098bf4fe768ea417ce56845084b4ab4b301e3d472155161272262cdf01036b1f6632e33d301d7b7881ec8ee2195850a066131e708d1f2243c0fe7d5d9f68311190079155417e96c75fe630c31c1eb88dfea522b93c6447c84173e1b75fa213cafa2edc50e52d92ac08f0e4179b19d25e9f29c753528d7a5b732c8ab4c827a634aed53e8aa3842d2ce72d628ad9a0b2435a98603125d5c6a5ad600b14e1e635a467b8d8740767b35235e71ebe5a303c16f29971a16e3687f82658e6d6cce57cca19a31aa1c3b7965bce524467fc48a14915a38f6db6bd391247016f71e702a9f93a22270906f4c8effc757b3fb3b83ec7fd6c010b1a59c7c6f37c680c8982ebdd176d4e7605bd11e8d24b444cfcb7359e010b499bd4db16a756b9d8b94b5df456636ba721c64144adcefcc6feeb76b0aaeac6ab330e6b0aa1bb5203d06cbe17adddc303b8a6252597e50e71f615ce50faabe5a1280c941e00e6c07df17381a8df5bf5801c50b3ff9b76116796b3e7885e736e8f488ea7cfacd3a27895db133348a43dac87874994527b35edee2d3b2216dd8b94c615c73ab8ccfa42d58bff2907d540cc846ac809d95863ec6e8cfc1d0439ddcbf81ae1186bacb20882dd82fd915f768bd3261f9848265596e2ee8999f6eb019ee81956d93584deba2cb95ce283319550fa0e8d8e0c2606847407baf2ed6aed508e8ff40bdeb366e171841113abaabbec9864778ccb0e5034cb559937b62314e7d90e28f9f2b365c3efa67102a9aa68bb02afe7931f0ef3dc1698818120d149eabe8fbea8b96edfccc917cbce8854b7ddaa045d0a77c532d705044b0cfdb3d79084be61206ac1b55d90fb78b55a85a0e317b7b0abed576a1001a61ecdd9fd993da27167c572c1a3f169991e07ef9156acbf650a1f5098618592ed2bb3995bc3ad3aa7aa8d5551f8928c575f4cb31d6fe0d644ab8f9a9ffdbd5ff3448d27acf8fa08e8b2914a4d3a1a4c11a0c71732152eb026ad8d205b91c9a39bafe09dba27c9de60a07b0b75b1095e0a94bd48cc2a8c426c4682c162e76994cd6ca03d1b91c675d0d5323c6d321b665a3c5e59a6436158f5424641c5d1253ca2c12706441b5c5bcfeb70b224f42700b1d163505a3eb6aa91a584c845f8ccc03847bb174c39d571c0e9fada207d64c31800"}) ioctl$USBDEVFS_FORBID_SUSPEND(r4, 0x4008550d) socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0x0, 0x300) r7 = syz_open_procfs(0x0, &(0x7f00000003c0)='timerslack_ns\x00') write$cgroup_int(r7, 0x0, 0x0) r8 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, &(0x7f0000000500)) syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) kernel console output (not intermixed with test programs): T3649] EXT4-fs (loop4): unmounting filesystem. [ 390.723185][ T6822] udevd[6822]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 392.335463][ T4206] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 392.551866][ T9127] loop1: detected capacity change from 0 to 256 [ 393.073734][ T9127] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 393.916336][ T9138] loop3: detected capacity change from 0 to 128 [ 394.016685][ T9127] loop1: detected capacity change from 256 to 0 [ 394.093448][ T11] loop: Write error at byte offset 9223372036854845439, length 512. [ 394.162673][ C0] I/O error, dev loop1, sector 136 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 394.172451][ C0] Buffer I/O error on dev loop1, logical block 136, lost sync page write [ 394.198986][ T11] loop: Write error at byte offset 9223372036854882303, length 512. [ 394.217269][ C0] I/O error, dev loop1, sector 208 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 394.250344][ T3732] loop: Write error at byte offset 9223372036854857727, length 512. [ 394.267807][ C1] I/O error, dev loop1, sector 160 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 394.277710][ C1] Buffer I/O error on dev loop1, logical block 160, lost sync page write [ 394.292951][ T3732] loop: Write error at byte offset 9223372036854858239, length 512. [ 394.356354][ C1] I/O error, dev loop1, sector 161 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 394.366242][ C1] Buffer I/O error on dev loop1, logical block 161, lost sync page write [ 394.419761][ T9146] loop4: detected capacity change from 0 to 1024 [ 394.449156][ T9146] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 394.482231][ C1] I/O error, dev loop1, sector 160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 394.504309][ C1] I/O error, dev loop1, sector 161 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 394.514125][ C1] I/O error, dev loop1, sector 160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 394.526123][ T9146] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 394.527729][ C0] I/O error, dev loop1, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 394.545433][ T9146] EXT4-fs error (device loop4): ext4_get_journal_inode:5733: comm syz.4.1509: inode #1: comm syz.4.1509: iget: illegal inode # [ 394.573112][ T9146] EXT4-fs (loop4): no journal found [ 394.581592][ T9146] EXT4-fs (loop4): can't get journal size [ 394.593124][ T9149] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1511'. [ 394.617445][ T9146] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 394.633334][ T9149] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1511'. [ 394.642984][ T9149] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.676600][ T9149] bridge0: port 2(bridge_slave_1) entered blocking state [ 394.683765][ T9149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 394.742012][ T3649] EXT4-fs (loop4): unmounting filesystem. [ 394.771998][ T46] loop: Write error at byte offset 9223372036854775807, length 512. [ 394.789700][ C0] I/O error, dev loop1, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 394.799268][ C0] I/O error, dev loop1, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 394.809319][ C0] Buffer I/O error on dev loop1, logical block 0, lost sync page write [ 395.819879][ T9163] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1514'. [ 395.930992][ T9167] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1516'. [ 396.499762][ T9175] loop0: detected capacity change from 0 to 512 [ 396.535815][ T9175] ext4: Bad value for 'commit' [ 396.780949][ T3646] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 396.792809][ T3646] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 396.802645][ T3646] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 396.813336][ T3646] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 396.822700][ T3646] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 396.916042][ T9180] loop0: detected capacity change from 0 to 128 [ 396.946246][ T9180] ADFS-fs (loop0): error: can't find an ADFS filesystem on dev loop0. [ 397.059101][ T3646] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 399.165404][ T3651] Bluetooth: hci1: command tx timeout [ 399.228769][ T9177] chnl_net:caif_netlink_parms(): no params data found [ 399.238346][ T9205] loop3: detected capacity change from 0 to 128 [ 399.395342][ T9207] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1529'. [ 399.696095][ T3646] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 399.709122][ T3646] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 399.717964][ T3646] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 399.729652][ T3650] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 399.737945][ T3650] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 399.748288][ T9177] bridge0: port 1(bridge_slave_0) entered blocking state [ 399.756029][ T3650] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 399.815238][ T9177] bridge0: port 1(bridge_slave_0) entered disabled state [ 399.845410][ T9177] device bridge_slave_0 entered promiscuous mode [ 399.860366][ T9177] bridge0: port 2(bridge_slave_1) entered blocking state [ 399.867776][ T9177] bridge0: port 2(bridge_slave_1) entered disabled state [ 399.877132][ T9177] device bridge_slave_1 entered promiscuous mode [ 399.945252][ T9220] xt_l2tp: invalid flags combination: 0 [ 400.008216][ T9177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 400.052218][ T9177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 400.181699][ T9177] team0: Port device team_slave_0 added [ 400.224724][ T9177] team0: Port device team_slave_1 added [ 400.398583][ T9177] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 400.411343][ T9177] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.515100][ T9177] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 400.545923][ T9177] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 400.573501][ T9177] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.655470][ T9177] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 400.708706][ T9231] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1535'. [ 400.740115][ T9231] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1535'. [ 400.756165][ T9231] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.773840][ T9231] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.781029][ T9231] bridge0: port 2(bridge_slave_1) entered forwarding state [ 400.860916][ T9213] chnl_net:caif_netlink_parms(): no params data found [ 400.892391][ T9177] device hsr_slave_0 entered promiscuous mode [ 400.910308][ T9177] device hsr_slave_1 entered promiscuous mode [ 400.928278][ T9177] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 400.945223][ T9177] Cannot create hsr debugfs directory [ 401.149544][ T9237] capability: warning: `syz.3.1536' uses 32-bit capabilities (legacy support in use) [ 401.245758][ T3651] Bluetooth: hci1: command tx timeout [ 401.279947][ T9213] bridge0: port 1(bridge_slave_0) entered blocking state [ 401.301541][ T9213] bridge0: port 1(bridge_slave_0) entered disabled state [ 401.310843][ T9213] device bridge_slave_0 entered promiscuous mode [ 401.349108][ T9213] bridge0: port 2(bridge_slave_1) entered blocking state [ 401.365748][ T9213] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.382521][ T9213] device bridge_slave_1 entered promiscuous mode [ 401.582741][ T9246] loop3: detected capacity change from 0 to 128 [ 401.837118][ T3651] Bluetooth: hci3: command tx timeout [ 402.438430][ T9177] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 402.583525][ T9213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 402.913966][ T9257] loop3: detected capacity change from 0 to 2048 [ 403.520410][ T3651] Bluetooth: hci1: command tx timeout [ 403.566203][ T3091] loop3: p2 < > [ 403.722831][ T6822] udevd[6822]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 403.766726][ T9263] xt_l2tp: invalid flags combination: 0 [ 403.777719][ T9177] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 403.836880][ T9213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 403.891377][ T3651] Bluetooth: hci3: command tx timeout [ 404.119129][ T9177] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 404.348358][ T9177] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 404.392538][ T9213] team0: Port device team_slave_0 added [ 404.418255][ T9213] team0: Port device team_slave_1 added [ 404.489183][ T9277] __sock_release: fasync list not empty! [ 404.495717][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 404.502786][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.565155][ T9213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 404.592925][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 404.609185][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 404.649477][ T9268] loop0: detected capacity change from 0 to 32768 [ 404.667938][ T9268] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1545 (9268) [ 404.676512][ T9213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 404.728702][ T9268] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 404.763614][ T9268] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 404.788048][ T9268] BTRFS info (device loop0): use zlib compression, level 3 [ 404.825354][ T9268] BTRFS info (device loop0): using free space tree [ 404.860963][ T9213] device hsr_slave_0 entered promiscuous mode [ 404.879107][ T9213] device hsr_slave_1 entered promiscuous mode [ 404.892902][ T9213] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 404.901385][ T9213] Cannot create hsr debugfs directory [ 404.972635][ T9177] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 405.003379][ T9177] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 405.036919][ T9268] BTRFS info (device loop0): enabling ssd optimizations [ 405.140144][ T9177] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 405.194787][ T9177] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 405.568383][ T3651] Bluetooth: hci1: command tx timeout [ 405.615374][ T9213] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.872106][ T9213] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 405.938069][ T9177] 8021q: adding VLAN 0 to HW filter on device bond0 [ 405.971170][ T7536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 405.978759][ T3646] Bluetooth: hci3: command tx timeout [ 405.990067][ T7536] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 406.046526][ T9213] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 406.079342][ T9177] 8021q: adding VLAN 0 to HW filter on device team0 [ 406.099402][ T9302] loop3: detected capacity change from 0 to 128 [ 406.107804][ T3414] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 406.127275][ T3414] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 406.146044][ T3414] bridge0: port 1(bridge_slave_0) entered blocking state [ 406.153861][ T3414] bridge0: port 1(bridge_slave_0) entered forwarding state [ 406.270007][ T9213] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 406.373755][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 406.386124][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 406.412050][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 406.420033][ T9300] loop4: detected capacity change from 0 to 40427 [ 406.431371][ T4206] bridge0: port 2(bridge_slave_1) entered blocking state [ 406.438847][ T4206] bridge0: port 2(bridge_slave_1) entered forwarding state [ 406.447754][ T9300] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 406.456232][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 406.467567][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 406.475183][ T9300] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 406.514474][ T9300] F2FS-fs (loop4): Found nat_bits in checkpoint [ 406.515691][ T3414] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 406.533617][ T26] audit: type=1326 audit(1722286186.413:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.3.1551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ad177299 code=0x7fc00000 [ 406.571720][ T3414] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 406.589640][ T26] audit: type=1326 audit(1722286186.413:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.3.1551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f28ad177299 code=0x7fc00000 [ 406.624127][ T3414] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 406.664960][ T3414] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 406.703920][ T9177] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 406.707817][ T26] audit: type=1326 audit(1722286186.413:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.3.1551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ad177299 code=0x7fc00000 [ 406.756267][ T9300] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 406.763565][ T9300] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 406.773044][ T9177] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 406.984709][ T7904] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 407.010235][ T7904] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 407.535305][ T3686] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 407.766650][ T7904] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 407.775593][ T7904] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 407.784260][ T7904] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 407.799450][ T3414] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 407.924921][ T7806] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 408.063952][ T3651] Bluetooth: hci3: command tx timeout [ 408.174313][ T9213] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 408.213177][ T9213] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 408.238954][ T9213] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 408.259154][ T9213] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 408.461451][ T7541] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 408.474953][ T7541] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 408.520420][ T9177] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 408.625474][ T9213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 408.654281][ T7541] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 408.672949][ T7541] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 408.753909][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 408.763363][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 408.951298][ T9324] loop0: detected capacity change from 0 to 2048 [ 409.587515][ T3091] loop0: p2 < > [ 409.594978][ T9177] device veth0_vlan entered promiscuous mode [ 409.671352][ T9213] 8021q: adding VLAN 0 to HW filter on device team0 [ 409.699159][ T4783] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 409.721155][ T4783] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 409.776288][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 409.794534][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 409.848601][ T6822] udevd[6822]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 410.052354][ T9177] device veth1_vlan entered promiscuous mode [ 410.079977][ T7536] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 410.089868][ T7536] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 410.099628][ T7536] bridge0: port 1(bridge_slave_0) entered blocking state [ 410.106817][ T7536] bridge0: port 1(bridge_slave_0) entered forwarding state [ 410.116436][ T7536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 410.130934][ T7536] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 410.141456][ T7536] bridge0: port 2(bridge_slave_1) entered blocking state [ 410.148609][ T7536] bridge0: port 2(bridge_slave_1) entered forwarding state [ 410.259090][ T3686] usb 4-1: device descriptor read/64, error -71 [ 410.333408][ T7536] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 410.596179][ T3686] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 410.813805][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 410.826944][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 410.856527][ T9177] device veth0_macvtap entered promiscuous mode [ 410.937451][ T3686] usb 4-1: Using ep0 maxpacket: 16 [ 410.974881][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 410.987588][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 410.997213][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 410.997538][ T9343] loop4: detected capacity change from 0 to 128 [ 411.009665][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 411.021648][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 411.064756][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 411.095553][ T3686] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 411.103901][ T3686] usb 4-1: config 0 has no interface number 0 [ 411.118879][ T9177] device veth1_macvtap entered promiscuous mode [ 411.121044][ T3686] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 411.149580][ T9213] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 411.155188][ T3686] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 411.176626][ T9213] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 411.225650][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 411.248677][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 411.258914][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 411.275510][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 411.284600][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 411.295670][ T3686] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 411.314174][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 411.315386][ T3686] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 411.324908][ T4207] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 411.364726][ T3686] usb 4-1: Product: syz [ 411.376179][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 411.384064][ T3686] usb 4-1: SerialNumber: syz [ 411.386453][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.416935][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.420997][ T3686] usb 4-1: config 0 descriptor?? [ 411.461603][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.482571][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.501992][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.513874][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.526607][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.537334][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.547963][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.559534][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.570273][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.580883][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.596509][ T9177] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 411.626358][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 411.645782][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 411.666382][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.679541][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.705279][ T4207] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 411.713416][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.731826][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.746649][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.762074][ T3686] snd-usb-audio: probe of 4-1:0.2 failed with error -12 [ 411.766718][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.798393][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.813291][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 411.834481][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.835475][ T3686] usb 4-1: USB disconnect, device number 19 [ 411.856839][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.869675][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.881522][ T9177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 411.895981][ T9177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.917959][ T9177] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 411.945390][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 411.954889][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 411.969179][ T9177] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 411.979176][ T9177] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 411.988551][ T9177] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 411.998215][ T9177] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.022304][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 412.037157][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 412.067297][ T9213] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 412.075281][ T4207] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 412.095343][ T4207] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 412.109737][ T4207] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 412.128054][ T4207] usb 5-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00 [ 412.138153][ T4207] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.170555][ T4207] usb 5-1: config 0 descriptor?? [ 412.176017][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 412.190562][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 412.221137][ T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 412.244635][ T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 412.280096][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 412.290515][ T4206] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 412.307554][ T9213] device veth0_vlan entered promiscuous mode [ 412.324813][ T9213] device veth1_vlan entered promiscuous mode [ 412.346992][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 412.359118][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 412.369893][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 412.552232][ T9352] syz.4.1563[9352] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 412.552350][ T9352] syz.4.1563[9352] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 412.556597][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 412.758331][ T9362] loop3: detected capacity change from 0 to 2048 [ 412.817537][ T9362] loop3: p2 < > [ 413.137138][ T3842] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 413.392740][ T4207] uclogic 0003:5543:0003.0001: item fetching failed at offset 5/7 [ 413.421349][ T3842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 413.461336][ T4207] uclogic 0003:5543:0003.0001: parse failed [ 413.522950][ T4207] uclogic: probe of 0003:5543:0003.0001 failed with error -22 [ 413.641076][ T4207] usb 5-1: USB disconnect, device number 27 [ 413.654245][ T9213] device veth0_macvtap entered promiscuous mode [ 413.694269][ T9213] device veth1_macvtap entered promiscuous mode [ 413.743548][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.763860][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.775373][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.794925][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.808842][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.827834][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 413.864231][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 413.927423][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.161290][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 414.331684][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.467326][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 414.532644][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.568414][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 414.587933][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.621782][ T9213] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 414.642130][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 414.663363][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.688958][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 414.700377][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.710689][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 414.721657][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.732041][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 414.742574][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.752646][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 414.763581][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.774372][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 414.785219][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.799525][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 414.810070][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 414.824347][ T9213] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 414.834809][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 414.843792][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 414.853107][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 414.862916][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 414.872479][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 414.882713][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 414.893729][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 414.903261][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 414.914648][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 414.925641][ T3712] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 414.938026][ T9213] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.955553][ T9213] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.966112][ T9213] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 414.974974][ T9213] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.035383][ T4207] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 415.292025][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 415.345325][ T3842] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 415.419802][ T3842] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 415.427982][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 415.447811][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 415.459209][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 415.537115][ T9385] loop2: detected capacity change from 0 to 1024 [ 415.547176][ T9385] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 415.555668][ T4207] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.558408][ T9385] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 415.580744][ T9385] EXT4-fs error (device loop2): ext4_get_journal_inode:5733: comm syz.2.1523: inode #1: comm syz.2.1523: iget: illegal inode # [ 415.594405][ T9385] EXT4-fs (loop2): no journal found [ 415.595557][ T4207] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.600560][ T9385] EXT4-fs (loop2): can't get journal size [ 415.619526][ T9385] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 415.669687][ T4207] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 415.707882][ T4207] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.741672][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 415.744326][ T4207] usb 5-1: config 0 descriptor?? [ 415.831345][ T9390] loop2: detected capacity change from 0 to 128 [ 415.864762][ T26] audit: type=1800 audit(1722286195.743:537): pid=9390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1570" name="bus" dev="loop2" ino=1048662 res=0 errno=0 [ 416.022464][ T9392] loop2: detected capacity change from 0 to 512 [ 416.077634][ T9392] ext4: Bad value for 'commit' [ 416.118268][ T4696] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 416.331901][ T9392] loop2: detected capacity change from 0 to 128 [ 416.342662][ T9392] ADFS-fs (loop2): error: can't find an ADFS filesystem on dev loop2. [ 416.353263][ T4207] uclogic 0003:5543:0522.0002: No inputs registered, leaving [ 416.368867][ T4207] uclogic 0003:5543:0522.0002: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.4-1/input0 [ 416.397855][ T4696] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 416.570202][ T4207] usb 5-1: USB disconnect, device number 28 [ 419.155358][ T3686] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 419.555544][ T3686] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 419.570536][ T3686] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 419.618431][ T3686] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 419.636807][ T9444] xt_l2tp: invalid flags combination: 0 [ 419.645888][ T3686] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.708170][ T3686] usb 4-1: config 0 descriptor?? [ 419.968273][ T9435] loop1: detected capacity change from 0 to 32768 [ 419.989993][ T9426] loop3: detected capacity change from 0 to 512 [ 420.047173][ T9435] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1585 (9435) [ 420.107952][ T9435] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 420.146712][ T9435] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 420.191246][ T9435] BTRFS info (device loop1): use zlib compression, level 3 [ 420.255526][ T9435] BTRFS info (device loop1): using free space tree [ 420.457023][ T9435] BTRFS info (device loop1): enabling ssd optimizations [ 420.469817][ T9426] EXT4-fs (loop3): Test dummy encryption mode enabled [ 420.536347][ T9451] loop2: detected capacity change from 0 to 4096 [ 420.536803][ T9426] EXT4-fs error (device loop3): __ext4_iget:5044: inode #11: block 1: comm syz.3.1582: invalid block [ 420.555519][ T9451] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 420.696488][ T9426] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.1582: couldn't read orphan inode 11 (err -117) [ 420.742987][ T9451] ntfs3: loop2: Failed to load $Extend. [ 420.749379][ T9426] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 421.175242][ T4308] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 421.298384][ T9448] loop4: detected capacity change from 0 to 40427 [ 421.341091][ T9448] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 421.365516][ T9448] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 421.430706][ T9448] F2FS-fs (loop4): Found nat_bits in checkpoint [ 421.535365][ T4308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 421.579387][ T4308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 421.591728][ T9448] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 421.610762][ T9448] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 421.619047][ T4308] usb 1-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 421.655120][ T4308] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.677780][ T4308] usb 1-1: config 0 descriptor?? [ 423.130975][ T4308] uclogic 0003:5543:0522.0003: No inputs registered, leaving [ 423.243382][ T4308] uclogic 0003:5543:0522.0003: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.0-1/input0 [ 423.343503][ T4308] usb 1-1: USB disconnect, device number 24 [ 423.445611][ T9177] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 423.618781][ T7536] usb 4-1: USB disconnect, device number 20 [ 423.664123][ T9503] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1600'. [ 423.684063][ T9503] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1600'. [ 423.704423][ T9503] bridge0: port 2(bridge_slave_1) entered disabled state [ 423.745996][ T9503] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.753201][ T9503] bridge0: port 2(bridge_slave_1) entered forwarding state [ 423.863150][ T4885] EXT4-fs (loop3): unmounting filesystem. [ 423.999887][ T9509] netlink: 1368 bytes leftover after parsing attributes in process `syz.1.1598'. [ 424.019733][ T9509] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1598'. [ 424.235200][ T3684] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 424.445562][ T4207] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 424.449597][ T9521] loop0: detected capacity change from 0 to 4096 [ 424.481541][ T9521] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 424.563236][ T9521] ntfs3: loop0: Failed to load $Extend. [ 424.622872][ T3684] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 424.644458][ T3684] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 424.664290][ T3684] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 424.705299][ T4207] usb 5-1: Using ep0 maxpacket: 16 [ 424.706707][ T3684] usb 4-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00 [ 424.745795][ T3684] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.791283][ T3684] usb 4-1: config 0 descriptor?? [ 424.835787][ T4207] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 424.861683][ T4207] usb 5-1: config 0 has no interface number 0 [ 424.902123][ T4207] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 424.941318][ T4207] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 425.062700][ T9506] syz.3.1601[9506] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 425.062814][ T9506] syz.3.1601[9506] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 425.095454][ T4207] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 425.121867][ T4207] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 425.131669][ T4207] usb 5-1: Product: syz [ 425.136791][ T4207] usb 5-1: SerialNumber: syz [ 425.152796][ T4207] usb 5-1: config 0 descriptor?? [ 425.515730][ T3684] usbhid 4-1:0.0: can't add hid device: -71 [ 425.523273][ T3684] usbhid: probe of 4-1:0.0 failed with error -71 [ 425.546844][ T3684] usb 4-1: USB disconnect, device number 21 [ 427.554597][ T4207] snd-usb-audio: probe of 5-1:0.2 failed with error -12 [ 427.565221][ T3684] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 427.674098][ T5645] udevd[5645]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 427.696066][ T4207] usb 5-1: USB disconnect, device number 29 [ 427.939756][ T3684] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 427.957678][ T3684] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 427.980861][ T3684] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 428.010953][ T3684] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.046505][ T3684] usb 4-1: config 0 descriptor?? [ 428.322831][ T9557] loop4: detected capacity change from 0 to 4096 [ 428.374235][ T9557] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 428.528231][ T3684] arvo 0003:1E7D:30D4.0004: unknown main item tag 0x0 [ 428.549492][ T3684] arvo 0003:1E7D:30D4.0004: unknown main item tag 0x0 [ 428.559419][ T9557] ntfs3: loop4: Failed to load $Extend. [ 428.582628][ T9565] loop1: detected capacity change from 0 to 1764 [ 428.589859][ T3684] arvo 0003:1E7D:30D4.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.3-1/input0 [ 428.649652][ T3891] device hsr_slave_0 left promiscuous mode [ 428.676743][ T3891] device hsr_slave_1 left promiscuous mode [ 428.692612][ T3891] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 428.716781][ T4205] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 428.801828][ T3891] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 428.859256][ T3891] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 428.879075][ T3891] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 428.993648][ T3687] usb 4-1: USB disconnect, device number 22 [ 429.075336][ T4205] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.112705][ T4205] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 429.123807][ T4205] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 429.147770][ T4205] usb 3-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00 [ 429.160276][ T4205] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.289064][ T4205] usb 3-1: config 0 descriptor?? [ 429.609863][ T9563] syz.2.1619[9563] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 429.611910][ T9563] syz.2.1619[9563] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 429.859554][ T3891] device bridge_slave_1 left promiscuous mode [ 429.917506][ T3891] bridge0: port 2(bridge_slave_1) entered disabled state [ 429.941105][ T3891] device bridge_slave_0 left promiscuous mode [ 429.951768][ T3891] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.965534][ T7536] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 429.985449][ T4205] usbhid 3-1:0.0: can't add hid device: -71 [ 429.995226][ T4205] usbhid: probe of 3-1:0.0 failed with error -71 [ 430.017455][ T4205] usb 3-1: USB disconnect, device number 17 [ 430.151633][ T3891] device veth1_macvtap left promiscuous mode [ 430.175547][ T3891] device veth0_macvtap left promiscuous mode [ 430.203823][ T3891] device veth1_vlan left promiscuous mode [ 430.215288][ T7536] usb 2-1: Using ep0 maxpacket: 16 [ 430.224136][ T3891] device veth0_vlan left promiscuous mode [ 430.355914][ T7536] usb 2-1: config 0 has an invalid interface number: 2 but max is 0 [ 430.363982][ T7536] usb 2-1: config 0 has no interface number 0 [ 430.382470][ T7536] usb 2-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 430.393342][ T7536] usb 2-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 430.570610][ T7536] usb 2-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 430.581194][ T7536] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 430.589564][ T7536] usb 2-1: Product: syz [ 430.594391][ T7536] usb 2-1: SerialNumber: syz [ 430.619334][ T7536] usb 2-1: config 0 descriptor?? [ 431.091924][ T7536] snd-usb-audio: probe of 2-1:0.2 failed with error -12 [ 431.154503][ T7536] usb 2-1: USB disconnect, device number 14 [ 431.248773][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 431.306699][ T9594] loop3: detected capacity change from 0 to 512 [ 431.322353][ T9594] ext4: Bad value for 'commit' [ 431.368292][ T4696] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 431.418063][ T9594] loop3: detected capacity change from 0 to 128 [ 431.478291][ T9594] ADFS-fs (loop3): error: can't find an ADFS filesystem on dev loop3. [ 431.481792][ T3891] team0 (unregistering): Port device team_slave_1 removed [ 431.694783][ T3891] team0 (unregistering): Port device team_slave_0 removed [ 431.791175][ T9596] loop1: detected capacity change from 0 to 4096 [ 431.822546][ T9596] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 432.356920][ T3891] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 432.367440][ T9596] ntfs3: loop1: Failed to load $Extend. [ 432.624058][ T3891] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 435.291041][ T3891] bond0 (unregistering): Released all slaves [ 435.454377][ T9620] device syzkaller0 entered promiscuous mode [ 435.466749][ T9633] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1644'. [ 435.476610][ T9633] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1644'. [ 435.492284][ T9633] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.500872][ T9633] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.508078][ T9633] bridge0: port 2(bridge_slave_1) entered forwarding state [ 435.522725][ T9639] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1646'. [ 435.639903][ T9644] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 435.959766][ T9652] loop0: detected capacity change from 0 to 164 [ 436.117995][ T9652] isofs_fill_super: get root inode failed [ 436.870540][ T9654] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1651'. [ 439.193647][ T9678] device syzkaller0 entered promiscuous mode [ 439.478314][ T9680] loop3: detected capacity change from 0 to 128 [ 439.487429][ T9682] loop2: detected capacity change from 0 to 128 [ 439.507968][ T9680] FAT-fs (loop3): Unrecognized mount option " " or missing value [ 439.855264][ T3684] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 439.900317][ T9688] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1665'. [ 439.967853][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.974295][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.022668][ T9690] loop4: detected capacity change from 0 to 128 [ 440.116054][ T3684] usb 1-1: Using ep0 maxpacket: 16 [ 440.183991][ T9694] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1668'. [ 440.248589][ T9699] loop2: detected capacity change from 0 to 256 [ 440.255479][ T3684] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 440.273124][ T3684] usb 1-1: config 0 has no interface number 0 [ 440.275893][ T9699] FAT-fs (loop2): bogus number of FAT structure [ 440.312499][ T3684] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 440.315184][ T9699] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 440.333721][ T9690] syz.4.1666: attempt to access beyond end of device [ 440.333721][ T9690] loop4: rw=2049, sector=145, nr_sectors = 640 limit=128 [ 440.363419][ T3684] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 440.385333][ T9699] FAT-fs (loop2): Can't find a valid FAT filesystem [ 440.444496][ T6822] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 440.565542][ T3684] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 440.800547][ T3684] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 440.947562][ T3684] usb 1-1: Product: syz [ 441.081804][ T3684] usb 1-1: SerialNumber: syz [ 441.125252][ T3684] usb 1-1: config 0 descriptor?? [ 441.143264][ T9707] loop1: detected capacity change from 0 to 128 [ 441.230539][ T9710] loop2: detected capacity change from 0 to 128 [ 441.266110][ T9710] FAT-fs (loop2): Unrecognized mount option " [ 441.266110][ T9710] " or missing value [ 441.365804][ T6822] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 441.496528][ T3684] snd-usb-audio: probe of 1-1:0.2 failed with error -12 [ 441.557181][ T3684] usb 1-1: USB disconnect, device number 25 [ 441.568587][ T9717] autofs4:pid:9717:autofs_fill_super: called with bogus options [ 441.825966][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 441.900039][ T9730] xt_l2tp: invalid flags combination: 0 [ 441.943391][ T9727] loop4: detected capacity change from 0 to 2048 [ 441.981693][ T9734] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 442.057303][ T9727] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 442.307120][ T26] audit: type=1326 audit(1722287138.189:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 442.352106][ T9727] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh [ 442.402123][ T26] audit: type=1326 audit(1722287138.189:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 442.449017][ T9727] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh [ 442.519511][ T9727] UDF-fs: error (device loop4): udf_read_inode: (ino 1347) failed !bh [ 442.645489][ T26] audit: type=1326 audit(1722287138.189:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 442.668073][ C0] vkms_vblank_simulate: vblank timer overrun [ 443.232451][ T26] audit: type=1326 audit(1722287138.189:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 443.254879][ C0] vkms_vblank_simulate: vblank timer overrun [ 443.325248][ T3684] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 443.353375][ T26] audit: type=1326 audit(1722287138.189:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 443.430810][ T26] audit: type=1326 audit(1722287138.189:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 443.453259][ C0] vkms_vblank_simulate: vblank timer overrun [ 443.466855][ T9746] loop2: detected capacity change from 0 to 2048 [ 443.491165][ T9746] UDF-fs: bad mount option "gid=00000000000000060929" or missing value [ 443.520583][ T26] audit: type=1326 audit(1722287138.279:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 443.626403][ T6822] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 443.653735][ T26] audit: type=1326 audit(1722287138.279:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 443.755386][ T3684] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 443.791890][ T3684] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 443.837479][ T26] audit: type=1326 audit(1722287138.329:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 443.861836][ T3684] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 443.891531][ T3684] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.961795][ T3684] usb 1-1: config 0 descriptor?? [ 444.022175][ T26] audit: type=1326 audit(1722287138.359:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9725 comm="syz.4.1682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1581977299 code=0x7ffc0000 [ 444.047367][ T3684] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 444.190479][ T9763] __sock_release: fasync list not empty! [ 444.633950][ T9774] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 445.487701][ T9781] loop4: detected capacity change from 0 to 1764 [ 445.559530][ T6822] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 445.786268][ T9792] loop2: detected capacity change from 0 to 256 [ 445.832635][ T9792] exFAT-fs (loop2): failed to load upcase table (idx : 0x00000100, chksum : 0xec81c7e9, utbl_chksum : 0xe619d30d) [ 446.569911][ T4205] usb 1-1: USB disconnect, device number 26 [ 446.710878][ T9795] loop4: detected capacity change from 0 to 32768 [ 446.777103][ T9795] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1704 (9795) [ 446.828443][ T9795] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 446.868066][ T9795] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 446.897696][ T9795] BTRFS info (device loop4): setting nodatacow, compression disabled [ 446.918201][ T9795] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 446.931243][ T9795] BTRFS info (device loop4): force lzo compression, level 0 [ 446.947815][ T9795] BTRFS info (device loop4): metadata ratio 8 [ 446.980314][ T9816] __sock_release: fasync list not empty! [ 446.988799][ T9795] BTRFS info (device loop4): doing ref verification [ 447.005746][ T3689] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 447.006459][ T9795] BTRFS info (device loop4): metadata ratio 32769 [ 447.033897][ T9795] BTRFS info (device loop4): turning off barriers [ 447.041586][ T9795] BTRFS info (device loop4): enabling ssd optimizations [ 447.049107][ T9795] BTRFS info (device loop4): using spread ssd allocation scheme [ 447.059645][ T9795] BTRFS info (device loop4): turning on barriers [ 447.066475][ T9795] BTRFS info (device loop4): using free space tree [ 447.245172][ T3689] usb 2-1: Using ep0 maxpacket: 8 [ 447.251391][ T9832] block device autoloading is deprecated and will be removed. [ 447.338197][ T3649] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 447.375489][ T4210] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 447.535516][ T3689] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 447.553901][ T3689] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 447.581568][ T3689] usb 2-1: Product: syz [ 447.602307][ T3689] usb 2-1: Manufacturer: syz [ 447.669331][ T4210] usb 1-1: Using ep0 maxpacket: 16 [ 447.675569][ T3689] usb 2-1: SerialNumber: syz [ 447.694116][ T3689] usb 2-1: config 0 descriptor?? [ 447.795519][ T4210] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 447.853948][ T4210] usb 1-1: config 0 has no interface number 0 [ 447.955933][ T4210] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 447.967589][ T3689] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 448.094009][ T4210] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 448.378876][ T4210] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 448.415433][ T4210] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 448.495136][ T4210] usb 1-1: Product: syz [ 448.499544][ T4210] usb 1-1: SerialNumber: syz [ 448.533859][ T4210] usb 1-1: config 0 descriptor?? [ 448.589436][ T9848] loop3: detected capacity change from 0 to 128 [ 448.634515][ T9848] FAT-fs (loop3): Unrecognized mount option " " or missing value [ 449.898049][ T9867] loop4: detected capacity change from 0 to 128 [ 450.188712][ T9871] loop0: detected capacity change from 0 to 64 [ 450.229233][ T4210] snd-usb-audio: probe of 1-1:0.2 failed with error -12 [ 450.247763][ T4210] usb 1-1: USB disconnect, device number 27 [ 450.368796][ T9876] loop2: detected capacity change from 0 to 1024 [ 450.551786][ T9876] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 450.938368][ T9876] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038 (0x7fffffff) [ 451.084758][ T4635] device hsr_slave_0 left promiscuous mode [ 451.135153][ T4635] device hsr_slave_1 left promiscuous mode [ 451.204100][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 451.238169][ T26] kauditd_printk_skb: 223 callbacks suppressed [ 451.238186][ T26] audit: type=1800 audit(1722287605.120:771): pid=9876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1727" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 451.282853][ T4635] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 451.295918][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 451.313252][ T26] audit: type=1804 audit(1722287605.160:772): pid=9883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1727" name="/newroot/44/file1/file1" dev="loop2" ino=15 res=1 errno=0 [ 451.358901][ T4635] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 451.358913][ T5645] udevd[5645]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 451.407448][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 451.419880][ T9886] __sock_release: fasync list not empty! [ 451.441545][ T4635] device bridge_slave_1 left promiscuous mode [ 451.453829][ T4635] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.473275][ T4635] device bridge_slave_0 left promiscuous mode [ 451.482654][ T4635] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.658740][ T4635] device veth1_macvtap left promiscuous mode [ 451.665657][ T4635] device veth0_macvtap left promiscuous mode [ 451.671818][ T4635] device veth1_vlan left promiscuous mode [ 451.678101][ T4635] device veth0_vlan left promiscuous mode [ 452.536066][ T3689] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -71 [ 452.547745][ T9869] loop3: detected capacity change from 0 to 32768 [ 452.571824][ T3689] usb 2-1: USB disconnect, device number 15 [ 452.583662][ T9869] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1725 (9869) [ 452.673718][ T9898] loop1: detected capacity change from 0 to 128 [ 452.683921][ T9869] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 452.705466][ T9869] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 452.720586][ T9869] BTRFS info (device loop3): setting nodatacow, compression disabled [ 452.731153][ T9898] FAT-fs (loop1): Unrecognized mount option " " or missing value [ 452.754522][ T9869] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8) [ 452.764977][ T9869] BTRFS info (device loop3): force lzo compression, level 0 [ 452.772481][ T9869] BTRFS info (device loop3): metadata ratio 8 [ 452.780433][ T9869] BTRFS info (device loop3): doing ref verification [ 452.845481][ T9869] BTRFS info (device loop3): metadata ratio 32769 [ 452.852080][ T9869] BTRFS info (device loop3): turning off barriers [ 452.864068][ T9869] BTRFS info (device loop3): enabling ssd optimizations [ 452.901344][ T9869] BTRFS info (device loop3): using spread ssd allocation scheme [ 452.939191][ T9869] BTRFS info (device loop3): turning on barriers [ 452.990816][ T9869] BTRFS info (device loop3): using free space tree [ 453.218040][ T9869] BTRFS error (device loop3): open_ctree failed [ 453.658777][ T9924] loop3: detected capacity change from 0 to 128 [ 453.726726][ T26] audit: type=1800 audit(1722287607.610:773): pid=9924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1735" name="bus" dev="loop3" ino=1048669 res=0 errno=0 [ 454.102246][ T4635] team0 (unregistering): Port device team_slave_1 removed [ 454.151464][ T22] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 454.163846][ T4635] team0 (unregistering): Port device team_slave_0 removed [ 454.253386][ T4635] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 454.261861][ T9930] loop4: detected capacity change from 0 to 32768 [ 454.279822][ T9930] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1738 (9930) [ 454.311050][ T9930] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 454.321746][ T9930] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 454.332235][ T9930] BTRFS info (device loop4): setting nodatacow, compression disabled [ 454.344677][ T9930] BTRFS info (device loop4): setting datacow [ 454.362403][ T9930] BTRFS info (device loop4): doing ref verification [ 454.369429][ T9930] BTRFS info (device loop4): force clearing of disk cache [ 454.382622][ T4635] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 454.391609][ T9930] BTRFS info (device loop4): turning off barriers [ 454.395235][ T22] usb 4-1: Using ep0 maxpacket: 16 [ 454.403108][ T9930] BTRFS info (device loop4): enabling ssd optimizations [ 454.425876][ T9930] BTRFS info (device loop4): using spread ssd allocation scheme [ 454.455402][ T9930] BTRFS info (device loop4): not using ssd optimizations [ 454.483987][ T9930] BTRFS info (device loop4): not using spread ssd allocation scheme [ 454.502739][ T9930] BTRFS info (device loop4): using free space tree [ 454.525881][ T22] usb 4-1: config 0 has an invalid interface number: 2 but max is 0 [ 454.542705][ T22] usb 4-1: config 0 has no interface number 0 [ 454.558117][ T22] usb 4-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 454.573452][ T22] usb 4-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 454.653601][ T9930] BTRFS info (device loop4): rebuilding free space tree [ 454.705809][ T22] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 454.720127][ T26] audit: type=1800 audit(1722287608.600:774): pid=9930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1738" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 454.721969][ T22] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 454.798088][ T22] usb 4-1: Product: syz [ 454.804891][ T22] usb 4-1: SerialNumber: syz [ 454.817801][ T22] usb 4-1: config 0 descriptor?? [ 454.841409][ T9930] BTRFS info (device loop4): space_info DATA+METADATA has 323584 free, is not full [ 454.851718][ T9930] BTRFS info (device loop4): space_info total=3276800, used=53248, pinned=0, reserved=1073152, may_use=1826816, readonly=0 zone_unusable=0 [ 454.866591][ T9930] BTRFS info (device loop4): global_block_rsv: size 917504 reserved 917504 [ 454.876027][ T9930] BTRFS info (device loop4): trans_block_rsv: size 0 reserved 0 [ 454.883683][ T9930] BTRFS info (device loop4): chunk_block_rsv: size 0 reserved 0 [ 454.891455][ T9930] BTRFS info (device loop4): delayed_block_rsv: size 0 reserved 0 [ 454.899376][ T9930] BTRFS info (device loop4): delayed_refs_rsv: size 1441792 reserved 909312 [ 454.913855][ T9930] BTRFS info (device loop4): space_info DATA+METADATA has 323584 free, is not full [ 454.923304][ T9930] BTRFS info (device loop4): space_info total=3276800, used=49152, pinned=4096, reserved=1077248, may_use=1822720, readonly=0 zone_unusable=0 [ 454.938130][ T9930] BTRFS info (device loop4): global_block_rsv: size 917504 reserved 913408 [ 454.947457][ T9930] BTRFS info (device loop4): trans_block_rsv: size 0 reserved 0 [ 454.955464][ T9930] BTRFS info (device loop4): chunk_block_rsv: size 0 reserved 0 [ 454.963365][ T9930] BTRFS info (device loop4): delayed_block_rsv: size 0 reserved 0 [ 454.971302][ T9930] BTRFS info (device loop4): delayed_refs_rsv: size 1441792 reserved 909312 [ 455.191440][ T22] snd-usb-audio: probe of 4-1:0.2 failed with error -12 [ 455.201227][ T22] usb 4-1: USB disconnect, device number 23 [ 455.276446][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 455.284833][ T3649] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 456.013299][ T4635] bond0 (unregistering): Released all slaves [ 456.150067][ T9954] loop3: detected capacity change from 0 to 40427 [ 456.287057][ T9954] F2FS-fs (loop3): invalid crc value [ 456.328407][ T9965] __sock_release: fasync list not empty! [ 456.347921][ T3689] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 456.386082][ T9954] F2FS-fs (loop3): Found nat_bits in checkpoint [ 456.539332][ T9973] xt_l2tp: invalid flags combination: 0 [ 456.558541][ T9954] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 456.640908][ T26] audit: type=1804 audit(1722287610.520:775): pid=9954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1740" name="/newroot/289/file0/file0" dev="loop3" ino=10 res=1 errno=0 [ 456.716286][ T3689] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 456.737646][ T3689] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 456.774573][ T3689] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 456.817978][ T3689] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 456.839669][ T3689] usb 5-1: config 0 descriptor?? [ 456.868234][ T4885] syz-executor: attempt to access beyond end of device [ 456.868234][ T4885] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 457.075697][ T9969] loop0: detected capacity change from 0 to 32768 [ 457.108322][ T9969] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.1745 (9969) [ 457.118211][ T9978] loop2: detected capacity change from 0 to 128 [ 457.135701][ T9959] loop4: detected capacity change from 0 to 512 [ 457.173146][ T9969] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 457.179040][ T9959] EXT4-fs (loop4): Test dummy encryption mode enabled [ 457.240844][ T9969] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 457.259267][ T26] audit: type=1800 audit(1722287611.140:776): pid=9978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1748" name="bus" dev="loop2" ino=1048671 res=0 errno=0 [ 457.268524][ T9959] EXT4-fs error (device loop4): __ext4_iget:5044: inode #11: block 1: comm syz.4.1741: invalid block [ 457.316512][ T9969] BTRFS info (device loop0): setting nodatacow, compression disabled [ 457.328623][ T9969] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 457.338716][ T9969] BTRFS info (device loop0): force lzo compression, level 0 [ 457.348494][ T9969] BTRFS info (device loop0): metadata ratio 8 [ 457.360784][ T9959] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.1741: couldn't read orphan inode 11 (err -117) [ 457.375294][ T9969] BTRFS info (device loop0): doing ref verification [ 457.382045][ T9969] BTRFS info (device loop0): metadata ratio 32769 [ 457.405638][ T9959] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 457.438730][ T9969] BTRFS info (device loop0): turning off barriers [ 457.483569][ T9969] BTRFS info (device loop0): enabling ssd optimizations [ 457.521146][ T9969] BTRFS info (device loop0): using spread ssd allocation scheme [ 457.549936][ T9969] BTRFS info (device loop0): turning on barriers [ 457.584269][ T9969] BTRFS info (device loop0): using free space tree [ 457.693201][ T9986] loop2: detected capacity change from 0 to 512 [ 457.713596][ T9986] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 457.731343][ T9986] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 457.743959][ T9986] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1750: invalid indirect mapped block 2683928664 (level 1) [ 457.827537][ T9986] EXT4-fs (loop2): Remounting filesystem read-only [ 457.842895][ T9986] EXT4-fs (loop2): 1 truncate cleaned up [ 457.877974][ T9986] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 458.048050][ T7806] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 459.362951][ T26] audit: type=1326 audit(1722287613.240:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 459.428010][ T26] audit: type=1326 audit(1722287613.240:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 459.471176][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 459.624738][ T26] audit: type=1326 audit(1722287613.500:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10013 comm="syz.1.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 459.739849][ T4783] usb 5-1: USB disconnect, device number 30 [ 459.845112][ T4207] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 460.046304][ T3649] EXT4-fs (loop4): unmounting filesystem. [ 460.086055][ T4207] usb 1-1: Using ep0 maxpacket: 16 [ 460.169385][T10037] loop3: detected capacity change from 0 to 128 [ 460.205571][ T4207] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 460.223839][ T4207] usb 1-1: config 0 has no interface number 0 [ 460.255260][ T4207] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 460.279714][ T26] audit: type=1800 audit(1722287614.160:780): pid=10037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1760" name="bus" dev="loop3" ino=1048673 res=0 errno=0 [ 460.294307][ T4207] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 460.485338][ T4207] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 460.502445][ T4207] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 460.511132][ T4207] usb 1-1: Product: syz [ 460.515887][ T4207] usb 1-1: SerialNumber: syz [ 460.543289][ T4207] usb 1-1: config 0 descriptor?? [ 460.886656][ T4207] snd-usb-audio: probe of 1-1:0.2 failed with error -12 [ 460.937444][ T4207] usb 1-1: USB disconnect, device number 28 [ 460.943616][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 461.255089][T10055] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1766'. [ 461.715341][T10052] loop4: detected capacity change from 0 to 32768 [ 461.784732][T10065] syz.3.1771[10065] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 461.784817][T10064] input: syz1 as /devices/virtual/input/input5 [ 461.784855][T10065] syz.3.1771[10065] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 461.851141][T10070] xt_l2tp: invalid flags combination: 0 [ 461.959339][T10052] XFS (loop4): Mounting V5 Filesystem [ 462.083262][T10052] XFS (loop4): Ending clean mount [ 462.282491][T10052] syz.4.1764 (10052) used greatest stack depth: 19240 bytes left [ 462.308335][ T3649] XFS (loop4): Unmounting Filesystem [ 462.341012][T10082] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1774'. [ 462.361090][T10082] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1774'. [ 462.371815][T10082] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.388047][T10082] bridge0: port 2(bridge_slave_1) entered blocking state [ 462.395267][T10082] bridge0: port 2(bridge_slave_1) entered forwarding state [ 462.479393][ T5131] kernel read not supported for file /hwrng (pid: 5131 comm: kworker/1:18) [ 462.527690][ T3646] Bluetooth: hci5: command 0x0406 tx timeout [ 464.313004][T10109] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 464.328990][ T3702] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 465.515371][ T3702] usb 1-1: Using ep0 maxpacket: 16 [ 465.635391][ T3702] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 465.643530][ T3702] usb 1-1: config 0 has no interface number 0 [ 465.675350][ T3702] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 465.700664][ T3702] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 466.005587][ T3702] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 466.995766][ T3702] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 467.003936][ T3702] usb 1-1: Product: syz [ 467.008380][ T3702] usb 1-1: SerialNumber: syz [ 467.042671][ T3702] usb 1-1: config 0 descriptor?? [ 467.128415][ T3702] usb 1-1: can't set config #0, error -71 [ 467.148846][ T3702] usb 1-1: USB disconnect, device number 29 [ 467.177102][ T26] audit: type=1326 audit(1722287621.060:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 467.296666][ T26] audit: type=1326 audit(1722287621.120:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 467.825308][ T26] audit: type=1326 audit(1722287621.690:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.164799][ T26] audit: type=1326 audit(1722287621.700:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.187991][ T26] audit: type=1326 audit(1722287621.700:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.210858][ T26] audit: type=1326 audit(1722287621.700:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.233975][ T26] audit: type=1326 audit(1722287621.700:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.257001][ T26] audit: type=1326 audit(1722287621.700:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.281851][ T26] audit: type=1326 audit(1722287621.700:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.319279][T10158] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1798'. [ 468.329116][ T26] audit: type=1326 audit(1722287621.700:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10142 comm="syz.1.1793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 468.595843][T10166] xt_l2tp: invalid flags combination: 0 [ 468.715677][T10170] loop1: detected capacity change from 0 to 1024 [ 468.751084][T10170] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 468.832016][T10170] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 468.872859][T10170] EXT4-fs error (device loop1): ext4_get_journal_inode:5733: comm syz.1.1802: inode #1: comm syz.1.1802: iget: illegal inode # [ 468.933927][T10170] EXT4-fs (loop1): no journal found [ 468.955288][T10170] EXT4-fs (loop1): can't get journal size [ 468.989176][T10170] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 469.525765][T10146] loop2: detected capacity change from 0 to 32768 [ 469.708684][T10146] XFS (loop2): Mounting V5 Filesystem [ 469.918287][T10146] XFS (loop2): Ending clean mount [ 469.926287][ T9177] EXT4-fs (loop1): unmounting filesystem. [ 470.219808][ T9213] XFS (loop2): Unmounting Filesystem [ 470.611311][T10171] loop4: detected capacity change from 0 to 32768 [ 470.884316][T10171] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1803 (10171) [ 470.899229][ T3646] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 470.908464][ T3646] Bluetooth: hci1: Injecting HCI hardware error event [ 470.953548][ T3651] Bluetooth: hci1: hardware error 0x00 [ 471.352470][T10171] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 471.395407][T10171] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 471.409083][T10171] BTRFS info (device loop4): setting nodatacow, compression disabled [ 471.487721][T10171] BTRFS info (device loop4): setting datacow [ 471.516203][T10171] BTRFS info (device loop4): doing ref verification [ 471.537747][T10171] BTRFS info (device loop4): force clearing of disk cache [ 471.686553][T10171] BTRFS info (device loop4): turning off barriers [ 471.755877][T10171] BTRFS info (device loop4): enabling ssd optimizations [ 471.790400][T10171] BTRFS info (device loop4): using spread ssd allocation scheme [ 471.977288][T10171] BTRFS info (device loop4): not using ssd optimizations [ 472.083410][T10171] BTRFS info (device loop4): not using spread ssd allocation scheme [ 472.173481][T10171] BTRFS info (device loop4): using free space tree [ 472.347232][T10171] BTRFS error (device loop4): open_ctree failed [ 472.409120][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 472.409167][ T26] audit: type=1326 audit(1722287626.290:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 472.495510][ T26] audit: type=1326 audit(1722287626.330:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 472.988091][ T26] audit: type=1326 audit(1722287626.860:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.062620][ T26] audit: type=1326 audit(1722287626.860:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.089602][ T3651] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 473.215398][ T26] audit: type=1326 audit(1722287626.860:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.274101][T10227] loop2: detected capacity change from 0 to 32768 [ 473.277563][T10237] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1816'. [ 473.281020][ T26] audit: type=1326 audit(1722287626.860:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.359880][ T26] audit: type=1326 audit(1722287626.860:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.445339][ T26] audit: type=1326 audit(1722287626.860:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.466826][T10227] XFS (loop2): Mounting V5 Filesystem [ 473.468235][ T26] audit: type=1326 audit(1722287626.860:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.496293][ T26] audit: type=1326 audit(1722287626.860:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10205 comm="syz.1.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3739177299 code=0x7fc00000 [ 473.602924][T10231] loop4: detected capacity change from 0 to 32768 [ 473.608426][T10227] XFS (loop2): Ending clean mount [ 473.627933][T10231] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1814 (10231) [ 473.736541][T10231] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 473.801940][T10231] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 473.845929][T10231] BTRFS info (device loop4): setting nodatacow, compression disabled [ 473.884982][T10231] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 473.921261][T10231] BTRFS info (device loop4): force lzo compression, level 0 [ 473.930393][ T9213] XFS (loop2): Unmounting Filesystem [ 473.990892][T10231] BTRFS info (device loop4): metadata ratio 8 [ 474.014412][T10231] BTRFS info (device loop4): doing ref verification [ 474.043898][T10231] BTRFS info (device loop4): metadata ratio 32769 [ 474.069667][T10231] BTRFS info (device loop4): turning off barriers [ 474.086875][T10231] BTRFS info (device loop4): enabling ssd optimizations [ 474.126793][T10231] BTRFS info (device loop4): using spread ssd allocation scheme [ 474.134502][T10231] BTRFS info (device loop4): turning on barriers [ 474.180542][T10231] BTRFS info (device loop4): using free space tree [ 474.219679][T10255] loop1: detected capacity change from 0 to 8192 [ 474.284979][T10255] loop1: p1 < > p4 < > [ 474.569118][T10250] loop3: detected capacity change from 0 to 32768 [ 474.712967][ T3649] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 474.748335][T10250] XFS (loop3): Mounting V5 Filesystem [ 475.040907][T10294] xt_l2tp: invalid flags combination: 0 [ 475.097315][T10292] loop2: detected capacity change from 0 to 2048 [ 476.042482][T10250] XFS (loop3): Ending clean mount [ 476.094537][T10292] EXT4-fs error (device loop2): __ext4_fill_super:5399: inode #2: comm syz.2.1828: casefold flag without casefold feature [ 476.192582][T10292] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 476.313547][T10292] EXT4-fs (loop2): Errors on filesystem, clearing orphan list. [ 476.345179][T10292] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 476.380339][ T4885] XFS (loop3): Unmounting Filesystem [ 476.557109][T10313] loop1: detected capacity change from 0 to 4096 [ 476.652071][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 477.071907][T10321] device syzkaller0 entered promiscuous mode [ 477.107992][T10328] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 477.130747][T10331] __sock_release: fasync list not empty! [ 477.216493][T10333] xt_l2tp: invalid flags combination: 0 [ 478.474470][T10340] loop3: detected capacity change from 0 to 128 [ 478.482341][T10340] FAT-fs (loop3): Unrecognized mount option "" or missing value [ 478.504248][T10326] loop1: detected capacity change from 0 to 32768 [ 478.525784][T10326] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.1837 (10326) [ 478.567839][T10326] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 478.625422][T10326] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 478.634142][T10326] BTRFS info (device loop1): setting nodatacow, compression disabled [ 478.705732][T10326] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 478.773461][T10326] BTRFS info (device loop1): force lzo compression, level 0 [ 478.823333][T10326] BTRFS info (device loop1): metadata ratio 8 [ 478.834378][T10350] loop0: detected capacity change from 0 to 512 [ 478.851631][T10326] BTRFS info (device loop1): doing ref verification [ 478.868774][T10326] BTRFS info (device loop1): metadata ratio 32769 [ 478.885333][T10326] BTRFS info (device loop1): turning off barriers [ 478.893193][T10326] BTRFS info (device loop1): enabling ssd optimizations [ 478.951167][T10326] BTRFS info (device loop1): using spread ssd allocation scheme [ 478.978045][T10350] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 479.037899][T10326] BTRFS info (device loop1): turning on barriers [ 479.044417][T10326] BTRFS info (device loop1): using free space tree [ 479.044624][T10350] ext4 filesystem being mounted at /125/bus supports timestamps until 2038 (0x7fffffff) [ 479.212030][T10366] loop4: detected capacity change from 0 to 256 [ 479.291302][T10366] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196) [ 479.357348][ T7806] EXT4-fs (loop0): unmounting filesystem. [ 479.401916][ T3649] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196) [ 479.472307][ T9177] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 479.600576][T10384] loop0: detected capacity change from 0 to 1024 [ 479.643413][T10384] EXT4-fs: Ignoring removed nomblk_io_submit option [ 479.670893][T10385] xt_l2tp: invalid flags combination: 0 [ 479.670958][T10384] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 479.707548][T10384] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 479.769338][T10384] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f854c01c, mo2=0003] [ 479.795297][T10384] System zones: 0-1, 3-36 [ 479.808770][T10384] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 481.447293][ T7806] EXT4-fs (loop0): unmounting filesystem. [ 481.654552][T10396] loop0: detected capacity change from 0 to 128 [ 481.686406][T10396] FAT-fs (loop0): Unrecognized mount option "" or missing value [ 482.420895][ T7538] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 482.549821][T10411] loop1: detected capacity change from 0 to 32768 [ 482.666505][T10411] XFS (loop1): Mounting V5 Filesystem [ 482.689827][ T7538] usb 5-1: Using ep0 maxpacket: 16 [ 482.734950][T10411] XFS (loop1): Starting recovery (logdev: internal) [ 482.795844][T10411] XFS (loop1): Ending recovery (logdev: internal) [ 482.832568][ T7538] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 482.844759][ T7538] usb 5-1: config 0 has no interface number 0 [ 482.858277][ T7538] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 482.869190][ T7538] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 482.882291][ T9177] XFS (loop1): Unmounting Filesystem [ 483.023605][ T7538] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 483.033144][ T7538] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 483.041634][ T7538] usb 5-1: Product: syz [ 483.046236][ T7538] usb 5-1: SerialNumber: syz [ 483.061112][ T7538] usb 5-1: config 0 descriptor?? [ 483.601453][ T7538] snd-usb-audio: probe of 5-1:0.2 failed with error -12 [ 483.611430][ T7538] usb 5-1: USB disconnect, device number 31 [ 483.643314][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 484.511410][T10410] bridge0: port 2(bridge_slave_1) entered disabled state [ 484.520087][T10410] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.968956][T10437] loop2: detected capacity change from 0 to 128 [ 484.997303][T10437] FAT-fs (loop2): Unrecognized mount option "" or missing value [ 485.498539][T10453] loop2: detected capacity change from 0 to 512 [ 485.515121][T10453] EXT4-fs (loop2): orphan cleanup on readonly fs [ 485.529153][T10453] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1876: bg 0: block 248: padding at end of block bitmap is not set [ 485.529506][T10452] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 485.565336][T10453] __quota_error: 64 callbacks suppressed [ 485.565355][T10453] Quota error (device loop2): write_blk: dquota write failed [ 485.625874][T10453] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 485.684241][T10451] loop3: detected capacity change from 0 to 4096 [ 485.697268][T10453] EXT4-fs error (device loop2): ext4_acquire_dquot:6777: comm syz.2.1876: Failed to acquire dquot type 1 [ 485.760329][T10453] EXT4-fs (loop2): 1 truncate cleaned up [ 485.843151][T10451] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 485.864287][T10453] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 485.960546][T10451] ntfs3: loop3: Failed to load $Extend. [ 487.340740][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 487.365140][ T4639] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 487.932060][T10473] loop4: detected capacity change from 0 to 128 [ 487.946718][T10473] FAT-fs (loop4): Unrecognized mount option "" or missing value [ 488.000634][T10477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1885'. [ 488.550620][T10477] device hsr_slave_1 left promiscuous mode [ 489.452388][T10497] loop4: detected capacity change from 0 to 4096 [ 489.535421][T10497] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 489.768068][T10497] ntfs3: loop4: Failed to load $Extend. [ 490.120000][T10510] loop2: detected capacity change from 0 to 1024 [ 490.178764][T10510] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 490.238084][T10510] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 490.265487][T10510] EXT4-fs error (device loop2): ext4_get_journal_inode:5733: comm syz.2.1896: inode #1: comm syz.2.1896: iget: illegal inode # [ 490.391920][T10510] EXT4-fs (loop2): no journal found [ 490.438625][T10510] EXT4-fs (loop2): can't get journal size [ 490.516670][T10510] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 490.595589][T10520] loop0: detected capacity change from 0 to 512 [ 490.767418][T10520] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 490.865428][T10520] EXT4-fs (loop0): 1 truncate cleaned up [ 490.871136][T10520] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 490.932691][T10531] loop3: detected capacity change from 0 to 8 [ 490.974419][T10531] SQUASHFS error: lzo decompression failed, data probably corrupt [ 491.136139][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 491.145141][T10531] SQUASHFS error: Failed to read block 0x91: -5 [ 491.151778][T10531] SQUASHFS error: Unable to read metadata cache entry [8f] [ 491.213009][T10531] SQUASHFS error: Unable to read inode 0x11f [ 491.326885][T10534] xt_NFQUEUE: number of total queues is 0 [ 492.300599][ T7806] EXT4-fs (loop0): unmounting filesystem. [ 492.552527][T10551] mmap: syz.1.1910 (10551) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 492.626690][T10518] loop4: detected capacity change from 0 to 32768 [ 492.665650][T10518] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1898 (10518) [ 492.695131][ T3712] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 492.759087][T10518] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 492.797189][T10518] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 492.830561][T10518] BTRFS info (device loop4): setting nodatacow, compression disabled [ 492.845425][T10518] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8) [ 492.908597][T10518] BTRFS info (device loop4): force lzo compression, level 0 [ 492.953265][T10518] BTRFS info (device loop4): metadata ratio 8 [ 492.975386][ T3712] usb 1-1: Using ep0 maxpacket: 16 [ 493.027975][T10518] BTRFS info (device loop4): doing ref verification [ 493.050813][T10518] BTRFS info (device loop4): metadata ratio 32769 [ 493.086941][T10518] BTRFS info (device loop4): turning off barriers [ 493.105419][ T3712] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 493.113467][ T3712] usb 1-1: config 0 has no interface number 0 [ 493.123283][T10518] BTRFS info (device loop4): enabling ssd optimizations [ 493.144887][ T3712] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 493.156482][T10518] BTRFS info (device loop4): using spread ssd allocation scheme [ 493.180946][T10518] BTRFS info (device loop4): turning on barriers [ 493.190519][ T3712] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 493.211628][T10518] BTRFS info (device loop4): using free space tree [ 493.345477][ T3712] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 493.362451][ T3712] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 493.408160][ T3712] usb 1-1: Product: syz [ 493.412617][ T3712] usb 1-1: SerialNumber: syz [ 493.470830][ T3712] usb 1-1: config 0 descriptor?? [ 493.565601][T10543] loop3: detected capacity change from 0 to 32768 [ 493.671246][T10518] BTRFS error (device loop4): open_ctree failed [ 493.802304][T10543] XFS (loop3): Mounting V5 Filesystem [ 493.859033][ T3712] snd-usb-audio: probe of 1-1:0.2 failed with error -12 [ 493.884604][ T3712] usb 1-1: USB disconnect, device number 31 [ 493.901790][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 494.011980][ T7538] XFS (loop3): Corruption warning: Metadata has LSN (2:16) ahead of current LSN (1:80). Please unmount and run xfs_repair (>= v4.3) to resolve. [ 494.071429][ T7538] XFS (loop3): Metadata CRC error detected at xfs_inobt_read_verify+0x39/0xc0, xfs_inobt block 0x18 [ 494.119088][ T7538] XFS (loop3): Unmount and run xfs_repair [ 494.146627][ T7538] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 494.166371][ T7538] 00000000: 49 41 42 33 00 00 00 01 ff ff ff ff ff ff ff ff IAB3............ [ 494.200259][ T7538] 00000010: 00 00 00 00 00 00 00 18 00 00 00 02 00 00 00 10 ................ [ 494.218513][ T7538] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 494.242269][ T7538] 00000030: 00 00 00 00 f0 ea ad a5 00 00 11 40 00 00 40 37 ...........@..@7 [ 494.278452][ T7538] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 494.291538][ T7538] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 494.327814][ T7538] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 494.357441][ T7538] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 494.374990][T10543] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x26e/0x370" at daddr 0x18 len 8 error 74 [ 494.399710][T10543] XFS (loop3): Failed to read root inode 0x1140, error 117 [ 494.622336][T10593] loop4: detected capacity change from 0 to 8 [ 494.680333][T10593] SQUASHFS error: lzo decompression failed, data probably corrupt [ 494.708143][T10593] SQUASHFS error: Failed to read block 0x91: -5 [ 494.722545][T10593] SQUASHFS error: Unable to read metadata cache entry [8f] [ 494.730775][T10593] SQUASHFS error: Unable to read inode 0x11f [ 495.353500][ T11] device hsr_slave_0 left promiscuous mode [ 495.372777][ T11] device hsr_slave_1 left promiscuous mode [ 495.392741][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 495.419316][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 495.496429][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 495.503897][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 495.576405][ T11] device bridge_slave_1 left promiscuous mode [ 495.582675][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 495.666836][ T11] device bridge_slave_0 left promiscuous mode [ 495.673138][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 495.694589][T10621] loop4: detected capacity change from 0 to 16 [ 495.760722][T10617] loop0: detected capacity change from 0 to 4096 [ 495.767619][T10621] erofs: (device loop4): mounted with root inode @ nid 36. [ 495.796550][ T11] device veth1_macvtap left promiscuous mode [ 495.801135][T10617] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 495.811989][ T11] device veth0_macvtap left promiscuous mode [ 495.843062][ T11] device veth1_vlan left promiscuous mode [ 495.862996][T10621] syz.4.1929: attempt to access beyond end of device [ 495.862996][T10621] loop4: rw=0, sector=34359739344, nr_sectors = 8 limit=16 [ 495.871614][T10617] ntfs3: loop0: Failed to load $Extend. [ 495.902625][ T11] device veth0_vlan left promiscuous mode [ 496.144318][T10625] loop2: detected capacity change from 0 to 1024 [ 496.221956][T10627] syz.4.1929: attempt to access beyond end of device [ 496.221956][T10627] loop4: rw=0, sector=34359739344, nr_sectors = 8 limit=16 [ 496.336417][T10625] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 496.706394][T10625] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 496.952075][T10625] EXT4-fs error (device loop2): ext4_get_journal_inode:5733: comm syz.2.1931: inode #1: comm syz.2.1931: iget: illegal inode # [ 497.003042][T10625] EXT4-fs (loop2): no journal found [ 497.019482][T10625] EXT4-fs (loop2): can't get journal size [ 497.053151][T10625] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 497.164471][T10609] loop1: detected capacity change from 0 to 32768 [ 497.205219][T10634] loop0: detected capacity change from 0 to 8 [ 497.296028][T10609] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.1923 (10609) [ 497.335407][T10609] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 497.343872][T10634] SQUASHFS error: lzo decompression failed, data probably corrupt [ 497.346795][T10609] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 497.367225][T10609] BTRFS info (device loop1): setting nodatacow, compression disabled [ 497.377021][T10609] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8) [ 497.385261][T10634] SQUASHFS error: Failed to read block 0x91: -5 [ 497.392297][T10609] BTRFS info (device loop1): force lzo compression, level 0 [ 497.419752][T10634] SQUASHFS error: Unable to read metadata cache entry [8f] [ 497.433539][T10634] SQUASHFS error: Unable to read inode 0x11f [ 497.437348][T10609] BTRFS info (device loop1): metadata ratio 8 [ 497.465351][T10609] BTRFS info (device loop1): doing ref verification [ 497.472625][T10609] BTRFS info (device loop1): metadata ratio 32769 [ 497.513149][T10609] BTRFS info (device loop1): turning off barriers [ 497.540812][T10609] BTRFS info (device loop1): enabling ssd optimizations [ 497.561290][T10609] BTRFS info (device loop1): using spread ssd allocation scheme [ 497.630549][T10609] BTRFS info (device loop1): turning on barriers [ 497.635735][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 497.637141][T10609] BTRFS info (device loop1): using free space tree [ 498.060834][T10665] syz.4.1938[10665] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 498.077705][T10665] syz.4.1938[10665] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 498.141215][ T9177] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 498.577930][ T11] team0 (unregistering): Port device team_slave_1 removed [ 498.646857][ T11] team0 (unregistering): Port device team_slave_0 removed [ 498.709323][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 498.791826][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 499.052632][T10677] loop1: detected capacity change from 0 to 4096 [ 499.084295][T10677] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 499.188406][T10677] ntfs3: loop1: Failed to load $Extend. [ 499.578949][T10684] loop1: detected capacity change from 0 to 1024 [ 499.606573][T10684] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 499.629891][T10684] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 499.645243][T10684] EXT4-fs error (device loop1): ext4_get_journal_inode:5733: comm syz.1.1946: inode #1: comm syz.1.1946: iget: illegal inode # [ 499.664895][T10684] EXT4-fs (loop1): no journal found [ 499.670567][T10684] EXT4-fs (loop1): can't get journal size [ 499.693144][T10684] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 499.846541][ T3651] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 499.855726][ T3651] Bluetooth: hci3: Injecting HCI hardware error event [ 499.866242][ T3651] Bluetooth: hci3: hardware error 0x00 [ 499.941819][ T11] bond0 (unregistering): Released all slaves [ 500.286450][ T4308] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 500.637117][ T4308] usb 5-1: Using ep0 maxpacket: 16 [ 500.665422][ T9177] EXT4-fs (loop1): unmounting filesystem. [ 500.767269][ T4308] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 500.849029][ T4308] usb 5-1: config 0 has no interface number 0 [ 500.997003][ T4308] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 501.124935][ T4308] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 501.285580][ T4308] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 501.294681][ T4308] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 501.349621][ T4308] usb 5-1: Product: syz [ 501.353874][ T4308] usb 5-1: SerialNumber: syz [ 501.375734][ T4308] usb 5-1: config 0 descriptor?? [ 501.407494][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.413987][ T1271] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.532239][T10712] __sock_release: fasync list not empty! [ 501.588665][T10705] loop3: detected capacity change from 0 to 4096 [ 501.625382][T10705] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 501.674612][T10705] ntfs3: loop3: Failed to load $Extend. [ 501.746602][ T4308] snd-usb-audio: probe of 5-1:0.2 failed with error -12 [ 501.793915][ T4308] usb 5-1: USB disconnect, device number 32 [ 501.965239][ T3651] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 502.066074][ T6755] udevd[6755]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 502.165459][ T3702] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 502.465066][T10728] loop4: detected capacity change from 0 to 1024 [ 502.483672][T10728] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 502.535393][T10728] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 502.581364][T10728] EXT4-fs error (device loop4): ext4_get_journal_inode:5733: comm syz.4.1961: inode #1: comm syz.4.1961: iget: illegal inode # [ 502.595244][ T3702] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 502.630203][ T3702] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 502.652628][T10728] EXT4-fs (loop4): no journal found [ 502.661421][T10728] EXT4-fs (loop4): can't get journal size [ 502.674298][ T3702] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 502.680962][T10728] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 502.692821][ T3702] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 502.912763][ T3702] usb 3-1: config 0 descriptor?? [ 503.837525][ T3702] arvo 0003:1E7D:30D4.0005: unknown main item tag 0x0 [ 503.850116][ T3702] arvo 0003:1E7D:30D4.0005: unknown main item tag 0x0 [ 503.892757][ T3702] arvo 0003:1E7D:30D4.0005: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.2-1/input0 [ 503.960887][ T3702] arvo 0003:1E7D:30D4.0005: couldn't init struct arvo_device [ 503.978875][ T3702] arvo 0003:1E7D:30D4.0005: couldn't install keyboard [ 504.026163][ T3702] arvo: probe of 0003:1E7D:30D4.0005 failed with error -5 [ 504.121871][T10751] loop3: detected capacity change from 0 to 4096 [ 504.149003][T10751] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 504.192709][ T3702] usb 3-1: USB disconnect, device number 18 [ 504.309086][T10751] ntfs3: loop3: Failed to load $Extend. [ 504.735279][ T4208] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 505.183769][T10761] device syzkaller0 entered promiscuous mode [ 505.517779][ T3649] EXT4-fs (loop4): unmounting filesystem. [ 506.145834][ T4782] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 506.495334][ T4782] usb 4-1: Using ep0 maxpacket: 16 [ 506.645531][ T4782] usb 4-1: config 0 has no interfaces? [ 506.835616][ T4782] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 506.871556][ T4782] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 506.909593][ T4782] usb 4-1: Product: syz [ 507.149405][ T4782] usb 4-1: Manufacturer: syz [ 507.182122][ T4782] usb 4-1: SerialNumber: syz [ 508.236620][ T4782] usb 4-1: config 0 descriptor?? [ 508.330734][T10790] syz.4.1982[10790] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 508.330856][T10790] syz.4.1982[10790] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 508.486753][ T3702] usb 4-1: USB disconnect, device number 24 [ 508.530611][T10796] device syzkaller0 entered promiscuous mode [ 508.804103][T10798] loop1: detected capacity change from 0 to 1024 [ 508.862909][T10798] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 508.979756][T10800] loop2: detected capacity change from 0 to 1024 [ 509.007354][T10798] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 509.021548][T10800] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 509.043016][T10800] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 509.061357][T10800] EXT4-fs error (device loop2): ext4_get_journal_inode:5733: comm syz.2.1987: inode #1: comm syz.2.1987: iget: illegal inode # [ 509.075899][T10800] EXT4-fs (loop2): no journal found [ 509.081238][T10800] EXT4-fs (loop2): can't get journal size [ 509.181647][T10800] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 509.640984][ T9177] EXT4-fs (loop1): unmounting filesystem. [ 510.295967][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 511.405213][ T4208] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 511.462494][T10847] loop4: detected capacity change from 0 to 1024 [ 511.493252][T10847] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 511.529724][T10847] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 512.442082][ T3649] EXT4-fs (loop4): unmounting filesystem. [ 512.453025][T10857] loop3: detected capacity change from 0 to 1024 [ 512.509493][T10857] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 512.533118][T10857] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 512.555534][T10857] EXT4-fs error (device loop3): ext4_get_journal_inode:5733: comm syz.3.2005: inode #1: comm syz.3.2005: iget: illegal inode # [ 512.604200][T10857] EXT4-fs (loop3): no journal found [ 512.626961][T10857] EXT4-fs (loop3): can't get journal size [ 512.641704][T10864] xt_l2tp: invalid flags combination: 0 [ 512.666990][T10857] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 513.208205][ T4885] EXT4-fs (loop3): unmounting filesystem. [ 514.280153][T10901] loop0: detected capacity change from 0 to 1024 [ 514.310137][T10901] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 514.331212][T10901] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 514.351455][T10901] EXT4-fs error (device loop0): ext4_get_journal_inode:5733: comm syz.0.2023: inode #1: comm syz.0.2023: iget: illegal inode # [ 514.387364][T10901] EXT4-fs (loop0): no journal found [ 514.396782][T10901] EXT4-fs (loop0): can't get journal size [ 514.410447][T10906] xt_l2tp: invalid flags combination: 0 [ 514.423720][T10901] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 514.666673][T10910] loop3: detected capacity change from 0 to 128 [ 514.680879][T10910] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 514.690227][T10910] ext4 filesystem being mounted at /342/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 514.801527][T10910] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 514.825226][T10910] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 514.874010][ T4885] EXT4-fs (loop3): unmounting filesystem. [ 514.934957][T10915] loop2: detected capacity change from 0 to 2048 [ 515.198290][ T7806] EXT4-fs (loop0): unmounting filesystem. [ 515.248239][T10915] loop2: p2 < > p4 [ 515.325624][T10915] loop2: p4 size 8192 extends beyond EOD, truncated [ 515.491021][T10927] loop3: detected capacity change from 0 to 2048 [ 515.506442][ T6822] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 515.526633][T10927] UDF-fs: bad mount option "gid=00000000000000060929" or missing value [ 515.556787][T10915] loop2: detected capacity change from 0 to 1024 [ 515.593403][ T3732] hfsplus: b-tree write err: -5, ino 4 [ 515.631163][ T4696] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 515.659671][T10915] loop2: detected capacity change from 0 to 128 [ 515.685934][ T6822] udevd[6822]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 515.707001][ T4722] udevd[4722]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 515.736701][T10915] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 515.778127][T10915] ext4 filesystem being mounted at /105/mnt supports timestamps until 2038 (0x7fffffff) [ 515.947157][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 516.037075][T10943] xt_l2tp: invalid flags combination: 0 [ 516.068597][T10944] loop2: detected capacity change from 0 to 16 [ 516.092178][T10944] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 516.131098][T10948] loop0: detected capacity change from 0 to 1024 [ 516.161825][T10948] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 516.183153][T10948] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 516.226014][T10948] EXT4-fs error (device loop0): ext4_get_journal_inode:5733: comm syz.0.2040: inode #1: comm syz.0.2040: iget: illegal inode # [ 516.282125][T10948] EXT4-fs (loop0): no journal found [ 516.298053][T10948] EXT4-fs (loop0): can't get journal size [ 516.397227][T10948] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 516.823310][T10962] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2045'. [ 517.060460][ T7806] EXT4-fs (loop0): unmounting filesystem. [ 517.552634][T10980] xt_l2tp: invalid flags combination: 0 [ 518.791940][T10994] loop2: detected capacity change from 0 to 1024 [ 518.828399][T10994] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 518.912617][T10994] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 518.962324][T10994] EXT4-fs error (device loop2): ext4_get_journal_inode:5733: comm syz.2.2059: inode #1: comm syz.2.2059: iget: illegal inode # [ 519.012986][T10994] EXT4-fs (loop2): no journal found [ 519.028974][T10994] EXT4-fs (loop2): can't get journal size [ 519.046373][T10994] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 519.444201][T11012] loop4: detected capacity change from 0 to 64 [ 519.603719][T11015] xt_l2tp: invalid flags combination: 0 [ 519.789542][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 520.015491][T11020] loop2: detected capacity change from 0 to 16 [ 520.055552][T11022] loop3: detected capacity change from 0 to 128 [ 520.076977][T11020] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 520.086973][T11022] FAT-fs (loop3): Unrecognized mount option "0x0000000000000000" or missing value [ 521.851606][T11042] loop4: detected capacity change from 0 to 1024 [ 521.888359][T11042] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 521.920488][T11042] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 521.955402][T11042] EXT4-fs error (device loop4): ext4_get_journal_inode:5733: comm syz.4.2079: inode #1: comm syz.4.2079: iget: illegal inode # [ 522.001513][T11042] EXT4-fs (loop4): no journal found [ 522.268245][T11042] EXT4-fs (loop4): can't get journal size [ 522.277696][T11030] loop1: detected capacity change from 0 to 8192 [ 522.476492][T11042] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 522.990400][T11045] nfs: Bad value for 'source' [ 523.152751][ T3649] EXT4-fs (loop4): unmounting filesystem. [ 527.544349][T11091] loop4: detected capacity change from 0 to 1024 [ 527.600338][T11091] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 527.659818][T11091] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 527.691249][T11091] EXT4-fs error (device loop4): ext4_get_journal_inode:5733: comm syz.4.2096: inode #1: comm syz.4.2096: iget: illegal inode # [ 527.750503][T11091] EXT4-fs (loop4): no journal found [ 527.780854][T11091] EXT4-fs (loop4): can't get journal size [ 527.875956][T11091] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 528.409344][ T3649] EXT4-fs (loop4): unmounting filesystem. [ 528.480769][T11087] loop0: detected capacity change from 0 to 32768 [ 528.554537][T11087] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.2094 (11087) [ 528.606904][T11087] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 528.631667][T11087] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 528.667322][T11087] BTRFS info (device loop0): setting nodatacow, compression disabled [ 528.724863][T11087] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 528.769375][T11087] BTRFS info (device loop0): force lzo compression, level 0 [ 528.803089][T11087] BTRFS info (device loop0): metadata ratio 8 [ 528.840940][T11087] BTRFS info (device loop0): doing ref verification [ 528.871943][T11087] BTRFS info (device loop0): metadata ratio 32769 [ 528.895331][T11087] BTRFS info (device loop0): turning off barriers [ 528.915288][T11087] BTRFS info (device loop0): enabling ssd optimizations [ 528.956915][T11087] BTRFS info (device loop0): using spread ssd allocation scheme [ 528.964604][T11087] BTRFS info (device loop0): turning on barriers [ 528.988132][T11094] loop2: detected capacity change from 0 to 8192 [ 529.015109][T11087] BTRFS info (device loop0): using free space tree [ 530.083638][ T7806] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 531.322324][T11119] nfs: Bad value for 'source' [ 531.591465][ T4208] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 531.643009][T11145] loop2: detected capacity change from 0 to 1024 [ 531.781561][T11145] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 531.838884][T11145] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 531.895134][T11145] EXT4-fs error (device loop2): ext4_get_journal_inode:5733: comm syz.2.2108: inode #1: comm syz.2.2108: iget: illegal inode # [ 532.035378][ T4208] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 532.045848][ T4208] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.082432][ T4208] usb 4-1: config 0 descriptor?? [ 532.342433][T11145] EXT4-fs (loop2): no journal found [ 532.355275][T11145] EXT4-fs (loop2): can't get journal size [ 532.443054][T11145] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 532.726621][ T4208] gs_usb 4-1:0.0: Configuring for 1 interfaces [ 533.094680][ T9213] EXT4-fs (loop2): unmounting filesystem. [ 533.205560][ T5257] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 533.485326][ T5257] usb 1-1: Using ep0 maxpacket: 8 [ 533.555624][ T7] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 533.628033][ T5257] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 533.728006][ T5257] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 533.938969][ T4208] gs_usb 4-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 533.945232][ T5257] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 533.970058][ T4208] usb 4-1: USB disconnect, device number 25 [ 534.075370][ T5257] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 534.095673][ T5257] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 534.171884][ T5257] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 534.722709][ T5257] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 534.755276][ T5257] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 534.767479][ T5257] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 534.875293][ T26] audit: type=1326 audit(1722287688.750:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 534.988716][T11175] nfs: Bad value for 'source' [ 535.015615][ T26] audit: type=1326 audit(1722287688.790:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 535.115369][ T5257] usb 1-1: string descriptor 0 read error: -22 [ 535.123118][ T5257] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 535.132460][ T5257] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 535.189303][ T5257] adutux 1-1:168.0: interrupt endpoints not found [ 535.242072][ T26] audit: type=1326 audit(1722287688.940:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 535.335720][ T26] audit: type=1326 audit(1722287688.940:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 535.359640][ T26] audit: type=1326 audit(1722287688.940:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 535.804006][ T26] audit: type=1326 audit(1722287688.940:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 535.826644][ C0] vkms_vblank_simulate: vblank timer overrun [ 535.883621][ T26] audit: type=1326 audit(1722287688.940:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 536.568962][ T26] audit: type=1326 audit(1722287688.940:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 536.584120][ T4206] usb 1-1: USB disconnect, device number 33 [ 536.720075][ T26] audit: type=1326 audit(1722287688.940:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 536.742685][ C0] vkms_vblank_simulate: vblank timer overrun [ 536.775208][ T26] audit: type=1326 audit(1722287688.940:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11172 comm="syz.2.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f528a977299 code=0x7fc00000 [ 536.797611][ C0] vkms_vblank_simulate: vblank timer overrun [ 536.845217][ T3651] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 536.854244][ T3651] Bluetooth: hci4: Injecting HCI hardware error event [ 536.868831][ T3646] Bluetooth: hci4: hardware error 0x00 [ 537.222782][T11202] loop4: detected capacity change from 0 to 1024 [ 537.256559][T11202] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 537.295703][T11202] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 537.321372][T11202] EXT4-fs error (device loop4): ext4_get_journal_inode:5733: comm syz.4.2124: inode #1: comm syz.4.2124: iget: illegal inode # [ 537.405370][T11202] EXT4-fs (loop4): no journal found [ 537.413402][T11202] EXT4-fs (loop4): can't get journal size [ 537.465945][T11202] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 538.097240][ T3649] EXT4-fs (loop4): unmounting filesystem. [ 538.659016][T11231] loop0: detected capacity change from 0 to 2048 [ 539.015233][ T3646] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 539.510545][T11231] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 540.135388][ T26] kauditd_printk_skb: 48 callbacks suppressed [ 540.135410][ T26] audit: type=1326 audit(1722287693.920:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11225 comm="syz.4.2130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1581977299 code=0x7fc00000 [ 540.531395][T11242] ------------[ cut here ]------------ [ 540.537376][T11242] WARNING: CPU: 1 PID: 11242 at fs/udf/inode.c:2020 __udf_add_aext+0x54c/0x6f0 [ 540.546691][T11242] Modules linked in: [ 540.550633][T11242] CPU: 1 PID: 11242 Comm: syz.0.2132 Not tainted 6.1.102-syzkaller #0 [ 540.559023][T11242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 540.569172][T11242] RIP: 0010:__udf_add_aext+0x54c/0x6f0 [ 540.574735][T11242] Code: 4c 89 e7 e8 96 d5 e3 fe 49 8b 3c 24 4c 89 fe e8 2a f7 02 ff 31 c0 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 84 4d 8c fe <0f> 0b e9 ed fb ff ff e8 78 4d 8c fe 0f 0b e9 5c fc ff ff e8 6c 4d [ 540.594640][T11242] RSP: 0018:ffffc9000348f7d8 EFLAGS: 00010287 [ 540.600864][T11242] RAX: ffffffff82fe4e0c RBX: 1ffff92000691f75 RCX: 0000000000040000 [ 540.608911][T11242] RDX: ffffc9000ae91000 RSI: 000000000000ef11 RDI: 000000000000ef12 [ 540.616968][T11242] RBP: 00000000000001d0 R08: ffffffff82fe49f2 R09: ffffffff82fe4922 [ 540.625037][T11242] R10: 0000000000000002 R11: ffff888023ff5940 R12: ffffc9000348fba0 [ 540.633126][T11242] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffc9000348fba8 [ 540.641178][T11242] FS: 00007f163a7e26c0(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 540.650191][T11242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 540.656848][T11242] CR2: 00007f163a7e2d58 CR3: 0000000022a3b000 CR4: 00000000003506e0 [ 540.665019][T11242] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 540.673036][T11242] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 540.681117][T11242] Call Trace: [ 540.684431][T11242] [ 540.687436][T11242] ? __warn+0x15a/0x520 [ 540.691650][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 540.696689][T11242] ? report_bug+0x2af/0x500 [ 540.701243][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 540.706190][T11242] ? handle_bug+0x3d/0x70 [ 540.710653][T11242] ? exc_invalid_op+0x16/0x40 [ 540.715408][T11242] ? asm_exc_invalid_op+0x16/0x20 [ 540.720564][T11242] ? __udf_add_aext+0x62/0x6f0 [ 540.725414][T11242] ? __udf_add_aext+0x132/0x6f0 [ 540.730305][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 540.735235][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 540.740132][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 540.745154][T11242] udf_setup_indirect_aext+0x6ba/0x980 [ 540.750684][T11242] ? __udf_iget+0x39b0/0x39b0 [ 540.755447][T11242] ? mark_buffer_dirty_inode+0x103/0x300 [ 540.761123][T11242] ? __udf_add_aext+0x536/0x6f0 [ 540.766083][T11242] udf_do_extend_file+0x6df/0x1140 [ 540.771250][T11242] ? udf_write_failed+0x1b0/0x1b0 [ 540.776354][T11242] ? inode_bmap+0x2d4/0x6c0 [ 540.781087][T11242] udf_setsize+0xd3c/0x1430 [ 540.785684][T11242] ? udf_evict_inode+0x3d0/0x3d0 [ 540.790677][T11242] ? current_time+0x1fd/0x300 [ 540.795431][T11242] ? setattr_prepare+0x1e0/0xc20 [ 540.800429][T11242] udf_setattr+0x36c/0x540 [ 540.804893][T11242] ? udf_release_file+0x120/0x120 [ 540.810637][T11242] notify_change+0xce3/0xfc0 [ 540.815356][T11242] do_truncate+0x21c/0x300 [ 540.819874][T11242] ? put_page_bootmem+0x2e0/0x2e0 [ 540.824958][T11242] ? bpf_lsm_path_truncate+0x5/0x10 [ 540.830232][T11242] do_sys_ftruncate+0x2e2/0x380 [ 540.835165][T11242] do_syscall_64+0x3b/0xb0 [ 540.839625][T11242] ? clear_bhb_loop+0x45/0xa0 [ 540.844339][T11242] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 540.850390][T11242] RIP: 0033:0x7f1639977299 [ 540.854849][T11242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 540.874710][T11242] RSP: 002b:00007f163a7e2048 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 540.883215][T11242] RAX: ffffffffffffffda RBX: 00007f1639b06058 RCX: 00007f1639977299 [ 540.891250][T11242] RDX: 0000000000000000 RSI: 0000008002007ffb RDI: 0000000000000004 [ 540.899254][T11242] RBP: 00007f16399e48e6 R08: 0000000000000000 R09: 0000000000000000 [ 540.907247][T11242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.915423][T11242] R13: 000000000000006e R14: 00007f1639b06058 R15: 00007fffca035d58 [ 540.923433][T11242] [ 540.926503][T11242] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 540.933867][T11242] CPU: 1 PID: 11242 Comm: syz.0.2132 Not tainted 6.1.102-syzkaller #0 [ 540.942014][T11242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 540.952676][T11242] Call Trace: [ 540.956057][T11242] [ 540.958987][T11242] dump_stack_lvl+0x1e3/0x2cb [ 540.963670][T11242] ? nf_tcp_handle_invalid+0x642/0x642 [ 540.969137][T11242] ? panic+0x764/0x764 [ 540.973214][T11242] ? vscnprintf+0x59/0x80 [ 540.977630][T11242] panic+0x318/0x764 [ 540.981550][T11242] ? __warn+0x169/0x520 [ 540.985722][T11242] ? memcpy_page_flushcache+0xfc/0xfc [ 540.991108][T11242] __warn+0x348/0x520 [ 540.995149][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 541.000124][T11242] report_bug+0x2af/0x500 [ 541.004460][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 541.009319][T11242] handle_bug+0x3d/0x70 [ 541.013632][T11242] exc_invalid_op+0x16/0x40 [ 541.018233][T11242] asm_exc_invalid_op+0x16/0x20 [ 541.023259][T11242] RIP: 0010:__udf_add_aext+0x54c/0x6f0 [ 541.028745][T11242] Code: 4c 89 e7 e8 96 d5 e3 fe 49 8b 3c 24 4c 89 fe e8 2a f7 02 ff 31 c0 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 84 4d 8c fe <0f> 0b e9 ed fb ff ff e8 78 4d 8c fe 0f 0b e9 5c fc ff ff e8 6c 4d [ 541.048556][T11242] RSP: 0018:ffffc9000348f7d8 EFLAGS: 00010287 [ 541.054727][T11242] RAX: ffffffff82fe4e0c RBX: 1ffff92000691f75 RCX: 0000000000040000 [ 541.063487][T11242] RDX: ffffc9000ae91000 RSI: 000000000000ef11 RDI: 000000000000ef12 [ 541.071470][T11242] RBP: 00000000000001d0 R08: ffffffff82fe49f2 R09: ffffffff82fe4922 [ 541.079458][T11242] R10: 0000000000000002 R11: ffff888023ff5940 R12: ffffc9000348fba0 [ 541.087443][T11242] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffc9000348fba8 [ 541.095463][T11242] ? __udf_add_aext+0x62/0x6f0 [ 541.100237][T11242] ? __udf_add_aext+0x132/0x6f0 [ 541.105098][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 541.110055][T11242] ? __udf_add_aext+0x54c/0x6f0 [ 541.114929][T11242] udf_setup_indirect_aext+0x6ba/0x980 [ 541.120417][T11242] ? __udf_iget+0x39b0/0x39b0 [ 541.125134][T11242] ? mark_buffer_dirty_inode+0x103/0x300 [ 541.130781][T11242] ? __udf_add_aext+0x536/0x6f0 [ 541.135752][T11242] udf_do_extend_file+0x6df/0x1140 [ 541.140921][T11242] ? udf_write_failed+0x1b0/0x1b0 [ 541.146058][T11242] ? inode_bmap+0x2d4/0x6c0 [ 541.150670][T11242] udf_setsize+0xd3c/0x1430 [ 541.155192][T11242] ? udf_evict_inode+0x3d0/0x3d0 [ 541.160278][T11242] ? current_time+0x1fd/0x300 [ 541.165085][T11242] ? setattr_prepare+0x1e0/0xc20 [ 541.170038][T11242] udf_setattr+0x36c/0x540 [ 541.174544][T11242] ? udf_release_file+0x120/0x120 [ 541.179573][T11242] notify_change+0xce3/0xfc0 [ 541.184195][T11242] do_truncate+0x21c/0x300 [ 541.188830][T11242] ? put_page_bootmem+0x2e0/0x2e0 [ 541.193895][T11242] ? bpf_lsm_path_truncate+0x5/0x10 [ 541.199105][T11242] do_sys_ftruncate+0x2e2/0x380 [ 541.204312][T11242] do_syscall_64+0x3b/0xb0 [ 541.208819][T11242] ? clear_bhb_loop+0x45/0xa0 [ 541.213586][T11242] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 541.219483][T11242] RIP: 0033:0x7f1639977299 [ 541.223897][T11242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.243511][T11242] RSP: 002b:00007f163a7e2048 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 541.252009][T11242] RAX: ffffffffffffffda RBX: 00007f1639b06058 RCX: 00007f1639977299 [ 541.259979][T11242] RDX: 0000000000000000 RSI: 0000008002007ffb RDI: 0000000000000004 [ 541.268137][T11242] RBP: 00007f16399e48e6 R08: 0000000000000000 R09: 0000000000000000 [ 541.276116][T11242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 541.284087][T11242] R13: 000000000000006e R14: 00007f1639b06058 R15: 00007fffca035d58 [ 541.292069][T11242] [ 541.295481][T11242] Kernel Offset: disabled [ 541.299897][T11242] Rebooting in 86400 seconds..