last executing test programs: 9.630680758s ago: executing program 2 (id=1849): socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = socket$igmp6(0xa, 0x3, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r1}, &(0x7f0000000680), 0x0}, 0x20) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x3810744, &(0x7f0000000700)={[{@noauto_da_alloc}, {@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@jqfmt_vfsv0}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x451, &(0x7f0000000d00)="$eJzs281vVFUbAPDn3pkCL/DSivgBglbR2PjR0oLKwo1GExeamOgCl7UtBBmooTUR0mg1BpeGxL1xaeJf4MqVUVcmbnVvSIg2JqAbx9yZe9vOdKb0Y8pU5vdLBs6Ze+ae8+Tcc+fMOb0B9KzB7J8kYm9E/BIR/fVsY4HB+n83F+Ym/lqYm0iiWn3j96RW7sbC3ERRtPjcnjwzlEaknyR5JY1mLl0+N16pTF3M8yOz598dmbl0+emz58fPTJ2ZujB28uSJ46PPPTv2TEfizNp049AH04cPvvLW1dcmTl19+4evs/bee6R+fHkcnTKYBf5Htab52GOdrqzL/qkuxZmUu90a1qoUEVl39dXGf3+UYqnz+uPlj7vaOGBLZffsne0Pz1eBO1gS3W4B0B3FF332+7d43aapx7Zw/YX6D6As7pv5q36kHGlepm8L6x+MiFPzf3+RvaJpHaLaYt0AAGCzvs3mP0+tnP/V9kaWlUvyvaGBiLgrIvZHxN0RcSAi7snL3hcR96+z/uatoZXzz/TaBkNbk2z+93y+t9U4/ytmfzFQynP/r8Xfl5w+W5k6FhH7ImIo+nZm+dFWJy9O8dLPn7Wrf/n8L3tl9Rdzwfwk18pNC3ST47PjnZqUXv8o4lC5VfzJ4k5A1vcHI+LQ+k69r0icfeKrw+0K3Tr+VXRgn6n6ZcTj9f6fj6b4C8nq+5Mju6IydWykuCpW+vGnK6+3q39T8XdA1v+7G6//phL9fybL92tn1l/HlV8/bfubsrzB639H8mZtz3pH/t7747OzF0cjdiSv1vIN748tfbbIF+Wz+IeOth7/+/PPZPE/EBHZRXwkIh6MiIfyvns4Ih6JiKOrxP/9i4++0+7Yduj/yZb3v8Xrf6Cx/9efKJ377pt29a/t/neilhrK36nd/26hfXN25SU2ejUDAADAf08aEXsjSYcX02k6PFz/e/kDsTutTM/MPnl6+r0Lk/VnBAaiLy1WuvqXrYeOJvP5Gev5sXytuDh+PF83/rz0v1p+eGK6Mtnl2KHX7Wkz/jO/lbrdOmDLeV4Lelfz+E+71A7g9vP9D73L+IfeZfxD72o1/j9sytsLgDuT73/oXcY/9C7jH3qX8Q89aTPP9W9VorzK0/sS2yUR6bZohkSLRLkDo7vLNyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAO+TcAAP//uZjx6g==") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406e05fc000000000000010902"], 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10) syz_usb_control_io$hid(r4, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c}) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0) renameat2(r6, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r7, &(0x7f0000000040)='./file1\x00', 0x2) capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005efe2100850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) 7.392811483s ago: executing program 3 (id=1862): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x6b) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c80)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403, r2, 0x0, 0x610c3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast2}]}}}]}, 0x38}}, 0x0) 6.157148324s ago: executing program 2 (id=1864): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xcadbd000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0, 0x193}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, &(0x7f00008feff0)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d0000100000002f3144e900000000030006000720000002004000e0000001000000f5000000000800120002000100000000000000000030006c000201009f6eae02000000adb20200000000152c000000000000000001020014bb7acde1b8e96408d700000000030005000020000002"], 0x80}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f00000000c0), 0x2c8, 0x0) sendmsg$key(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x2, 0x13, 0x0, 0x8, 0x2}, 0x10}}, 0x10) 6.104248728s ago: executing program 3 (id=1865): r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0) read$nci(r0, &(0x7f0000000100)=""/107, 0x6b) write$nci(r0, 0x0, 0x4) pwritev2(r0, &(0x7f0000000740)=[{&(0x7f0000000180)="9a12", 0x2}], 0x1, 0x0, 0x0, 0x0) 5.750499985s ago: executing program 3 (id=1866): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f0000000040)={0xfff, "fe0c9b21c872a2f28f8019c5df98ac6856a01954f2e640ad7d02e385421e1cb7", 0x2}) r2 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r3 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x7a, &(0x7f0000000080)={r4, 0x4, "179da51e"}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={r5}, &(0x7f0000000140)=0x8) getpeername(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) io_uring_setup(0x4238, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x0, 0x1ba}) socket(0x2, 0x80805, 0x0) 5.335816405s ago: executing program 3 (id=1867): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f000000e0c0)={0x0, 0x0, &(0x7f000000e080)={&(0x7f0000000080)=@ipv6_newaddrlabel={0x1c, 0x1e, 0x1, 0x70bd25, 0x4000000}, 0x1c}}, 0x0) 5.015170729s ago: executing program 3 (id=1869): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x258a, 0x36, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000040)={0x18, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0) 4.921936456s ago: executing program 4 (id=1870): syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) syz_init_net_socket$netrom(0x6, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) socket$packet(0x11, 0x2, 0x300) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000040)=0x1) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) 4.572256082s ago: executing program 1 (id=1872): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1) sendmmsg$inet(r1, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001340)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b835f966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a376c919cdd0b40dbb899c07f1349c7a1113f57495c795bc7e38166a7bdef463457189549f4b13279fffd050bdfea3477a62d3edea8321a2e98c65330fe7199ca6bee7202aa5a5d56c4ed4c22dbb28cebcaec033c75eb78820ad1d8ceb6f90b569e165002e702e1a206666d3c9d903ce78c73f778eae82d58317c634016a3e01ae29607f7b5ff253c607e4f60c0aa49021205073cdd574a3d4c25fbf79cc8ac99ff149ae54aa56286204e628dc2dfe4384ef74c8dac04ace6c5762d03f9e19942e4b6bbbb41fefc569cc23b3319d4ebc55551fecf8f936221e9787e744f2e1422baaa25b2f5bf59205190b7fe52f0641f149c5e00b764c493afadeaa04324783c268f48772b1c532d52d211865704db5fbafc3193385adc9855a1ad9ea0c05479329efd6c08ed22c5656eab2ea050f53bf441a9dfb4157d14b99214fa59b8b0e53200795762145a63d61c5c526edb03429e1e14072e1d7dff102fdb9801234bbbb8e0274a861dd60f3a21f129326b2f6fee61f690fa3967cdc5f6f9519282c48e28d6aa7d1b0ed07bdd72ebf1dd97b46f24ffde352095f4bffd6fdd0b9f0d60f16746f1c1ec46656cf94", 0x209}], 0x1}}], 0x1, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000300)='veno\x00', 0x5) bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r3, &(0x7f0000000380)="ae313e2860d4aca8696d4933d0cf9d5266f01679352580db1efc28a7768f3b97f909991ffd9e246246f01e7593e926e46f7e373b20e4dd2ca72867b231970e25e28a97a921116a6a9bd1fd6896443f0cd09ade3c6fbd1530302fa7bf6fbbd81c230a6da70e38db61aecd6658ae5e85808747fae4ded8c109416c4a3dc35aeabcfc2e61f3035fdf4e045725dd5a46867f87d864f205ea874bebb5db25bcbcb7e7f4da9337c2f64a43c4b5450e4a17c129ec0fb385da749423af2691843da759bc1517a2f72b0367bcce1ea605d9ef49b5a3a5fbb6a4febbfe89ac222342f78eeb7a2ed4d6c29c91a5389d84541ff242da77fe3c6239e9e1a99ebf32458096b368c1f99f5f749b3d6dfd1ee47815e8dde7ff63be4ac4038b29b9967dc00fc20107d925a6885e4a77a93274feaaaa3ee071316d020be3bfd47d0ff273708bf0ae8a18bfdf0e72c96c70278c1728499c152de8542ac25c10e595537f61c7d0d065b2cb838f9b26668fb7ad83b3f53004af73d6d7cd1331b3e1a3c121bdd5b091eef12a744bdf66371a2589f506f985f45dbbf2622036b571181897e8f31475cea27a7fdd32936ae5665fb535ec6d5ceed7c3108b0615c73fd27a35a5f18ce4e4e2783ce3cb7344de65e5badbc4f322508bb52d5aa6d74b86e8473ad12f8e9871f89e1e5f26a06552cd98b575d61e33213aafc3b347ef886242d1ce936fdd42f498baf764c2ff50aac8418331df3dea4c86082a4c6acc33e2d49c92e2eb3edf920a3984af5ddeb27b2b472c03dbd509a82e0a23b34ca33bfb27d51c68a8a0276ca04aaf7716c6616a2c0e0367ab2e7facde7a303ffa6a0c00f5e8ae4e294b44e5fac45e267d8a9709b94e039cb232976d23cba3e2fcc5c0a742adb4d62b2a846c9ba97d6ff6cbb256152894df9651bfd7755d7061b06cc34464c24ef1a8379094194046890b424820dcb4ea95518a58b4da72145d1aa251801697655df55c28340bfbce7e33144da2a081489cfea0ea696569c037c7a94b05e8a7510519874e0d0d87e38e4ea9372ad5ec9e60af8ad51ef1807783522b8aed9db84d909a93daea092e8957eb09e6d3a5068614a2baf5041e84c9aae99d74e4cd786815b61de544099c20cd4495cf9b9fa3bb39e7c52d2948aede7f6502dd6d7ab5f44e261ecd9894a938f88a0e3fcca16073a1bdc89269471749ecd94fb04213cacd36ad2bc43214a073d09f6e054a6ef20693c63f3421ccf9281d71418e223272e5805cc2f59875fcf04a6b5b1038507421b380d66864ddcd16807ad98b86d3251a074f21426e628d1d506f223530b48b4e6519f2d4a6c10195704c68532eb62f334c5d215abd67a6f5a3f94008e037c41b19522560d8a8e1d29c9265c82f4562a20671ae31d85b8fde0c162de1662b719c58ff9e7cacc8ffea04c4041b50436cd4917425587798705eaa17bd11f14c52ed3afef682b2ae19ba906db248b94edaac78a0869ed87c5a67941e2e7cd9c988532d08d86d70f937f6c6a58f1cb7e2d975eac8803626c7670d0520ca54aa062f2acb6c5a400747585d7fe81370829d70f4e27fffbd2b233e7c0beb29fa798496fbad7497784b3b3fecde9cd351dae600d5f2d1a6d23e5b50a986fb23bdba6a5e76c156666a24a299b03deea657370e6dddca53a84309af8d442d46db43b794d78cc535cecd21e893cc17ba7c232b1862da78b15ed7ce6a1f2812fbe3710c7dbacce67ff48f7d890b89f269bae74b8eec9b4644d692fc822550c96844bbdd58da4239573186a636cbf18e78da7146287963458f8f3295ec0e88f5470d24f7052e01261bcdda33eaadce784c693d2888b2b0e296262b8dae7d98eda4bb54e93b9776ab188bf004423c922e3e693464801b8d6db457e57af8ddc54570dcbaf1a4803a24759d9e28a63fea6031abb7f26254c0c55f47454936d1af4888cfe715892485969d7403dbb0ece966a9600dc7f1ecabb1ca59db82e75b0c30746c6ef17da13abdb7fed01aec3ad00e88d891386f5fad9ddf24feffcddb913a4b2e72f897820e9a93e6118a20f8791d7df71e5782610d39f1f901e2c15c636c86c0c6911e1ff5a1b7e580a3c8933d99548906a37e623b29a8748c04797a55f44e79f238bfaf9f1c1cad3b70c999a6cba3f4ca8f0372e1915a9a9fe834531c61b1ae0a26d177df7c376336f497827fd45e9a3bdb27397a5e48768a41dae051c8b8544975eca3cb0208f6ffd36e80192a526deb9a4bde9de85949644b932048a85c20d05fd61d738c0b3103ae7ae2e28a498b2cfd5e7812ae4acd15379905e9021d429c04454f8ebebbe1faf463f0611dfad18835f0369c261d3b4d8036188107942539d7504519b48a38cad5b9de22b1c0902450caf28c023dee259882fa3ff0d9dd8297679a2b1af81f2c46572b5a7a4dbcb010688b658e9a501134c99d0365477770a2ed7d0f81d169453d21ad3bff3fd89aac92f312c7478924dbf3711938bd12437102f523918f13982f9d29b7439aa5b001a59c7af2c45fb6eafe0ec6eda6e7ac5e668f37166028bb887b016bd6ddd4d92389acef90db0e32a114bf957ab7cfa6b895f31ffa53d8f3144d63d2ba829f9fd76187ea0fd99bf381f9bf4a826e0e4a43748d17f519e0f09b1785afc183ce66f9d93962031c3ec7f0bc02d829976e83322b609f2e7b2401ffe4677d356b5a6b25b6f53224e5e66ea871fbde06d84fbac3cd66e1b4b10d408fbdc847bf71c889baf2ddb2ce0c70b3c2b37f23938e7a82c8d10517019fdb16ccd76d5b719c91cfe5eb285f8a613e6862170673e34934d23935ed2202039e2cc121b203acc6553f618f992fd9dbadec2c992edeaf6badc9174dcdb0c9c618a31015c480a1114f4ab3d1af9203b68e12660a2f6303710d9d4883b4370ed8d5ead7e2782c43e4c53e2ec074c92910620a7ce5de6df196a366f7437f4da6765cb1fa345159ea03be73251ad01dc76ee0dd6d8ea257213375d85f8700a306bc140cbd1a9f8aed76389d4eb5561f718fb9c824ef33e6616f8df43870b8b6996652325e723bd737c3d249aa6ba6bfe7a40666dbdf362f368ab5cf57c882f73a1be4badd298b253173c3ea06a26a4f3bfe1559d4b00671a3e0412860d8666abd000f1e2da595096d1fbb77e141e3b361ceb413afd1c06f78b4389515357ae61b6c5c32cb5379246eb4d26ac26fd113403e501e62d9a2b997d2002c8fa6a84eb912a582a60bbce09e408ffe940adacfedb8ebb0260b55b4597f94e6b24dfcc98b23e2d4699165a9b1c0221e06d4e842d15eea09b374e6de73ba54672cabd0f69b93559f2c2a20deadca3050f9ea5546952f9a37a56b4d8916fc472f751a3e62addb070f7b9645e6f1c6e4767dfc02f3676673fe0acbe18c31d4229703deed6c809a4b4144265a0ac33648b17de5604992a899f4461e08b58f06698adf9e8aa012bf981ab33eb2f0b2d6298d31dfb391d0d50e65b49c740e933fbe075f94b960681befb0715960c7f471463b02993a6987fbc7ffda2f7ebea0dba2eda341e0122f85d0b4f8174ff5dbd31f5e4b0b679ecb02da05a4c73180fdbe6e9537295186c44d7ee0dc2a20622a605cba1f6d59775a29c56836252f4f6f19c358cf9921db6fc9ceb8889366c651ea4f79d2daad872bc98b45ec700548f3e5925c53f3f7ea456f8bab2a657793a4c8fab6f6c5daa9d1487f82385a09cf4a5a93489ec69a1f0cadd3ab4d69ecef9a6546fa0025ad42193bed6d1aaafa4858ff642dfa313310cc3d504ae083f72471f612515878a7167ce2a4c82623934ca0669c3ff5fd3206bfee5a93289777f2b94d7a8fa5afbb520ff29c05a85695d42427ae89153182b94ee5e1cc8054276184ccdc0cbcb5b42bf022e3139fa53fc13682667fabba50d4d0da2e25721607b58172244d594a01c7b735ebab942e47857f90a27627ce02a1bab0bdb72e30ec62f3c0a87538a2788c85daa75291e29bc4426c88bc9285d716776a47f30ecb2e9c6e2a90a499b34d82aa24dc7e894802df7b897f64ae4dc1c9f387fb5798669474fcc54f55cc25073729968eed85cd1f0f65a4f5895d9f1494bc77cb268ef43ba80fda582852789688d7f85ef9b7a31e456e2e4cf848fdee3865fc1056ff7f54ac097b1d6a01e274046fb64603bfc7626bdfc55e3efd286e42aad281d0f246014116d1b796294b43c7365a25ffff76218eee007cf0a9e412692d1602179cee3d879a089e2b851724ea20c2e3ec9761e15936a764e0eaaa2134c53b632839faaf03f77e33e4640b04e27c69ce74437acc96bcebfd03ebe3eb13874f509fea471ef95ca91ed455da5fd377c9167154a33e80a1b2c70709f102e1a7748a19abf1aa903689a78a56cdee5f123e6a22238c89cf78111834e679c57c087ad8d496d93eddb29ae7cb6f15eb8dccce8da01ec9e691326b5b877f1dabcb85a7766a18a62f4970c15f14f6b6166fbd81e0014bbd44aac1d23228c173530551a6b0e68c1d6a6f2fbda81fd3f6851901f041fdc605c747919bd7715df8cdba74fa627169375a0633d97c5404d8d23f8b2954ba2bfc164b9baa19555dc46a507509057369eb65bbf434fa7d1557262ca41a841dc297379587fe35985db928f127700cc4708f86525049f8bc5892c19e1669048a4bcd464f6a94be29e19712c4d0d6fdf70cbb6c85e3367ba3b3a736fa062355f9f5801b42210a323305d894aeb8599596c57b04c34c7ebf84bcbd1df3038b882abeebb2e0129c085345a6a1be394164dc382a420b429c5e717fe7417db2f4256d02de5fbd6e55100f9972b7a53d8986bbd00b2cd952dae09329f7a931a62cfa074cb46a72b5f87ef29acecd8eda0574eecc7a5ab3d55277cbdb0ef6fd2a2e243a2f8ffde5f9af22566c94bf79a1fd48da635b79c40ce1f1a496652ff75002e8e83f8847bfab2962d9f4196c8eb65650e2af66a42625f4d26ccdf34c4148d403bc178730d4ea412d437a048f8b28b571849d16434011a569377bd2bd97a76e73cc8bd2fb6518ae87f6e4c6d56b71973af6d14c0e5c21212ae774255f481ef6d6fc6d2d495b865f272588c6106411093bf2e73207b64bbf36b84b2ac2b4709c462df7a7d53b6bb05ea92fdef1e22f67b3c2246deea95f46816d5e4a881e2808b5a85705c0fef740a04a546afbc9cc02930fb421d7bb678c2966e9f9462e6e53fbda5f0f8bce8c1ae2ea842cd951a53146a6f8f644a0fb5d83d4bf882de0cd4427977b5649d2c5ed865e45a18bfe770303bb136d6daf7fe17b926c58218c472e9d67a349edab2f676970c24230b59ec66c008e6fd2b7810b3d598f0b892a1097579ca0f31165f8571c93df20f99ee7f9ba8fda81f7609292610039001e917c69b23889645ed5dbe816c630498c329209dfdd04e5d92e3f94038cceb7066095c55265f3e798aa063a7687acde75d452246a3fe8d3e93e8f81dd3c7caef2b57f9627fd891ec88fb480579371731be9247d60b6bd7df92584646db63cf07d084c33f2ff906bbd583e1d6f6304710f58f525ffc263c48aa33572e354f18b6502ec22fc898fcf63f9c59abf2f3e7da8ff8804eac15663d2d84c4b9e9ea8a120dddd2d5b0491abd7563d04b0c97a61476721312160c2bd628c6f235e0645871e3df29d700699722bdb0490f0150423fe5f15ceea6e72d0233f8510fa93676c73d7e199ceb9b5f8e188b0fffdd7275c99632f84852416fba7e6b77023f8a2d61e23cc0c33e91fd767f010b4e9ce95f979bf8ec543159402296a", 0xff1, 0x0, 0x0, 0x0) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4) write$binfmt_script(r2, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@ccm_128={{0x304}, "6e9297a2501046d3", "f88ba5cf480884fa27a54b7f53f6bdaa", "cba8a655", "f600"}, 0x28) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000b40)=0x4000000, 0x4) socket$nl_route(0x10, 0x3, 0x0) 4.398939235s ago: executing program 4 (id=1873): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=") r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0)) r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0) ftruncate(r3, 0xee72) lseek(r2, 0x10004e9, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000300)={'tunl0\x00', &(0x7f0000000600)={'sit0\x00', 0x0, 0x10, 0x8000, 0x4, 0x4, {{0x5, 0x4, 0x2, 0x2, 0x14, 0x64, 0x0, 0x8, 0x2f, 0x0, @multicast2, @multicast1}}}}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x10000, 0x0, 0x4, 0x1031, r1, 0x8, '\x00', r4, r1, 0x1, 0x1, 0x4}, 0x48) r5 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfea7}], 0x1, 0x0, 0x0, 0x0) r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') mkdir(&(0x7f0000000040)='./file0\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) renameat2(r7, &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r7, &(0x7f0000000200)='./file0\x00', 0x0) sendfile(r2, r6, 0x0, 0x8400fffffffa) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c200de00ba8d7061966c86dd60bc426000082c00fc000000000000000000000000000000ff0200000000000000000000000000013b000001"], 0x0) open_tree(0xffffffffffffffff, &(0x7f00000000c0)='.\x00', 0x0) 4.286741863s ago: executing program 0 (id=1874): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]}) 4.140686934s ago: executing program 2 (id=1875): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4000, &(0x7f0000000e00)={[{@lastblock}, {@adinicb}, {@dmode={'dmode', 0x3d, 0x100005}}, {@umask={'umask', 0x3d, 0x5}}, {@shortad}, {@shortad}, {@undelete}, {@uid}, {@lastblock={'lastblock', 0x3d, 0x3ff}}, {@umask={'umask', 0x3d, 0x6}}, {@dmode={'dmode', 0x3d, 0x9}}, {@nostrict}, {@umask={'umask', 0x3d, 0x80000001}}, {@umask={'umask', 0x3d, 0x5}}]}, 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) renameat2(r0, &(0x7f0000000140)='./file0/file0\x00', r0, &(0x7f00000002c0)='./file1\x00', 0x0) 4.067061619s ago: executing program 0 (id=1876): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c00000010000d0400000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001000500000008000200", @ANYRES32=0x0, @ANYBLOB="080003"], 0x4c}}, 0x0) 3.935056239s ago: executing program 0 (id=1877): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r3, 0xc0345642, &(0x7f0000000040)={0xfff, "fe0c9b21c872a2f28f8019c5df98ac6856a01954f2e640ad7d02e385421e1cb7", 0x2}) r4 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x7a, &(0x7f0000000080)={r6, 0x4, "179da51e"}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8) getpeername(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) io_uring_setup(0x4238, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x0, 0x1ba}) socket(0x2, 0x80805, 0x0) 3.869143934s ago: executing program 2 (id=1878): syz_init_net_socket$rose(0xb, 0x5, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x4000) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x100}, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, &(0x7f0000000200)) bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(0xffffffffffffffff, 0x400000001ffffffd) gettid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$hwrng(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket(0x8000000010, 0x2, 0x0) write(r2, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9463cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4b", 0xbd) r3 = socket(0x840000000002, 0x3, 0x100) connect$inet(r3, &(0x7f00000005c0)={0x2, 0x0, @loopback}, 0x10) sendmmsg$inet(r3, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000180)={{0x2, 0x0, @remote}, {0x20000010304, @dev}, 0x4, {0x2, 0x0, @multicast1=0xe000cc02}}) socket$inet6(0xa, 0x6, 0x0) 3.182231085s ago: executing program 4 (id=1879): r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c) listen(r0, 0x20000005) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @empty}, 0x1c) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f00000001c0)=[{{0x0, 0x9b4c, 0x0}}], 0x500, 0x0) close(r1) 2.826764791s ago: executing program 0 (id=1880): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x27fdfefff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r3], 0x3c}}, 0x0) 2.7014315s ago: executing program 1 (id=1881): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) syz_genetlink_get_family_id$smc(&(0x7f0000000100), r1) sendmmsg$inet(r1, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001340)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b835f966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a376c919cdd0b40dbb899c07f1349c7a1113f57495c795bc7e38166a7bdef463457189549f4b13279fffd050bdfea3477a62d3edea8321a2e98c65330fe7199ca6bee7202aa5a5d56c4ed4c22dbb28cebcaec033c75eb78820ad1d8ceb6f90b569e165002e702e1a206666d3c9d903ce78c73f778eae82d58317c634016a3e01ae29607f7b5ff253c607e4f60c0aa49021205073cdd574a3d4c25fbf79cc8ac99ff149ae54aa56286204e628dc2dfe4384ef74c8dac04ace6c5762d03f9e19942e4b6bbbb41fefc569cc23b3319d4ebc55551fecf8f936221e9787e744f2e1422baaa25b2f5bf59205190b7fe52f0641f149c5e00b764c493afadeaa04324783c268f48772b1c532d52d211865704db5fbafc3193385adc9855a1ad9ea0c05479329efd6c08ed22c5656eab2ea050f53bf441a9dfb4157d14b99214fa59b8b0e53200795762145a63d61c5c526edb03429e1e14072e1d7dff102fdb9801234bbbb8e0274a861dd60f3a21f129326b2f6fee61f690fa3967cdc5f6f9519282c48e28d6aa7d1b0ed07bdd72ebf1dd97b46f24ffde352095f4bffd6fdd0b9f0d60f16746f1c1ec46656cf94", 0x209}], 0x1}}], 0x1, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000300)='veno\x00', 0x5) bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r3, &(0x7f0000000380)="ae313e2860d4aca8696d4933d0cf9d5266f01679352580db1efc28a7768f3b97f909991ffd9e246246f01e7593e926e46f7e373b20e4dd2ca72867b231970e25e28a97a921116a6a9bd1fd6896443f0cd09ade3c6fbd1530302fa7bf6fbbd81c230a6da70e38db61aecd6658ae5e85808747fae4ded8c109416c4a3dc35aeabcfc2e61f3035fdf4e045725dd5a46867f87d864f205ea874bebb5db25bcbcb7e7f4da9337c2f64a43c4b5450e4a17c129ec0fb385da749423af2691843da759bc1517a2f72b0367bcce1ea605d9ef49b5a3a5fbb6a4febbfe89ac222342f78eeb7a2ed4d6c29c91a5389d84541ff242da77fe3c6239e9e1a99ebf32458096b368c1f99f5f749b3d6dfd1ee47815e8dde7ff63be4ac4038b29b9967dc00fc20107d925a6885e4a77a93274feaaaa3ee071316d020be3bfd47d0ff273708bf0ae8a18bfdf0e72c96c70278c1728499c152de8542ac25c10e595537f61c7d0d065b2cb838f9b26668fb7ad83b3f53004af73d6d7cd1331b3e1a3c121bdd5b091eef12a744bdf66371a2589f506f985f45dbbf2622036b571181897e8f31475cea27a7fdd32936ae5665fb535ec6d5ceed7c3108b0615c73fd27a35a5f18ce4e4e2783ce3cb7344de65e5badbc4f322508bb52d5aa6d74b86e8473ad12f8e9871f89e1e5f26a06552cd98b575d61e33213aafc3b347ef886242d1ce936fdd42f498baf764c2ff50aac8418331df3dea4c86082a4c6acc33e2d49c92e2eb3edf920a3984af5ddeb27b2b472c03dbd509a82e0a23b34ca33bfb27d51c68a8a0276ca04aaf7716c6616a2c0e0367ab2e7facde7a303ffa6a0c00f5e8ae4e294b44e5fac45e267d8a9709b94e039cb232976d23cba3e2fcc5c0a742adb4d62b2a846c9ba97d6ff6cbb256152894df9651bfd7755d7061b06cc34464c24ef1a8379094194046890b424820dcb4ea95518a58b4da72145d1aa251801697655df55c28340bfbce7e33144da2a081489cfea0ea696569c037c7a94b05e8a7510519874e0d0d87e38e4ea9372ad5ec9e60af8ad51ef1807783522b8aed9db84d909a93daea092e8957eb09e6d3a5068614a2baf5041e84c9aae99d74e4cd786815b61de544099c20cd4495cf9b9fa3bb39e7c52d2948aede7f6502dd6d7ab5f44e261ecd9894a938f88a0e3fcca16073a1bdc89269471749ecd94fb04213cacd36ad2bc43214a073d09f6e054a6ef20693c63f3421ccf9281d71418e223272e5805cc2f59875fcf04a6b5b1038507421b380d66864ddcd16807ad98b86d3251a074f21426e628d1d506f223530b48b4e6519f2d4a6c10195704c68532eb62f334c5d215abd67a6f5a3f94008e037c41b19522560d8a8e1d29c9265c82f4562a20671ae31d85b8fde0c162de1662b719c58ff9e7cacc8ffea04c4041b50436cd4917425587798705eaa17bd11f14c52ed3afef682b2ae19ba906db248b94edaac78a0869ed87c5a67941e2e7cd9c988532d08d86d70f937f6c6a58f1cb7e2d975eac8803626c7670d0520ca54aa062f2acb6c5a400747585d7fe81370829d70f4e27fffbd2b233e7c0beb29fa798496fbad7497784b3b3fecde9cd351dae600d5f2d1a6d23e5b50a986fb23bdba6a5e76c156666a24a299b03deea657370e6dddca53a84309af8d442d46db43b794d78cc535cecd21e893cc17ba7c232b1862da78b15ed7ce6a1f2812fbe3710c7dbacce67ff48f7d890b89f269bae74b8eec9b4644d692fc822550c96844bbdd58da4239573186a636cbf18e78da7146287963458f8f3295ec0e88f5470d24f7052e01261bcdda33eaadce784c693d2888b2b0e296262b8dae7d98eda4bb54e93b9776ab188bf004423c922e3e693464801b8d6db457e57af8ddc54570dcbaf1a4803a24759d9e28a63fea6031abb7f26254c0c55f47454936d1af4888cfe715892485969d7403dbb0ece966a9600dc7f1ecabb1ca59db82e75b0c30746c6ef17da13abdb7fed01aec3ad00e88d891386f5fad9ddf24feffcddb913a4b2e72f897820e9a93e6118a20f8791d7df71e5782610d39f1f901e2c15c636c86c0c6911e1ff5a1b7e580a3c8933d99548906a37e623b29a8748c04797a55f44e79f238bfaf9f1c1cad3b70c999a6cba3f4ca8f0372e1915a9a9fe834531c61b1ae0a26d177df7c376336f497827fd45e9a3bdb27397a5e48768a41dae051c8b8544975eca3cb0208f6ffd36e80192a526deb9a4bde9de85949644b932048a85c20d05fd61d738c0b3103ae7ae2e28a498b2cfd5e7812ae4acd15379905e9021d429c04454f8ebebbe1faf463f0611dfad18835f0369c261d3b4d8036188107942539d7504519b48a38cad5b9de22b1c0902450caf28c023dee259882fa3ff0d9dd8297679a2b1af81f2c46572b5a7a4dbcb010688b658e9a501134c99d0365477770a2ed7d0f81d169453d21ad3bff3fd89aac92f312c7478924dbf3711938bd12437102f523918f13982f9d29b7439aa5b001a59c7af2c45fb6eafe0ec6eda6e7ac5e668f37166028bb887b016bd6ddd4d92389acef90db0e32a114bf957ab7cfa6b895f31ffa53d8f3144d63d2ba829f9fd76187ea0fd99bf381f9bf4a826e0e4a43748d17f519e0f09b1785afc183ce66f9d93962031c3ec7f0bc02d829976e83322b609f2e7b2401ffe4677d356b5a6b25b6f53224e5e66ea871fbde06d84fbac3cd66e1b4b10d408fbdc847bf71c889baf2ddb2ce0c70b3c2b37f23938e7a82c8d10517019fdb16ccd76d5b719c91cfe5eb285f8a613e6862170673e34934d23935ed2202039e2cc121b203acc6553f618f992fd9dbadec2c992edeaf6badc9174dcdb0c9c618a31015c480a1114f4ab3d1af9203b68e12660a2f6303710d9d4883b4370ed8d5ead7e2782c43e4c53e2ec074c92910620a7ce5de6df196a366f7437f4da6765cb1fa345159ea03be73251ad01dc76ee0dd6d8ea257213375d85f8700a306bc140cbd1a9f8aed76389d4eb5561f718fb9c824ef33e6616f8df43870b8b6996652325e723bd737c3d249aa6ba6bfe7a40666dbdf362f368ab5cf57c882f73a1be4badd298b253173c3ea06a26a4f3bfe1559d4b00671a3e0412860d8666abd000f1e2da595096d1fbb77e141e3b361ceb413afd1c06f78b4389515357ae61b6c5c32cb5379246eb4d26ac26fd113403e501e62d9a2b997d2002c8fa6a84eb912a582a60bbce09e408ffe940adacfedb8ebb0260b55b4597f94e6b24dfcc98b23e2d4699165a9b1c0221e06d4e842d15eea09b374e6de73ba54672cabd0f69b93559f2c2a20deadca3050f9ea5546952f9a37a56b4d8916fc472f751a3e62addb070f7b9645e6f1c6e4767dfc02f3676673fe0acbe18c31d4229703deed6c809a4b4144265a0ac33648b17de5604992a899f4461e08b58f06698adf9e8aa012bf981ab33eb2f0b2d6298d31dfb391d0d50e65b49c740e933fbe075f94b960681befb0715960c7f471463b02993a6987fbc7ffda2f7ebea0dba2eda341e0122f85d0b4f8174ff5dbd31f5e4b0b679ecb02da05a4c73180fdbe6e9537295186c44d7ee0dc2a20622a605cba1f6d59775a29c56836252f4f6f19c358cf9921db6fc9ceb8889366c651ea4f79d2daad872bc98b45ec700548f3e5925c53f3f7ea456f8bab2a657793a4c8fab6f6c5daa9d1487f82385a09cf4a5a93489ec69a1f0cadd3ab4d69ecef9a6546fa0025ad42193bed6d1aaafa4858ff642dfa313310cc3d504ae083f72471f612515878a7167ce2a4c82623934ca0669c3ff5fd3206bfee5a93289777f2b94d7a8fa5afbb520ff29c05a85695d42427ae89153182b94ee5e1cc8054276184ccdc0cbcb5b42bf022e3139fa53fc13682667fabba50d4d0da2e25721607b58172244d594a01c7b735ebab942e47857f90a27627ce02a1bab0bdb72e30ec62f3c0a87538a2788c85daa75291e29bc4426c88bc9285d716776a47f30ecb2e9c6e2a90a499b34d82aa24dc7e894802df7b897f64ae4dc1c9f387fb5798669474fcc54f55cc25073729968eed85cd1f0f65a4f5895d9f1494bc77cb268ef43ba80fda582852789688d7f85ef9b7a31e456e2e4cf848fdee3865fc1056ff7f54ac097b1d6a01e274046fb64603bfc7626bdfc55e3efd286e42aad281d0f246014116d1b796294b43c7365a25ffff76218eee007cf0a9e412692d1602179cee3d879a089e2b851724ea20c2e3ec9761e15936a764e0eaaa2134c53b632839faaf03f77e33e4640b04e27c69ce74437acc96bcebfd03ebe3eb13874f509fea471ef95ca91ed455da5fd377c9167154a33e80a1b2c70709f102e1a7748a19abf1aa903689a78a56cdee5f123e6a22238c89cf78111834e679c57c087ad8d496d93eddb29ae7cb6f15eb8dccce8da01ec9e691326b5b877f1dabcb85a7766a18a62f4970c15f14f6b6166fbd81e0014bbd44aac1d23228c173530551a6b0e68c1d6a6f2fbda81fd3f6851901f041fdc605c747919bd7715df8cdba74fa627169375a0633d97c5404d8d23f8b2954ba2bfc164b9baa19555dc46a507509057369eb65bbf434fa7d1557262ca41a841dc297379587fe35985db928f127700cc4708f86525049f8bc5892c19e1669048a4bcd464f6a94be29e19712c4d0d6fdf70cbb6c85e3367ba3b3a736fa062355f9f5801b42210a323305d894aeb8599596c57b04c34c7ebf84bcbd1df3038b882abeebb2e0129c085345a6a1be394164dc382a420b429c5e717fe7417db2f4256d02de5fbd6e55100f9972b7a53d8986bbd00b2cd952dae09329f7a931a62cfa074cb46a72b5f87ef29acecd8eda0574eecc7a5ab3d55277cbdb0ef6fd2a2e243a2f8ffde5f9af22566c94bf79a1fd48da635b79c40ce1f1a496652ff75002e8e83f8847bfab2962d9f4196c8eb65650e2af66a42625f4d26ccdf34c4148d403bc178730d4ea412d437a048f8b28b571849d16434011a569377bd2bd97a76e73cc8bd2fb6518ae87f6e4c6d56b71973af6d14c0e5c21212ae774255f481ef6d6fc6d2d495b865f272588c6106411093bf2e73207b64bbf36b84b2ac2b4709c462df7a7d53b6bb05ea92fdef1e22f67b3c2246deea95f46816d5e4a881e2808b5a85705c0fef740a04a546afbc9cc02930fb421d7bb678c2966e9f9462e6e53fbda5f0f8bce8c1ae2ea842cd951a53146a6f8f644a0fb5d83d4bf882de0cd4427977b5649d2c5ed865e45a18bfe770303bb136d6daf7fe17b926c58218c472e9d67a349edab2f676970c24230b59ec66c008e6fd2b7810b3d598f0b892a1097579ca0f31165f8571c93df20f99ee7f9ba8fda81f7609292610039001e917c69b23889645ed5dbe816c630498c329209dfdd04e5d92e3f94038cceb7066095c55265f3e798aa063a7687acde75d452246a3fe8d3e93e8f81dd3c7caef2b57f9627fd891ec88fb480579371731be9247d60b6bd7df92584646db63cf07d084c33f2ff906bbd583e1d6f6304710f58f525ffc263c48aa33572e354f18b6502ec22fc898fcf63f9c59abf2f3e7da8ff8804eac15663d2d84c4b9e9ea8a120dddd2d5b0491abd7563d04b0c97a61476721312160c2bd628c6f235e0645871e3df29d700699722bdb0490f0150423fe5f15ceea6e72d0233f8510fa93676c73d7e199ceb9b5f8e188b0fffdd7275c99632f84852416fba7e6b77023f8a2d61e23cc0c33e91fd767f010b4e9ce95f979bf8ec543159402296ab7cd8d", 0xfffffdef, 0x0, 0x0, 0x46) connect$inet6(r2, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4) write$binfmt_script(r2, &(0x7f0000000100), 0xfffffecd) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@ccm_128={{0x304}, "6e9297a2501046d3", "f88ba5cf480884fa27a54b7f53f6bdaa", "cba8a655", "f600"}, 0x28) setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000b40)=0x4000000, 0x4) socket$nl_route(0x10, 0x3, 0x0) 2.506954435s ago: executing program 0 (id=1882): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000650404000100000004040000fb007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e4845500a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291beea56ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124e16b64a5d1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba515d4cc28d702287fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xfe, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e14f008000de0ffff00184000633c77fbac141412e000002062079f4b4d2f87e5feca6aab845013f2325f1a3903050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c) 2.484126806s ago: executing program 2 (id=1883): syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) syz_init_net_socket$netrom(0x6, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) socket$packet(0x11, 0x2, 0x300) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000040)=0x1) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) 2.30081954s ago: executing program 0 (id=1884): openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) openat$bsg(0xffffffffffffff9c, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r4) sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="ff000000", @ANYRES16=r5, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce00010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd26792040000006f64e62cd3404917f3be657330adc6bf2f2ab6286f917412935536f4406edcdc8a3779814659bebb63d2c301a5e2568cb3696d7ed256da47bd6246c86e86ac9cfbdae22622b43a13e9096385b4cb17bf6d8436e77f709e436462ad3ba28f73bf36e8e358673326e220d60a9d"], 0x114}}, 0x0) sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x14, 0x0, 0x200, 0x0, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x800) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x0, 0x0}) memfd_create(0x0, 0x5) r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x256f16877c9c3f29, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000200)=0x7) ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, &(0x7f0000000000)) ioctl$SNDCTL_DSP_STEREO(0xffffffffffffffff, 0xc0045003, &(0x7f00000000c0)) syz_io_uring_setup(0x110, 0x0, &(0x7f0000000240), 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='nonumtail=0,showexec,codepageG~50,nonumtail=0,shortname=lower,shortname=lower,utf8=0,quiet,rodir,rodir,shortname=winnt,\x00'], 0x1, 0x21d, &(0x7f0000000240)="$eJzs3T9rU1EYB+C3ttVSkHQQiiJ4xcUptBX3FqkgBhQlg04W26I0sWAgoEPr5pfQr6Cjq+Cgrn4BEaQKLnarIETqjY2tiU1pb66Y51nyknt+509yySFDTm6drC7NL9cW19fXYmRkIIamYzo2BmIsDsVgpB4FAPA/2Wg04msjlfdcAIDesP8DQP/pcv+/2sMpAQAZ8/0fAPrP9Rs3L8+USrPXkmQkovq4Xq6X08f0+sxi3I1KLMREFOJ7RGNLWl+8VJqdSDZ9GotydbWZX62XB7fnJ6MQY+3zk0lqe344Rpv596OxEFNRiGPt81Nt84fj7Jnfxi9GId7djuWoxHxsZlv5lckkuXCltCN/5Gc7AAAAAAAAAAAAAAAAAAAAAADIQjHZ0vb8nmKx0/U03/35QDvP5xmKE0P5rh0AAAAAAAAAAAAAAAAAAAD+FbUHD5fmKpWF+38r7r199mq3Nl0WA81x99vP/oujpz8+6dRmcG+vz8EWL09lOcS3g+nn9dqd4+dq4+dzeweHI+LPZzreWl8KERnN53mut/GvVe/aePzp9NyLlQ+fu+255x9FAAAAAAAAAAAAAAAAAADQ91o/+t1T7E1mEwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHLT+/z+7Iu81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAjwAAAP//3cefEg==") write$binfmt_script(0xffffffffffffffff, &(0x7f0000000180), 0xfefc) 2.142886231s ago: executing program 2 (id=1885): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r3, 0xc0345642, &(0x7f0000000040)={0xfff, "fe0c9b21c872a2f28f8019c5df98ac6856a01954f2e640ad7d02e385421e1cb7", 0x2}) r4 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x7a, &(0x7f0000000080)={r6, 0x4, "179da51e"}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8) getpeername(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) io_uring_setup(0x4238, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x0, 0x1ba}) socket(0x2, 0x80805, 0x0) 1.786473787s ago: executing program 3 (id=1886): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r1, &(0x7f0000000000), 0x100000008) ioctl$EVIOCGRAB(r1, 0x40084503, 0x0) 1.680978336s ago: executing program 1 (id=1887): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c00000010000d0400"/18, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001000500000008000200", @ANYRES32=0x0, @ANYBLOB="080003"], 0x4c}}, 0x0) 1.587498193s ago: executing program 1 (id=1888): sched_setaffinity(0x0, 0x47d1ebd6342459b, 0x0) 1.490992279s ago: executing program 1 (id=1889): socket$pppl2tp(0x18, 0x1, 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet_udp(0x2, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0xa, [@enum={0x8}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f]}}, 0x0, 0x2e}, 0x20) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) socket$nl_route(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$kcm(0x2, 0xa, 0x2) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) pipe(&(0x7f0000000100)) r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="f7e8010000000000140012800b0001006d616373656300fd0300028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0) 1.437466994s ago: executing program 4 (id=1890): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_ENUMAUDOUT(r3, 0xc0345642, &(0x7f0000000040)={0xfff, "fe0c9b21c872a2f28f8019c5df98ac6856a01954f2e640ad7d02e385421e1cb7", 0x2}) r4 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r5 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x7a, &(0x7f0000000080)={r6, 0x4, "179da51e"}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8) getpeername(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) io_uring_setup(0x4238, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x0, 0x1ba}) socket(0x2, 0x80805, 0x0) 525.442661ms ago: executing program 1 (id=1891): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x40046207, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0xc, 0x0, &(0x7f00000003c0)=[@increfs, @enter_looper], 0x0, 0x0, 0x0}) dup3(r1, r0, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x18, 0x0, &(0x7f0000000400)=[@request_death, @increfs={0x40046304, 0xfffffffe}], 0xfffffffffffffcc0, 0x0, 0x0}) 282.267229ms ago: executing program 4 (id=1892): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000000c0)=0x13) write(r0, &(0x7f0000000540)='#', 0x1) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000340)={0xff02, 0x0, 0x0, 0xffff, 0x0, "5f730000a9003f00"}) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000006c0)=0x5f) 0s ago: executing program 4 (id=1893): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x275a, 0x0) r1 = socket(0x10, 0x3, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) close(0x3) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c}) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) utimensat(r0, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0) kernel console output (not intermixed with test programs): p0" ino=263 res=1 errno=0 [ 560.135007][ T3728] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 561.320737][ T7632] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 561.330149][ T8078] loop4: detected capacity change from 0 to 16 [ 561.348298][ T8078] erofs: (device loop4): mounted with root inode @ nid 36. [ 561.558848][ T8081] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1189'. [ 561.664506][ T8084] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 562.570272][ T8084] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 562.581269][ T8084] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 562.589794][ T8086] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 562.599383][ T8086] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 562.610301][ T8086] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 562.733509][ T3648] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 562.752290][ T3648] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 562.761114][ T3648] hid-generic 0000:0000:0000.000F: hidraw0: HID v0.00 Device [syz0] on syz1 [ 562.956601][ T8092] netlink: 'syz.2.1189': attribute type 12 has an invalid length. [ 564.049097][ T8107] loop2: detected capacity change from 0 to 512 [ 564.077093][ T8107] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz.2.1195: bad orphan inode 13 [ 564.124738][ T8107] ext4_test_bit(bit=12, block=4) = 1 [ 564.162478][ T8107] is_bad_inode(inode)=0 [ 564.173404][ T8107] NEXT_ORPHAN(inode)=0 [ 564.182207][ T8107] max_ino=32 [ 564.186215][ T8107] i_nlink=1 [ 564.191018][ T8107] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 564.237189][ T8107] EXT4-fs warning (device loop2): dx_probe:833: inode #2: comm syz.2.1195: Unrecognised inode hash code 20 [ 564.254940][ T8107] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.1195: Corrupt directory, running e2fsck is recommended [ 564.276019][ T8107] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #15: comm syz.2.1195: corrupted in-inode xattr [ 564.357927][ T8113] EXT4-fs warning (device loop2): ext4_empty_dir:3145: inode #2: comm syz.2.1195: directory missing '.' [ 564.559752][ T8117] loop4: detected capacity change from 0 to 1024 [ 564.575177][ T6396] EXT4-fs (loop2): unmounting filesystem. [ 564.691989][ T8117] Bluetooth: MGMT ver 1.22 [ 566.229400][ T4442] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 566.245696][ T4442] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 566.295622][ T4442] hid-generic 0000:0000:0000.0010: hidraw0: HID v0.00 Device [syz0] on syz1 [ 567.049831][ T8142] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1205'. [ 567.337862][ T8148] netlink: 'syz.3.1205': attribute type 12 has an invalid length. [ 570.775802][ T8189] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1220'. [ 571.255505][ T8190] netlink: 'syz.4.1220': attribute type 12 has an invalid length. [ 571.315875][ T3693] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 571.381804][ T3693] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 571.413921][ T3693] hid-generic 0000:0000:0000.0011: hidraw0: HID v0.00 Device [syz0] on syz1 [ 571.487639][ T8196] netdevsim0 speed is unknown, defaulting to 1000 [ 573.740285][ T7] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 574.195223][ T7] usb 2-1: Using ep0 maxpacket: 16 [ 575.887729][ T7] usb 2-1: config 0 has no interfaces? [ 576.069734][ T7] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 576.103557][ T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 576.111628][ T7] usb 2-1: Product: syz [ 577.249902][ T7] usb 2-1: Manufacturer: syz [ 577.260850][ T7] usb 2-1: SerialNumber: syz [ 577.288976][ T7] r8152-cfgselector 2-1: config 0 descriptor?? [ 577.303988][ T8229] netdevsim0 speed is unknown, defaulting to 1000 [ 577.438883][ T7] r8152-cfgselector 2-1: can't set config #0, error -71 [ 577.467051][ T7] r8152-cfgselector 2-1: Unknown version 0x0000 [ 577.476311][ T7] r8152-cfgselector 2-1: USB disconnect, device number 27 [ 577.715411][ T8234] loop2: detected capacity change from 0 to 512 [ 578.044156][ T8234] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz.2.1234: casefold flag without casefold feature [ 578.081209][ T8234] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz.2.1234: missing EA_INODE flag [ 578.085207][ T8243] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1235'. [ 578.247442][ T8234] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.1234: error while reading EA inode 12 err=-117 [ 578.330233][ T8244] netlink: 'syz.4.1235': attribute type 12 has an invalid length. [ 579.081819][ T8234] EXT4-fs (loop2): 1 orphan inode deleted [ 579.088584][ T8234] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 579.217336][ T8247] loop1: detected capacity change from 0 to 16 [ 579.255447][ T8247] erofs: (device loop1): mounted with root inode @ nid 36. [ 580.283870][ T26] audit: type=1800 audit(1725120575.969:92): pid=8252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1234" name="file0" dev="loop2" ino=18 res=0 errno=0 [ 580.527279][ T8257] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 580.537498][ T8257] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 580.548356][ T8257] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 580.557885][ T8257] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 580.567558][ T8257] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 580.578380][ T8257] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 580.957282][ T3723] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 580.994947][ T3723] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 581.457726][ T3723] hid-generic 0000:0000:0000.0012: hidraw0: HID v0.00 Device [syz0] on syz1 [ 581.502167][ T8268] loop1: detected capacity change from 0 to 256 [ 581.636976][ T6396] EXT4-fs (loop2): unmounting filesystem. [ 581.883459][ T8273] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551615) [ 581.898689][ T8273] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647 [ 582.225529][ T8277] netdevsim0 speed is unknown, defaulting to 1000 [ 583.247872][ T8291] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1249'. [ 584.650198][ T8293] netlink: 'syz.2.1249': attribute type 12 has an invalid length. [ 584.696879][ T8300] loop0: detected capacity change from 0 to 16 [ 584.747409][ T8300] erofs: (device loop0): mounted with root inode @ nid 36. [ 585.093186][ T8303] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 585.104655][ T8303] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 585.115578][ T8303] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 585.125242][ T8303] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 585.134658][ T8303] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 585.145743][ T8303] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 586.358862][ T8312] loop4: detected capacity change from 0 to 512 [ 586.427536][ T8312] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 586.481345][ T8312] ext4 filesystem being mounted at /256/bus supports timestamps until 2038 (0x7fffffff) [ 586.725632][ T8319] loop0: detected capacity change from 0 to 1764 [ 586.763646][ T3653] EXT4-fs (loop4): unmounting filesystem. [ 586.941457][ T5949] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 586.965790][ T5949] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 587.199867][ T5949] hid-generic 0000:0000:0000.0013: hidraw0: HID v0.00 Device [syz0] on syz1 [ 588.690174][ T8338] loop2: detected capacity change from 0 to 16 [ 588.723980][ T8338] erofs: (device loop2): mounted with root inode @ nid 36. [ 589.785322][ T8352] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1265'. [ 590.076827][ T8353] netlink: 'syz.0.1265': attribute type 12 has an invalid length. [ 593.338290][ T8376] loop0: detected capacity change from 0 to 256 [ 593.345308][ T5949] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 593.353940][ T5949] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 593.506779][ T5949] hid-generic 0000:0000:0000.0014: hidraw0: HID v0.00 Device [syz0] on syz1 [ 593.585626][ T8376] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 593.586596][ T8380] netdevsim0 speed is unknown, defaulting to 1000 [ 593.874477][ T8381] loop2: detected capacity change from 0 to 1764 [ 595.799716][ T8398] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1278'. [ 596.036037][ T8405] loop2: detected capacity change from 0 to 16 [ 596.043428][ T8405] erofs: (device loop2): mounted with root inode @ nid 36. [ 596.207316][ T8401] netlink: 'syz.3.1278': attribute type 12 has an invalid length. [ 596.318882][ T3723] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 596.331339][ T8406] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 596.341459][ T8406] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 596.352540][ T8406] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 596.362293][ T8406] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 596.371725][ T8406] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 596.383502][ T8406] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117] [ 596.453449][ T8408] loop1: detected capacity change from 0 to 128 [ 596.470583][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 596.474195][ T8408] EXT4-fs (loop1): Test dummy encryption mode enabled [ 596.523747][ T8408] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 596.594965][ T8408] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038 (0x7fffffff) [ 596.612832][ T3723] usb 5-1: Using ep0 maxpacket: 32 [ 596.882334][ T3723] usb 5-1: config 0 has no interfaces? [ 597.579039][ T8412] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 597.738641][ T7735] EXT4-fs (loop1): unmounting filesystem. [ 597.803025][ T3723] usb 5-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=9c.e2 [ 597.812223][ T3723] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.856953][ T3723] usb 5-1: Product: syz [ 597.878682][ T3723] usb 5-1: Manufacturer: syz [ 597.932476][ T3723] usb 5-1: SerialNumber: syz [ 599.525982][ T3723] usb 5-1: config 0 descriptor?? [ 599.568880][ T3723] usb 5-1: can't set config #0, error -71 [ 599.620410][ T3723] usb 5-1: USB disconnect, device number 29 [ 599.994518][ T5949] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0 [ 600.002849][ T5949] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0 [ 600.011633][ T5949] hid-generic 0000:0000:0000.0015: hidraw0: HID v0.00 Device [syz0] on syz1 [ 601.841576][ T8442] loop4: detected capacity change from 0 to 1024 [ 601.917066][ T8442] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 601.999002][ T8449] loop3: detected capacity change from 0 to 512 [ 602.081061][ T8449] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 602.136604][ T8449] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 602.199226][ T8449] EXT4-fs (loop3): 1 truncate cleaned up [ 602.219845][ T8449] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 602.341837][ T8446] loop2: detected capacity change from 0 to 1764 [ 603.168383][ T5124] EXT4-fs (loop3): unmounting filesystem. [ 603.390893][ T8439] loop1: detected capacity change from 0 to 40427 [ 603.418957][ T8460] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1295'. [ 603.438020][ T8439] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 603.445929][ T8439] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 603.705126][ T8463] netdevsim0 speed is unknown, defaulting to 1000 [ 603.808060][ T8439] F2FS-fs (loop1): invalid crc value [ 604.117665][ T8439] F2FS-fs (loop1): Found nat_bits in checkpoint [ 604.390594][ T8468] netlink: 'syz.0.1295': attribute type 12 has an invalid length. [ 604.624765][ T8439] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 604.642111][ T8439] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 604.899389][ T3723] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 605.059177][ T8473] cgroup: fork rejected by pids controller in /syz0 [ 605.159277][ T3723] usb 4-1: Using ep0 maxpacket: 32 [ 605.290285][ T3723] usb 4-1: config 0 has no interfaces? [ 605.382836][ T8456] loop2: detected capacity change from 0 to 40427 [ 605.414657][ T8456] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 605.434526][ T8456] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 605.470175][ T3723] usb 4-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=9c.e2 [ 605.485285][ T3653] EXT4-fs (loop4): unmounting filesystem. [ 605.487068][ T8456] F2FS-fs (loop2): invalid crc value [ 605.591485][ T3723] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 606.397290][ T3723] usb 4-1: Product: syz [ 606.402027][ T3723] usb 4-1: Manufacturer: syz [ 606.402539][ T8456] F2FS-fs (loop2): Found nat_bits in checkpoint [ 606.444550][ T3723] usb 4-1: SerialNumber: syz [ 606.505099][ T3723] usb 4-1: config 0 descriptor?? [ 606.551775][ T7] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 606.575117][ T7] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 606.609349][ T7] hid-generic 0000:0000:0000.0016: hidraw0: HID v0.00 Device [syz0] on syz1 [ 606.683182][ T3700] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.788428][ T8470] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1296'. [ 606.816984][ T4442] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 606.837331][ T5949] usb 4-1: USB disconnect, device number 24 [ 606.897191][ T3700] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.038263][ T3700] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.193846][ T3700] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.218060][ T4442] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 607.245476][ T4442] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 607.257694][ T4442] usb 5-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00 [ 607.276583][ T4442] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 607.299344][ T3662] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 607.300928][ T4442] usb 5-1: config 0 descriptor?? [ 607.315492][ T3663] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 607.327789][ T3663] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 607.335914][ T3663] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 607.348895][ T3663] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 607.356504][ T3663] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 607.363445][ T8492] loop2: detected capacity change from 0 to 1764 [ 607.462499][ T8493] netdevsim0 speed is unknown, defaulting to 1000 [ 608.178274][ T4442] sony 0003:1345:3008.0017: hiddev0,hidraw0: USB HID v80.00 Device [HID 1345:3008] on usb-dummy_hcd.4-1/input0 [ 608.215982][ T4442] sony 0003:1345:3008.0017: failed to claim input [ 608.431673][ T7] usb 5-1: USB disconnect, device number 30 [ 608.531105][ T8506] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1308'. [ 609.493192][ T8518] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1311'. [ 609.515818][ T8512] netlink: 'syz.2.1308': attribute type 12 has an invalid length. [ 609.633921][ T3663] Bluetooth: hci3: command tx timeout [ 609.838734][ T7] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 609.869119][ T7] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 609.875027][ T8493] chnl_net:caif_netlink_parms(): no params data found [ 609.889152][ T7] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz0] on syz1 [ 610.218833][ T7] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 610.328046][ T8533] loop2: detected capacity change from 0 to 1764 [ 610.335707][ T8493] bridge0: port 1(bridge_slave_0) entered blocking state [ 610.354595][ T8493] bridge0: port 1(bridge_slave_0) entered disabled state [ 610.363096][ T8493] device bridge_slave_0 entered promiscuous mode [ 610.425499][ T8493] bridge0: port 2(bridge_slave_1) entered blocking state [ 610.432668][ T8493] bridge0: port 2(bridge_slave_1) entered disabled state [ 610.475609][ T8493] device bridge_slave_1 entered promiscuous mode [ 610.527204][ T7] usb 4-1: Using ep0 maxpacket: 32 [ 610.613466][ T8493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 610.663241][ T7] usb 4-1: config 0 has no interfaces? [ 610.696863][ T8493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 610.802164][ T8493] team0: Port device team_slave_0 added [ 610.818958][ T8493] team0: Port device team_slave_1 added [ 610.869157][ T7] usb 4-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=9c.e2 [ 610.884304][ T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 610.900899][ T7] usb 4-1: Product: syz [ 610.912447][ T7] usb 4-1: Manufacturer: syz [ 610.924868][ T7] usb 4-1: SerialNumber: syz [ 610.950669][ T7] usb 4-1: config 0 descriptor?? [ 610.976667][ T8493] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 610.991071][ T8493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 611.050139][ T8493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 611.192799][ T8493] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 611.219381][ T8493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 611.262915][ T8493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 611.283892][ T8531] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1315'. [ 611.299988][ T4134] usb 4-1: USB disconnect, device number 25 [ 611.383516][ T8556] netlink: 'syz.1.1322': attribute type 29 has an invalid length. [ 611.455774][ T8554] netdevsim0 speed is unknown, defaulting to 1000 [ 611.457832][ T8556] netlink: 'syz.1.1322': attribute type 29 has an invalid length. [ 611.531423][ T8557] netlink: 'syz.1.1322': attribute type 29 has an invalid length. [ 611.574600][ T8556] netlink: 'syz.1.1322': attribute type 29 has an invalid length. [ 611.604839][ T8493] device hsr_slave_0 entered promiscuous mode [ 611.623615][ T8493] device hsr_slave_1 entered promiscuous mode [ 611.688634][ T8560] netlink: 19 bytes leftover after parsing attributes in process `syz.2.1323'. [ 611.700540][ T8558] netlink: 'syz.1.1322': attribute type 29 has an invalid length. [ 611.721502][ T3700] device hsr_slave_0 left promiscuous mode [ 611.752831][ T3700] device hsr_slave_1 left promiscuous mode [ 611.769508][ T3700] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 611.797162][ T3700] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 611.814445][ T3700] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 611.821940][ T3700] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 611.870157][ T3700] device bridge_slave_1 left promiscuous mode [ 611.885907][ T3700] bridge0: port 2(bridge_slave_1) entered disabled state [ 611.898458][ T3663] Bluetooth: hci3: command tx timeout [ 611.907383][ T3700] device bridge_slave_0 left promiscuous mode [ 611.918395][ T3700] bridge0: port 1(bridge_slave_0) entered disabled state [ 611.987827][ T3723] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0 [ 611.995489][ T3723] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0 [ 612.019023][ T8570] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1326'. [ 612.037050][ T3723] hid-generic 0000:0000:0000.0019: hidraw0: HID v0.00 Device [syz0] on syz1 [ 612.047141][ T3700] device veth1_macvtap left promiscuous mode [ 612.062874][ T3700] device veth0_macvtap left promiscuous mode [ 612.082555][ T3700] device veth1_vlan left promiscuous mode [ 612.099323][ T3700] device veth0_vlan left promiscuous mode [ 613.617160][ T8577] loop3: detected capacity change from 0 to 1764 [ 613.950658][ T3700] team0 (unregistering): Port device team_slave_1 removed [ 614.045462][ T3700] team0 (unregistering): Port device team_slave_0 removed [ 614.125625][ T3700] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 614.153486][ T3663] Bluetooth: hci3: command tx timeout [ 614.244025][ T3700] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 614.960654][ T3700] bond0 (unregistering): Released all slaves [ 615.075310][ T8569] tap0: tun_chr_ioctl cmd 21731 [ 615.085581][ T8571] netlink: 'syz.2.1326': attribute type 12 has an invalid length. [ 615.103694][ T8594] device syzkaller0 entered promiscuous mode [ 615.573471][ T3723] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0 [ 615.601627][ T3723] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0 [ 615.629680][ T3723] hid-generic 0000:0000:0000.001A: hidraw0: HID v0.00 Device [syz0] on syz1 [ 616.401306][ T3663] Bluetooth: hci3: command tx timeout [ 616.946080][ T8493] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 616.957170][ T8493] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 616.968022][ T8493] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 616.978858][ T8493] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 617.114352][ T8493] 8021q: adding VLAN 0 to HW filter on device bond0 [ 617.140350][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 617.152536][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 617.175729][ T8493] 8021q: adding VLAN 0 to HW filter on device team0 [ 617.212545][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 617.229431][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 617.238181][ T3700] bridge0: port 1(bridge_slave_0) entered blocking state [ 617.245359][ T3700] bridge0: port 1(bridge_slave_0) entered forwarding state [ 617.267214][ T8620] netlink: 172 bytes leftover after parsing attributes in process `syz.2.1342'. [ 617.293675][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 617.305968][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 617.324688][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 617.336239][ T3700] bridge0: port 2(bridge_slave_1) entered blocking state [ 617.343473][ T3700] bridge0: port 2(bridge_slave_1) entered forwarding state [ 617.566076][ T8629] loop3: detected capacity change from 0 to 256 [ 617.578466][ T8629] FAT-fs (loop3): Unrecognized mount option "codepageG~50" or missing value [ 617.823949][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 618.335362][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 618.362324][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 618.415885][ T8635] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1347'. [ 618.420332][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 618.465830][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 618.525673][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 618.562545][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 619.326878][ T8493] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 619.381017][ T8493] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 619.457744][ T8636] netlink: 'syz.3.1347': attribute type 12 has an invalid length. [ 619.478908][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 619.494361][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 619.523301][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 619.537189][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 619.594694][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 619.803970][ T8622] loop4: detected capacity change from 0 to 32768 [ 619.849276][ T8622] ERROR: (device loop4): dtSearch: DT_GETPAGE: dtree page corrupt [ 619.849276][ T8622] [ 619.884644][ T8622] ERROR: (device loop4): remounting filesystem as read-only [ 619.893827][ T8622] jfs_lookup: dtSearch returned -5 [ 619.918022][ T8622] ERROR: (device loop4): dtSearch: DT_GETPAGE: dtree page corrupt [ 619.918022][ T8622] [ 619.945436][ T8622] jfs_lookup: dtSearch returned -5 [ 619.948569][ T5945] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 619.958054][ T5945] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 620.002492][ T5945] hid-generic 0000:0000:0000.001B: hidraw0: HID v0.00 Device [syz0] on syz1 [ 620.022333][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 620.033791][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 620.055635][ T8493] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 620.127981][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 620.139505][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 620.173773][ T4012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 620.189404][ T4012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 620.217591][ T4012] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 620.242737][ T4012] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 620.268115][ T8493] device veth0_vlan entered promiscuous mode [ 620.307197][ T8493] device veth1_vlan entered promiscuous mode [ 620.383390][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 620.400279][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 620.419563][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 620.453497][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 620.490280][ T8493] device veth0_macvtap entered promiscuous mode [ 620.522646][ T8493] device veth1_macvtap entered promiscuous mode [ 620.589987][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 620.598779][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 620.615103][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.647796][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.678993][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.702091][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.724061][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.745433][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.768444][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.789772][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.811139][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 620.818416][ T8657] loop2: detected capacity change from 0 to 2048 [ 620.833702][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.859095][ T8493] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 620.887899][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 620.902139][ T3700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 620.912496][ T8657] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 620.933278][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.945301][ T8661] loop3: detected capacity change from 0 to 128 [ 620.961632][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.964584][ T8661] FAT-fs (loop3): Unrecognized mount option "uttf8=1" or missing value [ 620.982542][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.993279][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 621.003517][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 621.014074][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 621.025265][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 621.037391][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 621.048923][ T8493] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 621.059459][ T8493] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 621.071504][ T8493] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 621.082822][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 621.093502][ T3700] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 621.115062][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 621.125988][ T3700] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 621.126273][ T8661] tmpfs: Unknown parameter 'mp' [ 621.143830][ T3700] EXT4-fs (loop2): This should not happen!! Data will be lost [ 621.143830][ T3700] [ 621.154612][ T8493] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 621.168968][ T3700] EXT4-fs (loop2): Total free blocks count 0 [ 621.175274][ T3700] EXT4-fs (loop2): Free/Dirty block details [ 621.177038][ T8493] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 621.181255][ T3700] EXT4-fs (loop2): free_blocks=2415919104 [ 621.191573][ T8493] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 621.210869][ T3700] EXT4-fs (loop2): dirty_blocks=16 [ 621.223059][ T8493] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 621.227304][ T3700] EXT4-fs (loop2): Block reservation details [ 621.257851][ T3700] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 621.289331][ T6396] EXT4-fs (loop2): unmounting filesystem. [ 621.413933][ T4016] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 621.451524][ T4016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 621.493622][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 621.530513][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 621.551810][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 621.590534][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 621.839479][ T8677] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1357'. [ 621.899594][ T8677] loop3: detected capacity change from 0 to 256 [ 621.913124][ T8677] FAT-fs (loop3): Unrecognized mount option "codepageG~50" or missing value [ 622.960971][ T8684] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1359'. [ 623.199198][ T8688] netlink: 'syz.4.1359': attribute type 12 has an invalid length. [ 624.131474][ T8691] device wg2 entered promiscuous mode [ 624.431810][ T8698] loop0: detected capacity change from 0 to 2048 [ 625.613919][ T8698] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 625.747781][ T8710] loop4: detected capacity change from 0 to 256 [ 625.758061][ T8698] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 625.833296][ T8698] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28 [ 625.884679][ T8698] EXT4-fs (loop0): This should not happen!! Data will be lost [ 625.884679][ T8698] [ 625.923366][ T8698] EXT4-fs (loop0): Total free blocks count 0 [ 625.959370][ T8698] EXT4-fs (loop0): Free/Dirty block details [ 625.981644][ T8698] EXT4-fs (loop0): free_blocks=2415919104 [ 625.995702][ T8712] loop1: detected capacity change from 0 to 1024 [ 626.002703][ T8712] ext4: Bad value for 'stripe' [ 626.013664][ T8698] EXT4-fs (loop0): dirty_blocks=16 [ 626.019358][ T8698] EXT4-fs (loop0): Block reservation details [ 626.025606][ T8698] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 626.268780][ T8718] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1370'. [ 626.334504][ T8718] loop3: detected capacity change from 0 to 256 [ 626.350247][ T8718] FAT-fs (loop3): Unrecognized mount option "codepageG~50" or missing value [ 627.031039][ T6228] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 627.223944][ T8712] loop1: detected capacity change from 0 to 512 [ 627.247812][ T8728] loop0: detected capacity change from 0 to 1024 [ 627.261627][ T8728] EXT4-fs: Ignoring removed oldalloc option [ 627.291551][ T8712] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1368: casefold flag without casefold feature [ 627.311555][ T8728] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 627.335379][ T8733] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1375'. [ 627.353971][ T8712] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.1368: missing EA_INODE flag [ 627.403276][ T8728] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 627.413791][ T8712] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1368: error while reading EA inode 12 err=-117 [ 627.427321][ T8712] EXT4-fs (loop1): 1 orphan inode deleted [ 627.435080][ T8712] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 627.470499][ T8712] xt_CT: You must specify a L4 protocol and not use inversions on it [ 627.473193][ T8728] EXT4-fs (loop0): shut down requested (0) [ 627.526909][ T7735] EXT4-fs (loop1): unmounting filesystem. [ 627.688195][ T8493] EXT4-fs (loop0): unmounting filesystem. [ 627.885014][ T8748] netlink: 'syz.3.1375': attribute type 12 has an invalid length. [ 628.593527][ T8757] loop2: detected capacity change from 0 to 16 [ 628.610100][ T8757] erofs: (device loop2): mounted with root inode @ nid 36. [ 628.749325][ T26] audit: type=1326 audit(1725120620.707:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 628.879214][ T26] audit: type=1326 audit(1725120620.707:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 628.965391][ T8761] syz.2.1381: attempt to access beyond end of device [ 628.965391][ T8761] loop2: rw=0, sector=8, nr_sectors = 16 limit=16 [ 628.991752][ T8758] syz.2.1381: attempt to access beyond end of device [ 628.991752][ T8758] loop2: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 628.992185][ T26] audit: type=1326 audit(1725120620.707:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 629.115349][ T26] audit: type=1326 audit(1725120620.707:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 629.220200][ T8768] netlink: 19 bytes leftover after parsing attributes in process `syz.1.1385'. [ 629.276313][ T8768] loop1: detected capacity change from 0 to 256 [ 629.288093][ T8768] FAT-fs (loop1): Unrecognized mount option "codepageG~50" or missing value [ 630.186729][ T26] audit: type=1326 audit(1725120620.707:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 630.249701][ T26] audit: type=1326 audit(1725120620.707:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 630.272790][ T26] audit: type=1326 audit(1725120620.707:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 630.357556][ T26] audit: type=1326 audit(1725120620.707:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.1.1383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ccdf79eb9 code=0x7ffc0000 [ 630.914801][ T26] audit: type=1326 audit(1725120622.709:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8776 comm="syz.3.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff950379eb9 code=0x7ffc0000 [ 631.016115][ T8781] loop1: detected capacity change from 0 to 128 [ 631.027095][ T26] audit: type=1326 audit(1725120622.709:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8776 comm="syz.3.1388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff950379eb9 code=0x7ffc0000 [ 631.149026][ T8777] loop3: detected capacity change from 0 to 8192 [ 631.292885][ T8777] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 631.384613][ T8777] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 631.408570][ T8788] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1392'. [ 631.421559][ T8777] loop3: p2 p3 p4 [ 631.436550][ T8777] loop3: partition table partially beyond EOD, truncated [ 631.455649][ T8777] loop3: p2 start 452985600 is beyond EOD, truncated [ 631.476077][ T8777] loop3: p3 size 33554432 extends beyond EOD, truncated [ 631.531057][ T8777] loop3: p4 start 8388607 is beyond EOD, truncated [ 631.714201][ T8794] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1394'. [ 632.417249][ T8807] loop2: detected capacity change from 0 to 256 [ 632.542122][ T8807] FAT-fs (loop2): Directory bread(block 64) failed [ 632.582416][ T8807] FAT-fs (loop2): Directory bread(block 65) failed [ 632.617755][ T8807] FAT-fs (loop2): Directory bread(block 66) failed [ 632.686712][ T8807] FAT-fs (loop2): Directory bread(block 67) failed [ 632.726783][ T8807] FAT-fs (loop2): Directory bread(block 68) failed [ 632.749660][ T8807] FAT-fs (loop2): Directory bread(block 69) failed [ 632.763276][ T8807] FAT-fs (loop2): Directory bread(block 70) failed [ 632.770039][ T8807] FAT-fs (loop2): Directory bread(block 71) failed [ 632.786727][ T8807] FAT-fs (loop2): Directory bread(block 72) failed [ 632.798635][ T8807] FAT-fs (loop2): Directory bread(block 73) failed [ 632.826616][ T8797] netlink: 'syz.4.1394': attribute type 12 has an invalid length. [ 633.226020][ T8821] loop2: detected capacity change from 0 to 128 [ 633.628299][ T8831] netdevsim0 speed is unknown, defaulting to 1000 [ 634.605349][ T8834] loop2: detected capacity change from 0 to 16 [ 634.644895][ T8834] erofs: (device loop2): mounted with root inode @ nid 36. [ 634.822108][ T26] kauditd_printk_skb: 80 callbacks suppressed [ 634.822133][ T26] audit: type=1326 audit(1725120626.309:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 634.896414][ T26] audit: type=1326 audit(1725120626.309:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 634.995138][ T26] audit: type=1326 audit(1725120626.346:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.090005][ T8838] loop0: detected capacity change from 0 to 1764 [ 635.103772][ T26] audit: type=1326 audit(1725120626.346:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.112876][ T8839] syz.2.1409: attempt to access beyond end of device [ 635.112876][ T8839] loop2: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 635.181259][ T8846] loop1: detected capacity change from 0 to 256 [ 635.203008][ T26] audit: type=1326 audit(1725120626.346:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.274566][ T8846] FAT-fs (loop1): Directory bread(block 64) failed [ 635.282111][ T26] audit: type=1326 audit(1725120626.346:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.305907][ T8846] FAT-fs (loop1): Directory bread(block 65) failed [ 635.321776][ T8839] syz.2.1409: attempt to access beyond end of device [ 635.321776][ T8839] loop2: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 635.354978][ T8846] FAT-fs (loop1): Directory bread(block 66) failed [ 635.372715][ T8846] FAT-fs (loop1): Directory bread(block 67) failed [ 635.390641][ T8846] FAT-fs (loop1): Directory bread(block 68) failed [ 635.394538][ T26] audit: type=1326 audit(1725120626.346:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.565384][ T26] audit: type=1326 audit(1725120626.346:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.588020][ T26] audit: type=1326 audit(1725120626.346:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.610870][ T26] audit: type=1326 audit(1725120626.346:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8841 comm="syz.4.1411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 635.628767][ T8846] FAT-fs (loop1): Directory bread(block 69) failed [ 635.678788][ T8846] FAT-fs (loop1): Directory bread(block 70) failed [ 635.749925][ T8846] FAT-fs (loop1): Directory bread(block 71) failed [ 635.817781][ T8846] FAT-fs (loop1): Directory bread(block 72) failed [ 635.833399][ T8846] FAT-fs (loop1): Directory bread(block 73) failed [ 635.846246][ T8852] loop0: detected capacity change from 0 to 16 [ 635.894194][ T8852] erofs: (device loop0): mounted with root inode @ nid 36. [ 636.751591][ T8860] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1418'. [ 636.811100][ T8860] tipc: Enabling of bearer rejected, failed to enable media [ 637.124012][ T8864] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1421'. [ 637.324136][ T8868] netdevsim0 speed is unknown, defaulting to 1000 [ 638.159778][ T8870] device vlan2 entered promiscuous mode [ 638.165721][ T8870] device bridge0 entered promiscuous mode [ 638.173199][ T8870] bridge0: port 2(vlan2) entered blocking state [ 638.179650][ T8870] bridge0: port 2(vlan2) entered disabled state [ 638.227221][ T8870] device bridge0 left promiscuous mode [ 638.421056][ T8852] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 638.486121][ T8852] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 638.606309][ T8878] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1425'. [ 638.618743][ T8852] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 638.645745][ T8873] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 638.734654][ T8873] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 638.757651][ T8881] loop2: detected capacity change from 0 to 16 [ 638.833104][ T8882] netlink: 'syz.3.1421': attribute type 12 has an invalid length. [ 638.844914][ T8881] erofs: (device loop2): mounted with root inode @ nid 36. [ 638.880674][ T8873] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 639.425385][ T8888] syz.2.1426: attempt to access beyond end of device [ 639.425385][ T8888] loop2: rw=0, sector=8, nr_sectors = 16 limit=16 [ 640.353760][ T8896] loop1: detected capacity change from 0 to 16 [ 640.380848][ T8896] erofs: (device loop1): mounted with root inode @ nid 36. [ 640.409499][ T8894] loop4: detected capacity change from 0 to 8192 [ 640.437624][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 640.437641][ T26] audit: type=1326 audit(1725120631.496:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 640.533101][ T26] audit: type=1326 audit(1725120631.496:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 640.562555][ T8894] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting. [ 640.629490][ T26] audit: type=1326 audit(1725120631.496:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 640.658759][ T8894] ldm_validate_privheads(): Cannot find PRIVHEAD 1. [ 640.680614][ T8894] loop4: p2 p3 p4 [ 640.688957][ T8894] loop4: partition table partially beyond EOD, truncated [ 640.723504][ T8894] loop4: p2 start 452985600 is beyond EOD, truncated [ 640.737245][ T8894] loop4: p3 size 33554432 extends beyond EOD, truncated [ 640.781458][ T8894] loop4: p4 start 8388607 is beyond EOD, truncated [ 640.842191][ T26] audit: type=1326 audit(1725120631.496:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 640.884462][ T26] audit: type=1326 audit(1725120631.496:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 640.924057][ T26] audit: type=1326 audit(1725120631.496:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 641.082507][ T8899] syz.1.1430: attempt to access beyond end of device [ 641.082507][ T8899] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 641.110043][ T8897] loop4: detected capacity change from 0 to 2048 [ 641.131015][ T8899] syz.1.1430: attempt to access beyond end of device [ 641.131015][ T8899] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 641.153114][ T8903] loop0: detected capacity change from 0 to 128 [ 641.168102][ T26] audit: type=1326 audit(1725120631.496:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 641.229981][ T26] audit: type=1326 audit(1725120631.496:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa2a9179eb9 code=0x7ffc0000 [ 641.327724][ T26] audit: type=1326 audit(1725120631.496:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa2a9179ef3 code=0x7ffc0000 [ 641.374591][ T26] audit: type=1326 audit(1725120631.496:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8893 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa2a917899f code=0x7ffc0000 [ 641.744893][ T8909] netdevsim0 speed is unknown, defaulting to 1000 [ 642.776400][ T8916] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1435'. [ 643.077142][ T8922] loop4: detected capacity change from 0 to 256 [ 643.142987][ T8922] FAT-fs (loop4): Directory bread(block 64) failed [ 643.152818][ T8922] FAT-fs (loop4): Directory bread(block 65) failed [ 643.175825][ T8922] FAT-fs (loop4): Directory bread(block 66) failed [ 643.192682][ T8922] FAT-fs (loop4): Directory bread(block 67) failed [ 643.211479][ T8922] FAT-fs (loop4): Directory bread(block 68) failed [ 643.218081][ T8922] FAT-fs (loop4): Directory bread(block 69) failed [ 643.247122][ T8922] FAT-fs (loop4): Directory bread(block 70) failed [ 643.254007][ T8922] FAT-fs (loop4): Directory bread(block 71) failed [ 643.261389][ T8922] FAT-fs (loop4): Directory bread(block 72) failed [ 643.268296][ T8922] FAT-fs (loop4): Directory bread(block 73) failed [ 644.238945][ T8933] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1441'. [ 644.275775][ T8935] loop1: detected capacity change from 0 to 16 [ 644.300952][ T8935] erofs: (device loop1): mounted with root inode @ nid 36. [ 644.868552][ T8939] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 645.420013][ T8939] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 645.473511][ T8939] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 645.535671][ T8943] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 645.556765][ T8942] netlink: 'syz.0.1441': attribute type 12 has an invalid length. [ 645.573675][ T8943] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 645.617735][ T8943] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 646.404987][ T8950] netdevsim0 speed is unknown, defaulting to 1000 [ 646.958118][ T8964] binder: 8959:8964 ioctl c0306201 20000080 returned -14 [ 647.396381][ T8961] loop0: detected capacity change from 0 to 1764 [ 647.723443][ T8974] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1454'. [ 647.877742][ T8976] loop3: detected capacity change from 0 to 256 [ 647.931617][ T8976] FAT-fs (loop3): Directory bread(block 64) failed [ 648.015495][ T8980] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1457'. [ 648.076375][ T8976] FAT-fs (loop3): Directory bread(block 65) failed [ 648.111247][ T8976] FAT-fs (loop3): Directory bread(block 66) failed [ 648.143131][ T8976] FAT-fs (loop3): Directory bread(block 67) failed [ 648.167969][ T8976] FAT-fs (loop3): Directory bread(block 68) failed [ 648.189776][ T8976] FAT-fs (loop3): Directory bread(block 69) failed [ 648.212312][ T8976] FAT-fs (loop3): Directory bread(block 70) failed [ 648.234138][ T8976] FAT-fs (loop3): Directory bread(block 71) failed [ 648.276317][ T8976] FAT-fs (loop3): Directory bread(block 72) failed [ 648.308438][ T8976] FAT-fs (loop3): Directory bread(block 73) failed [ 648.665728][ T8989] netlink: 'syz.0.1457': attribute type 12 has an invalid length. [ 648.843046][ T3648] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 649.245635][ T3648] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 649.280858][ T3648] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 649.310712][ T3648] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 649.330413][ T3648] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.340292][ T8995] loop0: detected capacity change from 0 to 16 [ 649.340303][ T3648] usb 2-1: config 0 descriptor?? [ 649.358179][ T8995] erofs: (device loop0): mounted with root inode @ nid 36. [ 649.707795][ T8997] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 649.846544][ T8997] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 649.872333][ T8997] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 649.880818][ T8998] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 649.905471][ T8998] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 649.942405][ T8998] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 649.981187][ T3648] hid (null): bogus close delimiter [ 650.175250][ T9003] binder: 9001:9003 ioctl 4018620d 0 returned -22 [ 650.198338][ T9003] futex_wake_op: syz.3.1463 tries to shift op by 32; fix this program [ 650.468273][ T3649] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 650.480735][ T3649] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 650.500718][ T3649] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 650.512856][ T3649] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 650.522039][ T3649] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 650.536499][ T3649] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 650.606046][ T9004] netdevsim0 speed is unknown, defaulting to 1000 [ 650.919041][ T9004] chnl_net:caif_netlink_parms(): no params data found [ 650.926649][ T3648] uclogic 0003:256C:006D.001C: failed retrieving string descriptor #100: -71 [ 650.940766][ T3648] uclogic 0003:256C:006D.001C: failed retrieving pen parameters: -71 [ 650.985302][ T3648] uclogic 0003:256C:006D.001C: failed probing pen v1 parameters: -71 [ 651.010251][ T3648] uclogic 0003:256C:006D.001C: failed probing parameters: -71 [ 651.029303][ T3648] uclogic: probe of 0003:256C:006D.001C failed with error -71 [ 651.052542][ T3648] usb 2-1: USB disconnect, device number 28 [ 651.218087][ T9004] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.225670][ T9004] bridge0: port 1(bridge_slave_0) entered disabled state [ 651.264594][ T9004] device bridge_slave_0 entered promiscuous mode [ 651.303868][ T9004] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.356556][ T9004] bridge0: port 2(bridge_slave_1) entered disabled state [ 651.376140][ T9004] device bridge_slave_1 entered promiscuous mode [ 651.456872][ T9004] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 651.513745][ T9004] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 651.588065][ T9004] team0: Port device team_slave_0 added [ 651.614530][ T9004] team0: Port device team_slave_1 added [ 651.718101][ T9004] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 651.725263][ T9004] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 651.884104][ T9004] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 652.036274][ T9004] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 652.070610][ T9004] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 652.213093][ T9019] loop1: detected capacity change from 0 to 1764 [ 652.255645][ T9004] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 652.566134][ T9004] device hsr_slave_0 entered promiscuous mode [ 652.618855][ T9004] device hsr_slave_1 entered promiscuous mode [ 652.649391][ T9004] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 652.676850][ T9004] Cannot create hsr debugfs directory [ 652.702892][ T9030] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1468'. [ 652.808331][ T3663] Bluetooth: hci6: command tx timeout [ 652.863481][ T9031] netdevsim0 speed is unknown, defaulting to 1000 [ 653.137622][ T9040] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1471'. [ 653.247406][ T9042] loop4: detected capacity change from 0 to 16 [ 653.315863][ T9042] erofs: (device loop4): mounted with root inode @ nid 36. [ 653.457118][ T9045] loop1: detected capacity change from 0 to 512 [ 653.503633][ T9046] syz.4.1472: attempt to access beyond end of device [ 653.503633][ T9046] loop4: rw=0, sector=8, nr_sectors = 16 limit=16 [ 653.574429][ T9045] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 653.588420][ T9045] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038 (0x7fffffff) [ 653.623581][ T9004] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 653.673495][ T9049] netlink: 'syz.0.1471': attribute type 12 has an invalid length. [ 653.681825][ T9044] syz.4.1472: attempt to access beyond end of device [ 653.681825][ T9044] loop4: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 653.746277][ T7735] EXT4-fs (loop1): unmounting filesystem. [ 654.043678][ T9004] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.253058][ T9055] loop1: detected capacity change from 0 to 16 [ 654.269495][ T9004] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 654.271231][ T3649] Bluetooth: hci0: command 0x0406 tx timeout [ 654.311351][ T9055] erofs: (device loop1): mounted with root inode @ nid 36. [ 654.642729][ T9004] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 655.637788][ T3649] Bluetooth: hci6: command tx timeout [ 655.711013][ T9060] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 655.941532][ T9060] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 655.982732][ T9060] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 656.023533][ T9062] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 656.189733][ T9062] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 656.256904][ T9062] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 656.359524][ T9004] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 656.406629][ T9004] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 656.451148][ T9004] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 656.485293][ T9004] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 656.503501][ T9070] loop4: detected capacity change from 0 to 256 [ 656.755752][ T9004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 656.837352][ T9004] 8021q: adding VLAN 0 to HW filter on device team0 [ 656.860369][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 656.888548][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 656.908216][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 656.939066][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 656.957294][ T6228] bridge0: port 1(bridge_slave_0) entered blocking state [ 656.964592][ T6228] bridge0: port 1(bridge_slave_0) entered forwarding state [ 657.018409][ T9084] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1484'. [ 657.039636][ T9084] loop3: detected capacity change from 0 to 256 [ 657.047291][ T9084] FAT-fs (loop3): Unrecognized mount option "codepageG~50" or missing value [ 658.013618][ T3745] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 658.023121][ T3649] Bluetooth: hci6: command tx timeout [ 658.096692][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 658.132064][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 658.147116][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 658.211983][ T6228] bridge0: port 2(bridge_slave_1) entered blocking state [ 658.219275][ T6228] bridge0: port 2(bridge_slave_1) entered forwarding state [ 658.234354][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 658.247070][ T3745] usb 5-1: device descriptor read/64, error -71 [ 658.275646][ T9004] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 658.286472][ T9004] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 658.318967][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 658.333637][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 658.349723][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 658.387522][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 658.416293][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 658.425435][ T9086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1485'. [ 658.443107][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 658.452055][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 658.537436][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 658.565626][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 658.597088][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 658.638641][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 659.296242][ T3745] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 659.352229][ T9087] netlink: 'syz.3.1485': attribute type 12 has an invalid length. [ 659.525447][ T3745] usb 5-1: device descriptor read/64, error -71 [ 659.779707][ T3745] usb usb5-port1: attempt power cycle [ 660.251615][ T3649] Bluetooth: hci6: command tx timeout [ 660.782457][ T3745] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 660.792910][ T9098] loop3: detected capacity change from 0 to 16 [ 660.826064][ T9098] erofs: (device loop3): mounted with root inode @ nid 36. [ 661.038293][ T9104] binder: 9101:9104 ioctl c0306201 20000080 returned -14 [ 661.045627][ T3745] usb 5-1: device not accepting address 33, error -71 [ 662.032822][ T9103] syz.3.1488: attempt to access beyond end of device [ 662.032822][ T9103] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 662.071814][ T9103] syz.3.1488: attempt to access beyond end of device [ 662.071814][ T9103] loop3: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 662.112797][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 662.126122][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 662.141788][ T9004] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 662.390309][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 662.400156][ T9107] syz.3.1488: attempt to access beyond end of device [ 662.400156][ T9107] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 662.431708][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 662.557127][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 662.593942][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 662.634506][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 662.668087][ T4016] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 662.712821][ T9004] device veth0_vlan entered promiscuous mode [ 662.791458][ T9004] device veth1_vlan entered promiscuous mode [ 662.847434][ T9115] netdevsim0 speed is unknown, defaulting to 1000 [ 663.027955][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 663.110586][ T9004] device veth0_macvtap entered promiscuous mode [ 663.129624][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 663.144785][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 663.169855][ T9122] loop0: detected capacity change from 0 to 16 [ 663.173731][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 663.194057][ T9122] erofs: (device loop0): mounted with root inode @ nid 36. [ 663.208398][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 663.233020][ T9004] device veth1_macvtap entered promiscuous mode [ 663.320362][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 664.418339][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 664.428264][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 664.439103][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 664.460084][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 664.481721][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 664.498316][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 664.762303][ T9126] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 664.772088][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 664.782644][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 664.793312][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 664.803243][ T9126] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 664.814214][ T9126] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 664.823773][ T9126] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 664.833134][ T9126] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 664.842468][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 664.845214][ T9126] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 664.886702][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 665.044999][ T9004] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 665.094387][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 665.102845][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 665.186323][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 665.225323][ T102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 665.373114][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 665.428539][ T9133] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1497'. [ 665.485871][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 665.556984][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 665.629989][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 665.871618][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.064975][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.186263][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.196886][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.228391][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.253498][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.311793][ T9004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 666.358154][ T9004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 666.418007][ T9004] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 666.437462][ T9135] netlink: 'syz.0.1497': attribute type 12 has an invalid length. [ 666.446255][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 666.465020][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 666.481814][ T9004] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.493717][ T9004] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.502965][ T9004] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.523988][ T9004] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.622009][ T3690] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 666.718039][ T9143] binder: 9142:9143 ioctl c0306201 20000080 returned -14 [ 666.761321][ T4012] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 666.801063][ T4012] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 666.852118][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 666.860387][ T3690] usb 4-1: device descriptor read/64, error -71 [ 666.901870][ T4012] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 666.940889][ T4012] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 667.005824][ T4012] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 667.046564][ T9149] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1500'. [ 667.163866][ T3690] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 667.644811][ T3690] usb 4-1: device descriptor read/64, error -71 [ 667.671766][ T9156] loop4: detected capacity change from 0 to 16 [ 667.702285][ T9156] erofs: (device loop4): mounted with root inode @ nid 36. [ 667.783803][ T3690] usb usb4-port1: attempt power cycle [ 668.122878][ T9158] syz.4.1503: attempt to access beyond end of device [ 668.122878][ T9158] loop4: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 668.148098][ T9158] syz.4.1503: attempt to access beyond end of device [ 668.148098][ T9158] loop4: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 668.236226][ T3690] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 668.345169][ T3690] usb 4-1: device descriptor read/8, error -71 [ 668.666989][ T9168] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1506'. [ 668.777933][ T3690] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 668.886505][ T3690] usb 4-1: device descriptor read/8, error -71 [ 669.785551][ T3690] usb usb4-port1: unable to enumerate USB device [ 669.932690][ T9181] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1510'. [ 670.057659][ T9182] binder: 9178:9182 ioctl c0306201 20000080 returned -14 [ 670.155314][ T9183] netlink: 'syz.3.1510': attribute type 12 has an invalid length. [ 672.946873][ T9207] loop4: detected capacity change from 0 to 512 [ 672.981025][ T9207] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 672.998105][ T9207] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 673.047067][ T9207] EXT4-fs (loop4): 1 truncate cleaned up [ 673.081474][ T9207] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 674.620495][ T9221] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1522'. [ 674.916714][ T9226] netlink: 'syz.0.1522': attribute type 12 has an invalid length. [ 675.933336][ T9212] loop3: detected capacity change from 0 to 32768 [ 675.954249][ T9228] loop0: detected capacity change from 0 to 16 [ 676.002136][ T9212] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1519 (9212) [ 676.002233][ T9228] erofs: (device loop0): mounted with root inode @ nid 36. [ 676.230782][ T9212] BTRFS error (device loop3): open_ctree failed [ 676.589201][ T9233] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 676.986979][ T9233] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 676.997891][ T9233] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 677.006728][ T9234] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 677.016341][ T9234] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 677.027280][ T9234] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 677.050690][ T9211] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 677.131188][ T9211] EXT4-fs (loop4): Remounting filesystem read-only [ 677.186745][ T3653] EXT4-fs (loop4): unmounting filesystem. [ 677.503721][ T9245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1530'. [ 677.546413][ T9247] tipc: New replicast peer: 100.1.1.1 [ 677.553896][ T9247] tipc: Enabled bearer , priority 10 [ 678.839919][ T3690] tipc: Node number set to 751895250 [ 679.125802][ T9257] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1535'. [ 679.440117][ T9259] netlink: 'syz.1.1535': attribute type 12 has an invalid length. [ 681.076808][ T9270] loop1: detected capacity change from 0 to 512 [ 681.141703][ T9270] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 681.172314][ T9270] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038 (0x7fffffff) [ 681.331054][ T7735] EXT4-fs (loop1): unmounting filesystem. [ 682.473072][ T9282] loop1: detected capacity change from 0 to 512 [ 682.645239][ T9282] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.1540: casefold flag without casefold feature [ 682.693714][ T9282] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.1540: missing EA_INODE flag [ 683.270798][ T9282] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1540: error while reading EA inode 12 err=-117 [ 683.343776][ T9282] EXT4-fs (loop1): 1 orphan inode deleted [ 683.413796][ T9282] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 684.800174][ T26] kauditd_printk_skb: 59 callbacks suppressed [ 684.800192][ T26] audit: type=1800 audit(1725120672.441:289): pid=9290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1540" name="file0" dev="loop1" ino=18 res=0 errno=0 [ 687.604215][ T9314] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1548'. [ 687.621063][ T7735] EXT4-fs (loop1): unmounting filesystem. [ 687.849020][ T9316] netlink: 'syz.4.1548': attribute type 12 has an invalid length. [ 689.140526][ T9321] loop3: detected capacity change from 0 to 1764 [ 689.150119][ T9332] loop4: detected capacity change from 0 to 16 [ 689.180686][ T9332] erofs: (device loop4): mounted with root inode @ nid 36. [ 689.692192][ T9334] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 689.719638][ T9334] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 689.730829][ T9334] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 689.742282][ T9334] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 689.751770][ T9334] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 689.762732][ T9334] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 690.379348][ T9337] siw: device registration error -23 [ 691.930725][ T4134] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 692.342686][ T4134] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 692.374467][ T4134] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 692.432314][ T4134] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 692.476749][ T4134] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 692.511951][ T4134] usb 2-1: config 0 descriptor?? [ 693.047128][ T4134] hid (null): bogus close delimiter [ 693.287128][ T9362] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1563'. [ 693.459772][ T9362] netlink: 'syz.0.1563': attribute type 12 has an invalid length. [ 693.902587][ T9369] loop0: detected capacity change from 0 to 16 [ 693.936454][ T9369] erofs: (device loop0): mounted with root inode @ nid 36. [ 693.989291][ T4134] uclogic 0003:256C:006D.001D: failed retrieving string descriptor #100: -71 [ 694.025245][ T4134] uclogic 0003:256C:006D.001D: failed retrieving pen parameters: -71 [ 694.037413][ T9367] loop3: detected capacity change from 0 to 1764 [ 694.055530][ T4134] uclogic 0003:256C:006D.001D: failed probing pen v1 parameters: -71 [ 694.097594][ T4134] uclogic 0003:256C:006D.001D: failed probing parameters: -71 [ 694.116493][ T4134] uclogic: probe of 0003:256C:006D.001D failed with error -71 [ 694.174727][ T4134] usb 2-1: USB disconnect, device number 29 [ 694.837865][ T9378] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 694.924968][ T9378] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 694.936034][ T9378] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 694.944696][ T9379] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 694.954362][ T9379] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 694.965249][ T9379] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 697.235511][ T9393] device pim6reg1 entered promiscuous mode [ 697.727653][ T9405] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1576'. [ 697.898610][ T9405] netlink: 'syz.0.1576': attribute type 12 has an invalid length. [ 699.538351][ T9409] loop0: detected capacity change from 0 to 1764 [ 699.727158][ T9416] loop3: detected capacity change from 0 to 1024 [ 702.055554][ T9428] loop4: detected capacity change from 0 to 16 [ 702.074371][ T9428] erofs: (device loop4): mounted with root inode @ nid 36. [ 702.093305][ T9416] hfsplus: found bad thread record in catalog [ 703.420406][ T9438] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1587'. [ 703.678594][ T9439] netlink: 'syz.0.1587': attribute type 12 has an invalid length. [ 703.914341][ T9441] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 704.326462][ T9441] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 704.338648][ T9441] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 704.347288][ T9442] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 704.356890][ T9442] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 704.367782][ T9442] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 705.257302][ T11] hfsplus: b-tree write err: -5, ino 4 [ 705.428893][ T9456] loop3: detected capacity change from 0 to 512 [ 705.453826][ T9436] loop1: detected capacity change from 0 to 40427 [ 705.490919][ T9436] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 705.546444][ T9456] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 705.560726][ T9436] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 705.588745][ T9456] ext4 filesystem being mounted at /220/file0 supports timestamps until 2038 (0x7fffffff) [ 705.666053][ T9436] F2FS-fs (loop1): Found nat_bits in checkpoint [ 706.742448][ T5124] EXT4-fs (loop3): unmounting filesystem. [ 707.268547][ T9471] loop3: detected capacity change from 0 to 1764 [ 709.273037][ T9490] loop4: detected capacity change from 0 to 16 [ 709.501907][ T9491] loop1: detected capacity change from 0 to 128 [ 709.650279][ T9490] erofs: (device loop4): mounted with root inode @ nid 36. [ 709.764571][ T9491] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 709.781049][ T9491] ext4 filesystem being mounted at /96/mnt supports timestamps until 2038 (0x7fffffff) [ 710.192496][ T7735] EXT4-fs (loop1): unmounting filesystem. [ 710.387753][ T9499] loop1: detected capacity change from 0 to 1024 [ 712.952542][ T4145] kworker/dying (4145) used greatest stack depth: 18720 bytes left [ 714.061782][ T3933] hfsplus: b-tree write err: -5, ino 4 [ 715.518023][ T9535] siw: device registration error -23 [ 716.653336][ T9548] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1614'. [ 716.745154][ T9548] netlink: 'syz.1.1614': attribute type 6 has an invalid length. [ 718.600592][ T9577] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1623'. [ 720.154978][ T9586] siw: device registration error -23 [ 722.039097][ T4442] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 722.220935][ T9609] loop0: detected capacity change from 0 to 1764 [ 722.451013][ T4442] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 722.477765][ T4442] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 722.512710][ T4442] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 722.544768][ T4442] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 722.584367][ T4442] usb 5-1: config 0 descriptor?? [ 723.128024][ T9620] loop0: detected capacity change from 0 to 16 [ 723.135575][ T9620] erofs: (device loop0): mounted with root inode @ nid 36. [ 723.159214][ T4442] hid-steam 0003:28DE:1142.001E: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0 [ 723.349875][ T9622] syz.0.1635: attempt to access beyond end of device [ 723.349875][ T9622] loop0: rw=0, sector=8, nr_sectors = 16 limit=16 [ 723.673007][ T9608] loop4: detected capacity change from 0 to 512 [ 723.699364][ T4442] hid-steam 0003:28DE:1142.001F: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0 [ 723.805511][ T4442] hid-steam 0003:28DE:1142.001E: Steam wireless receiver connected [ 723.829069][ T4442] usb 5-1: USB disconnect, device number 35 [ 723.887305][ T4442] hid-steam 0003:28DE:1142.001E: Steam wireless receiver disconnected [ 723.940982][ T9627] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1637'. [ 726.021873][ T9645] siw: device registration error -23 [ 729.601476][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 729.844970][ T9675] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1650'. [ 729.865468][ T9674] fuse: Unknown parameter 'user_i00000000000000000000' [ 730.886050][ T9684] siw: device registration error -23 [ 734.810748][ T9727] siw: device registration error -23 [ 734.857002][ T3663] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 734.867718][ T3663] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 734.876206][ T3663] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 734.926548][ T3662] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 734.937445][ T3663] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 734.950776][ T3663] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 735.020032][ T9728] netdevsim0 speed is unknown, defaulting to 1000 [ 735.374727][ T9728] chnl_net:caif_netlink_parms(): no params data found [ 735.745521][ T9728] bridge0: port 1(bridge_slave_0) entered blocking state [ 735.766078][ T9728] bridge0: port 1(bridge_slave_0) entered disabled state [ 735.787952][ T9728] device bridge_slave_0 entered promiscuous mode [ 735.818119][ T9728] bridge0: port 2(bridge_slave_1) entered blocking state [ 735.832003][ T9728] bridge0: port 2(bridge_slave_1) entered disabled state [ 735.855965][ T9728] device bridge_slave_1 entered promiscuous mode [ 735.904956][ T9752] loop3: detected capacity change from 0 to 16 [ 735.912506][ T9752] erofs: (device loop3): mounted with root inode @ nid 36. [ 736.033197][ T9728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 736.105408][ T9728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 736.497209][ T9755] syz.3.1671: attempt to access beyond end of device [ 736.497209][ T9755] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 736.513845][ T9755] syz.3.1671: attempt to access beyond end of device [ 736.513845][ T9755] loop3: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 736.547998][ T9758] syz.3.1671: attempt to access beyond end of device [ 736.547998][ T9758] loop3: rw=0, sector=8, nr_sectors = 16 limit=16 [ 736.669065][ T9728] team0: Port device team_slave_0 added [ 736.682072][ T9728] team0: Port device team_slave_1 added [ 736.860508][ T9728] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 736.897111][ T9728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 737.009993][ T9728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 737.035028][ T9728] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 737.042811][ T9728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 737.089566][ T9728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 737.202254][ T9728] device hsr_slave_0 entered promiscuous mode [ 737.218328][ T3649] Bluetooth: hci7: command tx timeout [ 737.233136][ T9728] device hsr_slave_1 entered promiscuous mode [ 737.251534][ T9728] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 737.307070][ T9728] Cannot create hsr debugfs directory [ 738.015967][ T9728] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.305586][ T9728] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.546886][ T9728] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 738.793471][ T9728] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.240072][ T9782] siw: device registration error -23 [ 739.471364][ T3649] Bluetooth: hci7: command tx timeout [ 739.518748][ T9728] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 739.570987][ T9728] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 739.591189][ T9728] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 739.612641][ T9728] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 739.962990][ T9728] 8021q: adding VLAN 0 to HW filter on device bond0 [ 740.302784][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 740.317437][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 740.348567][ T9728] 8021q: adding VLAN 0 to HW filter on device team0 [ 740.461227][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 740.475505][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 740.531926][ T5436] bridge0: port 1(bridge_slave_0) entered blocking state [ 740.539115][ T5436] bridge0: port 1(bridge_slave_0) entered forwarding state [ 740.630045][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 740.673011][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 740.723057][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 740.740143][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 740.747328][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 740.755933][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 740.772357][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 740.788728][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 740.800616][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 740.809896][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 740.887669][ T4848] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 740.968099][ T4848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 741.250735][ T4848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 741.270668][ T4848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 741.335400][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 741.349784][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 741.382047][ T9728] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 741.594951][ T3648] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 741.693395][ T9818] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1687'. [ 741.724837][ T3649] Bluetooth: hci7: command tx timeout [ 741.777193][ T9818] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1687'. [ 741.854835][ T3648] usb 4-1: Using ep0 maxpacket: 32 [ 741.985059][ T3648] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 742.006524][ T3648] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xE3, skipping [ 742.017579][ T3648] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 742.027440][ T3648] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 742.047767][ T3648] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 742.079468][ T3648] usb 4-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 742.299255][ T3648] usb 4-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01 [ 742.323672][ T3648] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 742.353115][ T3648] usb 4-1: Product: syz [ 742.385904][ T3648] usb 4-1: Manufacturer: syz [ 742.401707][ T3648] usb 4-1: SerialNumber: syz [ 742.438676][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 742.458778][ T3648] usb 4-1: config 0 descriptor?? [ 742.464041][ T5436] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 742.483770][ T9807] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 742.619878][ T9728] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 742.727304][ T9807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 742.752135][ T9807] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 742.772763][ T8299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 742.798375][ T8299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 742.852769][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 742.853659][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 742.854685][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 742.855300][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 742.864183][ T9728] device veth0_vlan entered promiscuous mode [ 742.900433][ T9728] device veth1_vlan entered promiscuous mode [ 742.938762][ T3648] cxacru 4-1:0.0: cxacru_bind: interface has incorrect endpoints [ 742.938850][ T3648] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19! [ 742.939518][ T3649] Bluetooth: hci3: command 0x0406 tx timeout [ 742.941896][ T3648] usb 4-1: USB disconnect, device number 30 [ 743.036507][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 743.037121][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 743.037620][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 743.038083][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 743.059515][ T9728] device veth0_macvtap entered promiscuous mode [ 743.085130][ T9728] device veth1_macvtap entered promiscuous mode [ 743.143399][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 743.143424][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.143436][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 743.143452][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.143465][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 743.143480][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.143493][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 743.143508][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.143521][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 743.143536][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.143571][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 743.143586][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.143598][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 743.143613][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.161852][ T9728] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 743.162054][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 743.162697][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 743.163169][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 743.163645][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 743.183066][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 743.183131][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.183250][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 743.183268][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.183282][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 743.183296][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.183307][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 743.183317][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.183326][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 743.183336][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.183345][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 743.183354][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.183363][ T9728] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 743.183373][ T9728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 743.188776][ T9728] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 743.188943][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 743.189538][ T3855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 743.212112][ T9728] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 743.212143][ T9728] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 743.212165][ T9728] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 743.212186][ T9728] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 743.551509][ T3728] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 743.551584][ T3728] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 743.555063][ T6228] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 743.672480][ T6228] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 743.672575][ T6228] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 743.678079][ T8299] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 743.704897][ T9830] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1690'. [ 743.704951][ T9830] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1690'. [ 743.989209][ T3663] Bluetooth: hci7: command tx timeout [ 746.500794][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807a01a000: rx timeout, send abort [ 747.043696][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807a01a000: abort rx timeout. Force session deactivation [ 747.113990][ T9835] tty tty29: ldisc open failed (-12), clearing slot 28 [ 749.112249][ T9887] bridge0: port 1(bridge_slave_0) entered disabled state [ 749.120996][ T9887] bridge0: port 2(bridge_slave_1) entered disabled state [ 751.988874][ T9916] loop1: detected capacity change from 0 to 1024 [ 752.060597][ T3745] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 752.483549][ T3745] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 752.507510][ T3745] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 752.574327][ T3745] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 752.612138][ T3745] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 752.639412][ T3745] usb 5-1: config 0 descriptor?? [ 752.685658][ T9923] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1718'. [ 752.837301][ T3745] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 754.660142][ T9929] loop3: detected capacity change from 0 to 512 [ 754.737583][ T3934] hfsplus: b-tree write err: -5, ino 4 [ 754.760401][ T9929] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 754.792222][ T9929] ext4 filesystem being mounted at /247/bus supports timestamps until 2038 (0x7fffffff) [ 754.861615][ T9929] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1719'. [ 754.993159][ T5124] EXT4-fs (loop3): unmounting filesystem. [ 755.065962][ T9937] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1721'. [ 755.294690][ T9940] loop1: detected capacity change from 0 to 1024 [ 755.317038][ T9940] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 755.975154][ T3693] usb 4-1: new full-speed USB device number 31 using dummy_hcd [ 757.336149][ T3648] usb 5-1: USB disconnect, device number 36 [ 758.073790][ T3693] usb 4-1: not running at top speed; connect to a high speed hub [ 758.160515][ T3693] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 758.191988][ T3693] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 758.496253][ T3693] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 758.521034][ T3693] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 758.561928][ T3693] usb 4-1: Product: Љ [ 758.577970][ T9960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1729'. [ 758.615833][ T3693] usb 4-1: can't set config #1, error -71 [ 758.632459][ T3693] usb 4-1: USB disconnect, device number 31 [ 760.439559][ T9975] loop4: detected capacity change from 0 to 2048 [ 760.451996][ T9975] EXT4-fs: Ignoring removed mblk_io_submit option [ 760.494513][ T9975] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 760.525329][ T9975] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1732: bg 0: block 234: padding at end of block bitmap is not set [ 760.544769][ T9975] EXT4-fs (loop4): Remounting filesystem read-only [ 760.646502][ T3653] EXT4-fs (loop4): unmounting filesystem. [ 760.663013][ T3745] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 761.063958][ T3745] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 761.906718][ T3745] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 761.922272][ T3745] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 761.931916][ T3745] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.943796][ T3745] usb 1-1: config 0 descriptor?? [ 761.987290][ T3745] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 762.403822][ T9996] loop4: detected capacity change from 0 to 512 [ 762.427731][ T9999] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1741'. [ 762.437175][ T9999] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1741'. [ 762.448008][ T9996] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #16: comm syz.4.1740: casefold flag without casefold feature [ 762.490269][ T9996] EXT4-fs error (device loop4): ext4_do_update_inode:5221: inode #3: comm syz.4.1740: corrupted inode contents [ 762.515579][ T9996] EXT4-fs error (device loop4): ext4_dirty_inode:6083: inode #3: comm syz.4.1740: mark_inode_dirty error [ 762.537547][ T3690] usb 2-1: new full-speed USB device number 30 using dummy_hcd [ 762.571462][ T9996] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1740: bg 0: block 64: padding at end of block bitmap is not set [ 762.591873][ T9996] Quota error (device loop4): write_blk: dquota write failed [ 762.599639][ T9996] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 762.609970][ T9996] EXT4-fs error (device loop4): ext4_acquire_dquot:6800: comm syz.4.1740: Failed to acquire dquot type 0 [ 762.627375][ T9996] EXT4-fs (loop4): 1 truncate cleaned up [ 762.634946][ T9996] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 762.655146][ T9996] ext4 filesystem being mounted at /360/file1 supports timestamps until 2038 (0x7fffffff) [ 762.733702][ T26] audit: type=1326 audit(1725120744.379:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9995 comm="syz.4.1740" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa2a9179eb9 code=0x0 [ 762.981780][ T3690] usb 2-1: not running at top speed; connect to a high speed hub [ 763.079412][ T3690] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 763.103940][ T3690] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 763.286517][ T3653] EXT4-fs (loop4): unmounting filesystem. [ 763.448326][T10009] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1743'. [ 763.679511][ T3690] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 763.835792][ T3690] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 763.844964][ T3690] usb 2-1: Product: Љ [ 763.849753][ T3690] usb 2-1: SerialNumber: ఊ [ 764.439353][ T5949] usb 1-1: USB disconnect, device number 14 [ 764.599204][T10016] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1745'. [ 765.953661][ T3690] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 765.969339][ T3690] cdc_ncm 2-1:1.1: bind() failure [ 765.990681][ T3690] usb 2-1: USB disconnect, device number 30 [ 767.445336][ T3693] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 767.834044][T10054] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1757'. [ 767.878671][ T3693] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 767.899924][ T3693] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 767.943560][ T3693] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 767.975120][ T3693] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 768.009005][ T3693] usb 2-1: config 0 descriptor?? [ 768.054312][ T3693] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 769.091525][T10060] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1759'. [ 772.467647][ T3690] usb 2-1: USB disconnect, device number 31 [ 773.069767][T10089] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1768'. [ 774.046853][ T4134] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 774.395001][T10095] loop1: detected capacity change from 0 to 1764 [ 774.668875][T10102] netlink: 19 bytes leftover after parsing attributes in process `syz.4.1770'. [ 774.691424][T10102] loop4: detected capacity change from 0 to 256 [ 774.698953][T10102] FAT-fs (loop4): Unrecognized mount option "codepageG~50" or missing value [ 774.726251][ T4134] usb 1-1: not running at top speed; connect to a high speed hub [ 774.812923][ T4134] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 774.843570][ T4134] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 775.982637][ T4134] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 775.991748][ T4134] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 776.057607][ T4134] usb 1-1: Product: Љ [ 776.091046][ T4134] usb 1-1: can't set config #1, error -71 [ 776.099892][ T4134] usb 1-1: USB disconnect, device number 15 [ 776.270682][T10115] fuse: Unknown parameter 'user_00000000000000000000' [ 776.365002][T10115] loop3: detected capacity change from 0 to 512 [ 776.416613][T10115] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 776.425106][T10115] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 776.491885][T10115] EXT4-fs (loop3): orphan cleanup on readonly fs [ 776.499568][T10115] Quota error (device loop3): v2_read_file_info: Free block number 1 out of range (1, 6). [ 776.514061][T10115] EXT4-fs warning (device loop3): ext4_enable_quotas:7035: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 776.549170][T10115] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 776.587612][T10115] EXT4-fs (loop3): 1 truncate cleaned up [ 776.609676][T10115] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 776.733478][ T5949] usb 1-1: new full-speed USB device number 16 using dummy_hcd [ 776.796949][ T5945] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 778.125492][T10131] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1781'. [ 778.935081][ T5945] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 778.993651][ T5949] usb 1-1: config 0 has an invalid interface number: 214 but max is 0 [ 779.025875][ T5949] usb 1-1: config 0 has no interface number 0 [ 779.047395][ T5945] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 779.057684][ T5949] usb 1-1: New USB device found, idVendor=1cd7, idProduct=0217, bcdDevice=e0.25 [ 779.074030][ T5945] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 779.082820][ T5949] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 779.092739][ T5945] usb 2-1: config 0 descriptor?? [ 779.100749][ T5949] usb 1-1: config 0 descriptor?? [ 779.148022][ T5945] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 779.180182][ T5949] ftdi_sio 1-1:0.214: FTDI USB Serial Device converter detected [ 779.197041][ T5949] ftdi_sio ttyUSB0: unknown device type: 0xe025 [ 779.512372][T10117] 9pnet_fd: Insufficient options for proto=fd [ 779.543333][ T26] audit: type=1326 audit(1725120759.886:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.0.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48b779eb9 code=0x7ffc0000 [ 779.580083][ T4134] usb 1-1: USB disconnect, device number 16 [ 779.594692][ T4134] ftdi_sio 1-1:0.214: device disconnected [ 779.615488][ T26] audit: type=1326 audit(1725120759.923:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.0.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fc48b779eb9 code=0x7ffc0000 [ 779.649868][ T26] audit: type=1326 audit(1725120759.923:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.0.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48b779eb9 code=0x7ffc0000 [ 779.685456][ T26] audit: type=1326 audit(1725120759.932:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10116 comm="syz.0.1776" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48b779eb9 code=0x7ffc0000 [ 780.518578][ T3648] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 780.912741][ T3648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 780.931128][ T3648] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 780.942233][ T3648] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 780.961043][ T3648] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 780.985726][ T3648] usb 5-1: config 0 descriptor?? [ 782.286276][ T5949] usb 2-1: USB disconnect, device number 32 [ 782.347678][T10167] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1793'. [ 782.516229][ T3648] hid (null): bogus close delimiter [ 783.729150][ T3648] usb 5-1: string descriptor 0 read error: -71 [ 783.750859][ T3648] uclogic 0003:256C:006D.0020: failed retrieving string descriptor #200: -71 [ 783.792804][ T3648] uclogic 0003:256C:006D.0020: failed retrieving pen parameters: -71 [ 783.826622][ T3648] uclogic 0003:256C:006D.0020: failed probing pen v2 parameters: -71 [ 783.852211][ T3648] uclogic 0003:256C:006D.0020: failed probing parameters: -71 [ 783.879187][ T3648] uclogic: probe of 0003:256C:006D.0020 failed with error -71 [ 783.903101][ T3648] usb 5-1: USB disconnect, device number 37 [ 784.206201][ T5949] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 784.937229][T10186] loop1: detected capacity change from 0 to 16 [ 784.945657][T10186] erofs: (device loop1): mounted with root inode @ nid 36. [ 784.966272][T10186] syz.1.1800: attempt to access beyond end of device [ 784.966272][T10186] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 784.980057][T10186] syz.1.1800: attempt to access beyond end of device [ 784.980057][T10186] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 784.999749][T10186] syz.1.1800: attempt to access beyond end of device [ 784.999749][T10186] loop1: rw=0, sector=8, nr_sectors = 16 limit=16 [ 785.094518][ T5949] usb 4-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 785.103738][ T5949] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 785.146651][ T5949] usb 4-1: config 0 descriptor?? [ 785.204682][T10194] loop1: detected capacity change from 0 to 16 [ 785.236902][T10194] erofs: (device loop1): mounted with root inode @ nid 36. [ 785.450418][T10176] netdevsim0 speed is unknown, defaulting to 1000 [ 785.614884][T10199] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 786.105849][T10199] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 786.117284][T10199] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 786.126106][T10200] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 786.135498][T10200] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 786.146705][T10200] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117] [ 786.448888][ T3723] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 786.725652][ T5949] usb 4-1: USB disconnect, device number 32 [ 786.892920][ T3723] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 786.923847][ T3723] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 786.945120][ T3723] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 786.999025][ T3723] usb 5-1: config 0 descriptor?? [ 787.058438][ T3723] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 787.326160][ T3662] Bluetooth: hci6: command 0x0406 tx timeout [ 789.189041][ T5609] usb 5-1: USB disconnect, device number 38 [ 789.492667][T10230] loop4: detected capacity change from 0 to 16 [ 789.813267][T10232] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1813'. [ 790.261282][T10230] erofs: (device loop4): mounted with root inode @ nid 36. [ 790.281897][T10230] syz.4.1812: attempt to access beyond end of device [ 790.281897][T10230] loop4: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 790.295717][T10230] syz.4.1812: attempt to access beyond end of device [ 790.295717][T10230] loop4: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 790.314575][T10230] syz.4.1812: attempt to access beyond end of device [ 790.314575][T10230] loop4: rw=0, sector=8, nr_sectors = 16 limit=16 [ 790.762266][ T4134] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 792.905934][ T4134] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 792.934573][ T4134] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 793.000464][ T4134] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 793.456447][ T4134] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 793.486081][ T4134] usb 1-1: config 0 descriptor?? [ 793.794548][ T4134] usbhid 1-1:0.0: can't add hid device: -71 [ 793.800587][ T4134] usbhid: probe of 1-1:0.0 failed with error -71 [ 794.020462][ T4134] usb 1-1: USB disconnect, device number 17 [ 794.419591][T10269] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1824'. [ 794.455208][ T3723] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 794.986793][ T3723] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 795.256657][ T3723] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 795.311583][ T3723] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 795.364693][ T3723] usb 4-1: config 0 descriptor?? [ 795.906248][ T3723] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 796.159908][ T1271] ieee802154 phy0 wpan0: encryption failed: -22 [ 796.634404][T10269] bond0: (slave bond_slave_1): Releasing backup interface [ 796.992040][T10287] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1828'. [ 797.109550][ T3690] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 797.137761][T10289] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1829'. [ 797.204068][T10291] loop4: detected capacity change from 0 to 16 [ 797.283001][T10291] erofs: (device loop4): mounted with root inode @ nid 36. [ 797.446325][ T3690] usb 2-1: Using ep0 maxpacket: 32 [ 798.318581][T10295] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 798.350472][T10295] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 798.361627][T10295] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 798.374794][T10295] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 798.384366][T10295] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -7 in[50, 4046] out[1851] [ 798.395428][T10295] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117] [ 798.442210][ T3723] usb 4-1: USB disconnect, device number 33 [ 799.059597][ T3690] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 799.068797][ T3690] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 799.120727][ T3690] usb 2-1: Product: syz [ 799.135136][ T3690] usb 2-1: Manufacturer: syz [ 799.139975][ T3690] usb 2-1: SerialNumber: syz [ 799.170173][ T3690] usb 2-1: config 0 descriptor?? [ 800.630632][ T3690] (unnamed net_device) (uninitialized): Assigned a random MAC address: 86:d4:fc:f3:58:57 [ 800.691923][T10322] loop4: detected capacity change from 0 to 512 [ 800.910458][T10322] EXT4-fs: Ignoring removed i_version option [ 800.943883][T10322] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 800.965379][ T3690] rtl8150 2-1:0.0: eth1: rtl8150 is detected [ 801.008943][ T3690] usb 2-1: USB disconnect, device number 33 [ 801.065101][T10322] EXT4-fs (loop4): 1 truncate cleaned up [ 801.070805][T10322] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 802.590953][ T26] audit: type=1800 audit(1725120781.161:295): pid=10322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1840" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 802.665770][ T26] audit: type=1804 audit(1725120781.161:296): pid=10336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1840" name="/newroot/383/bus/bus" dev="loop4" ino=18 res=1 errno=0 [ 802.727325][T10342] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1846'. [ 802.771638][ T26] audit: type=1804 audit(1725120781.207:297): pid=10322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1840" name="/newroot/383/bus/bus" dev="loop4" ino=18 res=1 errno=0 [ 803.777276][ T3653] EXT4-fs (loop4): unmounting filesystem. [ 804.281714][ T3693] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 804.407573][T10361] loop1: detected capacity change from 0 to 2048 [ 804.583077][T10365] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 804.888792][ T3693] usb 3-1: config 0 has no interfaces? [ 804.894346][ T3693] usb 3-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00 [ 804.931323][ T3693] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 804.937682][ T26] audit: type=1800 audit(1725120783.330:298): pid=10361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1852" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 804.951986][ T3693] usb 3-1: config 0 descriptor?? [ 805.062758][T10365] NILFS (loop1): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3) [ 805.102979][T10365] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=2) [ 805.119839][T10377] netlink: 19 bytes leftover after parsing attributes in process `syz.0.1856'. [ 805.149541][T10365] Remounting filesystem read-only [ 805.157226][ T102] NILFS (loop1): discard dirty page: offset=4096, ino=6 [ 805.178478][ T102] NILFS (loop1): discard dirty block: blocknr=39, size=1024 [ 805.197733][ T102] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.220566][ T102] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.244572][ T102] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.268164][ T102] NILFS (loop1): discard dirty page: offset=0, ino=2 [ 805.275085][ T102] NILFS (loop1): discard dirty block: blocknr=18, size=1024 [ 805.294781][ T102] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.322313][ T102] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.331251][ T102] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.362346][ T7735] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer [ 805.397232][ T7735] NILFS (loop1): discard dirty page: offset=0, ino=6 [ 805.419219][ T7735] NILFS (loop1): discard dirty block: blocknr=35, size=1024 [ 805.426667][ T7735] NILFS (loop1): discard dirty block: blocknr=36, size=1024 [ 805.447158][ T7735] NILFS (loop1): discard dirty block: blocknr=37, size=1024 [ 805.462520][ T7735] NILFS (loop1): discard dirty block: blocknr=38, size=1024 [ 805.478783][ T7735] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 805.493576][ T7735] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 805.507209][ T7735] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.538381][ T7735] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.549225][ T7735] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 805.641392][ T26] audit: type=1326 audit(1725120783.976:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.1.1858" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ccdf79eb9 code=0x0 [ 805.699954][T10386] overlayfs: failed to resolve './file2': -2 [ 805.716967][T10386] capability: warning: `syz.2.1849' uses 32-bit capabilities (legacy support in use) [ 805.777052][T10389] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1861'. [ 807.199773][ T3693] usb 3-1: USB disconnect, device number 21 [ 808.730458][ T4134] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 809.021847][T10428] loop4: detected capacity change from 0 to 512 [ 809.148446][T10428] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 809.158057][ T4134] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 809.219041][ T4134] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 809.229125][T10428] ext4 filesystem being mounted at /390/file0 supports timestamps until 2038 (0x7fffffff) [ 809.285661][ T4134] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 809.310269][ T4134] usb 4-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00 [ 809.319371][ T4134] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 809.329551][ T4134] usb 4-1: config 0 descriptor?? [ 809.369749][T10439] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1876'. [ 809.462600][ T26] audit: type=1804 audit(1725120787.511:300): pid=10428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1873" name="/newroot/390/file0/bus" dev="loop4" ino=18 res=1 errno=0 [ 809.464237][T10428] overlayfs: './file1' not a directory [ 809.729042][T10445] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1878'. [ 810.185192][ T4134] glorious 0003:258A:0036.0021: unknown main item tag 0x0 [ 810.208867][ T4134] glorious 0003:258A:0036.0021: unknown main item tag 0x0 [ 810.565905][ T3653] EXT4-fs (loop4): unmounting filesystem. [ 810.611511][ T4134] glorious 0003:258A:0036.0021: unknown main item tag 0x0 [ 810.672735][ T4134] glorious 0003:258A:0036.0021: unknown main item tag 0x0 [ 810.680351][ T4134] glorious 0003:258A:0036.0021: unknown main item tag 0x0 [ 810.691597][ T4134] glorious 0003:258A:0036.0021: unknown main item tag 0x0 [ 810.703696][T10453] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1880'. [ 810.713486][ T4134] glorious 0003:258A:0036.0021: unknown main item tag 0x0 [ 810.744647][ T4134] glorious 0003:258A:0036.0021: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.3-1/input0 [ 810.801839][ T4134] usb 4-1: USB disconnect, device number 34 [ 811.763101][T10480] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1887'. [ 811.912184][T10486] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1889'. [ 811.992287][T10486] device batadv0 entered promiscuous mode [ 812.065021][T10486] device batadv0 left promiscuous mode [ 812.953694][T10493] binder: 10491:10493 ioctl c0306201 20000080 returned -14 [ 813.502414][ T27] INFO: task syz.2.1426:8885 blocked for more than 143 seconds. [ 813.524694][ T27] Not tainted 6.1.107-syzkaller #0 [ 813.530575][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 813.574467][ T27] task:syz.2.1426 state:D stack:25112 pid:8885 ppid:6396 flags:0x00004004 [ 813.603537][ T27] Call Trace: [ 813.617877][ T27] [ 813.628306][ T27] __schedule+0x143f/0x4570 [ 813.645727][ T27] ? release_firmware_map_entry+0x186/0x186 [ 813.670943][ T27] ? blk_check_plugged+0x250/0x250 [ 813.681865][ T27] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 813.704131][ T27] ? blk_check_plugged+0x250/0x250 [ 813.715055][ T27] ? print_irqtrace_events+0x210/0x210 [ 813.737497][ T27] ? _raw_spin_lock_irq+0xdb/0x110 [ 813.742808][ T27] schedule+0xbf/0x180 [ 813.747054][ T27] io_schedule+0x88/0x100 [ 813.772342][ T27] folio_wait_bit_common+0x878/0x1290 [ 813.777928][ T27] ? folio_wait_bit+0x20/0x20 [ 813.782674][ T27] ? migration_entry_wait_on_locked+0x1160/0x1160 [ 813.792758][ T27] ? asm_sysvec_call_function_single+0x16/0x20 [ 813.799059][ T27] ? erofs_map_blocks+0x14d0/0x14d0 [ 813.804402][ T27] ? bio_add_page+0x3a4/0x750 [ 813.809236][ T27] z_erofs_runqueue+0x993/0x1ca0 [ 813.814269][ T27] ? z_erofs_do_read_page+0x3bd0/0x3bd0 [ 813.832026][ T27] ? __lock_acquire+0x1f80/0x1f80 [ 813.853119][ T27] ? z_erofs_pcluster_readmore+0x41a/0x450 [ 813.863838][ T27] z_erofs_readahead+0xc26/0x1030 [ 813.869069][ T27] ? z_erofs_read_folio+0x760/0x760 [ 813.878977][ T27] ? __lock_acquire+0x1f80/0x1f80 [ 813.889003][ T27] ? blk_start_plug+0x95/0x110 [ 813.898719][ T27] read_pages+0x17f/0x830 [ 813.903315][ T27] ? folio_add_lru+0x34d/0xd70 [ 813.908166][ T27] ? folio_add_lru+0x34d/0xd70 [ 813.913059][ T27] ? page_cache_ra_unbounded+0x7b0/0x7b0 [ 813.919045][ T27] ? __filemap_add_folio+0x1ba0/0x1ba0 [ 813.924881][ T27] ? page_cache_ra_unbounded+0x369/0x7b0 [ 813.930591][ T27] page_cache_ra_unbounded+0x68b/0x7b0 [ 813.940698][ T27] force_page_cache_ra+0x2a3/0x300 [ 813.952473][ T27] generic_fadvise+0x553/0x7b0 [ 813.961955][ T27] ? fput+0x159/0x1b0 [ 813.966175][ T27] ? dump_task+0x620/0x620 [ 813.975248][ T27] ? __fget_files+0x28/0x4a0 [ 813.984692][ T27] ? __fdget+0x182/0x210 [ 813.993737][ T27] __x64_sys_fadvise64+0x138/0x180 [ 813.999095][ T27] do_syscall_64+0x3b/0xb0 [ 814.008352][ T27] ? clear_bhb_loop+0x45/0xa0 [ 814.018270][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 814.024798][ T27] RIP: 0033:0x7ff0e7779eb9 [ 814.029353][ T27] RSP: 002b:00007ff0e855c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd [ 814.038707][ T27] RAX: ffffffffffffffda RBX: 00007ff0e7916058 RCX: 00007ff0e7779eb9 [ 814.046895][ T27] RDX: 0000000000000000 RSI: 0000000000e0ffff RDI: 0000000000000004 [ 814.055289][ T27] RBP: 00007ff0e77e793e R08: 0000000000000000 R09: 0000000000000000 [ 814.069612][ T27] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 814.078249][ T27] R13: 0000000000000000 R14: 00007ff0e7916058 R15: 00007ffca2db3c68 [ 814.086364][ T27] [ 814.108660][ T27] [ 814.108660][ T27] Showing all locks held in the system: [ 814.116724][ T27] 1 lock held by rcu_tasks_kthre/12: [ 814.138547][ T27] #0: ffffffff8d32b190 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 814.158769][ T27] 1 lock held by rcu_tasks_trace/13: [ 814.165409][ T27] #0: ffffffff8d32b990 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 814.188803][ T27] 1 lock held by khungtaskd/27: [ 814.193739][ T27] #0: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 814.213192][ T27] 2 locks held by getty/3394: [ 814.219351][ T27] #0: ffff88814b943098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 814.229590][ T27] #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 814.241476][ T27] 1 lock held by syz.2.1426/8885: [ 814.246545][ T27] #0: ffff8880581768c0 (mapping.invalidate_lock#4){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xed/0x7b0 [ 814.257988][ T27] 1 lock held by syz.0.1635/9621: [ 814.275018][ T27] #0: ffff88804d0c8890 (mapping.invalidate_lock#4){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xed/0x7b0 [ 814.289258][ T27] 1 lock held by syz.3.1886/10481: [ 814.297140][ T27] [ 814.299605][ T27] ============================================= [ 814.299605][ T27] [ 814.310869][ T27] NMI backtrace for cpu 1 [ 814.315333][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.107-syzkaller #0 [ 814.323262][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 814.333353][ T27] Call Trace: [ 814.336663][ T27] [ 814.339625][ T27] dump_stack_lvl+0x1e3/0x2cb [ 814.344353][ T27] ? preempt_schedule_thunk+0x16/0x18 [ 814.349856][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 814.355445][ T27] ? panic+0x764/0x764 [ 814.359543][ T27] ? vprintk_emit+0x622/0x740 [ 814.364266][ T27] ? printk_sprint+0x490/0x490 [ 814.369176][ T27] ? nmi_cpu_backtrace+0x252/0x560 [ 814.374346][ T27] nmi_cpu_backtrace+0x4e1/0x560 [ 814.379341][ T27] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 814.385716][ T27] ? _printk+0xd1/0x111 [ 814.389903][ T27] ? panic+0x764/0x764 [ 814.394096][ T27] ? __wake_up_klogd+0xcc/0x100 [ 814.399185][ T27] ? panic+0x764/0x764 [ 814.403289][ T27] ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0 [ 814.409397][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 814.415513][ T27] nmi_trigger_cpumask_backtrace+0x1ae/0x3f0 [ 814.421547][ T27] watchdog+0xf88/0xfd0 [ 814.425838][ T27] ? watchdog+0x1f8/0xfd0 [ 814.430399][ T27] kthread+0x28d/0x320 [ 814.434516][ T27] ? hungtask_pm_notify+0x50/0x50 [ 814.439602][ T27] ? kthread_blkcg+0xd0/0xd0 [ 814.444263][ T27] ret_from_fork+0x1f/0x30 [ 814.449703][ T27] [ 814.454953][ T27] Sending NMI from CPU 1 to CPUs 0: [ 814.460291][ C0] NMI backtrace for cpu 0 [ 814.460305][ C0] CPU: 0 PID: 10481 Comm: syz.3.1886 Not tainted 6.1.107-syzkaller #0 [ 814.460322][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 814.460332][ C0] RIP: 0010:input_handle_event+0xee/0xb00 [ 814.460355][ C0] Code: 0f 84 e1 08 00 00 e8 51 00 9d fa eb 05 e8 4a 00 9d fa 4c 8d 7c 24 60 49 c1 ef 03 48 ba 00 00 00 00 00 fc ff df 41 0f b6 04 17 <84> c0 0f 85 e7 08 00 00 44 89 74 24 60 49 8d 9d a8 07 00 00 48 89 [ 814.460369][ C0] RSP: 0018:ffffc9001105fa60 EFLAGS: 00000802 [ 814.460384][ C0] RAX: 0000000000000004 RBX: 0000000000000001 RCX: 0000000000040000 [ 814.460395][ C0] RDX: dffffc0000000000 RSI: 000000000003ffff RDI: 0000000000040000 [ 814.460406][ C0] RBP: ffffc9001105fb38 R08: ffffffff86edae12 R09: fffffbfff223b645 [ 814.460419][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff9200220bf54 [ 814.460430][ C0] R13: ffff88801b759000 R14: 0000000000000000 R15: 1ffff9200220bf58 [ 814.460442][ C0] FS: 00007ff9511026c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 814.460457][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 814.460469][ C0] CR2: 000000002074d000 CR3: 0000000061800000 CR4: 00000000003506f0 [ 814.460484][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 814.460493][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 814.460504][ C0] Call Trace: [ 814.460510][ C0] [ 814.460517][ C0] ? nmi_cpu_backtrace+0x3de/0x560 [ 814.460545][ C0] ? read_lock_is_recursive+0x10/0x10 [ 814.460574][ C0] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 814.460602][ C0] ? nmi_handle+0x25/0x440 [ 814.460637][ C0] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 814.460663][ C0] ? nmi_handle+0x12e/0x440 [ 814.460689][ C0] ? nmi_handle+0x25/0x440 [ 814.460715][ C0] ? input_handle_event+0xee/0xb00 [ 814.460730][ C0] ? default_do_nmi+0x62/0x150 [ 814.460748][ C0] ? exc_nmi+0xa8/0x100 [ 814.460764][ C0] ? end_repeat_nmi+0x16/0x31 [ 814.460796][ C0] ? input_handle_event+0xc2/0xb00 [ 814.460813][ C0] ? input_handle_event+0xee/0xb00 [ 814.460830][ C0] ? input_handle_event+0xee/0xb00 [ 814.460848][ C0] ? input_handle_event+0xee/0xb00 [ 814.460864][ C0] [ 814.460869][ C0] [ 814.460876][ C0] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 814.460898][ C0] ? userio_device_write+0x1f0/0x1f0 [ 814.460921][ C0] input_inject_event+0x224/0x330 [ 814.460938][ C0] ? input_inject_event+0xd1/0x330 [ 814.460955][ C0] evdev_write+0x668/0x7c0 [ 814.460985][ C0] ? evdev_read+0xe00/0xe00 [ 814.461007][ C0] ? end_current_label_crit_section+0x147/0x170 [ 814.461034][ C0] ? common_file_perm+0x17d/0x1d0 [ 814.461059][ C0] ? fsnotify_perm+0x64/0x590 [ 814.461075][ C0] ? security_file_permission+0x75/0xa0 [ 814.461098][ C0] ? evdev_read+0xe00/0xe00 [ 814.461122][ C0] vfs_write+0x2d9/0xbc0 [ 814.461141][ C0] ? do_sys_openat2+0x1f9/0x4f0 [ 814.461168][ C0] ? file_end_write+0x250/0x250 [ 814.461186][ C0] ? __fget_files+0x28/0x4a0 [ 814.461203][ C0] ? __fget_files+0x435/0x4a0 [ 814.461220][ C0] ? __fget_files+0x28/0x4a0 [ 814.461239][ C0] ? __fdget_pos+0x1db/0x360 [ 814.461254][ C0] ? ksys_write+0x77/0x2c0 [ 814.461271][ C0] ksys_write+0x19c/0x2c0 [ 814.461287][ C0] ? print_irqtrace_events+0x210/0x210 [ 814.461314][ C0] ? __ia32_sys_read+0x80/0x80 [ 814.461330][ C0] ? syscall_enter_from_user_mode+0x2e/0x230 [ 814.461350][ C0] ? lockdep_hardirqs_on+0x94/0x130 [ 814.461369][ C0] ? syscall_enter_from_user_mode+0x2e/0x230 [ 814.461390][ C0] do_syscall_64+0x3b/0xb0 [ 814.461415][ C0] ? clear_bhb_loop+0x45/0xa0 [ 814.461439][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 814.461463][ C0] RIP: 0033:0x7ff950379eb9 [ 814.461476][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 814.461489][ C0] RSP: 002b:00007ff951102038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 814.461506][ C0] RAX: ffffffffffffffda RBX: 00007ff950515f80 RCX: 00007ff950379eb9 [ 814.461518][ C0] RDX: 0000000100000008 RSI: 0000000020000000 RDI: 0000000000000003 [ 814.461528][ C0] RBP: 00007ff9503e793e R08: 0000000000000000 R09: 0000000000000000 [ 814.461539][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 814.461548][ C0] R13: 0000000000000000 R14: 00007ff950515f80 R15: 00007ffd52b166b8 [ 814.461569][ C0] [ 814.478061][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 814.478080][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.107-syzkaller #0 [ 814.478103][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 814.478116][ T27] Call Trace: [ 814.478124][ T27] [ 814.478134][ T27] dump_stack_lvl+0x1e3/0x2cb [ 814.478187][ T27] ? nf_tcp_handle_invalid+0x642/0x642 [ 814.478223][ T27] ? panic+0x764/0x764 [ 814.478248][ T27] ? llist_add_batch+0x160/0x1d0 [ 814.478286][ T27] ? vscnprintf+0x59/0x80 [ 814.478316][ T27] panic+0x318/0x764 [ 814.478342][ T27] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 814.478380][ T27] ? memcpy_page_flushcache+0xfc/0xfc [ 814.478411][ T27] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 814.478446][ T27] ? nmi_trigger_cpumask_backtrace+0x338/0x3f0 [ 814.478485][ T27] ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0 [ 814.478525][ T27] watchdog+0xfc7/0xfd0 [ 814.478562][ T27] ? watchdog+0x1f8/0xfd0 [ 814.478596][ T27] kthread+0x28d/0x320 [ 814.478624][ T27] ? hungtask_pm_notify+0x50/0x50 [ 814.478652][ T27] ? kthread_blkcg+0xd0/0xd0 [ 814.478675][ T27] ret_from_fork+0x1f/0x30 [ 814.478721][ T27] [ 814.486308][ T27] Kernel Offset: disabled [ 815.025262][ T27] Rebooting in 86400 seconds..