last executing test programs: 1m5.150280736s ago: executing program 0 (id=1223): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200010, &(0x7f0000000680)=ANY=[@ANYBLOB="64656275672c757466383d312c757466383d302c757466383d312c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c002bc08d8cca74e8ecafb48437094fe1a4a2383bd9d85bff651d1101fd722e01b9b5d22f08b5fc0ac7cbf33fb553a90ae4d01d71ddeeb089f517aeaaa271899287d5b8949b22b23c2807b7d81714b89e9682f6c3faa6107733a77a4cf985560ed64ec24e255dee3654aa2ba55be4bf3ae257adba34bed8e32e4122bb46aa57a75dab0288098e42f886f09bdf63537db28a454b02a4204a7e7dac3c30a6d4b5c814916b02"], 0x3, 0x25a, &(0x7f0000000240)="$eJzs2s9rI2UYB/Bn6sqmXbqp+ItdEF/0oF6Gbc8edpEKYkFRK6yC7KydauyYlE4oRMT2pFf/BM/i0Zsge/TSi3+BB2+99LgHcSRNWtOysIs/mqX7+RySh3nnm7zzvmF4ErL/6refb6zX+XrRj5ksi5nrsRt3s1iImTiyG6+8dPOX5969+cGbN1ZWWuOjSymly8///OGXP7xwp3/p/R8v/3Qx9hY+2j9Y+n3vmb0r+3++92mnTp06dXv9VKTbvV6/uF2Vaa1Tb+QpvV2VRV2mTrcut06Mr1e9zc1BKrpr83ObW2Vdp6I7SBvlIPV7qb81SMUnRaeb8jxP83PBv7H6/d2miYPm8VvRNM3sd3HpTsz/Fu3InkjZk9ezp29lz+5mVw6apn06OjudGfPf+sf7z7kwvqkvv5NSK6L6Znt1e3X0PBxtxY316EQVZVyL2fgjhh+TsVH9+hsry9fSoYX4utoZ53e2Vx87fP3j/GK0Y+He+cVRPh3lL0bE8HFuMr8U7Xjq3vmlU/nR+7fi5Rcn8nm049ePoxdVrMUwGzvjJVj+ajGl195aOZW/engeAMB5k6djw/5t2LSd6N/y/MT4RH80yk/0h+379Ien+qsLcfXCdK+diHrwxUZRVeXW8AveYXF85FEtZieX5UGKo59C/r+JzZzYs4dloRTnuYj4bCp3JM7S35t+31NbZzIhAAAAAAAAAAAAHshZ/J1w2tcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA83P4KAAD//8scwHs=") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x84c00, 0x0, 0x0, 0x0, &(0x7f0000000000)) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00') 1m4.923004963s ago: executing program 0 (id=1227): syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="696f636861727365743d63703835302c706172743d3078303030303030303030303030303030332c636f6465706167653d69736f383835392d332c6469725f756d61736b3d30303030303030303030303030303030303030303030352c706172743d3078303030303030303030303030303038322c00724acebf9930ce7d6654ef852160bc6dcb17f5e27c7d187e041f030061162b687a6ebac3f35b1c179e467710c0c8"], 0x1, 0x308, &(0x7f0000002640)="$eJzs3b9u00AcB/DvnZ02pVUxbRESC6hQAUtFgQGxBKGs7EwIaFKpqlVEWyTahVAxIh6AnVfgIVhAjCzAwsQDdDO6n8+OHV+cViRxW74fKZFzvj+/w//uLNEDEf23HjR/fLz923wU4MEDcA/QAOqAD+A8LtRfbu6s74TtVllFnpQwH4W4pCrkWd1su4qaclIimkySfPiYkTQaqSiK7v+sOgiqnFz9DhqYtNeh7K+POa5h6e1cB7hUUSiVyf4bqAMc4BVmKwyHiIiOAfv81/YxMSNJCloDS/axf6Kf/70Oqg5guO6EhaSotEDm+S+ju0iZ43tWdnXnezKFM/t1Mks8TDC1nt8TiM+s3BhMuWeVv6KYjUVPra37WF59g5bGPhpWpsCCfLfiUzcxINpFx9y0RP/aanh4Ju6NGVFO9e5OQlpbD9sytXXEP3+0Fv+d+qy+qscqwAe00vGfHylzmORIBT1HStdM/Df71zgtpUwu2Gl/o9HQuSznpJGLtgVrQC/r7hlJts7kBUEnjcAR536yIW3PIf9aIe7diqsB1a183lUqSH8Vy0pbC7lSnj0Tllefh6WvUkYj6aJ6rx6pRfzBJzQz439t4ltC5sosu9UryWnPjLg/E+6cvuQMCk+OTrp1OY3Amjxy3wg44tuyd3iGu5jd3t3b8MKwvWU2njo2XsxsKZtSews484x+w0NJHnS6KfLweB1Fh605GmXwN4Zaobl/pCnm8nFlNldZmqLHfZhO2UYySijsan5B2Qk50o0kqKFUaAZau3sb368Vdw39/kTH0LZKDrpNKAxi6ZQz4y4Vz/9kJG9HdXKfMV9ByTi9fJKJXI0r6QwuPxScc41dBswNpvvP4Loterf6zBllznXlOnA1k6hQ2mIgcZ4aqolveML3/0REREREREREREREREREREREREREJ804/sdC2lhQaVeJiIiIiIiIiIiIiIiIiIiIiIiIiIiIiE6sw6//O9Vdqcn1N+Jl/d9g4Pq/uQWA7UJR6fq/VsD1f4nG4m8AAAD//8fte5U=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x80800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 1m3.791104609s ago: executing program 0 (id=1233): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001740)=@newtaction={0x10f4, 0x30, 0x800, 0x0, 0x0, {}, [{0x10e0, 0x1, [@m_gact={0x106c, 0x11, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0xb76, 0x10000000}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x148d, 0x5}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0xad}}, @TCA_GACT_PARMS={0x18, 0x2, {0xffffba24, 0x4, 0x0, 0x6, 0x6c8}}]}, {0x1004, 0x6, "e7ceb9e66e91fabe7ced6d43010c7fcd56f8cc16aa526c54a83711cf390bcaf04975a64f5d34ab33b21d7a68099a3a8b7183d59b5ac1d8ee1c0f828be21d7f3706ba31673d1734ab00df10384d3b41b5eafa5771373d7f633a6bb878b99b8f690aee3b19bdf1758eda7266fe007c504572c1f195a2334e305e63b3cb59409af17396c40d3b8ec80ea7c422e24c4f482cb3519bd9d6fb02782ef67097798395b35cb18db02c300feba4d125202a7fcf73958265c7548ce952206071a7aff1e2bf99da3e8fba49175871b4c7e27e88e947c9957f64af5dc9bfd71888109b5cd02ef9dca03a1ea7030a90b4fd44ffe088c05f39b59843e4249e9baf7a14b38cfc6c39c09f7f7c83e4569469d6f0092d04580b6d9922427f9bafb24d9d1a22817a7c829a57335318ff9a8d5a822dc0bc440ca8a3a1136b2b06649f7b72a475f008a0bb22c5a5d5a28818e43b50f95b1d2247ce237a294e0835895531b7ac4f9081f31de20b5f14d48c1ff85fd948c676ba4a6c3d31dc5b3f67633461c5035b51c8c8977bd8bfe853633dc5c2dd7ad9bf02863b43ff2d6a3003689f37844cadaf47cf0e8a07c78eddb8c721d6750ceb97d7afe72f1ed5904f2b4eec91969608f8ecd6acfa1684470064b49e6dc3b738a96cf32cb921c0a693ce4090f8ec002920d58eb707793a558ced61b0db26e17db3baf4d6646363781fa104ea0e473eb38dee6deba66c95c566fe6dc4b32116f400a5d471533dae598d55fdd5a75ec3e7b482d9470a41f0fdbf60df61a9fe3cbb5bb5f4a2e2728e92922dbf2eaa195935e99e7246a6300251effe95836247c55a282e5576b7d0790085bb161add51cae9d33e0a158709e9bb49c7b276c274b9b8cf5dd7ece9f9b6b2812834560a2e1254916603bf128d8f1107731a81aecacf9d96dd3a4b6d163381c142804d484dbf9759f608406daa3c449edc0448af70d188ee6532c965fc3f040d40f232d94e2ea87a00e29d2249dcc705dd06c052909713593d5e979d8fb8b89631c31751381cf8d29ae08af0c65d4e6ea27504b3da394f724c88df53e14f3657051c582172a064136717a564148f93870b46d50f2e72be820083f0516dc121aeb81ecd355bd007d7bf3fafb0e3f8f771e5c7b19c8add4cd1fc4c6ec66ff04dc67e38f8e9b99a988c8aaed0431d9136969dbe742bef183abeaafdabfc3e73e7768e9a44fd76fa515694681616364cfce4db4f7ff1cd5bf7ed2b4978afaa4c6956f9790013dd973a334be072431d4cceb21bb58fd837eece989e0ea66026f8ba176b1296f3533fbfa636985c1013ecd509d927bb9e41a9ddbaa0c42cbb96f9457a283135ff5cbf6209e28215d5c51013902c39520b2115a562c56d1fcffea51c2f6912688656ece9db21d5da6f5d780c1cd4f685f4cc11dbfa58d623891e308d52d741ad88ff87e897415b13e71a6f2cee1e26f2cd2d5e373cc24e47c439a5dfbfd6f7d86ca5376aaa59ac7e06d6b5c18662578b91ed937974caecf9d070898bc5b176bf9d9cb3fd225fb354e801c47d3b282f131eca374d5380601234a695b0d89a87ccbc6aa2a5292c95a4189203d9e5e3524d66146bfbf72b06bb53c48fda52e1b1f6deb5b40f7ac67354b99fa70cca365b22ff5099f2ef27edc3e4d2afdffc714a60a8326dd76d0ae5b5d66377e8b9adef74ddb8ad68edfbad4f2d891371901ff4040d682a7d1bc4b64c36a451430d2c9ef4aab9148ec0e1ce6b0e8b78913bc58243801e76a70b668480ac5e0fac8f49eac13355f382c6156c42f1a2de394f9c213fd3b4646bd1039943cdc662cf695620f11d5a87764dc90bc10f261f7c6de1510040fcd5d9381e607090a000abbdc6974a6804b890a809f04a0ebf8f4cf34979a9c4ade565145454ddbf2dbff82d3bb6299ad6ec264aab3f063537371c8257815086bf2f4ab46b25c527c43a1cbc1e7096fb2f2825a6ac1ce711d9b4b29204b188a8361b42ba37dab79e4bbb01c019924d81bb02860bc7353ac3a9ed6e8b022e44dc99e9257d9ef830e07608457cbae6764fc16c2b816ab6e1f44a4aee7753f2ecebd80a04fc5511c3867986f74de09fe5d1686018a9653c65f6820ea83c862db2d141f447d9a15312895a5a2aadf1545b7b6eec0e451a0de4a6a5192718a1dfde14721599b85e727d55dd78e7127658bf807c911e0b962f54dac70cdcf79b8c1f4dddbd9158cfdee1862039afa9a6335d2256a2389ea63d2f6f36bd2f14cf2f1da054ed94b27ee360a786ccab20eacf6e75d689dfbeea78defbf0bb11d06fe83f2822bf8367a5bf2621a464263aa9494f7ee4f66b0d03b2eafecda3faf3b3f6dd3c339ad27e532b22bec79b3a14e98f42753bb0900da630aa2828d780b236d930ea35b924e6bf1b1d3c88262897bb154c0f13e73ca5deb02cd67526e1e00486a3e0f2669558170fcf73f82430d1caa1580056d3022f031164871654d9d9fed67d9a8677dade1dbaf5059e8fd8de97a92c036a34e46fc76438e4383a569cf752fd8de84659192ad0e4471e8ed2d40716bd96c2da029565ae9f07684f0907067a6528abf9ade2c1e365f92b0a1909968f36d9616b7e72273bec6dfeb275752ceab47b98fdad9f2226ea8e7fe24c79ff90627394d7b3aa1fc0d50386bf1b484229a223d9415be3582d46a55dc02568f060059ab0980c4c7267cf4d4021d1088ca98a4c54bd2f896d74438aff7860c18afd5fe1f5c343dc6f9d39e24d138f848e9254f05ba1c4e56283f0d8e72005bb695f7307d75b04d025c5505574a4a97f180b9b0b3e5e9ca7cba3d8f01192e2ff519a82d309180d4274ff20a828aab7348352498f1c998e3909bbb0b0421714f36c4c58399c0c83a114577e9ff20d1ada0cdc86c6ec90b18267f745aeed7eb710826da1befa14c8c4cf0cc42e920c0526c7f30195a1c6d758a62934198e609de9a6ec4ccd88c3a3131f27d9e807d447a036496178cda94520c639c447c7295f67c987652268a642c8ac07cd90a7a6faee58dda5d5882e8f121c9c15b27c6ed292a001aa1fb5f74cf213ad070db13ab8c0f40fade25842f1dc2b54edef86f0ca783ce9cbe0ee8d5cd5c79de379472f8d30f0a89eb4ce8975c1c0d045bfaff8337953fd082a7a3b60ae5d417fe094f9f074a4a88896c75ac2aa904ce6f4b99bdf53c967898002aa6b9f5ab5a1a5940b8596f62ed6b56ddc96606d97bde84462bfa0c4c6c8853faca63469b4e3d887c3c94acd9c368df3c1f242bc319406c61ba4d5f059eb9aad29368f3394cebad5ce5ebb97264e94248f6cdfd39f80bd53c2ded0c71ff45868a3f6db6a0bb04a6d673a9cc02486d34562a2c0cd152d7877e0b3de49634ccbacb1190c84ff1efd811ec556b9c6154e68c2c06d99914feb1f7a7b0204167467b08bc3f5c0bca47e028575d80c062a551963da0ed578a63317cb444e502be90f4ed6b5181817c1eca1fc65f663f06564dd9c2c7efcb22c635b94a88cc0531c328b8233948195d4cb7eca4076a2f621e16bd61eb9dca3e6dca1b962e0d4a942392ed3a735115f9926168ba46bfd54b3de3e3234d9149d40a11df4cc10945510cc79b0b806fea6790afbd3e64e3318b72327049109b85a8dcbf88c7f32aa40a40de8f89118080d8608aa709bbce18c652af84ad101320b85e04db8ceb05519f958ac31d2e1dff448a8670af7612211af10f1f6dcff961abbf362825ba6e8185e22dfc904b6174bb4208592babfbbcf29385b5e348104caad0b7c382f48c45b850f63318790795ec0e1f725a043f606ab152d88e4691ef5d632df9f6e1cc459d4b219bc76fa36af61ae085f6b7a97b1a3b6b993f67b51dd5f881501632f7ec813ce0a2064d986c943d30a5682016a6628a5601b95503197485039505ce1784c15d6d9b8c83166e3b19817597a56f0828c9a7b20b0d389ff4f2017e103e055c834a16b9a08fb77f81788d0aa24bdb93209de55ee7178d7436628032f4c3a4c3b42315e88b2ef4a373a21c4e90123db32d76b68aba22264ee023fa48ac364246b0c68d563ea2bb7d4b119ebd34fc4de2ccf673443923f789cdd8c0b27abbb28eb96eebd982b46b479f343b62ccd28431fa652e4d20cc1e8ac517b3b2967ab19a769d76291ed6715d28583dadbf3c66e13efa99fd0105b2ffa1b13a4d6f56762ea5e14b923644e75cf3f4399193b2f414b2c1a15bc7c430f6327d98ebb3db5dee37d5068d2a07b7a70dbe1a7da581cf693177c90cb8dfe6ad5b4624d86598617decdd9302410550dd5154ad6af2969e7a2a22e39b4c69daa0d17c9645ba7ca82d991db713038c9ea4aebf11c7cd766d1bb2c123d971904aea35b731c7937e510d56495618983f30eab0fe5f344a5ef306d1dae087c418f933014dcdb26c9d5cd1e6c053f10e1b381fe1518cb48f5c0b9d7494a9b093cfec9f875ce0eb8e3e319eef84817ec4990e6f1a7d960f275ded4df0ebef34fa1e4a04145ebd0365e7769e72d8e4a75eb14ce6eb4fcebd7e549377fd16221349320739bb2d23ca88b49e0686b9bdb71b1f05077a2831d9c38177812fb500a9523fa6830c2a1c6f4bf23479f6e0ce31972948fc484ac6b497bf985071cd8ae9d54a445287b5719d6221d787ba37bad175b075c2ab7ac87edc94f8cc3f4fb61148d2f4ae307f5ea45cbeec2bc54bbebafaefd4d0bbb1f28cfd63f7c25904b6e68ac8aa74ad301f280ac562fe5893732a2719fcef17665ca9f7ba14b397bc5b0f6dab58a56fc493650251e3c4543f666d0aea87344c92c35557dba5859b9e725f0e36bb2d01e2df9ce294b89ed79b4e5a305b3f6e180467933759c1523cd4e37896520d34d1aaa08ad2cc11a16116c47a63eeb1bdb6309d5d1593aaa4053953aec975003d1ae5987ae3c0ab444e8a7c50b604bf524b59ea58b6d6976afcfa0df6eb1298c2d03adaac85760020f00b8e936dcd8745b7479cd931c0243eef152deefdb5a40e13fc0d5d3f595a0efde7f6a9c046977caab56320d9c91306725424cbe738a01783e5c827c542c3aebd7ad1fc56302fe8a27a10e25740c3aeed6697867f3be6074e54adb6685b423f975f91d0fe426fa822b7adc4a9da2ea47611902c0a0dc758353c4ec232593801913abe9c14ce78aa0a1d3f860ba0dc0de747dab2d6e58b58a0e2d87dd20ff93ea352a185ebaceb69ec23ba9d135fb06b600b64bfea8b35651549dbfb11986727ab82fd7ba7c73cce3320eeeae9c5c2f37c519e98835d21c30b73f309ea72658164693a61c9f194e19ea79a17d6ff5e1fd8f83b0020929436af3c457896e86586ef8e68c28fe981b3406649f20a72c3f11cdf4088a1a7d19b94744af2c0a86ea707d3bc8ca04aac9f5de2b97bb1c2c147251ffb3febc78052a9de7ffbd577df99c0300b3fdaec301a3fb5cf8bb94cd3e363ce24342c0cc33c12ced96ce49bcaca8fab983eafc8283e5205094565f0abc40d1249671b4294f76da4450ff67151d8dc30e315dc7fd072c2fdbb1b573b256741474c077f097ca92958b18c44e7cc9149a5f2d5a2abb6471aa36fd5e1c9c252435a493c4e9611889a0b4bb552765e08fee3359bd9e76a5cdb71e3c3b5365c0ed3f6825b16f06cac82c685e14ccd8a2722e2bea9731a817e55ced95ae59ff8011fe6b838a8752ea6c46e348cac8f9e35ab17427b5b6ff0ac4b16cf8cd2683aa26bd2f6ff249d2e536df0f11cce2c142517e159a467636587dc31d150867b5c63e06b727601a077b784e65d9d3c5d071fc19170a1349b19cbbc942726c27cd2dc83ce26f65273bf005"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ife={0x70, 0x1, 0x0, 0x0, {{0x8}, {0x48, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @TCA_IFE_METALST={0x1c, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x7}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x10f4}, 0x1, 0x0, 0x0, 0x20048095}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmmsg(r2, 0x0, 0x0, 0x0) setresgid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) write(r3, &(0x7f0000000000)="14000000140005b7ffccca38b9000000010860eb", 0x14) bpf$TOKEN_CREATE(0x24, &(0x7f0000000340)={0x0, r1}, 0x8) socket$inet(0x2, 0x2, 0x0) r4 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @empty}], 0x10) sendmsg$inet_sctp(r4, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000000)='N', 0x1}], 0x1, 0x0, 0x0, 0xc04c000}, 0x0) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000035c0), 0x168003, 0x0) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r5, 0x80083314, 0x0) 1m1.142440977s ago: executing program 0 (id=1241): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xed41d0969ec4053c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x17, &(0x7f00000000c0)=0x100000001, 0x4) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f0000000340)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") mkdir(&(0x7f0000000040)='./bus\x00', 0x40) fanotify_init(0xf00, 0x0) rmdir(&(0x7f0000000200)='./bus\x00') setsockopt$inet_tcp_int(r4, 0x6, 0x17, 0x0, 0x0) mount$bind(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='./file1\x00', 0x0, 0x3002, 0x0) 58.442467181s ago: executing program 0 (id=1249): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setresuid(0xee00, 0xee00, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000094c0)='./file1\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x1, 0xc3d, &(0x7f0000001600)="$eJzs3V1sXOlZB/DnnWPHY29pvd0220K3jFTURi6J8tXEVVDldF1DpTRb1XHFXtXjj6SjdezIdmi2QGVABYmbir1B3CCLsoDUC8QF4RJDF6kVQkJVL8oFkiXaVS+48EUlBKh1dc68Y48TZ+1sPuxkf7+V939mznPG78fkzLHk1ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIhPf+biyVPpoFsBADxOl8e/cPJMir6DbgcA8Phc8fM/AAAAAAAAAAAAAAAcdimKOBopBm5vpMnqcVv9Umv+5q2J0bHdD+tPkaIWRVVfftVPnT5z9hPnzg938q2Pf9g+GC+NX7nYeHHh+o3F2aWl2ZnGxHxremFmdt+v8KDH32moGoDG9Vduzly9utQ4feLMjt23Bt/se+bo4IXzx88Nd2onRsfGxrtqenrf9ne/y71WeByJIpqR4qeDP07NiKjFg4/FHu+dR62/6sRQ1YmJ0bGqI3Ot5vxyuTPVclUtotF10EhnjB7DXDyQkYiVsvllg4fK7o3faC42p+ZmG59vLi63llsL86nWbm3Zn0bUYjhFrEbE+i6LfHujiA9HitdObqSpiCg64/DxamHw3u2pPYI+7kPZzkZvxGrtCZizQ6wvirgcKX7yxrGYLscsf8VHIz5X5u2I18v8VEQq3xhnI35ksfhToyeK+LdIsZA20kx1PuicVy59sfHZ+asLXbWd88oT//nwOB3yc1M9ipiqzvgb6e1f7AAAAAAAAAAAAAAAAADwsPVHEd+MFH/wwm9V64qjWpf+ngvD73r517vXjD+/x+uUtSciYqW2vzW5vXnpcKqV/+2npfX77xx7qkcRX8vr/37voBsDAAAAAAAAAAAAAAAAAADwjlbEy5HiS8ePpdWo7v17JKp7irfmrzWuNKfm2neF7dz7t3PP9M3Nzc1GaudIzsmcKzlXc67lXM8ZtXx8zpGckzlXcq7mXMu5njOKfHzOkZyTOVdyruZcy7meM3ry8TlHck7mXMm5mnMt53rOOCT37gUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeJrUooifRYpvfGUjRYqIkYjJaOda30G3DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo1VMRJyLF2sv16vFqLeJKRPxsc3Oz8xURG2U+qIPuKwAAAAAAAAAAAAAAAAAAABxaqYiPRIrn/m8jNSLi1uCbfc8cHbxw/vi54SKKSGVJd/1L41cuNl5cuH5jcXZpaXamMTHfml6Ymd3vt6tfas3fvDUxOvZIOrOn/kfc/v76iws3Xl1sXfvy8q77B+oXp5aWF5vTu++O/qhFTHY/M1Q1eGJ0rGr0XKs5Xx2aavdoYC1iZL+dAQAAAAAAAAAAAAAAAAAA4NAYSEV8JlL88D/Pps668Z72mv9faD8qtmpf/53tvwUwd0d2dP/9gP1sp13a1L9bQ4eqhfeNidGxsfGup3t67y4t25RSEc9Hio+99oFqPXyKgV3Xxpd17y7rrp/NdYO/VNat7KiqD02MjjUuL8wfvzg3tzDdXG5Ozc02xm80p/MfDljZrckAAAAAAAAAAAAAAAAAAACwXwOpiO9Hiv/+m39PnfvO5/X/Pe1HXev/f61aQl+pp525pVrb/+5qbX97+z0Xhgc+/MK9nt9t/f+u7mP9f9mmlIr4eqQ48/0PVPfT76z/n7yjtqz7o0jx4xc+lOtqR8q6Znv35mD7Fa+25mZPlrV/Hil++aed2qhqr+XXem679lRZ2x8p/nRjZ+2Xc+37tmtPl7XHIsW3/2v32vdv154pa38YKf7hrxud2oGy9rdz7dHt2hPTC3Mzew1rOf/fihR/efk3UrMzpvea/66//7ByR265a87fevthzf9g13MreV7/MM9/c4/5PxcpvlX/UK5rj/1U3v9s9f/t+f9YpPiPf91ZezXXvne79tR+u3XQyvn/ZqT4pz/7wVaf8/z3xt/9b2zP+M75/8Wenbn1Ljmg+X+267nB3K7p+x+Od5ylV7/6SnNubnbRhg0bNrY2DvrMxONQfv7/caT4/6NF6lzH5M//d7UfbV///c/Xtj//L9yRWw7o8/+9Xc9dyFctvT0R9eXrN3qfj6gvvfrV463rzWuz12bnT586+clPnjt18tS53iOdi7vtrX2P3dOgnP/vRorv/e33tn6O2br+q+x+/T9wR245oPl/rrtPO65r9j0U70jl/P9FpHj20z/Y+nlz5/zvvP7v/Px/7CM7c+vf32OY/7/qOqgz/+/rKh3M7Wrd72AAAAAAAAAAAAA8QQZSEX8SKX7z9381ddYQ7ef3/2buyC0H9Pt/R7uem3lM6xr2PcgAAIdIef33/kjxj5vf2VrLvfP6L36lU9t9/XcvD+P+/7u6j/X/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpEtRxO9GioHbG2mtr3zcVr/Umr95a2J0bPfD+lOkqEVR1Zdf9VOnz5z9xLnzw5186+Mftg/GS+NXLjZeXLh+Y3F2aWl2pjEx35pemJnd9ys86PF3GqoGoHH9lZszV68uNU6fOLNj963BN/ueOTp44fzxc8Pt2r7GxOjY2HhXTU/v2/7ud0n3eP5IFPGdSD2dx7V48LHY473zqPVXnRiqOjExOlZ1ZK7VnF8ud6ZarqpFNLoOGumMUZ63RzkXD2QkYqVsftngobJ74zeai82pudnG55uLy63l1sJ8qrVbW/anEbUYThGrEbHed/fL9UYRX48Ur53cSP/cF1F0xuHjl8e/cPLM3u2pPYI+7kPZzkZvxGrtCZizQ6wvivj7SPGTN47Ft/siyhNBdTL4aMTnyrwd8XqZn4pI5RvjbMSPdnkf8WTqiSLORoqFtJHe6CvPB53zyqUvNj47f3Whq7ZzXnniPx8ep0N+bqpHEd+tzvgb6V/8uwYAAAAAAAAAAAAAAAA4RIpYjRRfOn4srde61xS35q81rjSn5trL+jpr/zprpjc3NzcbqZ0jOSdzruRczbmWcz1n1PLxOUdyTuZcybmacy3nes4o8vE5R3JO5lzJuZpzLed6EX1l06MnH59zJOdkzpWcqznXcq7njEOydg8AAAAAAAAAAAAAAAAAAHi61KKo7uL+ja9spM2+9v2lJ6Oda+4H+tT7eQAAAP//A7dx4g==") r3 = open(0x0, 0x0, 0x0) ftruncate(r3, 0x2007ffc) sendfile(r3, r3, 0x0, 0x800000009) ppoll(0x0, 0x0, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000140)="66baf80cb8044fdc87efed660f388059e0b805000000b91e4200000f01c10f20c035000000200f22c0f20fa20f01cb36b04f3e660f381efc0f7c150c000000b805000000b9210000000f01c1c4e17929d8", 0x51}], 0x1, 0x11, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x3, @rand_addr=' \x01\x00'}, 0x1c) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x0, &(0x7f0000000540)={[], [{@appraise_type}]}, 0x1, 0x570, &(0x7f0000001080)="$eJzs3d1rW+UfAPDvSV/20v1+62AMFZHCLpzMpWvrywQv5qXocKD3M7RZGU2X0aRjrQO3C3fjjQxBxIF4r/deDv8B/4qBDoaMohfeVM7pSZe2SZt1WdORzwdOeJ7zkud5cs7z5HvyJCSAvjWWPhQiXo6Ib5KIoxGR5NsKjcextf1WHt+cTpckVlc//SvJ9kvzjedqHDeSZ16KiN++ijhd2FpubWl5rlSplBfy/Hh9/tp4bWn5zJX50mx5tnx1cmrq3NtTk++9+07X2vrGxX++/+T+h+e+Prny3S8Pj91N4nwcybc1t2N3htOHW81rxmIsf02G4vymvSeerbB9J+l1BdiVgYgYzK7QdAw4GgNZDugHX0bEKtCnkvX+f2Dzpkj2vDbA3mnEAY17++3vg/+/nmo+9kX26IO1G6Ct7R9c+2wkDmb3RodXkg13Run97mgXyk/L+PXPe3fTJbryOQRAZ27djoizg4Nbx78kH/9272zr1QebM5vLMP7B3rmfxj9vtop/CuvxT7SIf0Za9N3d2Ln/Fx52oZi20vjv/Zbx7/qk1ehAnvtfFvMNJZevVMpn82j4VAwdSPPbzeecW3nQNlZujv/SJS2/EQvm9Xg4eGDjMTOlein74K4LHt2OeKVl/Jusn/+kxflPX4+LHZZxonzvtXbbdm7/87X6U8TrLc//kxmtZPv5yfHsehhvXBVb/X3nxO/tyu91+9Pzf3j79o8mzfO1tacv48eD/5bbbdvQ/uj8+h9OPsvSw/m6G6V6fWEiYjj5eOv6ySfHNvKN/dP2nzq5/fjX6vo/FBGfd9j+O8d/frWj9vfo/M881fl/+sSDj774oV35nY1/b2WpU/mabPzbQacVfJbXDgAAAAAAAPabQkQciaRQXE8XCsXi2vc7jsfhQqVaq5++XF28OhPZb2VHY6jQmOk+2vR9iIn8+7CN/OSm/FREHIuIbwcOZfnidLUy0+vGAwAAAAAAAAAAAAAAAAAAwD4x0ub3/6k/BnpdO+C585ff0L927P9b/+lp5HnVBdhb3v+hf+n/0L/0f+hf+j/0L/0f+teG/m/SH/qK93/oX/o/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNXFCxfSZXXl8c3pND9zfWlxrnr9zEy5NlecX5wuTlcXrhVnq9XZSrk4XZ3f6fkq1eq1iclYvDFeL9fq47Wl5Uvz1cWr9UtX5kuz5UvloT1pFQAAAAAAAAAAAAAAAAAAALxYakvLc6VKpbwgIbGrxOD+qIZElxO9HpkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4In/AgAA//8yZzlf") r4 = open(0x0, 0x145142, 0x0) ioctl$RTC_AIE_ON(r4, 0x7001) openat(0xffffffffffffff9c, 0x0, 0x441, 0x14a) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0xd, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 57.236934457s ago: executing program 0 (id=1255): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2dc}}, 0x20000854) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x24, @none={0x0, 0x3}}, 0x14, &(0x7f0000000100)={&(0x7f00000003c0)="d682f39c86fed22b0fb1e398412d7958da07dc0f18de72076fdbd11017c1a40f6f56bd41d5", 0x25}}, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000180)={0x0, 0x2, 0x8, 0x7100000}) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r2, 0x0) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000080)={0x4, 0xfc}, 0x2) 56.812983138s ago: executing program 32 (id=1255): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2dc}}, 0x20000854) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x24, @none={0x0, 0x3}}, 0x14, &(0x7f0000000100)={&(0x7f00000003c0)="d682f39c86fed22b0fb1e398412d7958da07dc0f18de72076fdbd11017c1a40f6f56bd41d5", 0x25}}, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000180)={0x0, 0x2, 0x8, 0x7100000}) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r2, 0x0) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000080)={0x4, 0xfc}, 0x2) 6.594416384s ago: executing program 5 (id=1418): sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x0, 0x1, 0x8}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc0, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2616}, 0x80) 6.582225356s ago: executing program 4 (id=1419): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 6.536987467s ago: executing program 1 (id=1420): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000380)="ed9df3fcc486d3561e5710aa39f9287978e26b690612af510863abd67e5ba2c1120c3ce4fd5d98c41c5867a40e467ffb9a883688d9c785bcafdbca039cd1fc13975debe395ffe7250ca19507ecbe9e6bc6b7cdeeac05845c4d15e697588720ffb7c1be0771c4068ab5434bbbf4770ddfa6d1ab22cc71cac6266fe4ad0551", 0x7e}, {&(0x7f0000000080)="b4cca7", 0x3}], 0x2}}], 0x1, 0x20000080) 6.129824948s ago: executing program 1 (id=1422): bpf$PROG_LOAD(0x5, 0x0, 0x0) gettid() timer_create(0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) syz_clone3(0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x74, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.99701389s ago: executing program 4 (id=1423): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x80800, 0x15b) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000001c0)=@v2={0x2, @aes256, 0x2, '\x00', @d}) chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00') r1 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8) 5.588868659s ago: executing program 4 (id=1424): r0 = fanotify_init(0x1a, 0x800) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0xa8) r2 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x7fffefff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) fanotify_mark(r0, 0x441, 0x4800001a, r1, 0x0) fanotify_mark(r0, 0x1, 0x20, r1, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0) fanotify_init(0xf00, 0x1000) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 5.580957272s ago: executing program 2 (id=1425): prlimit64(0x0, 0xd, &(0x7f0000000140)={0x2, 0x2}, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000080)="eda6c80ff3fe1cf30c"}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x16, 0x200000000000000, &(0x7f00000004c0)="e0"}) 5.530921399s ago: executing program 1 (id=1426): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffff72) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000040000000400000008"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18) socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000"], 0x48) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) dup3(r6, r5, 0x0) 5.324808602s ago: executing program 5 (id=1427): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) setgroups(0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r5 = inotify_init1(0x0) inotify_add_watch(r5, &(0x7f0000000000)='.\x00', 0x52000775) r6 = openat$dir(0xffffffffffffff9c, 0x0, 0x20000, 0x104) getdents64(r6, 0x0, 0x0) r7 = dup(r5) ioctl$sock_inet_udp_SIOCINQ(r7, 0x541b, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "fc7771", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x3, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x82}}}}}}}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), r8) sendmsg$ETHTOOL_MSG_EEE_SET(r8, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000004c0)={0x14, r9, 0x501, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008814) syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 5.246552973s ago: executing program 2 (id=1428): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[], 0x138}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0) 4.226782571s ago: executing program 1 (id=1429): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f00000001c0)='\x18\xbd@\xbd\xc9e2\x0e\xb2\xe2OAq\xa7\xa8\xadcz::\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 3.936616849s ago: executing program 5 (id=1430): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) syz_mount_image$exfat(0x0, &(0x7f0000000500)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240)) chdir(&(0x7f00000003c0)='./bus\x00') unlinkat(r0, &(0x7f0000000040)='./bus\x00', 0x200) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) 3.816909577s ago: executing program 2 (id=1431): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f0000005490167acf935aa8257fa3"], 0x0}, 0x0) 3.703790202s ago: executing program 5 (id=1432): ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00'}) openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 3.612333965s ago: executing program 3 (id=1433): socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000040)) r0 = syz_open_procfs(0x0, &(0x7f0000019200)='net/route\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000100)=ANY=[@ANYRES32=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000)) 3.465896128s ago: executing program 3 (id=1434): msgrcv(0x0, 0x0, 0x0, 0x3, 0x2000) msgsnd(0x0, &(0x7f00000001c0)={0x3}, 0x4, 0x800) 3.30100169s ago: executing program 3 (id=1435): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a000028060001001a"], 0x1c}}, 0x0) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x14, r1, 0x3, 0x70bd26, 0x25dfdc01}, 0x14}, 0x1, 0x0, 0x0, 0xc004811}, 0x4010) 3.091263301s ago: executing program 3 (id=1436): prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448f0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r6}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x0) 2.87897048s ago: executing program 1 (id=1437): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x80, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1}, 0xe) 2.059624582s ago: executing program 1 (id=1438): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x109000, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newlink={0x38, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x6, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x38}}, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/kexec_crash_size', 0x149a82, 0x0) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f00000006c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[], 0x94}, 0x1, 0x0, 0x0, 0x4000010}, 0x5) socket(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@ipv6_newnexthop={0x34, 0x68, 0x1, 0x70bd25, 0xfffffffe, {}, [@NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP_DST={0x63, 0x2, @dev={0xac, 0x14, 0x14, 0x21}}}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_OIF={0x8}]}, 0x34}}, 0x40040d0) syz_genetlink_get_family_id$mptcp(0x0, r0) socket$netlink(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_USER_PORT_KEY={0x6, 0x19, 0x7}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x44}, 0x1, 0xba01}, 0x0) 2.058892899s ago: executing program 3 (id=1439): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffff72) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000040000000400000008"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18) socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000"], 0x48) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) dup3(r6, r5, 0x0) 2.012808677s ago: executing program 4 (id=1440): syz_emit_ethernet(0xbe, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) r0 = syz_open_dev$loop(&(0x7f0000000100), 0xb, 0x300) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}}) 1.952863338s ago: executing program 5 (id=1441): syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) socket(0x2, 0x80805, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e20, 0x3, 'lblcr\x00', 0x1, 0xa7e, 0x70}, 0x2c) r1 = socket$kcm(0xa, 0x2, 0x0) r2 = socket(0x2, 0x80805, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x11}, {@remote, 0x4e1d, 0x3, 0xcd}}, 0x44) sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 1.031702386s ago: executing program 3 (id=1442): socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg1\x00', 0x4) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x810) 1.027795672s ago: executing program 2 (id=1443): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0) 1.018295307s ago: executing program 4 (id=1444): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r3, 0xc1004110, &(0x7f0000000000)={0x8, [0x6, 0x7fffffff, 0x3], [{0x0, 0xffffffff, 0x0, 0x1}, {0x35, 0x35}, {0x0, 0x100000c}, {0xffffffff}, {0x0, 0x4}, {0x3, 0x200}, {0x0, 0xfffffffd}, {0xfffffff8, 0x10000}, {0x0, 0x82}, {0x1000000, 0x6}, {0x1, 0xffffffff}, {0x3, 0x8}], 0xc}) 229.1899ms ago: executing program 5 (id=1445): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = socket(0x18, 0x0, 0x1) getsockopt$nfc_llcp(r3, 0x111, 0x0, 0x0, 0x90aa62107f0000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r5, 0x0, 0x0, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0) 228.797204ms ago: executing program 2 (id=1446): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv4_delroute={0x24, 0x19, 0xa428a332fa3ee95f, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xc8, 0x1}, [@RTA_DST={0x8, 0x1, @dev}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 1.025888ms ago: executing program 2 (id=1447): socket$inet6_udp(0xa, 0x2, 0x0) openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10) 0s ago: executing program 4 (id=1448): open$dir(&(0x7f0000000000)='./file0\x00', 0x10000, 0x48) r0 = openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000140)={{0x0, 0x1}, {0xf}}) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d06f147a61d797ea7ffeda95b76f5623", 0x7d}, {&(0x7f00000001c0)="66f7", 0x1}, {&(0x7f0000000300)='l3', 0x7fffef80}], 0x3}], 0x1, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x108}, 0x1, 0x0, 0x0, 0x4c000}, 0x80) kernel console output (not intermixed with test programs): ][ T6766] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 163.016988][ T6767] vlan2: entered allmulticast mode [ 163.068293][ T6767] macvtap0: entered allmulticast mode [ 163.085419][ T6767] veth0_macvtap: entered allmulticast mode [ 163.178689][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.214644][ T6789] loop1: detected capacity change from 0 to 8 [ 163.255412][ T6789] SQUASHFS error: zstd decompression error: 10 [ 163.280167][ T6789] SQUASHFS error: zstd decompression failed, data probably corrupt [ 163.302173][ T6789] SQUASHFS error: Failed to read block 0x62b: -5 [ 163.343249][ T6789] SQUASHFS error: Unable to read metadata cache entry [629] [ 163.357067][ T6791] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 163.375504][ T6789] SQUASHFS error: Unable to read directory block [629:ff26] [ 163.577065][ T6797] loop4: detected capacity change from 0 to 4096 [ 163.609611][ T6794] loop0: detected capacity change from 0 to 8192 [ 163.638242][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 163.638256][ T30] audit: type=1800 audit(1756992334.854:73): pid=6794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.229" name="bus" dev="loop0" ino=1048608 res=0 errno=0 [ 163.773169][ T6802] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 163.795954][ T6804] netlink: 'syz.2.230': attribute type 10 has an invalid length. [ 163.803896][ T6804] netlink: 40 bytes leftover after parsing attributes in process `syz.2.230'. [ 163.815713][ T6804] batman_adv: batadv0: Adding interface: virt_wifi0 [ 163.822322][ T6804] batman_adv: batadv0: Interface activated: virt_wifi0 [ 167.037468][ T6823] loop3: detected capacity change from 0 to 32768 [ 167.139780][ T5861] Bluetooth: hci3: unexpected event 0x14 length: 20 > 6 [ 168.057715][ T6823] [ 168.057715][ T6823] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 168.057715][ T6823] [ 168.448807][ T6823] find_entry called with index = 0 [ 168.455558][ T6823] read_mapping_page failed! [ 168.465138][ T6823] ERROR: (device loop3): txCommit: [ 168.465138][ T6823] [ 168.604840][ T6820] ERROR: (device loop3): diWrite: ixpxd invalid [ 168.604840][ T6820] [ 168.613524][ T6820] ERROR: (device loop3): txCommit: [ 168.613524][ T6820] [ 168.681629][ T6831] loop4: detected capacity change from 0 to 1024 [ 168.914792][ T6831] EXT4-fs: Ignoring removed orlov option [ 168.920473][ T6831] EXT4-fs: Ignoring removed nomblk_io_submit option [ 169.060058][ T6831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.091015][ T6837] netlink: 'syz.0.239': attribute type 1 has an invalid length. [ 169.203836][ T6837] 8021q: adding VLAN 0 to HW filter on device bond1 [ 169.259844][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.290677][ T5860] [ 169.290677][ T5860] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 169.290677][ T5860] [ 169.318905][ T6840] vlan2: entered allmulticast mode [ 169.337183][ T5860] [ 169.337183][ T5860] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 169.337183][ T5860] [ 169.369028][ T6840] bond1: (slave vlan2): making interface the new active one [ 169.399954][ T6840] bond1: (slave vlan2): Enslaving as an active interface with an up link [ 169.668173][ T30] audit: type=1326 audit(1756992340.874:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 169.776997][ T30] audit: type=1326 audit(1756992340.914:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 169.857896][ T30] audit: type=1326 audit(1756992340.914:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 170.245870][ T30] audit: type=1326 audit(1756992340.914:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 170.512959][ T30] audit: type=1326 audit(1756992340.914:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 170.784019][ T6858] loop3: detected capacity change from 0 to 8 [ 170.811527][ T30] audit: type=1326 audit(1756992340.914:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 170.902802][ T30] audit: type=1326 audit(1756992340.924:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 170.926663][ T6858] SQUASHFS error: zstd decompression error: 10 [ 170.973005][ T30] audit: type=1326 audit(1756992340.924:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 170.975828][ T6858] SQUASHFS error: zstd decompression failed, data probably corrupt [ 171.042888][ T6858] SQUASHFS error: Failed to read block 0x62b: -5 [ 171.059417][ T6858] SQUASHFS error: Unable to read metadata cache entry [629] [ 171.069525][ T30] audit: type=1326 audit(1756992340.924:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 171.119971][ T6858] SQUASHFS error: Unable to read directory block [629:ff26] [ 171.226665][ T30] audit: type=1326 audit(1756992340.924:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6850 comm="syz.0.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 171.892868][ T5861] Bluetooth: hci2: unexpected event 0x14 length: 20 > 6 [ 171.908097][ T6868] loop1: detected capacity change from 0 to 128 [ 171.992201][ T6868] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 172.068353][ T6871] loop0: detected capacity change from 0 to 1024 [ 172.077995][ T6868] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 172.103385][ T6871] EXT4-fs: Ignoring removed orlov option [ 172.143613][ T6871] EXT4-fs: Ignoring removed nomblk_io_submit option [ 173.037230][ T6871] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.601222][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.886305][ T6891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.255'. [ 173.942909][ T6891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.255'. [ 174.027466][ T13] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 174.027487][ T6891] Zero length message leads to an empty skb [ 174.088775][ T13] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 174.118013][ T13] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 174.162856][ T3499] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 174.214645][ T6902] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 174.263094][ T6902] block device autoloading is deprecated and will be removed. [ 174.293111][ T6898] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 174.307011][ T6907] loop0: detected capacity change from 0 to 256 [ 174.323250][ T6898] block device autoloading is deprecated and will be removed. [ 174.368273][ T6907] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 174.392823][ T6907] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 174.878808][ T6907] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 175.137945][ T6917] loop4: detected capacity change from 0 to 1024 [ 176.001106][ T6917] EXT4-fs: Ignoring removed orlov option [ 176.325210][ T6917] EXT4-fs: Ignoring removed nomblk_io_submit option [ 176.374068][ T6926] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 176.382153][ T6926] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 176.414474][ T6917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 176.502218][ T6914] netlink: 'syz.1.264': attribute type 4 has an invalid length. [ 176.597335][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.796221][ T6948] loop2: detected capacity change from 0 to 40427 [ 177.872892][ T6948] F2FS-fs (loop2): invalid crc value [ 177.906944][ T6946] loop3: detected capacity change from 0 to 1024 [ 177.974178][ T6948] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 177.974838][ T6946] EXT4-fs: Ignoring removed nobh option [ 177.994357][ T6948] F2FS-fs (loop2): Start checkpoint disabled! [ 178.017670][ T6948] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0 [ 178.040373][ T6948] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 178.053928][ T6946] EXT4-fs: Ignoring removed bh option [ 178.081527][ T6946] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 178.562547][ T6957] tty tty4: ldisc open failed (-12), clearing slot 3 [ 178.861890][ T6627] kworker/u8:12: attempt to access beyond end of device [ 178.861890][ T6627] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 178.866210][ T6627] CPU: 0 UID: 0 PID: 6627 Comm: kworker/u8:12 Not tainted syzkaller #0 PREEMPT(full) [ 178.866231][ T6627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 178.866241][ T6627] Workqueue: writeback wb_workfn (flush-7:2) [ 178.866273][ T6627] Call Trace: [ 178.866280][ T6627] [ 178.866288][ T6627] dump_stack_lvl+0x189/0x250 [ 178.866313][ T6627] ? __pfx_dump_stack_lvl+0x10/0x10 [ 178.866332][ T6627] ? __pfx_queue_work_on+0x10/0x10 [ 178.866346][ T6627] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 178.866370][ T6627] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 178.866405][ T6627] f2fs_handle_critical_error+0x37c/0x540 [ 178.866435][ T6627] f2fs_write_end_io+0x886/0xb60 [ 178.866470][ T6627] __submit_merged_bio+0x27a/0x6a0 [ 178.866499][ T6627] __submit_merged_write_cond+0x255/0x530 [ 178.866528][ T6627] f2fs_write_data_pages+0x261d/0x3000 [ 178.866588][ T6627] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 178.866658][ T6627] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 178.866685][ T6627] ? arch_stack_walk+0x10d/0x150 [ 178.866708][ T6627] ? ret_from_fork_asm+0x1a/0x30 [ 178.866765][ T6627] ? __lock_acquire+0xab9/0xd20 [ 178.866794][ T6627] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 178.866818][ T6627] do_writepages+0x32b/0x550 [ 178.866844][ T6627] ? reacquire_held_locks+0x127/0x1d0 [ 178.866859][ T6627] ? writeback_sb_inodes+0x384/0x1010 [ 178.866887][ T6627] __writeback_single_inode+0x145/0xff0 [ 178.866907][ T6627] ? do_raw_spin_unlock+0x122/0x240 [ 178.866929][ T6627] writeback_sb_inodes+0x6c7/0x1010 [ 178.866978][ T6627] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 178.867043][ T6627] ? rcu_is_watching+0x15/0xb0 [ 178.867069][ T6627] wb_writeback+0x43b/0xaf0 [ 178.867098][ T6627] ? queue_io+0x2f1/0x590 [ 178.867121][ T6627] ? __pfx_wb_writeback+0x10/0x10 [ 178.867149][ T6627] ? _raw_spin_unlock_irq+0x23/0x50 [ 178.867177][ T6627] wb_workfn+0x409/0xef0 [ 178.867211][ T6627] ? __pfx_wb_workfn+0x10/0x10 [ 178.867233][ T6627] ? __lock_acquire+0xab9/0xd20 [ 178.867266][ T6627] ? process_scheduled_works+0x9ef/0x17b0 [ 178.867296][ T6627] ? _raw_spin_unlock_irq+0x23/0x50 [ 178.867317][ T6627] ? process_scheduled_works+0x9ef/0x17b0 [ 178.867338][ T6627] ? process_scheduled_works+0x9ef/0x17b0 [ 178.867363][ T6627] process_scheduled_works+0xae1/0x17b0 [ 178.867419][ T6627] ? __pfx_process_scheduled_works+0x10/0x10 [ 178.867462][ T6627] worker_thread+0x8a0/0xda0 [ 178.867481][ T6627] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 178.867512][ T6627] ? __kthread_parkme+0x7b/0x200 [ 178.867545][ T6627] kthread+0x70e/0x8a0 [ 178.867567][ T6627] ? __pfx_worker_thread+0x10/0x10 [ 178.867582][ T6627] ? __pfx_kthread+0x10/0x10 [ 178.867606][ T6627] ? _raw_spin_unlock_irq+0x23/0x50 [ 178.867628][ T6627] ? lockdep_hardirqs_on+0x9c/0x150 [ 178.867643][ T6627] ? __pfx_kthread+0x10/0x10 [ 178.867667][ T6627] ret_from_fork+0x47c/0x820 [ 178.867693][ T6627] ? __pfx_ret_from_fork+0x10/0x10 [ 178.867723][ T6627] ? __switch_to_asm+0x39/0x70 [ 178.867742][ T6627] ? __switch_to_asm+0x33/0x70 [ 178.867760][ T6627] ? __pfx_kthread+0x10/0x10 [ 178.867779][ T6627] ret_from_fork_asm+0x1a/0x30 [ 178.867819][ T6627] [ 178.867827][ T6627] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 180.053993][ T6975] vcan0: tx drop: invalid da for name 0x0000000000000002 [ 181.268127][ T6982] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 182.272922][ T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 182.754393][ T6997] netlink: 8 bytes leftover after parsing attributes in process `syz.4.288'. [ 183.383365][ T10] usb 3-1: Using ep0 maxpacket: 16 [ 183.392949][ T7001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.289'. [ 183.393965][ T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 183.431132][ T10] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 183.442700][ T7001] netlink: 24 bytes leftover after parsing attributes in process `syz.0.289'. [ 183.442894][ T10] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 183.453171][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.904721][ T10] usb 3-1: config 0 descriptor?? [ 183.913072][ T7001] netlink: 24 bytes leftover after parsing attributes in process `syz.0.289'. [ 184.035249][ T7001] netlink: 16 bytes leftover after parsing attributes in process `syz.0.289'. [ 185.559518][ T5962] usb 3-1: USB disconnect, device number 2 [ 185.771281][ T7026] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 186.127717][ T7033] loop1: detected capacity change from 0 to 16 [ 186.170172][ T7033] erofs (device loop1): mounted with root inode @ nid 36. [ 186.357270][ T7033] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 186.408660][ T7038] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 186.436072][ T7033] erofs (device loop1): failed to decompress -29 in[58, 4038] out[1851] [ 186.446254][ T7033] erofs (device loop1): read error -117 @ 43 of nid 36 [ 186.601064][ T7038] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 186.617329][ T7038] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 186.663580][ T7038] erofs (device loop1): readahead error at folio 42 @ nid 36 [ 186.820690][ T7038] erofs (device loop1): bogus lookback distance 774 @ lcn 40 of nid 36 [ 187.453453][ T7038] erofs (device loop1): readahead error at folio 41 @ nid 36 [ 187.664486][ T7038] erofs (device loop1): bogus lookback distance 774 @ lcn 40 of nid 36 [ 187.816245][ T7038] erofs (device loop1): readahead error at folio 40 @ nid 36 [ 187.862837][ T7038] erofs (device loop1): readahead error at folio 39 @ nid 36 [ 187.912892][ T7038] erofs (device loop1): readahead error at folio 38 @ nid 36 [ 187.920815][ T7038] erofs (device loop1): readahead error at folio 36 @ nid 36 [ 187.932393][ T7038] erofs (device loop1): bogus lookback distance 1468 @ lcn 31 of nid 36 [ 187.941565][ T7038] erofs (device loop1): readahead error at folio 31 @ nid 36 [ 188.360736][ T7038] erofs (device loop1): readahead error at folio 25 @ nid 36 [ 188.443714][ T7038] erofs (device loop1): readahead error at folio 24 @ nid 36 [ 188.514650][ T7038] erofs (device loop1): readahead error at folio 19 @ nid 36 [ 188.580374][ T7038] syz.1.298: attempt to access beyond end of device [ 188.580374][ T7038] loop1: rw=524288, sector=784, nr_sectors = 64 limit=16 [ 188.638236][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.647505][ T7038] syz.1.298: attempt to access beyond end of device [ 188.647505][ T7038] loop1: rw=524288, sector=13478624080, nr_sectors = 24 limit=16 [ 188.676751][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.688785][ T7038] syz.1.298: attempt to access beyond end of device [ 188.688785][ T7038] loop1: rw=524288, sector=13478624032, nr_sectors = 48 limit=16 [ 188.719601][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.731181][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.733641][ T7038] erofs (device loop1): failed to decompress -29 in[58, 4038] out[2639] [ 188.750024][ T7038] erofs (device loop1): bogus lookback distance 1586 @ lcn 46 of nid 36 [ 188.773052][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.777201][ T7038] erofs (device loop1): readahead error at folio 47 @ nid 36 [ 188.792605][ T7038] erofs (device loop1): bogus lookback distance 1586 @ lcn 46 of nid 36 [ 188.810786][ T7038] erofs (device loop1): readahead error at folio 46 @ nid 36 [ 188.819413][ T7038] erofs (device loop1): readahead error at folio 45 @ nid 36 [ 188.827037][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.828086][ T7038] syz.1.298: attempt to access beyond end of device [ 188.828086][ T7038] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 188.857402][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.862416][ T7038] erofs (device loop1): failed to decompress -29 in[58, 4038] out[3537] [ 188.890276][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 188.913203][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 189.080518][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.307'. [ 189.968277][ T7072] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 191.784710][ T7091] loop1: detected capacity change from 0 to 128 [ 192.755841][ T7100] loop4: detected capacity change from 0 to 1024 [ 192.820261][ T7100] EXT4-fs: Ignoring removed orlov option [ 192.845200][ T7100] EXT4-fs: Ignoring removed nomblk_io_submit option [ 193.259496][ T7095] loop3: detected capacity change from 0 to 32768 [ 193.667986][ T7095] [ 193.667986][ T7095] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 193.667986][ T7095] [ 193.724710][ T7095] find_entry called with index = 0 [ 193.732096][ T7095] read_mapping_page failed! [ 193.736844][ T7095] ERROR: (device loop3): txCommit: [ 193.736844][ T7095] [ 193.971949][ T7091] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 193.988352][ T7091] ext4 filesystem being mounted at /63/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 194.046560][ T7079] ERROR: (device loop3): diWrite: ixpxd invalid [ 194.046560][ T7079] [ 194.070424][ T7079] ERROR: (device loop3): txCommit: [ 194.070424][ T7079] [ 194.091034][ T7079] jfs_write_inode: jfs_commit_inode failed! [ 194.143487][ T7100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.213939][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.221917][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.252327][ T5860] [ 194.252327][ T5860] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 194.252327][ T5860] [ 194.526764][ T5860] [ 194.526764][ T5860] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 194.526764][ T5860] [ 194.874938][ T5864] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 194.966171][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.174481][ T7120] loop3: detected capacity change from 0 to 2048 [ 195.325218][ T7122] __nla_validate_parse: 45 callbacks suppressed [ 195.325254][ T7122] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'. [ 195.769327][ T7120] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 196.260973][ T7114] Bluetooth: hci1: command 0x0406 tx timeout [ 196.270586][ T7114] Bluetooth: hci2: command 0x0406 tx timeout [ 196.277192][ T7114] Bluetooth: hci0: command 0x0406 tx timeout [ 196.281131][ T5867] Bluetooth: hci3: command 0x0406 tx timeout [ 199.196876][ T7154] vlan3: entered promiscuous mode [ 199.361558][ T7161] loop1: detected capacity change from 0 to 1024 [ 199.404481][ T7161] EXT4-fs: Ignoring removed orlov option [ 199.467635][ T7161] EXT4-fs: Ignoring removed nomblk_io_submit option [ 199.594064][ T7161] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 199.616948][ T7170] loop0: detected capacity change from 0 to 256 [ 199.636791][ T7170] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 199.660974][ T7170] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 199.778094][ T7170] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 199.779555][ T5864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.736453][ T7157] loop3: detected capacity change from 0 to 32768 [ 200.763945][ T7157] btrfs: Deprecated parameter 'usebackuproot' [ 200.879533][ T7157] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 200.889069][ T7157] btrfs: Unknown parameter 'ref_verify' [ 202.971882][ T7184] syz.3.342 uses obsolete (PF_INET,SOCK_PACKET) [ 203.976303][ T7202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.345'. [ 204.362913][ T7202] team0: entered promiscuous mode [ 204.396939][ T7202] team_slave_0: entered promiscuous mode [ 205.110379][ T7211] loop0: detected capacity change from 0 to 1024 [ 205.149185][ T7202] team_slave_1: entered promiscuous mode [ 206.081010][ T7211] EXT4-fs: Ignoring removed orlov option [ 206.107274][ T7202] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 206.121491][ T7211] EXT4-fs: Ignoring removed nomblk_io_submit option [ 206.168692][ T7202] team0: left promiscuous mode [ 206.237606][ T7202] team_slave_0: left promiscuous mode [ 206.299441][ T7202] team_slave_1: left promiscuous mode [ 206.413564][ T7211] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.103153][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.182217][ T7226] warning: `syz.3.350' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 207.685311][ T921] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 207.725856][ T7235] loop0: detected capacity change from 0 to 1024 [ 207.844260][ T921] usb 2-1: device descriptor read/64, error -71 [ 207.981915][ T7235] EXT4-fs: Ignoring removed nobh option [ 208.160689][ T7235] EXT4-fs: Ignoring removed bh option [ 208.822856][ T921] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 208.997302][ T7235] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 209.050422][ T921] usb 2-1: device descriptor read/64, error -71 [ 209.549219][ T921] usb usb2-port1: attempt power cycle [ 210.184064][ T7254] loop4: detected capacity change from 0 to 2048 [ 210.219238][ T7254] loop4: p1 < > p3 p4 < > [ 210.238388][ T7254] loop4: p3 start 4284289 is beyond EOD, truncated [ 210.402893][ T921] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 210.652800][ T921] usb 2-1: device not accepting address 9, error -71 [ 211.568297][ T7263] loop1: detected capacity change from 0 to 1024 [ 211.584308][ T7263] EXT4-fs: Ignoring removed orlov option [ 211.597322][ T7263] EXT4-fs: Ignoring removed nomblk_io_submit option [ 211.689442][ T7263] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.780619][ T7272] md: md2 stopped. [ 211.906485][ T5864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.012809][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 213.969170][ T7302] netlink: 24 bytes leftover after parsing attributes in process `syz.2.369'. [ 214.282788][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 214.293603][ T10] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 214.302649][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.449470][ T10] usb 5-1: config 0 descriptor?? [ 215.363816][ T10] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 215.636495][ T7319] loop0: detected capacity change from 0 to 1024 [ 215.751567][ T10] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 215.768833][ T7319] EXT4-fs: Ignoring removed orlov option [ 215.857602][ T10] asix 5-1:0.0: probe with driver asix failed with error -71 [ 215.865463][ T7319] EXT4-fs: Ignoring removed nomblk_io_submit option [ 216.295946][ T7319] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 216.381392][ T10] usb 5-1: USB disconnect, device number 2 [ 216.583804][ T7336] netlink: 16 bytes leftover after parsing attributes in process `syz.1.380'. [ 216.584654][ T7327] wireguard0: entered promiscuous mode [ 216.603990][ T7327] wireguard0: entered allmulticast mode [ 216.633237][ T7333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.374'. [ 216.682795][ T7327] netlink: 24 bytes leftover after parsing attributes in process `syz.2.374'. [ 216.709929][ T7336] netlink: 16 bytes leftover after parsing attributes in process `syz.1.380'. [ 217.121780][ T7345] netlink: 24 bytes leftover after parsing attributes in process `syz.1.383'. [ 217.743188][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.051719][ T7352] loop3: detected capacity change from 0 to 1024 [ 218.216966][ T7354] loop0: detected capacity change from 0 to 2048 [ 218.488804][ T7354] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.999388][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 218.999401][ T30] audit: type=1800 audit(1756992390.214:110): pid=7354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.382" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 219.188407][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.306753][ T7372] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 220.341220][ T7380] PM: Enabling pm_trace changes system date and time during resume. [ 220.341220][ T7380] PM: Correct system time has to be restored manually after resume. [ 221.147842][ T3499] hfsplus: b-tree write err: -5, ino 4 [ 221.322794][ T7387] tipc: New replicast peer: 255.255.255.255 [ 221.344434][ T7387] tipc: Enabled bearer , priority 10 [ 222.718903][ T7389] netlink: 24 bytes leftover after parsing attributes in process `syz.1.394'. [ 222.812914][ T7392] netlink: 'syz.3.393': attribute type 8 has an invalid length. [ 223.141407][ T5918] tipc: Node number set to 3398518966 [ 223.367517][ T7396] loop2: detected capacity change from 0 to 1024 [ 223.372400][ T7404] loop4: detected capacity change from 0 to 256 [ 223.375250][ T7396] EXT4-fs: Ignoring removed nobh option [ 223.386683][ T7396] EXT4-fs: Ignoring removed bh option [ 223.411694][ T7404] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 223.425913][ T7396] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 223.473256][ T7404] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 223.553190][ T7404] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 223.599296][ T7409] trusted_key: syz.3.396 sent an empty control message without MSG_MORE. [ 223.757334][ T7414] wireguard0: entered promiscuous mode [ 223.763026][ T7414] wireguard0: entered allmulticast mode [ 223.802216][ T7416] netlink: 8 bytes leftover after parsing attributes in process `syz.1.397'. [ 223.822372][ T7416] netlink: 24 bytes leftover after parsing attributes in process `syz.1.397'. [ 225.378600][ T7427] loop2: detected capacity change from 0 to 1024 [ 227.422538][ T30] audit: type=1326 audit(1756992398.634:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 227.647590][ T30] audit: type=1326 audit(1756992398.674:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 227.766822][ T30] audit: type=1326 audit(1756992398.704:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 227.888217][ T30] audit: type=1326 audit(1756992398.714:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 227.910993][ T30] audit: type=1326 audit(1756992398.714:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 228.971488][ T30] audit: type=1326 audit(1756992398.724:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 229.042315][ T30] audit: type=1326 audit(1756992398.724:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 229.074315][ T30] audit: type=1326 audit(1756992398.744:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 229.105518][ T30] audit: type=1326 audit(1756992398.744:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 229.131021][ T30] audit: type=1326 audit(1756992398.744:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7441 comm="syz.0.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 229.233389][ T7450] netlink: 24 bytes leftover after parsing attributes in process `syz.1.407'. [ 229.597919][ T7453] loop0: detected capacity change from 0 to 164 [ 229.809008][ T7453] process 'syz.0.409' launched '/dev/fd/3' with NULL argv: empty string added [ 229.890049][ T7459] loop3: detected capacity change from 0 to 256 [ 229.978135][ T7459] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 230.086308][ T7453] syz.0.409: attempt to access beyond end of device [ 230.086308][ T7453] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 230.175772][ T7459] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 230.410051][ T7459] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 230.425415][ T7453] syz.0.409: attempt to access beyond end of device [ 230.425415][ T7453] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 231.895618][ T7479] netlink: 'syz.3.417': attribute type 10 has an invalid length. [ 231.895684][ T7479] netlink: 40 bytes leftover after parsing attributes in process `syz.3.417'. [ 231.910611][ T7479] batman_adv: batadv0: Adding interface: virt_wifi0 [ 231.910696][ T7479] batman_adv: batadv0: Interface activated: virt_wifi0 [ 234.502197][ T7491] loop1: detected capacity change from 0 to 4096 [ 234.779210][ T7499] netlink: 152 bytes leftover after parsing attributes in process `syz.3.424'. [ 234.841737][ T3562] hfsplus: b-tree write err: -5, ino 4 [ 234.862900][ T7500] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 235.431509][ T7513] loop3: detected capacity change from 0 to 128 [ 235.449232][ T7509] loop2: detected capacity change from 0 to 2048 [ 235.489178][ T7513] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 235.594793][ T7513] ext4 filesystem being mounted at /97/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 235.601526][ T7509] EXT4-fs (loop2): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.935421][ T7526] netlink: 'syz.0.430': attribute type 10 has an invalid length. [ 235.943270][ T7526] netlink: 40 bytes leftover after parsing attributes in process `syz.0.430'. [ 235.966374][ T7526] batman_adv: batadv0: Adding interface: virt_wifi0 [ 235.973062][ T7526] batman_adv: batadv0: Interface activated: virt_wifi0 [ 237.692930][ T7516] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 237.890732][ T5860] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 237.922314][ T7535] loop4: detected capacity change from 0 to 1024 [ 244.005567][ T5875] EXT4-fs (loop2): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 244.358714][ T7556] loop1: detected capacity change from 0 to 4096 [ 244.411098][ T7561] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 245.048620][ T7567] loop3: detected capacity change from 0 to 128 [ 245.178900][ T7567] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 245.397503][ T7567] ext4 filesystem being mounted at /101/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 246.488410][ T5860] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 246.500837][ T6005] hfsplus: b-tree write err: -5, ino 4 [ 246.623122][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 246.623137][ T30] audit: type=1326 audit(1756992417.834:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.1.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965898ebe9 code=0x7ffc0000 [ 246.764226][ T30] audit: type=1326 audit(1756992417.844:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.1.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965898ebe9 code=0x7ffc0000 [ 246.849327][ T30] audit: type=1326 audit(1756992417.844:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.1.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f965898ebe9 code=0x7ffc0000 [ 247.412266][ T30] audit: type=1326 audit(1756992417.844:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.1.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965898ebe9 code=0x7ffc0000 [ 247.724717][ T30] audit: type=1326 audit(1756992417.844:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.1.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f965898ebe9 code=0x7ffc0000 [ 247.851492][ T7602] netlink: 268 bytes leftover after parsing attributes in process `syz.0.458'. [ 248.061228][ T7608] loop1: detected capacity change from 0 to 128 [ 248.113090][ T7611] loop0: detected capacity change from 0 to 1024 [ 248.124494][ T7608] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 248.185374][ T7590] loop4: detected capacity change from 0 to 32768 [ 248.214551][ T7608] ext4 filesystem being mounted at /95/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 248.305887][ T7590] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 248.839656][ T5864] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 249.005361][ T3511] hfsplus: b-tree write err: -5, ino 4 [ 249.124319][ T7620] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer. [ 249.226407][ T7624] loop0: detected capacity change from 0 to 64 [ 249.370783][ T7630] loop2: detected capacity change from 0 to 2048 [ 249.448469][ T5871] ocfs2: Unmounting device (7,4) on (node local) [ 249.466957][ T7630] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 249.553270][ T7630] UDF-fs: Scanning with blocksize 512 failed [ 249.873835][ T7637] netlink: 'syz.1.470': attribute type 10 has an invalid length. [ 249.881692][ T7637] netlink: 40 bytes leftover after parsing attributes in process `syz.1.470'. [ 250.288335][ T7630] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 250.942152][ T7650] team_slave_0: entered promiscuous mode [ 250.947900][ T7650] team_slave_1: entered promiscuous mode [ 250.954236][ T7647] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma? [ 250.976335][ T7650] vlan2: entered promiscuous mode [ 251.038706][ T7650] team0: entered promiscuous mode [ 251.128337][ T7654] loop1: detected capacity change from 0 to 1024 [ 251.985163][ T12] hfsplus: b-tree write err: -5, ino 4 [ 252.063610][ T7669] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer. [ 252.463029][ T7682] loop4: detected capacity change from 0 to 256 [ 252.484563][ T7682] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 252.565102][ T7682] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 252.574768][ T5868] Bluetooth: hci4: command 0x0406 tx timeout [ 252.699459][ T7682] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 254.423200][ T7688] vlan3: entered promiscuous mode [ 254.541953][ T7699] netlink: 'syz.1.492': attribute type 10 has an invalid length. [ 254.563858][ T7699] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.571589][ T7699] bond0: entered promiscuous mode [ 254.577038][ T7699] bond_slave_0: entered promiscuous mode [ 254.583189][ T7699] bond_slave_1: entered promiscuous mode [ 254.590190][ T7699] team0: Port device bond0 added [ 254.660661][ T7698] bond0: left promiscuous mode [ 254.665542][ T7698] bond_slave_0: left promiscuous mode [ 254.671203][ T7698] bond_slave_1: left promiscuous mode [ 254.681435][ T7701] loop3: detected capacity change from 0 to 1024 [ 254.708035][ T7698] team0: Port device bond0 removed [ 254.733779][ T7698] bridge_slave_0: left allmulticast mode [ 254.752224][ T7698] bridge_slave_0: left promiscuous mode [ 254.780021][ T7698] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.245934][ T7698] bridge_slave_1: left allmulticast mode [ 255.263872][ T7708] netlink: 'syz.0.496': attribute type 10 has an invalid length. [ 255.278004][ T7698] bridge_slave_1: left promiscuous mode [ 255.290853][ T7698] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.300729][ T6161] hfsplus: b-tree write err: -5, ino 4 [ 255.589237][ T7698] bond0: (slave bond_slave_0): Releasing backup interface [ 255.617464][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.626654][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.971988][ T7698] bond0: (slave bond_slave_1): Releasing backup interface [ 256.150150][ T7698] team_slave_0: left promiscuous mode [ 256.287345][ T7698] team0: Port device team_slave_0 removed [ 256.378484][ T7698] team_slave_1: left promiscuous mode [ 256.428081][ T7698] team0: Port device team_slave_1 removed [ 256.443691][ T7698] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 256.453103][ T7698] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 256.483467][ T7698] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 256.490883][ T7698] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 256.515252][ T7698] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 256.532459][ T7698] batman_adv: batadv0: Removing interface: virt_wifi0 [ 256.555334][ T7708] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 256.749538][ T7724] netlink: 8 bytes leftover after parsing attributes in process `syz.1.502'. [ 256.784344][ T7724] netlink: 12 bytes leftover after parsing attributes in process `syz.1.502'. [ 256.827760][ T7079] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 256.859039][ T7079] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 256.898688][ T7079] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 256.918610][ T7079] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 261.604213][ T7760] netlink: 8 bytes leftover after parsing attributes in process `syz.4.515'. [ 261.668548][ T7760] netlink: 12 bytes leftover after parsing attributes in process `syz.4.515'. [ 261.859263][ T7791] loop3: detected capacity change from 0 to 64 [ 263.581325][ T7802] loop1: detected capacity change from 0 to 32768 [ 263.653641][ T7802] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 263.921927][ T7812] loop2: detected capacity change from 0 to 128 [ 263.952235][ T5864] ocfs2: Unmounting device (7,1) on (node local) [ 264.107263][ T7812] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 264.147487][ T7812] ext4 filesystem being mounted at /93/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 264.461447][ T5875] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 265.670446][ T3562] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 265.694499][ T3562] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 265.712852][ T6161] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 265.762156][ T6161] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 265.886936][ T7829] loop2: detected capacity change from 0 to 64 [ 267.723526][ T7850] loop2: detected capacity change from 0 to 128 [ 267.947459][ T7850] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 268.003193][ T7850] ext4 filesystem being mounted at /96/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 268.728496][ T5875] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 268.908682][ T7860] netlink: 8 bytes leftover after parsing attributes in process `syz.2.546'. [ 268.951732][ T7845] loop1: detected capacity change from 0 to 32768 [ 268.963439][ T7860] netlink: 12 bytes leftover after parsing attributes in process `syz.2.546'. [ 269.006602][ T3562] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 269.049417][ T7845] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 269.062218][ T6161] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 269.129391][ T7864] veth0_vlan: entered allmulticast mode [ 269.239347][ T7865] ÿÿÿÿÿÿ: renamed from vlan1 [ 269.258579][ T6161] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 269.285607][ T5864] ocfs2: Unmounting device (7,1) on (node local) [ 269.287398][ T6161] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.393480][ T7885] loop2: detected capacity change from 0 to 64 [ 270.748880][ T7889] loop3: detected capacity change from 0 to 128 [ 270.831360][ T7889] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 270.932006][ T7889] ext4 filesystem being mounted at /125/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 270.963782][ C0] vkms_vblank_simulate: vblank timer overrun [ 271.206325][ T7901] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 271.756912][ T5860] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 272.014340][ T7911] netlink: 'syz.3.563': attribute type 10 has an invalid length. [ 272.022128][ T7911] netlink: 40 bytes leftover after parsing attributes in process `syz.3.563'. [ 273.982572][ T7931] loop2: detected capacity change from 0 to 256 [ 274.082802][ T7931] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 274.227179][ T7931] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 274.238474][ T7936] loop0: detected capacity change from 0 to 256 [ 274.272223][ T7936] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 274.319080][ T7936] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 274.389951][ T7936] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 274.424231][ T7931] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 274.646747][ T7941] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 275.924451][ T7949] team_slave_0: entered promiscuous mode [ 275.930112][ T7949] team_slave_1: entered promiscuous mode [ 275.952966][ T7949] vlan3: entered promiscuous mode [ 275.958016][ T7949] team0: entered promiscuous mode [ 276.117124][ T7957] loop0: detected capacity change from 0 to 64 [ 277.861613][ T7969] pim6reg1: entered promiscuous mode [ 277.867560][ T7969] pim6reg1: entered allmulticast mode [ 277.897442][ T7975] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.585'. [ 278.852311][ T7982] loop0: detected capacity change from 0 to 256 [ 279.029088][ T7982] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 279.067389][ T7982] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 279.126096][ T7982] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 279.463895][ T7999] loop1: detected capacity change from 0 to 64 [ 281.525032][ T8017] netlink: 68 bytes leftover after parsing attributes in process `syz.2.598'. [ 282.007745][ T8025] loop3: detected capacity change from 0 to 32768 [ 282.013028][ T8025] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.601 (8025) [ 282.037837][ T8025] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 282.037999][ T8025] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm [ 282.171471][ T8045] loop1: detected capacity change from 0 to 256 [ 282.198084][ T8045] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 282.198102][ T8045] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 282.249786][ T8045] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 282.261074][ T8025] BTRFS info (device loop3): enabling ssd optimizations [ 282.261101][ T8025] BTRFS info (device loop3): enabling free space tree [ 284.029965][ T5860] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 287.446041][ T8109] loop0: detected capacity change from 0 to 32768 [ 287.510919][ T8109] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.621 (8109) [ 287.534325][ T8109] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 287.544659][ T8109] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm [ 288.818568][ T8109] BTRFS info (device loop0): enabling ssd optimizations [ 288.825650][ T8109] BTRFS info (device loop0): enabling free space tree [ 288.963494][ T8141] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.971305][ T8141] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.173252][ T8141] bridge0: entered allmulticast mode [ 289.234422][ T8141] bridge_slave_1: left allmulticast mode [ 289.240298][ T8141] bridge_slave_1: left promiscuous mode [ 289.274812][ T8141] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.463516][ T8141] bridge_slave_0: left allmulticast mode [ 289.547298][ T8141] bridge_slave_0: left promiscuous mode [ 290.014452][ T8141] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.019568][ T5873] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 291.989796][ T8191] netlink: 16 bytes leftover after parsing attributes in process `syz.3.643'. [ 292.235126][ T8191] netlink: 16 bytes leftover after parsing attributes in process `syz.3.643'. [ 293.430371][ T8207] netlink: 'syz.4.646': attribute type 8 has an invalid length. [ 294.347945][ T8215] wireguard1: entered promiscuous mode [ 294.355586][ T8215] wireguard1: entered allmulticast mode [ 294.579078][ T8215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.649'. [ 294.844187][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'. [ 294.903397][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'. [ 294.920894][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'. [ 294.938462][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'. [ 294.992827][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'. [ 295.013823][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'. [ 295.029197][ T8227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'. [ 295.697264][ T8239] netlink: 'syz.0.655': attribute type 30 has an invalid length. [ 296.036759][ T8248] loop1: detected capacity change from 0 to 256 [ 296.067453][ T8248] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 296.096726][ T8248] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 296.144199][ T8248] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 296.749992][ T8255] loop2: detected capacity change from 0 to 32768 [ 296.767373][ T8255] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.662 (8255) [ 296.787581][ T8255] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 296.797866][ T8255] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm [ 297.080806][ T8273] loop0: detected capacity change from 0 to 128 [ 297.088370][ T8273] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 297.110720][ T8273] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 297.165191][ T8255] BTRFS info (device loop2): enabling ssd optimizations [ 297.172167][ T8255] BTRFS info (device loop2): enabling free space tree [ 299.021460][ T5875] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 300.243195][ T8303] binder: 8298:8303 ioctl c0306201 0 returned -14 [ 300.923870][ T8310] netlink: 'syz.2.670': attribute type 8 has an invalid length. [ 302.723758][ T8329] loop1: detected capacity change from 0 to 128 [ 302.731324][ T8329] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 302.784790][ T8329] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 303.512790][ T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 303.760168][ T8343] __nla_validate_parse: 47 callbacks suppressed [ 303.760185][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 303.809317][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 303.822830][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 304.119997][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 304.261541][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 304.417412][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 304.432238][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 304.460651][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 304.532880][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 304.615834][ T10] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 304.627088][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 304.628742][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 304.641035][ T10] usb 5-1: Product: syz [ 304.652766][ T10] usb 5-1: Manufacturer: syz [ 304.657347][ T10] usb 5-1: SerialNumber: syz [ 304.777552][ T8353] netlink: 'syz.2.684': attribute type 8 has an invalid length. [ 305.252838][ T10] usb 5-1: config 0 descriptor?? [ 305.308250][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 305.317552][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 305.326734][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.682'. [ 306.334896][ T5980] usb 5-1: USB disconnect, device number 3 [ 306.599903][ T8366] wireguard0: entered promiscuous mode [ 306.605587][ T8366] wireguard0: entered allmulticast mode [ 306.953112][ T8382] loop2: detected capacity change from 0 to 128 [ 306.960613][ T8382] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 307.694062][ T8382] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 309.415615][ T8400] __nla_validate_parse: 42 callbacks suppressed [ 309.415630][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 309.443637][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 309.455894][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 309.527930][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 309.702895][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 309.712167][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 309.748488][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 310.390561][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 310.531632][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 310.591716][ T8400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 313.728150][ T8431] loop3: detected capacity change from 0 to 128 [ 314.057577][ T8431] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 314.157702][ T8431] ext4 filesystem being mounted at /148/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 316.477161][ T8466] loop2: detected capacity change from 0 to 8 [ 316.727924][ T5860] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 316.811811][ T8466] SQUASHFS error: zlib decompression failed, data probably corrupt [ 316.821634][ T8466] SQUASHFS error: Failed to read block 0x9b: -5 [ 316.828078][ T8466] SQUASHFS error: Unable to read metadata cache entry [99] [ 316.835286][ T8466] SQUASHFS error: Unable to read inode 0x127 [ 317.065752][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.072070][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.834932][ T8474] loop0: detected capacity change from 0 to 128 [ 317.842402][ T8474] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 318.852460][ T8474] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 321.519810][ T8510] __nla_validate_parse: 44 callbacks suppressed [ 321.519828][ T8510] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.726'. [ 321.663793][ T8514] loop3: detected capacity change from 0 to 8 [ 321.730670][ T8514] SQUASHFS error: zlib decompression failed, data probably corrupt [ 321.731089][ T8514] SQUASHFS error: Failed to read block 0x9b: -5 [ 321.731157][ T8514] SQUASHFS error: Unable to read metadata cache entry [99] [ 321.731198][ T8514] SQUASHFS error: Unable to read inode 0x127 [ 322.299185][ T8518] loop0: detected capacity change from 0 to 256 [ 322.316748][ T8518] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 322.316766][ T8518] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 322.331598][ T8518] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 326.038623][ T8558] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 326.111586][ T8564] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.741'. [ 326.775237][ T8568] loop4: detected capacity change from 0 to 8 [ 326.867308][ T8568] SQUASHFS error: zlib decompression failed, data probably corrupt [ 326.875321][ T8568] SQUASHFS error: Failed to read block 0x9b: -5 [ 326.881569][ T8568] SQUASHFS error: Unable to read metadata cache entry [99] [ 326.888795][ T8568] SQUASHFS error: Unable to read inode 0x127 [ 329.057380][ T8585] loop4: detected capacity change from 0 to 256 [ 329.185724][ T8585] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 329.322815][ T8585] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 329.876909][ T8585] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 330.677961][ T8599] netlink: 'syz.2.750': attribute type 1 has an invalid length. [ 330.875725][ T8599] 8021q: adding VLAN 0 to HW filter on device bond3 [ 331.872086][ T8621] loop4: detected capacity change from 0 to 1024 [ 331.893217][ T8622] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.754'. [ 331.894391][ T8602] wireguard1: entered promiscuous mode [ 331.910981][ T8604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.750'. [ 331.923792][ T8602] wireguard1: entered allmulticast mode [ 332.092732][ T8615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.749'. [ 333.271529][ T8627] loop2: detected capacity change from 0 to 128 [ 333.371970][ T6005] hfsplus: b-tree write err: -5, ino 4 [ 333.385649][ T8627] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 333.541616][ T8627] ext4 filesystem being mounted at /145/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 334.014758][ T8644] netlink: 'syz.4.761': attribute type 30 has an invalid length. [ 334.649411][ T5875] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 334.825222][ T8647] loop0: detected capacity change from 0 to 256 [ 334.986820][ T8647] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 335.072779][ T8647] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 335.153575][ T8647] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 337.487541][ T8664] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.767'. [ 338.698750][ T8673] loop4: detected capacity change from 0 to 1024 [ 339.624704][ T1158] hfsplus: b-tree write err: -5, ino 4 [ 340.566443][ T8690] loop1: detected capacity change from 0 to 128 [ 340.691794][ T8690] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 340.845900][ T8690] ext4 filesystem being mounted at /165/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 340.877649][ C1] vkms_vblank_simulate: vblank timer overrun [ 340.998570][ T8704] loop3: detected capacity change from 0 to 128 [ 341.017918][ T8704] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 341.200941][ T8704] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 341.708806][ T5864] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 341.771840][ T8714] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.781'. [ 342.352770][ T5918] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 342.582723][ T5918] usb 2-1: Using ep0 maxpacket: 32 [ 342.603061][ T8729] random: crng reseeded on system resumption [ 342.644854][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 342.683700][ T5918] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 342.702710][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 342.743563][ T5918] usb 2-1: Product: syz [ 342.750806][ T5918] usb 2-1: Manufacturer: syz [ 342.853378][ T5918] usb 2-1: SerialNumber: syz [ 342.996514][ T5918] usb 2-1: config 0 descriptor?? [ 343.103279][ T5918] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input6 [ 343.157270][ T5918] usbtouchscreen 2-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8 [ 343.233303][ T5918] usbtouchscreen 2-1:0.0: probe with driver usbtouchscreen failed with error -8 [ 343.396369][ T5918] usb 2-1: USB disconnect, device number 11 [ 346.174479][ T8761] loop0: detected capacity change from 0 to 128 [ 346.188700][ T8761] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 346.313662][ T8761] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 348.393690][ T8784] netlink: 'syz.4.802': attribute type 30 has an invalid length. [ 351.715023][ T8815] loop3: detected capacity change from 0 to 1024 [ 351.764057][ T8815] EXT4-fs: Ignoring removed nobh option [ 351.818754][ T8815] EXT4-fs: Ignoring removed bh option [ 351.880769][ T8815] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 351.892917][ T5980] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 352.074865][ T5980] usb 1-1: Using ep0 maxpacket: 32 [ 352.102184][ T5980] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 352.145859][ T5980] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0 [ 352.175551][ T5980] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 352.190071][ T5980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 352.201416][ T5980] usb 1-1: Product: syz [ 352.216350][ T5980] usb 1-1: Manufacturer: syz [ 352.221093][ T5980] usb 1-1: SerialNumber: syz [ 352.240743][ T5980] usb 1-1: config 0 descriptor?? [ 352.271798][ T5980] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input7 [ 352.300388][ T5980] usbtouchscreen 1-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -90 [ 352.363332][ T5980] usbtouchscreen 1-1:0.0: probe with driver usbtouchscreen failed with error -90 [ 352.478588][ T5980] usb 1-1: USB disconnect, device number 2 [ 354.710105][ T8854] wireguard2: entered promiscuous mode [ 354.716363][ T8854] wireguard2: entered allmulticast mode [ 354.723729][ T8858] netlink: 8 bytes leftover after parsing attributes in process `syz.2.822'. [ 357.912882][ T921] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 357.999305][ T8901] tipc: Enabling of bearer rejected, already enabled [ 358.092943][ T921] usb 5-1: Using ep0 maxpacket: 32 [ 358.355008][ T921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 358.423763][ T921] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0 [ 358.460941][ T921] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 358.502370][ T921] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.528017][ T921] usb 5-1: Product: syz [ 358.532224][ T921] usb 5-1: Manufacturer: syz [ 358.551463][ T921] usb 5-1: SerialNumber: syz [ 358.610777][ T8906] netlink: 'syz.2.842': attribute type 30 has an invalid length. [ 358.759365][ T921] usb 5-1: config 0 descriptor?? [ 358.785727][ T921] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input8 [ 358.809189][ T8908] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 358.819713][ T921] usbtouchscreen 5-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -90 [ 359.044210][ T921] usbtouchscreen 5-1:0.0: probe with driver usbtouchscreen failed with error -90 [ 359.220746][ T921] usb 5-1: USB disconnect, device number 4 [ 360.034795][ T8926] loop3: detected capacity change from 0 to 64 [ 361.322840][ T8944] tipc: Started in network mode [ 361.329810][ T8944] tipc: Node identity ac14140f, cluster identity 4711 [ 361.361115][ T8944] tipc: New replicast peer: 255.255.255.255 [ 361.380280][ T8944] tipc: Enabled bearer , priority 10 [ 361.784276][ T8950] netlink: 'syz.4.856': attribute type 30 has an invalid length. [ 362.784135][ T5911] tipc: Node number set to 2886997007 [ 363.669298][ T8977] random: crng reseeded on system resumption [ 368.889415][ T9032] loop3: detected capacity change from 0 to 256 [ 368.943221][ T9032] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 369.022938][ T9032] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 369.405180][ T9032] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 370.812604][ T9056] binder: 9049:9056 ioctl c0306201 0 returned -14 [ 373.153397][ T9083] loop1: detected capacity change from 0 to 256 [ 373.205081][ T9083] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 373.431919][ T9083] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 373.768248][ T9083] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 374.906782][ T9105] netlink: 8 bytes leftover after parsing attributes in process `syz.4.897'. [ 374.925670][ T9105] netlink: 4 bytes leftover after parsing attributes in process `syz.4.897'. [ 377.664037][ T9134] tipc: Enabling of bearer rejected, already enabled [ 378.142130][ T9137] netlink: 'syz.0.907': attribute type 30 has an invalid length. [ 378.461981][ T9143] binder: 9139:9143 ioctl c0306201 0 returned -14 [ 378.512002][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.518384][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.180559][ T9169] netlink: 68 bytes leftover after parsing attributes in process `syz.2.917'. [ 380.272389][ T9166] tipc: Started in network mode [ 380.277474][ T9166] tipc: Node identity ac14140f, cluster identity 4711 [ 380.289276][ T9166] tipc: New replicast peer: 255.255.255.255 [ 380.295890][ T9166] tipc: Enabled bearer , priority 10 [ 380.461851][ T9176] loop1: detected capacity change from 0 to 128 [ 380.496791][ T9178] netlink: 'syz.0.921': attribute type 30 has an invalid length. [ 380.520249][ T9176] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 380.611544][ T9176] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 381.139200][ T9184] binder: 9180:9184 ioctl c0306201 0 returned -14 [ 381.482945][ T5980] tipc: Node number set to 2886997007 [ 382.023597][ T9193] wg2: entered promiscuous mode [ 382.049145][ T9193] wg2: entered allmulticast mode [ 382.233568][ T9198] netlink: 12 bytes leftover after parsing attributes in process `syz.4.927'. [ 382.265429][ T9198] vlan3: entered promiscuous mode [ 382.270489][ T9198] dummy0: entered promiscuous mode [ 383.555899][ T9217] netlink: 'syz.0.933': attribute type 30 has an invalid length. [ 383.921908][ T9223] tipc: Enabling of bearer rejected, already enabled [ 384.546697][ T9230] binder: 9226:9230 ioctl c0306201 0 returned -14 [ 387.036365][ T9271] loop3: detected capacity change from 0 to 128 [ 387.144007][ T9271] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 387.197094][ T9271] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 389.176937][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.4.954'. [ 389.870524][ T9302] loop2: detected capacity change from 0 to 64 [ 392.075230][ T9329] tipc: Started in network mode [ 392.080277][ T9329] tipc: Node identity ac14140f, cluster identity 4711 [ 392.087566][ T9329] tipc: New replicast peer: 255.255.255.255 [ 392.094378][ T9329] tipc: Enabled bearer , priority 10 [ 393.021357][ T9339] netlink: 'syz.1.967': attribute type 10 has an invalid length. [ 393.029208][ T9339] netlink: 40 bytes leftover after parsing attributes in process `syz.1.967'. [ 393.042835][ T9339] batman_adv: batadv0: Adding interface: virt_wifi0 [ 393.049476][ T9339] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560. [ 393.070457][ T9339] batman_adv: batadv0: Interface activated: virt_wifi0 [ 393.471959][ T5911] tipc: Node number set to 2886997007 [ 394.095532][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.970'. [ 396.097386][ T9378] binder: 9373:9378 ioctl c0306201 0 returned -14 [ 397.024604][ T9390] tipc: Enabling of bearer rejected, already enabled [ 397.229670][ T9394] netlink: 12 bytes leftover after parsing attributes in process `syz.1.982'. [ 397.353167][ T9394] vlan2: entered promiscuous mode [ 397.382921][ T9394] dummy0: entered promiscuous mode [ 398.155448][ T9405] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 399.596466][ T9425] binder: 9420:9425 ioctl c0306201 0 returned -14 [ 400.769739][ T9443] loop4: detected capacity change from 0 to 64 [ 402.595520][ T9462] binder: 9459:9462 ioctl c0306201 0 returned -14 [ 402.967061][ T9465] netlink: 'syz.3.1003': attribute type 30 has an invalid length. [ 404.327518][ T9485] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1009'. [ 404.991784][ T9485] vlan3: entered promiscuous mode [ 406.569609][ T9513] netlink: 'syz.0.1019': attribute type 30 has an invalid length. [ 409.710889][ T9539] loop2: detected capacity change from 0 to 32768 [ 411.525224][ T9539] [ 411.525224][ T9539] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 411.525224][ T9539] [ 411.571012][ T9539] find_entry called with index = 0 [ 411.577273][ T9539] read_mapping_page failed! [ 411.582015][ T9539] ERROR: (device loop2): txCommit: [ 411.582015][ T9539] [ 411.709893][ T9541] tipc: Enabling of bearer rejected, already enabled [ 412.518254][ T9551] bond0: (slave vxlan1): Opening slave failed [ 413.684503][ T13] ERROR: (device loop2): diWrite: ixpxd invalid [ 413.684503][ T13] [ 413.718214][ T13] ERROR: (device loop2): txCommit: [ 413.718214][ T13] [ 413.745998][ T13] jfs_write_inode: jfs_commit_inode failed! [ 413.756734][ T5875] [ 413.756734][ T5875] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 413.756734][ T5875] [ 413.900856][ T5875] [ 413.900856][ T5875] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 413.900856][ T5875] [ 425.687877][ T24] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 426.060421][ T24] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 426.089165][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 426.097569][ T24] usb 2-1: Product: syz [ 426.111155][ T24] usb 2-1: Manufacturer: syz [ 426.117767][ T24] usb 2-1: SerialNumber: syz [ 426.475450][ T9712] netlink: 'syz.0.1075': attribute type 10 has an invalid length. [ 426.483932][ T9712] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1075'. [ 428.106904][ T9731] syzkaller1: entered promiscuous mode [ 428.237791][ T9731] syzkaller1: entered allmulticast mode [ 428.989762][ T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000000. ret = -EPROTO [ 429.002289][ T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 429.014877][ T24] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 429.029882][ T24] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71 [ 429.052748][ T24] usb 2-1: USB disconnect, device number 12 [ 434.030544][ T9791] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 434.053813][ T9789] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1097'. [ 435.463416][ T921] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 436.145468][ T921] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 436.162769][ T921] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 436.170785][ T921] usb 5-1: Product: syz [ 436.178351][ T921] usb 5-1: Manufacturer: syz [ 436.183328][ T921] usb 5-1: SerialNumber: syz [ 436.196617][ T921] usb 5-1: config 0 descriptor?? [ 436.284927][ T5962] IPVS: starting estimator thread 0... [ 436.608495][ T921] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 437.151616][ T9824] IPVS: using max 34 ests per chain, 81600 per kthread [ 437.356601][ T9838] netlink: 'syz.2.1113': attribute type 30 has an invalid length. [ 437.589977][ T9846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1116'. [ 438.730421][ T921] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 438.788129][ T921] usb 5-1: USB disconnect, device number 5 [ 439.943644][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.949978][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.035217][ T9904] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 441.177402][ T9904] block device autoloading is deprecated and will be removed. [ 443.009971][ T9934] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1147'. [ 443.026152][ T9934] vlan3: entered promiscuous mode [ 443.031272][ T9934] dummy0: entered promiscuous mode [ 445.026472][ T9955] input: syz1 as /devices/virtual/input/input9 [ 445.395691][ T9956] loop1: detected capacity change from 0 to 8 [ 445.405487][ T9956] SQUASHFS error: zlib decompression failed, data probably corrupt [ 445.414452][ T9956] SQUASHFS error: Failed to read block 0x9b: -5 [ 445.420714][ T9956] SQUASHFS error: Unable to read metadata cache entry [99] [ 445.428183][ T9956] SQUASHFS error: Unable to read inode 0x127 [ 447.951857][ T9998] netlink: 'syz.3.1160': attribute type 10 has an invalid length. [ 447.979282][ T9998] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1160'. [ 448.274203][T10002] loop2: detected capacity change from 0 to 512 [ 448.434603][ T5962] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 448.859186][ T5962] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 449.016731][ T5962] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.038456][ T5962] usb 2-1: Product: syz [ 449.074262][ T5962] usb 2-1: Manufacturer: syz [ 449.099663][ T5962] usb 2-1: SerialNumber: syz [ 450.183259][T10019] loop0: detected capacity change from 0 to 8192 [ 450.216264][T10019] capability: warning: `syz.0.1177' uses 32-bit capabilities (legacy support in use) [ 451.842723][ T5962] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000040. ret = -EPROTO [ 451.937625][ T5962] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO [ 452.013994][ T5962] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO [ 452.095968][ T5962] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 452.179936][ T5962] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 452.234598][ T5962] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71 [ 452.317175][ T5962] usb 2-1: USB disconnect, device number 13 [ 452.393458][ T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 452.582679][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 452.618307][ T10] usb 4-1: config 0 has an invalid interface number: 196 but max is 0 [ 452.650994][ T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 452.698303][ T10] usb 4-1: config 0 has no interface number 0 [ 452.722358][ T10] usb 4-1: config 0 interface 196 altsetting 1 endpoint 0x2 has invalid wMaxPacketSize 0 [ 452.734240][ T10] usb 4-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 0 [ 452.745681][ T10] usb 4-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 452.758983][ T10] usb 4-1: config 0 interface 196 has no altsetting 0 [ 452.790169][ T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 452.802216][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.820534][ T10] usb 4-1: Product: syz [ 452.830597][ T10] usb 4-1: Manufacturer: syz [ 452.837767][ T10] usb 4-1: SerialNumber: syz [ 452.852227][ T10] usb 4-1: config 0 descriptor?? [ 452.959853][T10054] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1190'. [ 453.069779][ T10] ipheth 4-1:0.196: Unable to find endpoints [ 453.093763][ T10] usb 4-1: USB disconnect, device number 4 [ 454.903117][T10069] loop1: detected capacity change from 0 to 1024 [ 454.940095][T10069] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 455.010875][T10066] netlink: 'syz.4.1191': attribute type 10 has an invalid length. [ 455.011856][T10069] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 455.027374][T10069] EXT4-fs (loop1): orphan cleanup on readonly fs [ 455.043053][T10066] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1191'. [ 455.074497][T10069] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.1194: Freeing blocks not in datazone - block = 0, count = 4096 [ 455.094735][T10073] loop3: detected capacity change from 0 to 4096 [ 455.102176][T10073] EXT4-fs: Ignoring removed mblk_io_submit option [ 455.109211][T10069] EXT4-fs (loop1): 1 orphan inode deleted [ 455.130883][T10066] batman_adv: batadv0: Adding interface: virt_wifi0 [ 455.132989][T10069] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 455.144841][T10066] batman_adv: batadv0: Interface activated: virt_wifi0 [ 455.169567][T10073] EXT4-fs (loop3): Test dummy encryption mode enabled [ 455.183066][ T30] audit: type=1326 audit(1756992626.404:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 455.258318][T10073] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.306462][ T30] audit: type=1326 audit(1756992626.404:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 455.357766][ T5864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.414329][ T30] audit: type=1326 audit(1756992626.454:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 455.464238][ T5962] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 455.496017][T10079] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.503789][T10079] bridge0: port 1(bridge_slave_0) entered disabled state [ 455.514216][ T30] audit: type=1326 audit(1756992626.454:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 455.551085][ T5860] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.577858][ T30] audit: type=1326 audit(1756992626.454:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10075 comm="syz.0.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd345b8ebe9 code=0x7ffc0000 [ 455.626054][ T5962] usb 3-1: Using ep0 maxpacket: 32 [ 455.662080][ T5962] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 455.680826][ T5962] usb 3-1: config 0 has no interface number 0 [ 455.712068][ T5962] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 455.734480][ T5962] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 455.747092][T10087] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1201'. [ 455.762760][ T5962] usb 3-1: Product: syz [ 455.774432][ T5962] usb 3-1: Manufacturer: syz [ 455.789687][ T5962] usb 3-1: SerialNumber: syz [ 455.803470][ T5962] usb 3-1: config 0 descriptor?? [ 455.812578][ T5962] smsc95xx v2.0.0 [ 455.841920][T10079] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 455.877533][T10079] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 455.922895][T10079] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 456.026964][T10079] veth0_macvtap: left allmulticast mode [ 456.171520][T10087] vlan2: entered promiscuous mode [ 456.191297][ T3562] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 456.217796][ T5962] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 456.242732][ T3562] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 456.270045][ T5962] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 456.305277][ T3562] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 456.347388][ T3562] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 456.471225][ T66] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 457.102528][ T5962] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 457.532982][ T66] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.573173][ T5962] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71 [ 457.586778][ T66] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 457.616111][ T66] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.661480][ T5962] usb 3-1: USB disconnect, device number 3 [ 457.735733][T10108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1207'. [ 457.944145][ T10] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 457.972299][T10120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1212'. [ 457.985092][T10120] netlink: 'syz.3.1212': attribute type 30 has an invalid length. [ 458.006600][ T13] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 458.029355][ T13] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 458.048353][ T13] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 458.068834][ T13] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 458.115972][ T10] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 458.139731][ T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 458.192438][ T10] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 458.212572][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 458.236808][ T10] usb 2-1: SerialNumber: syz [ 458.447780][ T5962] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 458.476018][ T10] usb 2-1: 0:2 : does not exist [ 458.498027][ T10] usb 2-1: USB disconnect, device number 14 [ 458.710715][ T5962] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 459.011441][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 459.026128][ T5962] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 459.046242][ T5962] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 459.055915][ T5962] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.064241][ T5962] usb 3-1: Product: syz [ 459.068645][ T5962] usb 3-1: Manufacturer: syz [ 459.073685][ T5962] usb 3-1: SerialNumber: syz [ 459.160474][ T7261] udevd[7261]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 459.203162][ T5962] usb 3-1: config 0 descriptor?? [ 459.213125][T10114] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 459.220357][T10114] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 459.264364][ T9] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 459.467855][ T9] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 459.618082][T10135] loop4: detected capacity change from 0 to 8 [ 459.639093][T10135] SQUASHFS error: zlib decompression failed, data probably corrupt [ 459.647067][T10135] SQUASHFS error: Failed to read block 0x9b: -5 [ 459.653437][T10135] SQUASHFS error: Unable to read metadata cache entry [99] [ 459.660780][T10135] SQUASHFS error: Unable to read inode 0x127 [ 459.694050][T10114] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 459.932360][ T9] usb 4-1: config 0 interface 0 has no altsetting 0 [ 459.939607][T10114] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 460.389967][ T9] usb 4-1: New USB device found, idVendor=056a, idProduct=00ba, bcdDevice= 0.00 [ 460.564948][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.596420][ T9] usb 4-1: config 0 descriptor?? [ 460.634271][T10142] loop1: detected capacity change from 0 to 1024 [ 460.697862][T10143] random: crng reseeded on system resumption [ 461.040053][ T5962] dm9601 3-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 461.084201][ T5962] usb 3-1: USB disconnect, device number 4 [ 461.345992][ T9] usb 4-1: USB disconnect, device number 5 [ 461.812024][T10149] loop1: detected capacity change from 0 to 256 [ 461.914851][T10149] exFAT-fs (loop1): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 461.951734][T10149] exFAT-fs (loop1): valid_size(10) is greater than size(0) [ 461.986552][T10151] loop0: detected capacity change from 0 to 128 [ 462.211720][T10158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1226'. [ 462.231338][T10158] netlink: 'syz.1.1226': attribute type 30 has an invalid length. [ 462.269025][T10162] loop0: detected capacity change from 0 to 64 [ 463.212666][ T921] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 463.250184][T10175] loop3: detected capacity change from 0 to 128 [ 463.257891][T10175] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 463.283540][T10175] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 463.382722][ T921] usb 3-1: Using ep0 maxpacket: 8 [ 463.389833][ T921] usb 3-1: config 0 has an invalid interface number: 102 but max is 0 [ 463.398384][ T921] usb 3-1: config 0 has no interface number 0 [ 463.582099][T10183] fuse: Bad value for 'fd' [ 463.599567][ T921] usb 3-1: config 0 interface 102 has no altsetting 0 [ 463.614269][ T921] usb 3-1: New USB device found, idVendor=0482, idProduct=0203, bcdDevice=bb.3e [ 464.144670][ T921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.153359][ T921] usb 3-1: Product: syz [ 464.157529][ T921] usb 3-1: Manufacturer: syz [ 464.162252][ T921] usb 3-1: SerialNumber: syz [ 464.231835][ T921] usb 3-1: config 0 descriptor?? [ 464.444253][T10186] random: crng reseeded on system resumption [ 464.699420][T10188] loop4: detected capacity change from 0 to 512 [ 464.732112][T10188] Quota error (device loop4): do_check_range: Getting dqdh_entries 1536 out of range 0-14 [ 464.756285][T10188] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 464.769167][T10188] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.1235: Failed to acquire dquot type 1 [ 464.795592][T10188] EXT4-fs (loop4): 1 truncate cleaned up [ 464.803554][T10188] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 465.122697][T10196] loop3: detected capacity change from 0 to 8 [ 465.247277][T10196] SQUASHFS error: zlib decompression failed, data probably corrupt [ 465.255579][T10196] SQUASHFS error: Failed to read block 0x9b: -5 [ 465.261900][T10196] SQUASHFS error: Unable to read metadata cache entry [99] [ 465.269270][T10196] SQUASHFS error: Unable to read inode 0x127 [ 465.301419][T10188] ext4 filesystem being mounted at /252/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 465.319956][ T921] usb 3-1: USB disconnect, device number 5 [ 465.380524][T10188] EXT4-fs (loop4): shut down requested (1) [ 465.508119][T10199] loop2: detected capacity change from 0 to 1024 [ 465.568022][T10199] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 465.658553][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.318699][T10207] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 466.468802][T10203] loop3: detected capacity change from 0 to 2048 [ 466.529405][ T5875] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.547908][T10203] iocharset iso8859-9 not found [ 467.168233][T10212] loop0: detected capacity change from 0 to 512 [ 467.201691][T10212] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 467.215291][T10212] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 467.250748][T10212] EXT4-fs (loop0): 1 truncate cleaned up [ 467.436283][T10212] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 467.493444][T10227] loop3: detected capacity change from 0 to 64 [ 467.555224][T10214] EXT4-fs error (device loop0): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.0.1241: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 468.279502][T10214] EXT4-fs error (device loop0) in ext4_delete_entry:2739: Corrupt filesystem [ 468.560391][ T5873] EXT4-fs error (device loop0): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 468.650722][T10235] loop1: detected capacity change from 0 to 512 [ 468.769201][T10235] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.790439][ T5873] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.825132][T10235] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 469.029072][T10246] loop3: detected capacity change from 0 to 8 [ 469.216520][T10246] SQUASHFS error: zlib decompression failed, data probably corrupt [ 469.224594][T10246] SQUASHFS error: Failed to read block 0x9b: -5 [ 469.230840][T10246] SQUASHFS error: Unable to read metadata cache entry [99] [ 469.238076][T10246] SQUASHFS error: Unable to read inode 0x127 [ 469.279139][T10235] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.1246: iget: bad i_size value: 2533274857506816 [ 469.300135][T10235] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.1246: iget: bad i_size value: 2533274857506816 [ 469.468135][T10235] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.1246: iget: bad i_size value: 2533274857506816 [ 469.649877][ T5864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.902843][T10254] random: crng reseeded on system resumption [ 471.149078][ T6005] bridge_slave_1: left allmulticast mode [ 471.198101][ T6005] bridge_slave_1: left promiscuous mode [ 471.207380][T10271] loop3: detected capacity change from 0 to 512 [ 471.241159][ T6005] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.273286][T10271] EXT4-fs (loop3): first meta block group too large: 65 (group descriptor block count 1) [ 471.406077][ T6005] bridge_slave_0: left allmulticast mode [ 471.411734][ T6005] bridge_slave_0: left promiscuous mode [ 471.468955][ T6005] bridge0: port 1(bridge_slave_0) entered disabled state [ 472.447685][ T5868] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 472.473645][ T5868] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 472.580586][ T5868] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 472.596645][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 472.606332][ T5868] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 472.677211][T10294] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 473.174264][T10307] loop2: detected capacity change from 0 to 164 [ 473.232553][T10307] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 473.488970][T10314] loop1: detected capacity change from 0 to 2048 [ 473.529152][T10314] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 474.469870][T10330] random: crng reseeded on system resumption [ 474.488923][ T6005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 474.551849][ T6005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 474.593485][ T6005] bond0 (unregistering): Released all slaves [ 474.653420][ T5868] Bluetooth: hci3: command tx timeout [ 474.914556][ T6005] bond1 (unregistering): (slave vlan2): Releasing active interface [ 474.924499][ T6005] bond1 (unregistering): Released all slaves [ 474.996651][T10329] bond0: (slave vxlan1): Opening slave failed [ 475.100165][ T6005] tipc: Disabling bearer [ 475.158220][ T6005] tipc: Left network mode [ 475.399650][T10343] loop4: detected capacity change from 0 to 1024 [ 475.479639][T10343] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 475.919410][T10358] wireguard1: entered promiscuous mode [ 475.926268][T10358] wireguard1: entered allmulticast mode [ 476.740827][ T5868] Bluetooth: hci3: command tx timeout [ 476.804775][T10349] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 477.011596][ T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 128 with error 28 [ 477.012726][T10372] loop2: detected capacity change from 0 to 128 [ 477.037374][T10372] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 477.055559][T10372] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 477.068963][ T12] EXT4-fs (loop4): This should not happen!! Data will be lost [ 477.068963][ T12] [ 477.078756][ T12] EXT4-fs (loop4): Total free blocks count 0 [ 477.086209][ T12] EXT4-fs (loop4): Free/Dirty block details [ 477.092197][ T12] EXT4-fs (loop4): free_blocks=68451041280 [ 477.098162][ T12] EXT4-fs (loop4): dirty_blocks=144 [ 477.103449][ T12] EXT4-fs (loop4): Block reservation details [ 477.109426][ T12] EXT4-fs (loop4): i_reserved_data_blocks=9 [ 477.128050][ T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28 [ 477.282681][ T921] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 477.994175][ T921] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 478.035533][ T921] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 478.125204][ T921] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 478.146769][ T921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 478.157879][ T921] usb 4-1: SerialNumber: syz [ 478.377451][ T6005] hsr_slave_0: left promiscuous mode [ 478.405690][ T921] usb 4-1: 0:2 : does not exist [ 478.432232][ T6005] hsr_slave_1: left promiscuous mode [ 478.447734][ T6005] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 478.489891][ T921] usb 4-1: USB disconnect, device number 6 [ 478.497092][ T6005] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 478.534361][ T6005] batman_adv: batadv0: Removing interface: virt_wifi0 [ 478.679493][T10392] loop1: detected capacity change from 0 to 128 [ 478.684408][T10394] loop4: detected capacity change from 0 to 1024 [ 478.697543][ T5962] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 478.700196][T10392] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 478.734233][T10394] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 478.764427][T10392] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 478.796146][T10394] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1286: Invalid block bitmap block 0 in block_group 0 [ 478.813507][ T5868] Bluetooth: hci3: command tx timeout [ 478.828343][T10394] EXT4-fs (loop4): Remounting filesystem read-only [ 478.846881][T10394] Quota error (device loop4): write_blk: dquota write failed [ 478.854415][T10394] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 478.867091][T10394] EXT4-fs (loop4): 1 orphan inode deleted [ 478.888028][T10394] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 479.027690][T10398] loop3: detected capacity change from 0 to 64 [ 479.072677][ T5962] usb 3-1: Using ep0 maxpacket: 8 [ 479.090633][ T5962] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 479.090886][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.122642][ T5962] usb 3-1: config 179 has no interface number 0 [ 479.166119][ T5962] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 479.749371][ T5962] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 479.761998][ T5962] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 479.777458][ T5962] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 479.789296][ T5962] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 479.793782][ T12] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 479.802891][ T5962] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 479.824854][ T5962] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.836833][T10388] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 480.286952][ T5962] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input11 [ 480.825130][T10388] loop2: detected capacity change from 0 to 2048 [ 480.863868][T10388] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 480.893236][ T5868] Bluetooth: hci3: command tx timeout [ 481.187485][T10388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 481.233272][T10388] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 481.449410][ T9] usb 3-1: USB disconnect, device number 6 [ 481.452001][ C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 481.466584][ C1] dummy_hcd dummy_hcd.2: timer fired with no URBs pending? [ 481.651848][ T6005] team_slave_1 (unregistering): left promiscuous mode [ 481.671136][ T6005] team0 (unregistering): Port device team_slave_1 removed [ 481.803135][ T6005] team_slave_0 (unregistering): left promiscuous mode [ 481.812311][ T6005] team0 (unregistering): Port device team_slave_0 removed [ 482.268764][T10425] loop4: detected capacity change from 0 to 2048 [ 482.985221][T10425] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 483.406369][T10443] loop3: detected capacity change from 0 to 1024 [ 484.042316][T10445] random: crng reseeded on system resumption [ 484.229208][T10446] loop3: detected capacity change from 0 to 128 [ 484.421119][T10396] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 484.903970][T10446] vfat: Unknown parameter 'ÿÿÿÿ' [ 485.217352][ T5871] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 485.880956][T10455] loop4: detected capacity change from 0 to 1024 [ 486.045296][T10455] EXT4-fs: Ignoring removed mblk_io_submit option [ 486.052170][T10455] EXT4-fs: Ignoring removed nobh option [ 486.059679][T10455] EXT4-fs: Ignoring removed bh option [ 486.101113][T10432] bridge0: port 1(ip6gretap0) entered blocking state [ 486.113423][T10432] bridge0: port 1(ip6gretap0) entered disabled state [ 486.125146][T10455] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 486.161592][T10432] ip6gretap0: entered allmulticast mode [ 486.213112][T10432] ip6gretap0: entered promiscuous mode [ 486.321068][T10287] chnl_net:caif_netlink_parms(): no params data found [ 486.563025][T10467] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1308'. [ 486.717340][T10464] loop3: detected capacity change from 0 to 512 [ 486.801900][T10464] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 486.981556][T10464] EXT4-fs error (device loop3): ext4_quota_enable:7134: inode #4: comm syz.3.1307: iget: bad i_size value: 5910974510929920 [ 487.010703][T10486] loop2: detected capacity change from 0 to 1024 [ 487.064923][T10464] EXT4-fs error (device loop3): ext4_quota_enable:7137: comm syz.3.1307: Bad quota inode: 4, type: 1 [ 487.119584][T10486] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 487.130214][T10464] EXT4-fs warning (device loop3): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 487.172501][T10486] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 487.193558][T10464] EXT4-fs (loop3): mount failed [ 487.219911][T10287] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.227793][T10486] EXT4-fs (loop2): orphan cleanup on readonly fs [ 487.234837][T10486] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.1311: Freeing blocks not in datazone - block = 0, count = 4096 [ 487.256751][T10287] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.363312][T10287] bridge_slave_0: entered allmulticast mode [ 487.370401][T10287] bridge_slave_0: entered promiscuous mode [ 487.388533][T10486] EXT4-fs (loop2): 1 orphan inode deleted [ 487.404446][T10486] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 487.428049][T10464] raw_sendmsg: syz.3.1307 forgot to set AF_INET. Fix it! [ 487.452824][T10287] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.457510][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.459949][T10287] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.479417][T10287] bridge_slave_1: entered allmulticast mode [ 487.487511][T10287] bridge_slave_1: entered promiscuous mode [ 487.527115][ T5875] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.613681][T10497] random: crng reseeded on system resumption [ 487.708968][T10287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 487.766134][T10287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 487.974346][T10287] team0: Port device team_slave_0 added [ 488.734651][T10287] team0: Port device team_slave_1 added [ 488.936029][T10519] loop4: detected capacity change from 0 to 512 [ 488.949144][T10507] wireguard3: entered promiscuous mode [ 488.954955][T10507] wireguard3: entered allmulticast mode [ 489.040366][T10519] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 489.061762][T10519] ext4 filesystem being mounted at /274/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 489.084965][T10519] EXT4-fs warning (device loop4): ext4_group_extend:1886: will only finish group (16384 blocks, 16256 new) [ 489.100319][T10519] EXT4-fs warning (device loop4): ext4_group_extend:1891: can't read last block, resize aborted [ 489.264476][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.345819][T10526] loop1: detected capacity change from 0 to 512 [ 489.384534][T10521] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR [ 489.393667][T10287] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 489.422870][T10526] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 489.445617][T10287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 489.490361][T10287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 489.525527][T10526] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 489.534079][T10287] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 489.545750][T10287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 489.574864][T10287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 489.617495][T10526] EXT4-fs (loop1): 1 truncate cleaned up [ 489.651668][T10526] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 489.858144][T10287] hsr_slave_0: entered promiscuous mode [ 489.885133][T10287] hsr_slave_1: entered promiscuous mode [ 489.991567][T10287] debugfs: 'hsr0' already exists in 'hsr' [ 489.997604][T10287] Cannot create hsr debugfs directory [ 490.026685][ T5864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.151361][T10536] loop4: detected capacity change from 0 to 16 [ 490.187005][T10536] erofs (device loop4): mounted with root inode @ nid 36. [ 490.271892][ T5868] erofs (device loop4): failed to decompress -26 in[46, 0] out[9000] [ 490.297912][T10530] erofs (device loop4): failed to decompress -26 in[46, 4050] out[8192] [ 490.356709][T10530] erofs (device loop4): read error -117 @ 1 of nid 89 [ 490.365672][ T30] audit: type=1800 audit(1756992661.584:135): pid=10530 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1320" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 491.601737][T10287] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 491.669254][T10287] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 492.812404][T10287] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 492.870293][T10287] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 493.118275][T10287] 8021q: adding VLAN 0 to HW filter on device bond0 [ 493.126894][T10586] loop2: detected capacity change from 0 to 512 [ 493.152528][T10586] ext4: Unknown parameter 'noacl' [ 493.163460][T10287] 8021q: adding VLAN 0 to HW filter on device team0 [ 493.191539][ T3511] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.198714][ T3511] bridge0: port 1(bridge_slave_0) entered forwarding state [ 493.268075][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 493.275294][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 493.379937][T10287] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 493.802758][ T5962] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 493.925643][T10600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1334'. [ 493.945305][T10600] netlink: 'syz.3.1334': attribute type 30 has an invalid length. [ 493.989118][ T5962] usb 3-1: config 0 has an invalid interface number: 120 but max is 0 [ 494.005250][ T5962] usb 3-1: config 0 has no interface number 0 [ 494.027395][ T5962] usb 3-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 65320, setting to 64 [ 494.064206][ T5962] usb 3-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 494.097158][ T5962] usb 3-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0 [ 494.143240][ T5962] usb 3-1: Manufacturer: syz [ 494.166752][ T5962] usb 3-1: config 0 descriptor?? [ 494.202268][T10586] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 494.256846][ T5962] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.120/input/input12 [ 494.342153][T10612] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1338'. [ 494.368954][T10287] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 494.591209][ T9] usb 3-1: USB disconnect, device number 7 [ 494.597161][ C0] usbtouchscreen 3-1:0.120: usbtouch_irq - usb_submit_urb failed with result: -19 [ 496.460749][T10645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1345'. [ 496.482719][T10645] netlink: 'syz.4.1345': attribute type 30 has an invalid length. [ 496.682697][ T9] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 496.705570][T10287] veth0_vlan: entered promiscuous mode [ 496.741830][T10651] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 496.744744][T10287] veth1_vlan: entered promiscuous mode [ 496.850461][T10287] veth0_macvtap: entered promiscuous mode [ 496.865533][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 496.876159][T10287] veth1_macvtap: entered promiscuous mode [ 496.888041][ T9] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 496.913602][ T9] usb 2-1: config 0 has no interface number 0 [ 496.929559][ T9] usb 2-1: config 0 interface 184 has no altsetting 0 [ 496.934200][T10287] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 496.940936][ T9] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 496.957922][T10287] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 496.966816][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 496.982466][ T9] usb 2-1: Product: syz [ 496.998681][ T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.008255][T10658] loop4: detected capacity change from 0 to 1024 [ 497.011583][ T9] usb 2-1: Manufacturer: syz [ 497.026386][ T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.036456][ T9] usb 2-1: SerialNumber: syz [ 497.046994][ T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.061994][ T9] usb 2-1: config 0 descriptor?? [ 497.099909][ T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.115567][ T9] smsc75xx v1.0.0 [ 497.179471][T10658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 497.251850][T10658] ext4 filesystem being mounted at /284/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 497.310277][T10664] wireguard4: entered promiscuous mode [ 497.320902][T10658] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.1351: lblock 3 mapped to illegal pblock 3 (length 3) [ 497.344847][T10658] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 497.357470][T10658] EXT4-fs (loop4): This should not happen!! Data will be lost [ 497.357470][T10658] [ 497.368881][T10664] wireguard4: entered allmulticast mode [ 497.424807][T10658] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1351: Freeing blocks not in datazone - block = 3, count = 3 [ 497.456106][ T7079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 497.482848][T10658] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1351: Freeing blocks not in datazone - block = 0, count = 16 [ 497.505107][T10668] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 497.512941][ T7079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 497.531652][T10668] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 131587 with max blocks 1 with error 28 [ 497.551401][T10668] EXT4-fs (loop4): This should not happen!! Data will be lost [ 497.551401][T10668] [ 497.561387][T10668] EXT4-fs (loop4): Total free blocks count 0 [ 497.567592][T10668] EXT4-fs (loop4): Free/Dirty block details [ 497.574040][T10668] EXT4-fs (loop4): free_blocks=4293918720 [ 497.581311][T10668] EXT4-fs (loop4): dirty_blocks=16 [ 497.586593][T10668] EXT4-fs (loop4): Block reservation details [ 497.673609][ T7079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 497.685766][ T7079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 497.733404][ T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32 [ 497.744864][ T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32 [ 497.781555][ T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind [ 497.826802][ T9] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -32 [ 498.252789][T10678] loop5: detected capacity change from 0 to 8 [ 498.451037][T10678] SQUASHFS error: zlib decompression failed, data probably corrupt [ 498.459268][T10678] SQUASHFS error: Failed to read block 0x9b: -5 [ 498.467213][T10678] SQUASHFS error: Unable to read metadata cache entry [99] [ 498.474602][T10678] SQUASHFS error: Unable to read inode 0x127 [ 498.514307][ T5918] usb 2-1: USB disconnect, device number 15 [ 498.607158][T10681] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1354'. [ 500.212742][T10695] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1358'. [ 500.234236][T10695] netlink: 'syz.4.1358': attribute type 30 has an invalid length. [ 501.174862][T10722] loop1: detected capacity change from 0 to 512 [ 502.153309][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.160035][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.166659][T10722] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 502.359188][T10726] loop2: detected capacity change from 0 to 256 [ 502.738656][ T30] audit: type=1800 audit(1756992673.954:136): pid=10722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1368" name="file2" dev="loop1" ino=1048641 res=0 errno=0 [ 502.824488][T10722] FAT-fs (loop1): error, invalid access to FAT (entry 0x0fffff00) [ 503.060984][T10723] loop5: detected capacity change from 0 to 8192 [ 504.187509][T10748] loop1: detected capacity change from 0 to 1024 [ 504.695386][ T30] audit: type=1326 audit(1756992675.884:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10741 comm="syz.3.1374" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06c718ebe9 code=0x0 [ 505.609899][T10748] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1376'. [ 505.709653][T10763] loop5: detected capacity change from 0 to 128 [ 505.766402][T10763] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 505.775729][T10763] System zones: 1-3, 19-19, 35-36 [ 505.801806][T10763] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 505.915972][T10763] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 506.653330][T10786] loop1: detected capacity change from 0 to 1024 [ 507.030886][T10287] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 507.442546][T10797] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1390'. [ 507.452066][T10797] netlink: 'syz.3.1390': attribute type 30 has an invalid length. [ 507.596630][T10801] VFS: Lookup of 'file1' in fuse fuse would have caused loop [ 507.905568][ T30] audit: type=1326 audit(1756992679.124:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10804 comm="syz.3.1392" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06c718ebe9 code=0x0 [ 508.677269][ T30] audit: type=1326 audit(1756992679.154:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10804 comm="syz.3.1392" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f06c718ebe9 code=0x0 [ 512.391074][T10860] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1403'. [ 512.433675][T10860] netlink: 'syz.3.1403': attribute type 30 has an invalid length. [ 512.607750][T10853] binder: 10852:10853 ioctl c018620c 2000000001c0 returned -1 [ 513.304709][T10876] loop4: detected capacity change from 0 to 128 [ 513.609594][T10878] Bluetooth: hci0: Opcode 0x0c20 failed: -4 [ 513.766033][T10876] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 514.013135][T10876] ext4 filesystem being mounted at /293/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 515.213131][ T5868] Bluetooth: hci0: command 0x0406 tx timeout [ 515.629458][T10898] loop2: detected capacity change from 0 to 32768 [ 520.139824][T10898] read_mapping_page failed! [ 520.198676][T10898] jfs_mount: Failed to read AGGREGATE_I [ 520.317859][T10906] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 520.402930][T10898] Mount JFS Failure: -5 [ 520.407083][T10898] jfs_mount failed w/return code = -5 [ 520.524156][ T5871] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 520.792366][T10921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1419'. [ 520.841115][T10921] netlink: 'syz.4.1419': attribute type 30 has an invalid length. [ 521.043696][T10926] ip6gretap0: left allmulticast mode [ 521.079729][T10926] ip6gretap0: left promiscuous mode [ 521.104685][T10930] loop4: detected capacity change from 0 to 128 [ 521.121023][T10926] bridge0: port 1(ip6gretap0) entered disabled state [ 521.173248][T10930] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 521.228160][T10930] ext4 filesystem being mounted at /295/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 521.410655][ T5871] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 521.568802][T10940] binder: 10939:10940 ioctl c0306201 200000000280 returned -11 [ 523.377141][T10964] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed [ 523.482822][ T43] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 523.655057][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 523.706869][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 523.763242][ T43] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 523.815263][ T43] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 523.853173][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.907318][ T43] usb 3-1: config 0 descriptor?? [ 524.820002][ T43] plantronics 0003:047F:FFFF.0005: unbalanced collection at end of report description [ 524.943377][ T43] plantronics 0003:047F:FFFF.0005: parse failed [ 524.949763][ T43] plantronics 0003:047F:FFFF.0005: probe with driver plantronics failed with error -22 [ 524.986259][ T43] usb 3-1: USB disconnect, device number 8 [ 525.275621][T11001] loop1: detected capacity change from 0 to 7 [ 525.291281][T11001] Dev loop1: unable to read RDB block 7 [ 525.298148][T11001] loop1: unable to read partition table [ 525.304340][T11001] loop1: partition table beyond EOD, truncated [ 525.310531][T11001] loop_reread_partitions: partition scan of loop1 (þ被xü—ŸÑà– ) failed (rc=-5) [ 525.311693][ T9] IPVS: starting estimator thread 0... [ 525.983592][T11007] IPVS: using max 50 ests per chain, 120000 per kthread [ 526.612962][T11009] wireguard2: entered promiscuous mode [ 526.619618][T11009] wireguard2: entered allmulticast mode [ 527.161791][T11030] netlink: 'syz.5.1445': attribute type 10 has an invalid length. [ 527.169888][T11030] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1445'. [ 527.180355][T11030] batman_adv: batadv0: Adding interface: virt_wifi0 [ 527.186979][T11030] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 527.213002][T11030] batman_adv: batadv0: Interface activated: virt_wifi0 [ 527.520651][T11033] ================================================================== [ 527.528741][T11033] BUG: KASAN: wild-memory-access in __sha512_update+0x10d/0x1d0 [ 527.536357][T11033] Read of size 2 at addr 0005088000000000 by task syz.4.1448/11033 [ 527.544219][T11033] [ 527.546532][T11033] CPU: 1 UID: 0 PID: 11033 Comm: syz.4.1448 Not tainted syzkaller #0 PREEMPT(full) [ 527.546544][T11033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 527.546556][T11033] Call Trace: [ 527.546561][T11033] [ 527.546567][T11033] dump_stack_lvl+0x189/0x250 [ 527.546582][T11033] ? __pfx_dump_stack_lvl+0x10/0x10 [ 527.546593][T11033] ? _raw_spin_lock_irqsave+0xb3/0xf0 [ 527.546608][T11033] ? __virt_addr_valid+0x7c/0x5c0 [ 527.546621][T11033] ? __sha512_update+0x10d/0x1d0 [ 527.546633][T11033] kasan_report+0x118/0x150 [ 527.546646][T11033] ? __sha512_update+0x10d/0x1d0 [ 527.546658][T11033] ? __sha512_update+0x10d/0x1d0 [ 527.546669][T11033] kasan_check_range+0x2b0/0x2c0 [ 527.546682][T11033] ? __sha512_update+0x10d/0x1d0 [ 527.546694][T11033] __asan_memcpy+0x29/0x70 [ 527.546705][T11033] __sha512_update+0x10d/0x1d0 [ 527.546717][T11033] crypto_sha512_update+0x27/0x40 [ 527.546728][T11033] shash_ahash_update+0x213/0x2f0 [ 527.546740][T11033] hash_sendmsg+0x96b/0x11d0 [ 527.546756][T11033] ? __pfx_hash_sendmsg+0x10/0x10 [ 527.546768][T11033] __sock_sendmsg+0x21c/0x270 [ 527.546781][T11033] ____sys_sendmsg+0x52d/0x830 [ 527.546793][T11033] ? __pfx_____sys_sendmsg+0x10/0x10 [ 527.546805][T11033] ? import_iovec+0x74/0xa0 [ 527.546816][T11033] ___sys_sendmsg+0x21f/0x2a0 [ 527.546827][T11033] ? __pfx____sys_sendmsg+0x10/0x10 [ 527.546844][T11033] ? __fget_files+0x2a/0x420 [ 527.546856][T11033] ? __fget_files+0x3a0/0x420 [ 527.546870][T11033] __sys_sendmmsg+0x227/0x430 [ 527.546881][T11033] ? __pfx___sys_sendmmsg+0x10/0x10 [ 527.546893][T11033] ? __pfx_do_futex+0x10/0x10 [ 527.546910][T11033] __x64_sys_sendmmsg+0xa0/0xc0 [ 527.546921][T11033] do_syscall_64+0xfa/0xfa0 [ 527.546930][T11033] ? lockdep_hardirqs_on+0x9c/0x150 [ 527.546938][T11033] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.546947][T11033] ? clear_bhb_loop+0x60/0xb0 [ 527.546957][T11033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.546969][T11033] RIP: 0033:0x7f503af8ebe9 [ 527.546981][T11033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.546990][T11033] RSP: 002b:00007f503bd92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 527.547001][T11033] RAX: ffffffffffffffda RBX: 00007f503b1c6090 RCX: 00007f503af8ebe9 [ 527.547008][T11033] RDX: 0000000000000001 RSI: 0000200000000640 RDI: 0000000000000007 [ 527.547014][T11033] RBP: 00007f503b011e19 R08: 0000000000000000 R09: 0000000000000000 [ 527.547020][T11033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.547026][T11033] R13: 00007f503b1c6128 R14: 00007f503b1c6090 R15: 00007ffd61f6a168 [ 527.547042][T11033] [ 527.547046][T11033] ================================================================== [ 527.912850][T11033] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 527.920073][T11033] CPU: 0 UID: 0 PID: 11033 Comm: syz.4.1448 Not tainted syzkaller #0 PREEMPT(full) [ 527.929436][T11033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 527.939488][T11033] Call Trace: [ 527.942768][T11033] [ 527.945698][T11033] dump_stack_lvl+0x99/0x250 [ 527.950293][T11033] ? __asan_memcpy+0x40/0x70 [ 527.954886][T11033] ? __pfx_dump_stack_lvl+0x10/0x10 [ 527.960085][T11033] ? __pfx__printk+0x10/0x10 [ 527.964690][T11033] vpanic+0x237/0x6d0 [ 527.968674][T11033] ? __pfx_vpanic+0x10/0x10 [ 527.973182][T11033] ? preempt_schedule_common+0x83/0xd0 [ 527.978652][T11033] ? preempt_schedule+0xae/0xc0 [ 527.983510][T11033] panic+0xb9/0xc0 [ 527.987234][T11033] ? __pfx_panic+0x10/0x10 [ 527.991663][T11033] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 527.998000][T11033] ? __sha512_update+0x10d/0x1d0 [ 528.002945][T11033] check_panic_on_warn+0x89/0xb0 [ 528.007888][T11033] ? __sha512_update+0x10d/0x1d0 [ 528.012826][T11033] end_report+0x78/0x160 [ 528.017103][T11033] kasan_report+0x129/0x150 [ 528.021595][T11033] ? __sha512_update+0x10d/0x1d0 [ 528.026511][T11033] ? __sha512_update+0x10d/0x1d0 [ 528.031429][T11033] kasan_check_range+0x2b0/0x2c0 [ 528.036351][T11033] ? __sha512_update+0x10d/0x1d0 [ 528.041267][T11033] __asan_memcpy+0x29/0x70 [ 528.045660][T11033] __sha512_update+0x10d/0x1d0 [ 528.050402][T11033] crypto_sha512_update+0x27/0x40 [ 528.055402][T11033] shash_ahash_update+0x213/0x2f0 [ 528.060418][T11033] hash_sendmsg+0x96b/0x11d0 [ 528.064997][T11033] ? __pfx_hash_sendmsg+0x10/0x10 [ 528.070011][T11033] __sock_sendmsg+0x21c/0x270 [ 528.074671][T11033] ____sys_sendmsg+0x52d/0x830 [ 528.079412][T11033] ? __pfx_____sys_sendmsg+0x10/0x10 [ 528.084675][T11033] ? import_iovec+0x74/0xa0 [ 528.089171][T11033] ___sys_sendmsg+0x21f/0x2a0 [ 528.093849][T11033] ? __pfx____sys_sendmsg+0x10/0x10 [ 528.099128][T11033] ? __fget_files+0x2a/0x420 [ 528.103716][T11033] ? __fget_files+0x3a0/0x420 [ 528.108395][T11033] __sys_sendmmsg+0x227/0x430 [ 528.113052][T11033] ? __pfx___sys_sendmmsg+0x10/0x10 [ 528.118232][T11033] ? __pfx_do_futex+0x10/0x10 [ 528.122909][T11033] __x64_sys_sendmmsg+0xa0/0xc0 [ 528.127759][T11033] do_syscall_64+0xfa/0xfa0 [ 528.132244][T11033] ? lockdep_hardirqs_on+0x9c/0x150 [ 528.137430][T11033] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.143479][T11033] ? clear_bhb_loop+0x60/0xb0 [ 528.148141][T11033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.154016][T11033] RIP: 0033:0x7f503af8ebe9 [ 528.158413][T11033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.178006][T11033] RSP: 002b:00007f503bd92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 528.186413][T11033] RAX: ffffffffffffffda RBX: 00007f503b1c6090 RCX: 00007f503af8ebe9 [ 528.194384][T11033] RDX: 0000000000000001 RSI: 0000200000000640 RDI: 0000000000000007 [ 528.202350][T11033] RBP: 00007f503b011e19 R08: 0000000000000000 R09: 0000000000000000 [ 528.210304][T11033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.218257][T11033] R13: 00007f503b1c6128 R14: 00007f503b1c6090 R15: 00007ffd61f6a168 [ 528.226222][T11033] [ 528.229459][T11033] Kernel Offset: disabled [ 528.233766][T11033] Rebooting in 86400 seconds..