last executing test programs: 8.502241155s ago: executing program 3 (id=3123): openat$kvm(0xffffffffffffff9c, 0x0, 0x42, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) munlockall() fsopen(0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) 6.859403058s ago: executing program 3 (id=3128): r0 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000002c0)=0x6) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58) r4 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg$unix(r4, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) 5.608290539s ago: executing program 0 (id=3133): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000540)='./file6\x00', 0x201080b, &(0x7f0000000bc0)=ANY=[@ANYRES64=0x0, @ANYRES64=0x0, @ANYRES8, @ANYBLOB="f9a192156bf01ca65961aa6bd8ded2e99e6d0172a290a4fb5b1c9e8d9a9f58a7c3868f3eb59150ec071f4e3228ed5671cc052363c2bc5a05b0140cd7da2c3b26425ae32d743c4d16e3c55cf800e12e64a3640a40b4f2f180a48dd8a25cf189be2fd909aa7590af8279dcc0a61037dc8c3700a8c29ca46a4843d9fefb37f83f64ea9df56d8d0de49b763efff6f4760bea6106b97d031bae46be2b0fd7048ba60a097ee8310a55b529828699f7acce", @ANYRES8, @ANYRESHEX], 0x21, 0x1cc, &(0x7f0000000280)="$eJzsVU+rUkEU/413vJqLah2Bi6RskV6vFW0iV+GXiBK9mXTtj1coRei28nu08Wu0aN8mKAja1KKCFkbbMM7MGZvSsPd88t6D+cF9vzl/Z86c55l7yeMEAH7OJ200oODjJN4LAQmgKLTuZk7zV19zheXPUvNF1r9gXjCS0fh+K46jwQ4X620ZfRDsJSP5/216M791al0eITcnfAcfOy5eLTxsES72cVEbF0h10t3XfmQWtz1TMhW/bcIfB3Ww4r/+Nzb1Xf5Hl7Ha5Tz9hg6jBWLV9Fu88TyDb6rit/NJmxZ3eEqRrqM/YftQN19ZPmek+oSHxdKHhh8JFwBUh/1H1WQ0vtTrt7pRN3oQhvWrweUguBJW7/biKNB/hbWFGVHEjes50Ew9YdmzAD7wgC3AwhcTqY/GdmHH0hxe8JAun8MfyFhlGS7g5TKWw0BXkMd5UEufpMLSllQWCVVSEwKeEnjoP+Nr0XvllVel/TDuTCHUfipsBqlzZJeuEj4sgdzq11KjmjKXmJvMM+aPzObNMm+RVBk+sVRO6UaftobDQc1/zSE1evWULvSNNTyd2hdGu37nHKa4szk4ODg4ODg4OBwz/AoAAP//pKZOzg==") shutdown(0xffffffffffffffff, 0xa72d359c759b2dd3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x4) gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r0, r1, 0x4e, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r2, 0xffffffffffffffff, 0x0) 5.568012002s ago: executing program 3 (id=3134): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000080)='./file0\x00', 0xecf86c37d530496d) write$binfmt_elf32(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f02"], 0x78) close(r3) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 5.246171317s ago: executing program 0 (id=3137): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) clock_gettime(0x0, 0x0) io_setup(0xb336, &(0x7f0000000040)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6a, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a0200000000001801000020207825"], &(0x7f0000000000)='GPL\x00', 0x202, 0xde, &(0x7f0000000340)=""/222, 0x41000, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401}, 0x94) 4.653820375s ago: executing program 3 (id=3138): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f00000000c0)={0x32, 0x33, 0x16, 0xa, 0x7, 0x100, 0x0, 0x44, 0xffffffffffffffff}) 4.389325907s ago: executing program 1 (id=3140): r0 = socket$alg(0x26, 0x5, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000000000)=@buf={0x52, &(0x7f0000000100)="6d1050b35d780ffbabbdf47416033f37f50dfa4acbac26863c355660f93c73c3bdafc152ddaf78512596d685dda23de26d1c5ef8b5228cd75e5234c1502d00265463fd49a5368db77d10cb81b71759b70142"}) 4.184405603s ago: executing program 1 (id=3142): r0 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000002c0)=0x6) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58) r4 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg$unix(r4, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) 3.078334102s ago: executing program 2 (id=3146): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) getpgrp(0x0) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) 3.037172776s ago: executing program 0 (id=3147): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet(0x2, 0x3, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0), 0x0, 0x2a, &(0x7f0000000200), 0x0, 0x0, 0x0, &(0x7f0000000280), 0x8, 0xac, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'tunl0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x1, 0x1, 0x3, 0x7, {{0xd, 0x4, 0x2, 0x3f, 0x34, 0x66, 0x0, 0x43, 0x2f, 0x0, @empty, @empty, {[@end, @generic={0x44, 0x3, "bd"}, @timestamp_prespec={0x44, 0x1c, 0xc7, 0x3, 0x7, [{@empty, 0xe8f9}, {@dev={0xac, 0x14, 0x14, 0x3a}}, {@rand_addr=0x64010101, 0xfffffffd}]}]}}}}}) getsockopt$inet_mreqn(r0, 0x0, 0x4b, 0x0, &(0x7f00000006c0)) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000700)) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000800)={'ip6_vti0\x00', &(0x7f0000000780)={'ip6gre0\x00', 0x0, 0x2f, 0xf5, 0x5, 0x7, 0x44, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, 0x0, 0x10, 0x7, 0x1}}) writev(r1, &(0x7f00000003c0)=[{0x0}], 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 2.896665997s ago: executing program 1 (id=3148): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, 0x0, &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, 0x0, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x11, 0x19, &(0x7f0000001740)=ANY=[@ANYBLOB="180800000600000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000003340), 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, &(0x7f0000000340)={0x0, @in={{0x2, 0x4e22, @private=0xa010102}}}, &(0x7f0000000040)=0x84) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r5, 0x400448e6, &(0x7f0000000500)="d7") ioctl$sock_bt_hci(r5, 0x400448e7, &(0x7f0000000080)) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001640)=@newtaction={0xf0, 0x30, 0x1, 0x2, 0x25dfdbfc, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x2, 0x0, 0x446, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, 0xfffffffd, 0x0, 0x2}}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x401, 0x1, 0x0, {0x0, 0x0, 0x0, 0x401}, {0x0, 0x0, 0x1}}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8010}, 0x2000000) 1.482757821s ago: executing program 0 (id=3149): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in6=@private0, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4}, 0x9}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x8040) bind$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000048000000ac1e000100000000000000000000000000000000000000000a0030"], 0xb8}}, 0x4000) 1.462025483s ago: executing program 3 (id=3150): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r3) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x8000, 0x0) sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000a40)={&(0x7f0000002b40)=ANY=[@ANYBLOB="0c0500000a0a0103000000000000000069000002d00111800a0001006d61746368000000c0010280ae00030036a4ff824bb21563d4db09f1c6fde168343fa8d3bc6a69ffe6b4e9c47bb6e4448fdade1c5f7f8ae3cfde888fde133885bd770301d0fef1f2c8969332ed5cb98e550dd1750d56606ab442689975ccb0039c7142fd489d961e06772995afd86ab52a0773da518dffa7f1e2d00489856a089dae9b3316f8830820a5e4b10b4f486f556c433aa91ef1442ec1a68fb17ea30bc7502dbf14f3c9db41bad644fb076f8605ec5e53976a08881e460000d0000300da1d59f2fc03500eec215c619dbd21383c47c3ab9fa9ebfaf883e08373203b453881cdbdbc53efc8a168a607f9b158951fee714ba4dd8b2f6272dddc47ba5737c777291360f6fbcaaeba243f9bc2e657569e3659c49802252cfa13dba020bb957a20d03186dce93d1ec39d2c02f2b4984426f573d6c6c39f5377ab2661d95c1985177bd346ac7614d7f6debc2a6450fe514714f574fa38861866833347028e98f950662f86eb6d064e399f7a1c49481de9c5a88050121ed1a65a4bf468c378a3a310384d22b3914af4ad9c0608000240000000010b0001006367726f7570000008000240000000010e000100636f6e6e627974657300000008000240000000010800024000000002500112802c0001800b0001007470726f787900001c000280080002400000001008000140000000020800014000000001540001800b000100657874686472000044000280080004400000003f08000340000000bc050002000700000008000640000000000800044000000076080006400000000108000740000000090800034000000088100001800a00010071756575650000004c0001800a00010071756575650000003c000280080004400000001406000240000000000600034000020000060001400007000006000240000700000600034000030000080004400000000e240001800a000100696e6e657200000014000280080003400000000608000240000000e10c0001800800010064757000240001800b0001007470726f7879000014000280080003400000001108000140000000010c0001800800010064757000100001800c0001006e6f747261636b000900020073797a31000000000900010073797a310000000008000640ffffff00b801128010000180090001006c61737400000000100001800b00010072656a6563740000540001800b00010074756e6e656c0000440002800800014000000000080001400000000008000140000000000800034000000000080001400000000008000240000000150800034000000002100001800c0001006269747769736500b00001800b0001007461726765740000a0000280080002400000000319000300266bb7a05f647c8d6ac10717d7c80e3685e025a1750000004f000300ec736fcadb6a78c880efa59cb62847c562f448fb52e5eaf11b22bd2f6225b5d5435ae7710930e2c45d566632620e48fa47a36832548484cd444800f78b211d52cd4748754914b367155237000b0001004e45544d415000000b0001005443504d53530000080002400000000108000240000000031c000180090001006d657461000000000c000280080002400000001f54000180090001008f65746100000000440002800800024000000023080003400000000f080002400000001d08000340000000090800034000000002080001400000000408000240000000060800034000000009100001800b0001007470726f787900"/1292], 0x50c}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000000) creat(&(0x7f00000003c0)='./file2\x00', 0x40) getdents64(r4, &(0x7f0000000f80)=""/4093, 0xffd) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r5}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6, 0x0, 0x2}, 0x18) r7 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r7, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r7, 0x0) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) sendmmsg(0xffffffffffffffff, &(0x7f0000000100)=[{{0x0, 0x2d, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x0) r8 = accept4$unix(r7, 0x0, 0x0, 0x0) recvfrom$unix(r8, &(0x7f0000000240)=""/262, 0x106, 0x20, 0x0, 0x0) 1.434903625s ago: executing program 2 (id=3151): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00a'], 0x50) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000080000000000000001000084060004000000000001"], 0x0, 0x42}, 0x20) 1.276229318s ago: executing program 2 (id=3152): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0x0, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r3) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x8000, 0x0) sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000a40)={&(0x7f0000002b40)=ANY=[@ANYBLOB="0c0500000a0a0103000000000000000069000002d00111800a0001006d61746368000000c0010280ae00030036a4ff824bb21563d4db09f1c6fde168343fa8d3bc6a69ffe6b4e9c47bb6e4448fdade1c5f7f8ae3cfde888fde133885bd770301d0fef1f2c8969332ed5cb98e550dd1750d56606ab442689975ccb0039c7142fd489d961e06772995afd86ab52a0773da518dffa7f1e2d00489856a089dae9b3316f8830820a5e4b10b4f486f556c433aa91ef1442ec1a68fb17ea30bc7502dbf14f3c9db41bad644fb076f8605ec5e53976a08881e460000d0000300da1d59f2fc03500eec215c619dbd21383c47c3ab9fa9ebfaf883e08373203b453881cdbdbc53efc8a168a607f9b158951fee714ba4dd8b2f6272dddc47ba5737c777291360f6fbcaaeba243f9bc2e657569e3659c49802252cfa13dba020bb957a20d03186dce93d1ec39d2c02f2b4984426f573d6c6c39f5377ab2661d95c1985177bd346ac7614d7f6debc2a6450fe514714f574fa38861866833347028e98f950662f86eb6d064e399f7a1c49481de9c5a88050121ed1a65a4bf468c378a3a310384d22b3914af4ad9c0608000240000000010b0001006367726f7570000008000240000000010e000100636f6e6e627974657300000008000240000000010800024000000002500112802c0001800b0001007470726f787900001c000280080002400000001008000140000000020800014000000001540001800b000100657874686472000044000280080004400000003f08000340000000bc050002000700000008000640000000000800044000000076080006400000000108000740000000090800034000000088100001800a00010071756575650000004c0001800a00010071756575650000003c000280080004400000001406000240000000000600034000020000060001400007000006000240000700000600034000030000080004400000000e240001800a000100696e6e657200000014000280080003400000000608000240000000e10c0001800800010064757000240001800b0001007470726f7879000014000280080003400000001108000140000000010c0001800800010064757000100001800c0001006e6f747261636b000900020073797a31000000000900010073797a310000000008000640ffffff00b801128010000180090001006c61737400000000100001800b00010072656a6563740000540001800b00010074756e6e656c0000440002800800014000000000080001400000000008000140000000000800034000000000080001400000000008000240000000150800034000000002100001800c0001006269747769736500b00001800b0001007461726765740000a0000280080002400000000319000300266bb7a05f647c8d6ac10717d7c80e3685e025a1750000004f000300ec736fcadb6a78c880efa59cb62847c562f448fb52e5eaf11b22bd2f6225b5d5435ae7710930e2c45d566632620e48fa47a36832548484cd444800f78b211d52cd4748754914b367155237000b0001004e45544d415000000b0001005443504d53530000080002400000000108000240000000031c000180090001006d657461000000000c000280080002400000001f54000180090001008f65746100000000440002800800024000000023080003400000000f080002400000001d08000340000000090800034000000002080001400000000408000240000000060800034000000009100001800b0001007470726f787900"/1292], 0x50c}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000000) creat(&(0x7f00000003c0)='./file2\x00', 0x40) getdents64(r4, &(0x7f0000000f80)=""/4093, 0xffd) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r5}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = socket(0x28, 0x5, 0x0) r7 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r7, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r7, 0x0) connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) sendmmsg(r6, &(0x7f0000000100)=[{{0x0, 0x2d, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x0) 709.618113ms ago: executing program 1 (id=3153): mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010040000000000002034400000008000300", @ANYRES32=r2, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140002"], 0x4c}}, 0x40000) 687.122865ms ago: executing program 0 (id=3154): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000540)='./file6\x00', 0x201080b, &(0x7f0000000bc0)=ANY=[@ANYRES64=0x0, @ANYRES64=0x0, @ANYRES8, @ANYBLOB="f9a192156bf01ca65961aa6bd8ded2e99e6d0172a290a4fb5b1c9e8d9a9f58a7c3868f3eb59150ec071f4e3228ed5671cc052363c2bc5a05b0140cd7da2c3b26425ae32d743c4d16e3c55cf800e12e64a3640a40b4f2f180a48dd8a25cf189be2fd909aa7590af8279dcc0a61037dc8c3700a8c29ca46a4843d9fefb37f83f64ea9df56d8d0de49b763efff6f4760bea6106b97d031bae46be2b0fd7048ba60a097ee8310a55b529828699f7acce", @ANYRES8, @ANYRESHEX], 0x21, 0x1cc, &(0x7f0000000280)="$eJzsVU+rUkEU/413vJqLah2Bi6RskV6vFW0iV+GXiBK9mXTtj1coRei28nu08Wu0aN8mKAja1KKCFkbbMM7MGZvSsPd88t6D+cF9vzl/Z86c55l7yeMEAH7OJ200oODjJN4LAQmgKLTuZk7zV19zheXPUvNF1r9gXjCS0fh+K46jwQ4X620ZfRDsJSP5/216M791al0eITcnfAcfOy5eLTxsES72cVEbF0h10t3XfmQWtz1TMhW/bcIfB3Ww4r/+Nzb1Xf5Hl7Ha5Tz9hg6jBWLV9Fu88TyDb6rit/NJmxZ3eEqRrqM/YftQN19ZPmek+oSHxdKHhh8JFwBUh/1H1WQ0vtTrt7pRN3oQhvWrweUguBJW7/biKNB/hbWFGVHEjes50Ew9YdmzAD7wgC3AwhcTqY/GdmHH0hxe8JAun8MfyFhlGS7g5TKWw0BXkMd5UEufpMLSllQWCVVSEwKeEnjoP+Nr0XvllVel/TDuTCHUfipsBqlzZJeuEj4sgdzq11KjmjKXmJvMM+aPzObNMm+RVBk+sVRO6UaftobDQc1/zSE1evWULvSNNTyd2hdGu37nHKa4szk4ODg4ODg4OBwz/AoAAP//pKZOzg==") r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x4) gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r1, r2, 0x4e, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r3, 0xffffffffffffffff, 0x0) 542.651707ms ago: executing program 1 (id=3155): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) epoll_create1(0x80000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0xa0000004}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80b00, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="61636c2c757365725f78617474722c6e6f61636c2c63616368655f73747261746567793d64697361626c65642c6e6f757365725f78617474722c6e6f61636c2c00d4a87b439fa421753f060fe37a330d2dfca47c4e52e78d71fc65b972e2bb306bb4a29b1fe3019842462c5fee84a2e6eb90d57b8725e3a2eff0b0b471dac5c01bee53cd8d"], 0xfe, 0x177, &(0x7f0000000680)="$eJzslL9KA0EQxr/diwkROztBLAwYi1zuLio2IsEXCPgPO6M5Q/RiQnKCiZXY+gC2tr5CGsEXUSsRUlpH9naTWyV/RNAgzq+Y+/Z2dm52Dj4QBPFveX56e7x+bV0YAKaQQEy9fzHCHK7ln+XiB9OpjbvWzcPVenW20q9mp/P170cA3GcN+L2zH08n1HMLvKe3wbGo9C4YTKX3wbGjtAuGPaWPNV0R+aZ5VPJc87DiFYSwRLBFcETIfO6vfclQ0Ppj2n690TzJe55b+0Exan7tLMea1p/+v7qzsbT52eCwlc6AYVPpVcS6s5Ej0e4/EwnrG798fxIkSPw1EfpT55ZhQfOniOYfab9cTdcbzVSpnC+6RffUcTIr1pJlLTvpwIhkHOJ/8cCfJrX6EwNyoyyK87zv12wZe2tHxn6OywP/40jOy7Xw/ujAbuQ+U+dYoJLGkHSCIIixMQcWeOYInNy4GyUIgiAIgiAIgiAI4tu8BwAA//9iEXZY") r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r5, 0x0) epoll_wait(r3, &(0x7f0000000280)=[{}], 0x1, 0x4000005) close_range(r1, 0xffffffffffffffff, 0x0) 457.734984ms ago: executing program 0 (id=3156): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) clock_gettime(0x0, 0x0) io_setup(0xb336, &(0x7f0000000040)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6a, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a0200000000001801000020207825"], &(0x7f0000000000)='GPL\x00', 0x202, 0xde, &(0x7f0000000340)=""/222, 0x41000, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401}, 0x94) 453.173104ms ago: executing program 3 (id=3157): syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000240)='./bus\x00', 0x4000, &(0x7f0000000000)={[{@nodiscard}, {@test_dummy_encryption}, {@i_version}, {@orlov}, {@delalloc}, {@errors_remount}, {@nodioread_nolock}, {@nomblk_io_submit}]}, 0xa, 0xbc2, &(0x7f0000002a40)="$eJzs3M9rXNUeAPDvvZlM0zbvTfp4PF7f5kVEWhCnSSXFFsFWKm5cCLoVGtJJCZn+IInUpAEn+g+IuhbcCGpRXNh1N4pu3Wi7VVwIRWKjIKKROz+S2GTS1M70punnA2fuOffM3PP9zmXmngNzJ4AH1mD2kEbsj4hTSUSpuT+NiGK91hdRazxvaXF+7JfF+bEklpdf+DGJJCJuLs6PtY6VNLd7m42+iPjq6ST+9fr6cadn5yZHq9XKVLN9aObshUPTs3OPTZwdPVM5Uzk3fOSJkcMjR4aOjnQs11+/PX7l54ee/b722we/X/7prfeSOB79zb61eXTKYAyuvCcNr9YfCxEx2unBctLTzGdtnknhNi9KuxwUAABtpWvmcP+JUvTE6uStFJ99nWtwAAAAQEcs90QsAwAAADtcYv0PAAAAO1zrdwA3F+fHWiXfXyTcWzdORMRAI/+lZmn0FKJW3/ZFb0TsuZnE2ttak8bL7tpgRHx3/ejHWYku3Ye8mdpCRPx3o/Of1PMfqN/FvT7/NCKGOjD+4C3t+yn/4x0YP+/8AXgwXT3RuJCtv/6lK/Of2OD6V9jg2vV35H39a83/ltbN/1bz72kz/3t+i2Ncev+di+36svyfvPLMR62SjZ9t7yqpO3BjIeJ/hY3yT1byT9rkf2qLY5T+uFhp15d3/svvRhyIjfNvSTb/f6JD4xPVylDjccMxFr4c+bDd+Hnnn53/PW3yb/3/U7vzf2GLY7x08uQn63ZeX61unn/6QzF5sV4rNve8MjozMzUcUUyeW7//8OaxtJ7TOkaW/8GHN//8b5R/9p1Qa74P2VpgobnN2q/dMuZTly992i6e1vovz/N/us35X5v/F4X15/+NLY7xyOdvHmzXt3b9m5Vs/NZaGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa0ojojyQtr9TTtFyO2BsR/449afX89Myj4+dfPnc664sYiN50fKJaGYqIUqOdZO3hen21ffiW9uMRsS8i3i7trrfLY+erp/NOHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBV7I6I/krQcEWlELJXStFzOOyoAAACg4wbyDgAAAADoOut/AAAA2Pms/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyff+/ei2JiNqx3fWSKTb7enONDOi2NO8AgNz05B0AkJtC3gEAubnDNb7pAuxAyW36+9r27Op4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsXwf2X72WRETt2O56yRSbfb25RgZ0W5p3AEBuejbrLNy7OIB7z0ccHlzW+EBym/6+1efU/tqzq2sxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALD99NdLkpYjotjcVy5H/CMiBqI3GZ+oVoYi4p8R8U2pd1fWHs45ZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpvenZucrRarUxllTSalZU993Olr5lipw6YNA5XyzsvlQ5VirEtwtimlTy/lQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyMv07NzkaLVamZrOOxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgb9Ozc5Oj1WplqouVvHMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/fwYAAP//aKcHlA==") openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x20440, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000200)=""/179, 0xb3) 302.950956ms ago: executing program 2 (id=3158): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet(0x2, 0x3, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0), 0x0, 0x2a, &(0x7f0000000200), 0x0, 0x0, 0x0, &(0x7f0000000280), 0x8, 0xac, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'tunl0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x1, 0x1, 0x3, 0x7, {{0xd, 0x4, 0x2, 0x3f, 0x34, 0x66, 0x0, 0x43, 0x2f, 0x0, @empty, @empty, {[@end, @generic={0x44, 0x3, "bd"}, @timestamp_prespec={0x44, 0x1c, 0xc7, 0x3, 0x7, [{@empty, 0xe8f9}, {@dev={0xac, 0x14, 0x14, 0x3a}}, {@rand_addr=0x64010101, 0xfffffffd}]}]}}}}}) getsockopt$inet_mreqn(r0, 0x0, 0x4b, 0x0, &(0x7f00000006c0)) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000700)) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000800)={'ip6_vti0\x00', &(0x7f0000000780)={'ip6gre0\x00', 0x0, 0x2f, 0xf5, 0x5, 0x7, 0x44, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, 0x0, 0x10, 0x7, 0x1}}) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)}], 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 100.212112ms ago: executing program 1 (id=3159): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) getpgrp(0x0) r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) 75.627205ms ago: executing program 2 (id=3160): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@loopback, 0x4, 0x0, 0x0, 0x0, 0xa, 0x30}, {0x1000}}, {{@in6=@local, 0x0, 0x2b}, 0x8, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x1}}, 0xe8) 0s ago: executing program 2 (id=3161): open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x189) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000001ed0a00bfa30000000000002503000028feffff6203f0fff8ffffff61a4f0ff000000001d030200000000007f000000000000005504000017ffffff6604000017ffffffbe400000000000007b0300fe000000001c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8269b2bdf2ca4958a62a6e7449316cc65b5d4796005c2f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da350bcc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd23834a50d7eb8e327fb5db12cbd6a9efe8e671c4f251fe3bf440cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa2c910fb8de24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e38ba49e3e57fafea83e00006a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c828c02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d05d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b530500d8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bd9b075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd37220e316f2297743dd4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bff030000000000000ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af7a3830e7092b01b119ea4e7e7f0e21527d622ca231e9e98720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed9eed636338f1835fc957729d63dc1bfc7b772cbe536c2d3aff27c22f9a2f876512616a5bdaf22a16e19d1b5f52abb40b433983d0cf50234de659c1a3997f1cfe8a87e08f87ce901000000caae1bcfdce33dae6adc260321702f239c25ab181390e7dc8c1e5b1cf3b4fef1cd5c44a89b5e5d8314e02f4673ded90bce9a4025b0232eec970f7aa17f175a14e8dc8de9bac0006b98a8283eee5665f3aede28228e0468dbcf8b776fe4c629d3af183a7cba5adf77f23d31f9d5a183c08c3a86bbcd3705432ad3f96a7bbc4a13780cf9f4a5e3a9badca61367b377cc6f77e66febca94c8d9fe6fa1148a0b65c0f1b0d00aad352d7c7b5aea945185022f2c8cae549e77a290ebffb8c9dc99168e06461c70f922231cf567a16cb2"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) openat$dir(0xffffffffffffff9c, 0x0, 0x10042, 0x80) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000000480)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00@\x00', 0x28, 0x6, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x4e24, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "d4c466b340e28b05c93a072528230718"}]}}}}}}}}, 0x0) kernel console output (not intermixed with test programs): p for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 485.106331][T10325] loop1: detected capacity change from 0 to 32768 [ 485.165038][T10325] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1092 (10325) [ 485.251205][T10325] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 485.261463][T10325] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 485.270258][T10325] BTRFS info (device loop1): setting nodatacow, compression disabled [ 485.279076][T10325] BTRFS info (device loop1): enabling auto defrag [ 485.308961][T10325] BTRFS info (device loop1): max_inline at 0 [ 485.315059][T10325] BTRFS info (device loop1): using free space tree [ 486.422841][T10325] BTRFS info (device loop1): auto enabling async discard [ 487.467260][T10364] loop3: detected capacity change from 0 to 32768 [ 487.484349][T10364] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by syz.3.1099 (10364) [ 487.541429][ T6922] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 487.634492][T10364] loop3: detected capacity change from 32768 to 64 [ 488.201000][T10375] loop1: detected capacity change from 0 to 1024 [ 488.244891][T10375] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 488.449974][ T28] audit: type=1800 audit(1756537130.133:68): pid=10375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1101" name="bus" dev="loop1" ino=861 res=0 errno=0 [ 489.895072][T10392] loop0: detected capacity change from 0 to 8 [ 492.519443][T10417] loop1: detected capacity change from 0 to 1024 [ 492.717489][T10417] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 493.187883][ T28] audit: type=1800 audit(1756537134.903:69): pid=10417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1113" name="bus" dev="loop1" ino=861 res=0 errno=0 [ 493.720627][T10430] loop3: detected capacity change from 0 to 8 [ 494.654482][ T9] IPVS: starting estimator thread 0... [ 494.786209][T10441] IPVS: using max 24 ests per chain, 57600 per kthread [ 494.806041][T10442] hub 1-0:1.0: USB hub found [ 494.811085][T10442] hub 1-0:1.0: 1 port detected [ 494.824267][T10442] loop1: detected capacity change from 0 to 64 [ 496.685153][T10462] loop1: detected capacity change from 0 to 1024 [ 496.729035][T10462] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 496.818714][ T28] audit: type=1800 audit(1756537138.543:70): pid=10462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1127" name="bus" dev="loop1" ino=861 res=0 errno=0 [ 498.285741][T10470] loop3: detected capacity change from 0 to 4096 [ 498.357958][T10470] NILFS (loop3): unrecognized mount option "o" [ 499.626350][T10475] loop0: detected capacity change from 0 to 40427 [ 499.666338][T10475] F2FS-fs (loop0): invalid crc value [ 499.731071][T10475] F2FS-fs (loop0): Found nat_bits in checkpoint [ 499.939644][T10475] F2FS-fs (loop0): Start checkpoint disabled! [ 499.957356][T10475] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 500.077909][ T28] audit: type=1800 audit(1756537141.773:71): pid=10490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1130" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 500.167147][T10490] syz.0.1130: attempt to access beyond end of device [ 500.167147][T10490] loop0: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 500.336683][ T42] kworker/u4:2: attempt to access beyond end of device [ 500.336683][ T42] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 500.352772][ T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 500.363631][ T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 501.623842][T10513] loop1: detected capacity change from 0 to 1024 [ 501.647977][T10513] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 501.703433][ T28] audit: type=1800 audit(1756537143.423:72): pid=10513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1143" name="bus" dev="loop1" ino=861 res=0 errno=0 [ 501.741455][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.748215][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.986625][T10519] raw_sendmsg: syz.2.1146 forgot to set AF_INET. Fix it! [ 502.082291][T10521] netlink: 'syz.2.1146': attribute type 4 has an invalid length. [ 504.596312][T10549] overlay: Unknown parameter '\' [ 505.365963][T10555] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1155'. [ 507.373746][T10581] netlink: set zone limit has 8 unknown bytes [ 507.411439][T10581] netlink: 'syz.1.1163': attribute type 29 has an invalid length. [ 507.431563][T10581] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1163'. [ 507.442145][T10586] overlay: Unknown parameter '\' [ 507.451885][T10581] netlink: 'syz.1.1163': attribute type 29 has an invalid length. [ 507.480393][T10581] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1163'. [ 514.241138][T10645] loop3: detected capacity change from 0 to 1024 [ 514.394977][T10645] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 514.451336][ T28] audit: type=1800 audit(1756537156.173:73): pid=10645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1184" name="bus" dev="loop3" ino=861 res=0 errno=0 [ 517.765722][T10688] loop3: detected capacity change from 0 to 40427 [ 517.781151][T10688] F2FS-fs (loop3): invalid crc value [ 517.819108][T10688] F2FS-fs (loop3): Found nat_bits in checkpoint [ 517.854247][T10688] F2FS-fs (loop3): Start checkpoint disabled! [ 517.863375][T10688] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 518.026915][T10692] syz.3.1197: attempt to access beyond end of device [ 518.026915][T10692] loop3: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 518.146750][ T28] audit: type=1800 audit(1756537159.683:74): pid=10692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1197" name="file1" dev="loop3" ino=10 res=0 errno=0 [ 518.578193][T10702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1203'. [ 518.663423][ T76] kworker/u4:4: attempt to access beyond end of device [ 518.663423][ T76] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 518.707849][ T76] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 518.718542][ T76] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 520.416609][T10728] hub 1-0:1.0: USB hub found [ 520.421476][T10728] hub 1-0:1.0: 1 port detected [ 521.258268][T10754] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1217'. [ 523.924463][T10792] vxcan1: entered allmulticast mode [ 526.019727][T10822] netlink: 'syz.2.1239': attribute type 4 has an invalid length. [ 526.515565][T10839] netlink: 'syz.0.1246': attribute type 29 has an invalid length. [ 526.524676][T10839] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1246'. [ 526.534441][T10839] netlink: 'syz.0.1246': attribute type 29 has an invalid length. [ 526.542666][T10839] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1246'. [ 527.065696][T10858] loop3: detected capacity change from 0 to 64 [ 527.133473][T10858] hfs: request for non-existent node 131072 in B*Tree [ 527.338168][T10866] overlay: Unknown parameter '\' [ 527.412444][T10871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1253'. [ 527.424777][T10871] veth0_macvtap: left promiscuous mode [ 528.454203][T10904] loop0: detected capacity change from 0 to 40427 [ 528.483388][T10904] F2FS-fs (loop0): invalid crc value [ 528.544739][T10904] F2FS-fs (loop0): Found nat_bits in checkpoint [ 528.663058][T10904] F2FS-fs (loop0): Start checkpoint disabled! [ 528.695762][T10904] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 529.278290][ T28] audit: type=1800 audit(1756537170.973:75): pid=10917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1259" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 529.510075][T10917] syz.0.1259: attempt to access beyond end of device [ 529.510075][T10917] loop0: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 529.987155][ T2928] kworker/u4:7: attempt to access beyond end of device [ 529.987155][ T2928] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 530.011829][ T2928] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 530.021484][ T2928] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 530.268283][T10927] loop1: detected capacity change from 0 to 40427 [ 530.304102][T10927] F2FS-fs (loop1): invalid crc value [ 530.330125][T10927] F2FS-fs (loop1): Found nat_bits in checkpoint [ 530.370959][T10927] F2FS-fs (loop1): Start checkpoint disabled! [ 530.398165][T10927] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 530.479092][ T28] audit: type=1800 audit(1756537172.203:76): pid=10934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1269" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 530.550154][T10934] syz.1.1269: attempt to access beyond end of device [ 530.550154][T10934] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 531.528953][ T42] kworker/u4:2: attempt to access beyond end of device [ 531.528953][ T42] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 531.554096][ T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 531.562694][ T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 531.570864][T10947] overlay: Unknown parameter '\' [ 533.454286][T10974] loop0: detected capacity change from 0 to 40427 [ 533.498166][T10974] F2FS-fs (loop0): invalid crc value [ 533.506784][T10974] F2FS-fs (loop0): Found nat_bits in checkpoint [ 533.536313][T10974] F2FS-fs (loop0): Start checkpoint disabled! [ 533.556077][T10974] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 533.696707][T10981] syz.0.1285: attempt to access beyond end of device [ 533.696707][T10981] loop0: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 534.145881][ T28] audit: type=1800 audit(1756537175.373:77): pid=10981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1285" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 534.250494][T10980] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1287'. [ 534.499134][ T2928] kworker/u4:7: attempt to access beyond end of device [ 534.499134][ T2928] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 534.528110][ T2928] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 534.535773][ T2928] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 534.570330][T10988] overlay: Unknown parameter '\' [ 535.264484][T11001] loop1: detected capacity change from 0 to 40427 [ 535.278819][T11001] F2FS-fs (loop1): invalid crc value [ 535.296152][T11001] F2FS-fs (loop1): Found nat_bits in checkpoint [ 535.323932][T11001] F2FS-fs (loop1): Start checkpoint disabled! [ 535.332472][T11001] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 535.468499][T11006] syz.1.1294: attempt to access beyond end of device [ 535.468499][T11006] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 535.496745][ T28] audit: type=1800 audit(1756537177.143:78): pid=11006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1294" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 536.388485][ T42] kworker/u4:2: attempt to access beyond end of device [ 536.388485][ T42] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 536.536849][ T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 536.561158][ T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 538.072321][T11028] overlay: Unknown parameter '\' [ 539.553891][T11042] loop0: detected capacity change from 0 to 40427 [ 539.594296][T11042] F2FS-fs (loop0): invalid crc value [ 539.602666][T11042] F2FS-fs (loop0): Found nat_bits in checkpoint [ 539.632138][T11042] F2FS-fs (loop0): Start checkpoint disabled! [ 539.644605][T11042] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 539.756245][ T28] audit: type=1800 audit(1756537181.453:79): pid=11049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1307" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 539.798780][T11049] syz.0.1307: attempt to access beyond end of device [ 539.798780][T11049] loop0: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 540.619555][ T11] kworker/u4:0: attempt to access beyond end of device [ 540.619555][ T11] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 540.644584][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 540.655767][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 541.027422][T11061] overlay: Unknown parameter '\' [ 541.472502][T11065] loop1: detected capacity change from 0 to 40427 [ 541.503747][T11065] F2FS-fs (loop1): invalid crc value [ 541.520254][T11065] F2FS-fs (loop1): Found nat_bits in checkpoint [ 541.547163][T11065] F2FS-fs (loop1): Start checkpoint disabled! [ 541.567044][T11065] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 541.655845][ T28] audit: type=1800 audit(1756537183.373:80): pid=11068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1316" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 541.721639][T11068] syz.1.1316: attempt to access beyond end of device [ 541.721639][T11068] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 542.283711][ T2928] kworker/u4:7: attempt to access beyond end of device [ 542.283711][ T2928] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 542.297946][ T2928] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 542.307537][ T2928] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 543.354186][T11091] overlay: Unknown parameter '\' [ 543.550637][T11097] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1325'. [ 543.990291][T11085] loop1: detected capacity change from 0 to 40427 [ 544.040148][T11085] F2FS-fs (loop1): invalid crc value [ 544.063078][T11085] F2FS-fs (loop1): Found nat_bits in checkpoint [ 544.131369][T11085] F2FS-fs (loop1): Start checkpoint disabled! [ 544.185126][T11085] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 544.377879][ T28] audit: type=1800 audit(1756537186.053:81): pid=11108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1317" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 545.467339][ T76] kworker/u4:4: attempt to access beyond end of device [ 545.467339][ T76] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 545.538353][ T76] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 545.577804][ T76] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 547.595085][T11148] fuse: Bad value for 'fd' [ 547.655801][T11148] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 551.020321][T11169] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1345'. [ 551.163035][T11173] block device autoloading is deprecated and will be removed. [ 551.188953][T11177] netlink: 'syz.3.1351': attribute type 39 has an invalid length. [ 555.984547][T11224] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1364'. [ 555.996867][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 556.003852][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.011810][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.019758][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.027676][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.035542][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.043508][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.051395][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.059350][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.067171][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.075112][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.082957][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.090980][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.098832][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.106743][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.114593][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.122532][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.130393][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.138325][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.146151][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.154126][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.161978][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.169905][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.177745][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.185658][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.193518][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.201511][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.209466][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.217401][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.225263][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.233232][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.241081][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.249027][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.256848][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.264876][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.272725][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.280666][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.288520][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.296435][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.304392][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.312352][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.320207][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.328240][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.336079][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.344258][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.352119][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.360239][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.368079][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.376002][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.383860][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.391809][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.399808][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.407796][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.415673][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.423693][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.431616][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.439534][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.447424][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.455364][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.463242][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.471172][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.479038][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.486930][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.494818][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.502748][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.510660][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.518598][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.526450][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.534463][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.542360][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.550341][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.558348][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.566312][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.574173][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.582117][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.590072][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.598019][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.605874][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.613941][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.621894][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.629834][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.637808][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.645777][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.653845][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 556.661830][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 556.669753][ C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 560.682451][ T50] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 561.460392][T11283] 9pnet_virtio: no channels available for device syz [ 562.087426][T11288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1387'. [ 563.172327][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.183024][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.468323][T11310] loop1: detected capacity change from 0 to 40427 [ 564.488394][T11310] F2FS-fs (loop1): invalid crc value [ 564.530556][T11310] F2FS-fs (loop1): Found nat_bits in checkpoint [ 564.588363][T11310] F2FS-fs (loop1): Start checkpoint disabled! [ 564.638274][T11310] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 564.670371][T11310] syz.1.1393: attempt to access beyond end of device [ 564.670371][T11310] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 564.695252][ T28] audit: type=1800 audit(1756537206.383:82): pid=11310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1393" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 564.881325][ T2984] kworker/u4:10: attempt to access beyond end of device [ 564.881325][ T2984] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 564.904678][ T2984] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 565.020954][ T2984] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 565.689198][T11324] bridge0: port 2(bridge_slave_1) entered disabled state [ 565.696640][T11324] bridge0: port 1(bridge_slave_0) entered disabled state [ 568.228978][T11324] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 568.432511][T11324] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 569.313325][T11324] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.322709][T11324] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.331633][T11324] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.340563][T11324] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.502942][T11351] netlink: 'syz.2.1404': attribute type 4 has an invalid length. [ 569.764164][T11354] loop1: detected capacity change from 0 to 40427 [ 569.771487][ T5797] Bluetooth: hci3: command 0x0406 tx timeout [ 569.828059][T11354] F2FS-fs (loop1): invalid crc value [ 569.836452][T11354] F2FS-fs (loop1): Found nat_bits in checkpoint [ 569.863398][T11354] F2FS-fs (loop1): Start checkpoint disabled! [ 570.142716][T11354] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 570.251725][ T28] audit: type=1800 audit(1756537211.973:83): pid=11363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1406" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 570.287789][ T27] usb 1-1: new low-speed USB device number 16 using dummy_hcd [ 570.331091][T11363] syz.1.1406: attempt to access beyond end of device [ 570.331091][T11363] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 570.548302][T11365] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1409'. [ 570.586832][T11365] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1409'. [ 570.636470][ T27] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 570.659373][ T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.692232][ T27] usb 1-1: config 0 descriptor?? [ 570.711201][ T11] kworker/u4:0: attempt to access beyond end of device [ 570.711201][ T11] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 570.728909][ T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 570.738482][ T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 572.538493][ T27] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61 [ 572.548745][ T27] asix: probe of 1-1:0.0 failed with error -61 [ 572.880548][T11390] netlink: 'syz.2.1416': attribute type 4 has an invalid length. [ 574.017994][ T5879] usb 1-1: USB disconnect, device number 16 [ 575.943565][T11411] netlink: 'syz.3.1425': attribute type 4 has an invalid length. [ 581.459647][T11452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1438'. [ 581.778263][ T50] Bluetooth: hci1: unexpected event for opcode 0x0c7a [ 583.636753][T11471] loop1: detected capacity change from 0 to 40427 [ 583.669358][T11471] F2FS-fs (loop1): invalid crc value [ 583.696192][T11471] F2FS-fs (loop1): Found nat_bits in checkpoint [ 583.723573][T11471] F2FS-fs (loop1): Start checkpoint disabled! [ 583.731660][T11471] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 583.879865][ T28] audit: type=1800 audit(1756537225.593:84): pid=11479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1443" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 583.948854][T11479] syz.1.1443: attempt to access beyond end of device [ 583.948854][T11479] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 584.975813][ T12] kworker/u4:1: attempt to access beyond end of device [ 584.975813][ T12] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 585.003212][ T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 585.013790][ T12] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 585.749080][T11505] netlink: 'syz.2.1451': attribute type 4 has an invalid length. [ 586.322840][T11508] loop1: detected capacity change from 0 to 40427 [ 586.348104][T11508] F2FS-fs (loop1): invalid crc value [ 586.408982][T11508] F2FS-fs (loop1): Found nat_bits in checkpoint [ 586.440141][T11508] F2FS-fs (loop1): Start checkpoint disabled! [ 586.479457][T11508] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 586.584240][ T28] audit: type=1800 audit(1756537228.273:85): pid=11513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1454" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 586.648564][T11513] syz.1.1454: attempt to access beyond end of device [ 586.648564][T11513] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 587.482370][ T11] kworker/u4:0: attempt to access beyond end of device [ 587.482370][ T11] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 587.504119][ T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 587.533462][ T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 588.196344][T11505] syz.2.1451 (11505) used greatest stack depth: 20008 bytes left [ 589.408095][T11531] netlink: 'syz.2.1461': attribute type 4 has an invalid length. [ 591.601951][T11563] loop1: detected capacity change from 0 to 40427 [ 591.628903][T11563] F2FS-fs (loop1): invalid crc value [ 591.709828][T11563] F2FS-fs (loop1): Found nat_bits in checkpoint [ 591.738046][T11563] F2FS-fs (loop1): Start checkpoint disabled! [ 591.752553][T11563] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 592.177237][ T28] audit: type=1800 audit(1756537233.893:86): pid=11566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1469" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 592.238563][T11566] syz.1.1469: attempt to access beyond end of device [ 592.238563][T11566] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 593.259847][ T48] kworker/u4:3: attempt to access beyond end of device [ 593.259847][ T48] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 593.306178][ T48] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 593.337853][ T48] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 593.929098][T11586] loop0: detected capacity change from 0 to 40427 [ 593.955871][T11586] F2FS-fs (loop0): invalid crc value [ 593.977203][T11586] F2FS-fs (loop0): Found nat_bits in checkpoint [ 594.030774][T11586] F2FS-fs (loop0): Start checkpoint disabled! [ 594.462567][T11586] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 594.675470][ T28] audit: type=1800 audit(1756537236.393:87): pid=11595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1478" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 594.748874][T11595] syz.0.1478: attempt to access beyond end of device [ 594.748874][T11595] loop0: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 595.330245][ T48] kworker/u4:3: attempt to access beyond end of device [ 595.330245][ T48] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 595.351390][ T48] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 595.359980][ T48] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 595.524219][T11603] hub 1-0:1.0: USB hub found [ 595.529344][T11603] hub 1-0:1.0: 1 port detected [ 595.541275][T11603] loop1: detected capacity change from 0 to 64 [ 597.760686][T11628] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1489'. [ 601.153055][T11657] loop0: detected capacity change from 0 to 8 [ 601.614354][T11659] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1499'. [ 602.021021][T11669] loop1: detected capacity change from 0 to 8 [ 606.253964][T11712] loop1: detected capacity change from 0 to 8 [ 607.078663][T11717] ubi31: attaching mtd0 [ 607.084450][T11717] ubi31: scanning is finished [ 607.267806][T11717] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 607.295793][T11717] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 607.337880][T11717] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 607.362302][T11717] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 607.370708][T11723] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1518'. [ 607.377761][T11717] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 607.390059][T11717] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 607.417742][T11717] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 346985290 [ 607.461755][T11717] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 607.496828][T11721] ubi31: background thread "ubi_bgt31d" started, PID 11721 [ 608.736469][T11733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1521'. [ 608.988925][T11742] loop0: detected capacity change from 0 to 512 [ 609.017151][T11742] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.1524: iget: bad i_size value: 38620345925642 [ 609.048752][T11742] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.1524: couldn't read orphan inode 15 (err -117) [ 609.050607][T11742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 609.273130][T11742] fscrypt (loop0, inode 18): Unsupported encryption flags (0x10) [ 609.335691][T11740] netlink: 'syz.2.1523': attribute type 4 has an invalid length. [ 609.453542][ T6788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 609.620441][T11752] loop0: detected capacity change from 0 to 8 [ 610.435139][T11767] loop1: detected capacity change from 0 to 512 [ 610.553365][T11767] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 610.566246][T11767] ext4 filesystem being mounted at /290/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 610.592573][T11773] netlink: 'syz.0.1533': attribute type 4 has an invalid length. [ 610.804709][ T6922] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 611.101137][T11784] loop0: detected capacity change from 0 to 8 [ 612.502395][T11797] netlink: 'syz.3.1543': attribute type 4 has an invalid length. [ 613.183059][T11814] loop0: detected capacity change from 0 to 40427 [ 613.225907][T11814] F2FS-fs (loop0): invalid crc value [ 613.233727][T11814] F2FS-fs (loop0): Found nat_bits in checkpoint [ 613.282156][T11814] F2FS-fs (loop0): Start checkpoint disabled! [ 613.298309][T11814] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 613.340484][T11814] syz.0.1548: attempt to access beyond end of device [ 613.340484][T11814] loop0: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 613.355051][ T28] audit: type=1800 audit(1756537255.053:88): pid=11814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1548" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 613.777848][ T11] kworker/u4:0: attempt to access beyond end of device [ 613.777848][ T11] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 613.795340][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 613.803470][ T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 614.802430][T11829] netlink: 'syz.1.1554': attribute type 4 has an invalid length. [ 616.113613][T11842] loop1: detected capacity change from 0 to 40427 [ 616.147987][T11842] F2FS-fs (loop1): invalid crc value [ 616.382373][T11842] F2FS-fs (loop1): Found nat_bits in checkpoint [ 616.414601][T11842] F2FS-fs (loop1): Start checkpoint disabled! [ 616.640172][T11842] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 616.718623][ T28] audit: type=1800 audit(1756537258.443:89): pid=11853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1557" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 616.781452][T11853] syz.1.1557: attempt to access beyond end of device [ 616.781452][T11853] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 617.399629][ T11] kworker/u4:0: attempt to access beyond end of device [ 617.399629][ T11] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 617.420033][T11861] netlink: 'syz.0.1563': attribute type 4 has an invalid length. [ 617.430825][ T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 617.447814][ T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 617.561403][T11867] input: syz0 as /devices/virtual/input/input13 [ 617.771842][T11873] netlink: 'syz.2.1569': attribute type 12 has an invalid length. [ 619.426412][T11899] loop0: detected capacity change from 0 to 16 [ 619.453375][T11899] erofs: (device loop0): mounted with root inode @ nid 36. [ 619.512774][T11899] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 619.553136][T11899] erofs: (device loop0): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 619.577769][T11899] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 619.625760][T11899] erofs: (device loop0): z_erofs_readahead: readahead error at folio 1 @ nid 89 [ 619.655600][T11899] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 619.690020][T11899] erofs: (device loop0): z_erofs_readahead: readahead error at folio 0 @ nid 89 [ 619.713910][T11899] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 619.734912][T11899] erofs: (device loop0): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0 [ 619.759096][T11899] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 0 of nid 89 [ 619.790546][ T28] audit: type=1800 audit(1756537261.513:90): pid=11899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1575" name="file2" dev="loop0" ino=89 res=0 errno=0 [ 620.454956][T11913] loop0: detected capacity change from 0 to 1024 [ 620.475142][T11913] EXT4-fs: Ignoring removed nomblk_io_submit option [ 620.483686][T11913] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 620.530949][T11913] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 620.647304][ T6788] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.258358][T11931] loop0: detected capacity change from 0 to 40427 [ 621.285602][T11931] F2FS-fs (loop0): invalid crc value [ 621.302897][T11932] fuse: Bad value for 'fd' [ 621.316513][T11931] F2FS-fs (loop0): Found nat_bits in checkpoint [ 621.345044][T11931] F2FS-fs (loop0): Start checkpoint disabled! [ 621.360379][T11931] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 621.385856][ T28] audit: type=1800 audit(1756537263.103:91): pid=11931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1586" name="file1" dev="loop0" ino=10 res=0 errno=0 [ 621.414318][T11931] syz.0.1586: attempt to access beyond end of device [ 621.414318][T11931] loop0: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 621.463556][T11932] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 621.582634][ T48] kworker/u4:3: attempt to access beyond end of device [ 621.582634][ T48] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 621.602912][ T48] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 621.616665][ T48] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 623.088607][T11963] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1594'. [ 623.866033][T11973] loop0: detected capacity change from 0 to 1024 [ 625.306275][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 625.315028][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.179274][T12002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1605'. [ 627.938191][ T5879] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 628.367940][ T5879] usb 1-1: Using ep0 maxpacket: 32 [ 628.905708][ T5879] usb 1-1: config 4 has an invalid interface number: 128 but max is 0 [ 628.966433][ T5879] usb 1-1: config 4 has no interface number 0 [ 628.995200][ T5879] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 629.013914][T12027] fuse: Bad value for 'fd' [ 629.026482][ T5879] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 629.039249][T12027] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 629.063573][ T5879] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 629.084786][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.115615][ T5879] hub 1-1:4.128: USB hub found [ 629.182835][T12035] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1616'. [ 629.323591][ T5879] hub 1-1:4.128: 2 ports detected [ 629.329689][ T5879] hub 1-1:4.128: Using single TT (err -22) [ 629.701842][ T5879] hub 1-1:4.128: hub_hub_status failed (err = -71) [ 629.757843][ T5879] hub 1-1:4.128: config failed, can't get hub status (err -71) [ 629.924483][ T5879] usb 1-1: USB disconnect, device number 17 [ 632.626013][T12067] netlink: 'syz.2.1628': attribute type 4 has an invalid length. [ 634.358728][T12080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1629'. [ 635.783288][T12116] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1642'. [ 635.970479][T12117] fuse: Bad value for 'user_id' [ 636.079324][T12127] loop0: detected capacity change from 0 to 64 [ 636.345055][T12128] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1643'. [ 636.695794][T12117] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 638.618697][T12160] loop0: detected capacity change from 0 to 256 [ 638.641465][T12160] FAT-fs (loop0): Unrecognized mount option "utf8=1" or missing value [ 640.593928][T12180] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1656'. [ 642.327318][T12207] tipc: Enabling of bearer rejected, already enabled [ 643.814607][T12231] fuse: Bad value for 'fd' [ 643.850499][T12231] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 644.143660][T12240] tipc: Enabling of bearer rejected, already enabled [ 646.390726][T12273] tipc: Enabling of bearer rejected, already enabled [ 646.954592][T12286] capability: warning: `syz.2.1700' uses deprecated v2 capabilities in a way that may be insecure [ 648.404113][T12310] tipc: Enabling of bearer rejected, already enabled [ 650.161460][T12323] fuse: Unknown parameter 'grou00000000000000000000‹k¸Ñ*@À§Ø' [ 650.176637][T12323] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 651.121498][T12344] tipc: Enabling of bearer rejected, already enabled [ 653.726381][T12364] overlay: Unknown parameter '\' [ 657.618839][T12403] overlay: Unknown parameter '\' [ 660.755113][T12445] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1750'. [ 660.932108][T12450] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1751'. [ 663.749411][T12496] fuse: Bad value for 'fd' [ 663.758893][T12496] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 666.118666][T12534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 668.633052][T12559] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 668.717374][T12559] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 668.817092][T12560] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 668.844391][T12559] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 669.062266][T12571] fuse: Bad value for 'fd' [ 670.749949][T12606] "syz.2.1811" (12606) uses obsolete ecb(arc4) skcipher [ 674.482073][T12659] syz.3.1830: attempt to access beyond end of device [ 674.482073][T12659] loop7: rw=0, sector=0, nr_sectors = 1 limit=0 [ 674.539724][T12659] FAT-fs (loop7): unable to read boot sector [ 674.724922][T12668] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.1832'. [ 677.674452][T12701] netlink: 1688 bytes leftover after parsing attributes in process `syz.3.1845'. [ 677.786070][T12707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1847'. [ 679.270350][T12735] 9pnet: p9_errstr2errno: server reported unknown error 184467 [ 680.720343][T12779] fuse: Bad value for 'fd' [ 681.907256][T12813] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1883'. [ 682.236167][T12826] netlink: 'syz.0.1889': attribute type 12 has an invalid length. [ 682.245483][T12826] netlink: 'syz.0.1889': attribute type 29 has an invalid length. [ 682.258593][T12826] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1889'. [ 684.211610][T12861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1897'. [ 684.518757][T12876] netlink: 'syz.0.1904': attribute type 72 has an invalid length. [ 684.782515][T12882] fuse: Bad value for 'fd' [ 685.698946][T12892] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1908'. [ 685.746215][T12896] "syz.1.1910" (12896) uses obsolete ecb(arc4) skcipher [ 686.051496][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.057871][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.142282][T12911] fuse: Bad value for 'fd' [ 688.233895][T12931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1922'. [ 688.604120][T12950] fuse: Bad value for 'fd' [ 689.338522][T12967] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1935'. [ 691.459088][T13009] 9pnet_fd: Insufficient options for proto=fd [ 692.495162][T13016] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 692.571443][T13016] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 692.594711][T13016] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 692.631325][T13016] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 693.680400][T13034] netlink: 'syz.2.1965': attribute type 4 has an invalid length. [ 693.722338][T13036] 9pnet_fd: Insufficient options for proto=fd [ 693.931746][T13048] fuse: Bad value for 'fd' [ 693.961832][T13048] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 699.003882][T13110] fuse: Bad value for 'fd' [ 699.023664][T13114] fuse: Unknown parameter 'group_id00000000000000000000‹k¸Ñ*@À§Ø' [ 699.044083][T13114] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 704.134523][T13195] fuse: Bad value for 'fd' [ 704.150958][T13195] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 706.858954][T13240] fuse: Bad value for 'fd' [ 707.829661][T13247] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2044'. [ 709.838922][T13268] fuse: Bad value for 'fd' [ 711.658568][T13276] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2055'. [ 712.367830][T13284] 9pnet_fd: Insufficient options for proto=fd [ 713.946907][T13307] fuse: Bad value for 'fd' [ 714.186787][T13313] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 715.282544][T13334] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2077'. [ 715.811015][T13341] 9pnet_fd: Insufficient options for proto=fd [ 717.507402][T13366] 9pnet_fd: Insufficient options for proto=fd [ 719.055290][T13402] fuse: Bad value for 'fd' [ 719.103831][T13402] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 719.425715][T13422] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2110'. [ 719.599982][T13423] fuse: Bad value for 'fd' [ 719.709497][T13426] mac80211_hwsim hwsim26 wlan0: entered promiscuous mode [ 719.768066][T13425] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 721.169063][T13451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2122'. [ 721.715614][T13472] netlink: 'syz.2.2131': attribute type 4 has an invalid length. [ 722.120505][T13487] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2134'. [ 722.139691][T13488] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2135'. [ 722.428323][T13500] netlink: 'syz.2.2140': attribute type 4 has an invalid length. [ 723.404916][T13520] fuse: Bad value for 'fd' [ 723.450566][T13520] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 723.531970][T13529] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2149'. [ 723.758951][T13532] netlink: 'syz.1.2152': attribute type 4 has an invalid length. [ 724.088779][ T5797] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 724.099660][ T5797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 724.114676][ T5797] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 724.125458][ T5797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 724.241517][ T5797] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 724.249720][ T5797] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 724.270439][ T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 725.415171][ T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 725.529594][ T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 725.619792][ T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 726.333477][T13535] chnl_net:caif_netlink_parms(): no params data found [ 726.448324][ T50] Bluetooth: hci2: command tx timeout [ 726.448671][ T42] tipc: Disabling bearer [ 726.487434][ T42] tipc: Left network mode [ 726.500825][T13570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2162'. [ 726.765084][T13535] bridge0: port 1(bridge_slave_0) entered blocking state [ 726.774841][T13535] bridge0: port 1(bridge_slave_0) entered disabled state [ 726.782575][T13535] bridge_slave_0: entered allmulticast mode [ 726.790623][T13535] bridge_slave_0: entered promiscuous mode [ 726.924084][T13535] bridge0: port 2(bridge_slave_1) entered blocking state [ 726.953816][T13535] bridge0: port 2(bridge_slave_1) entered disabled state [ 726.983575][T13535] bridge_slave_1: entered allmulticast mode [ 727.001816][T13535] bridge_slave_1: entered promiscuous mode [ 727.347500][T13535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 727.381087][T13535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 727.578616][T13611] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2173'. [ 727.612968][T13535] team0: Port device team_slave_0 added [ 727.677182][T13535] team0: Port device team_slave_1 added [ 727.759511][T13614] fuse: Bad value for 'fd' [ 727.770367][T13614] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 727.999394][T13535] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 728.036157][T13535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 728.067503][T13535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 728.121067][T13535] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 728.131631][T13535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 728.162621][T13535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 728.269884][T13535] hsr_slave_0: entered promiscuous mode [ 728.359026][T13535] hsr_slave_1: entered promiscuous mode [ 728.393136][T13535] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 728.408800][T13535] Cannot create hsr debugfs directory [ 728.527916][ T50] Bluetooth: hci2: command tx timeout [ 730.555221][ T42] hsr_slave_0: left promiscuous mode [ 730.576034][ T42] hsr_slave_1: left promiscuous mode [ 730.614470][ T50] Bluetooth: hci2: command tx timeout [ 731.234638][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 731.242634][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 731.368205][ T42] bridge_slave_1: left allmulticast mode [ 731.393693][ T42] bridge_slave_1: left promiscuous mode [ 731.419292][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 731.429987][ T42] bridge_slave_0: left allmulticast mode [ 731.435668][ T42] bridge_slave_0: left promiscuous mode [ 731.483208][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 732.697812][ T50] Bluetooth: hci2: command tx timeout [ 732.934846][ T42] veth1_macvtap: left promiscuous mode [ 732.947925][ T42] veth0_macvtap: left promiscuous mode [ 732.957873][ T42] veth1_vlan: left promiscuous mode [ 732.963744][ T42] veth0_vlan: left promiscuous mode [ 733.564901][ T42] team0 (unregistering): Port device team_slave_1 removed [ 733.625819][ T42] team0 (unregistering): Port device team_slave_0 removed [ 733.682371][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 733.735441][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 734.491888][ T42] bond0 (unregistering): Released all slaves [ 737.356725][T13535] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 737.425528][T13535] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 737.541930][T13535] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 737.553187][T13535] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 737.754486][T13751] fuse: Bad value for 'fd' [ 739.936538][T13535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 740.067522][T13535] 8021q: adding VLAN 0 to HW filter on device team0 [ 740.414199][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 740.421473][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 740.574673][ T76] bridge0: port 2(bridge_slave_1) entered blocking state [ 740.581922][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state [ 742.344033][T13796] fuse: Bad value for 'fd' [ 742.372518][T13796] fuse: Unknown parameter '0x0000000000000005‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 743.014605][T13535] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 743.423996][T13535] veth0_vlan: entered promiscuous mode [ 743.445346][T13535] veth1_vlan: entered promiscuous mode [ 744.467566][T13535] veth0_macvtap: entered promiscuous mode [ 744.519829][T13535] veth1_macvtap: entered promiscuous mode [ 744.561880][T13535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.586549][T13535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.603303][T13535] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 744.625027][T13535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 744.684537][T13535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.718158][T13535] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 744.773891][T13535] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.837781][T13535] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.846522][T13535] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 744.912285][T13535] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.223658][ T2937] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 745.252616][ T2937] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 745.326702][ T2937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 745.367726][ T2937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 745.632316][T13877] fuse: Bad value for 'fd' [ 746.586626][T13893] fuse: Bad value for 'fd' [ 746.696179][T13893] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 747.017816][ T5851] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 747.251001][T13927] fuse: Bad value for 'fd' [ 747.502128][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.523272][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.967754][ T5851] usb 3-1: Using ep0 maxpacket: 16 [ 748.117975][ T5851] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 748.140005][ T5851] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 748.153599][ T5851] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 748.163961][ T5851] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 748.178902][ T5851] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 748.263866][ T5851] usb 3-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 748.835081][ T5851] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 748.892589][ T5851] usb 3-1: SerialNumber: syz [ 749.128022][T13893] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 749.159100][ T5851] cdc_acm 3-1:1.0: Control and data interfaces are not separated! [ 749.168990][ T5851] cdc_acm: probe of 3-1:1.0 failed with error -12 [ 751.198083][T13565] usb 3-1: USB disconnect, device number 4 [ 752.561864][T14036] loop2: detected capacity change from 0 to 256 [ 752.601499][T14036] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 752.633147][T14036] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 752.673952][T14036] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 752.865693][T14036] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff) [ 752.952639][T14043] fuse: Bad value for 'fd' [ 753.314880][T14036] exFAT-fs (loop2): Filesystem has been set read-only [ 755.342424][T14061] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2284'. [ 759.123156][T14116] loop2: detected capacity change from 0 to 1024 [ 759.146347][T14116] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 759.168237][T14116] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 759.184472][T14116] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869) [ 759.195795][T14116] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 759.216232][T14116] EXT4-fs error (device loop2): ext4_get_journal_inode:5807: inode #17: comm syz.2.2301: iget: bad i_size value: 4398046511204 [ 759.257084][T14116] EXT4-fs (loop2): no journal found [ 759.553293][T13951] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 759.568192][T14134] fuse: Bad value for 'fd' [ 760.618375][T14139] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2310'. [ 760.850309][T14145] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2313'. [ 760.891223][T14145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2313'. [ 764.844290][T14201] loop2: detected capacity change from 0 to 512 [ 765.052778][T14201] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 765.084574][T14201] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 765.727099][T13535] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 766.008095][T14229] loop2: detected capacity change from 0 to 512 [ 766.059081][T14229] [EXT4 FS bs=4096, gc=1, bpg=95, ipg=32, mo=e040e01c, mo2=0000] [ 766.085488][T14229] System zones: 0-2, 18-18, 34-34 [ 766.131210][T14229] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #3: comm syz.2.2340: corrupted inode contents [ 766.172307][T14229] EXT4-fs error (device loop2): ext4_dirty_inode:6106: inode #3: comm syz.2.2340: mark_inode_dirty error [ 766.192963][T14229] EXT4-fs error (device loop2): ext4_do_update_inode:5230: inode #3: comm syz.2.2340: corrupted inode contents [ 766.205878][T14229] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm syz.2.2340: mark_inode_dirty error [ 766.230270][T14229] Quota error (device loop2): write_blk: dquota write failed [ 766.243011][T14229] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 766.253899][T14229] EXT4-fs error (device loop2): ext4_acquire_dquot:6940: comm syz.2.2340: Failed to acquire dquot type 0 [ 766.293901][T14229] EXT4-fs (loop2): 1 orphan inode deleted [ 766.301421][T14229] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 766.315126][T14229] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 766.330103][ T2116] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 766.348194][ T2116] EXT4-fs error (device loop2): ext4_release_dquot:6976: comm kworker/u4:6: Failed to release dquot type 1 [ 766.371105][T14229] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.2340: iget: bad i_size value: 360287970189639690 [ 766.390758][T14229] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.2340: iget: bad i_size value: 360287970189639690 [ 766.424745][T13535] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 768.563402][T14273] netem: change failed [ 772.070294][T14328] loop2: detected capacity change from 0 to 2048 [ 772.146111][T14328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 772.183925][T14335] netlink: 'syz.0.2381': attribute type 4 has an invalid length. [ 772.201505][ T28] audit: type=1800 audit(1756537419.925:92): pid=14328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2380" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 772.520187][T13535] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 773.962858][T14363] loop2: detected capacity change from 0 to 1024 [ 773.963151][T14360] netlink: 'syz.0.2391': attribute type 4 has an invalid length. [ 773.978466][T14363] EXT4-fs: Ignoring removed orlov option [ 774.000130][T14363] EXT4-fs (loop2): stripe (1765) is not aligned with cluster size (16), stripe is disabled [ 774.163447][T14363] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 774.504016][T13535] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 775.159747][T14391] netlink: 'syz.1.2401': attribute type 4 has an invalid length. [ 780.135988][ T5851] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 780.329227][ T5851] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 780.367891][ T5851] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 780.404395][ T5851] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 780.434727][ T5851] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 780.453255][ T5851] usb 3-1: Product: syz [ 780.461158][ T5851] usb 3-1: Manufacturer: syz [ 780.465793][ T5851] usb 3-1: SerialNumber: syz [ 780.475544][ T5851] usb 3-1: config 0 descriptor?? [ 780.486701][T14488] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 780.502281][T14488] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 780.730714][T14488] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 780.742907][T14488] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 782.171126][ T5851] dm9601 3-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71 [ 782.204969][ T5851] dm9601 3-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.2-1, Davicom DM96xx USB 10/100 Ethernet, 6e:00:00:00:00:00 [ 782.232179][ T5851] usb 3-1: USB disconnect, device number 5 [ 782.259121][ T5851] dm9601 3-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.2-1, Davicom DM96xx USB 10/100 Ethernet [ 783.732521][T14552] netlink: 'syz.1.2464': attribute type 4 has an invalid length. [ 784.760741][T14564] loop2: detected capacity change from 0 to 8 [ 784.791142][T14564] SQUASHFS error: Unable to read inode 0x11f [ 784.929330][T14330] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 785.802205][T14584] netlink: 'syz.2.2475': attribute type 4 has an invalid length. [ 786.941138][T14601] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa´ [ 787.038035][T14605] netlink: 'syz.1.2484': attribute type 4 has an invalid length. [ 787.066810][T14607] loop2: detected capacity change from 0 to 8 [ 787.102438][T14607] SQUASHFS error: Unable to read inode 0x11f [ 787.254117][T14614] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2486'. [ 787.427699][T14619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2488'. [ 788.374153][T14635] netlink: 'syz.1.2495': attribute type 4 has an invalid length. [ 788.434174][T14639] loop2: detected capacity change from 0 to 8 [ 788.471139][T14639] SQUASHFS error: Unable to read inode 0x11f [ 788.872568][T14657] netlink: 'syz.3.2506': attribute type 4 has an invalid length. [ 789.039395][T14667] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2507'. [ 789.863424][T14685] netlink: 'syz.0.2516': attribute type 4 has an invalid length. [ 790.224442][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2520'. [ 790.741283][T14712] netlink: 'syz.0.2526': attribute type 4 has an invalid length. [ 791.015608][T14731] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2532'. [ 791.098074][ T5879] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 791.307929][ T5879] usb 3-1: Using ep0 maxpacket: 8 [ 791.377689][ T5879] usb 3-1: unable to get BOS descriptor or descriptor too short [ 791.392169][ T5879] usb 3-1: unable to read config index 0 descriptor/start: -71 [ 791.418308][ T5879] usb 3-1: can't read configurations, error -71 [ 791.672542][T14747] netlink: 'syz.1.2539': attribute type 4 has an invalid length. [ 791.744912][ T5797] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 791.758807][ T5797] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 791.768069][ T5797] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 791.797238][ T5797] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 791.801588][T14751] 9pnet_fd: Insufficient options for proto=fd [ 791.815538][ T5797] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 791.827185][ T5797] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 792.570432][T14748] chnl_net:caif_netlink_parms(): no params data found [ 792.641295][ T76] tipc: Disabling bearer [ 792.646809][T14777] netlink: 'syz.2.2548': attribute type 4 has an invalid length. [ 792.655500][ T76] tipc: Left network mode [ 792.880502][T14787] loop2: detected capacity change from 0 to 1024 [ 792.905293][T14787] EXT4-fs: Ignoring removed nobh option [ 792.928565][T14787] EXT4-fs: Ignoring removed bh option [ 792.942037][T14787] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 793.053701][T14787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 793.109013][T14787] EXT4-fs (loop2): shut down requested (1) [ 793.228258][T13535] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.273858][T14748] bridge0: port 1(bridge_slave_0) entered blocking state [ 793.301570][T14748] bridge0: port 1(bridge_slave_0) entered disabled state [ 793.338354][T14748] bridge_slave_0: entered allmulticast mode [ 793.369115][T14748] bridge_slave_0: entered promiscuous mode [ 793.482741][T14748] bridge0: port 2(bridge_slave_1) entered blocking state [ 793.500611][T14748] bridge0: port 2(bridge_slave_1) entered disabled state [ 793.540045][T14748] bridge_slave_1: entered allmulticast mode [ 793.574179][T14748] bridge_slave_1: entered promiscuous mode [ 793.769260][T14748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 793.899330][ T50] Bluetooth: hci4: command tx timeout [ 794.651159][T14748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 795.334547][T14748] team0: Port device team_slave_0 added [ 795.356270][T14748] team0: Port device team_slave_1 added [ 795.477240][T14748] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 795.493217][T14748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 795.571625][T14748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 795.710317][T14748] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 795.742565][T14748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 795.803014][T14748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 795.967795][ T50] Bluetooth: hci4: command tx timeout [ 795.989793][T14878] loop2: detected capacity change from 0 to 512 [ 796.057544][T14878] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 796.114074][T14878] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 796.949236][T13535] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 796.970424][T14748] hsr_slave_0: entered promiscuous mode [ 796.977148][T14748] hsr_slave_1: entered promiscuous mode [ 796.984861][T14748] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 797.011654][T14748] Cannot create hsr debugfs directory [ 797.521789][ T76] hsr_slave_0: left promiscuous mode [ 797.532623][ T76] hsr_slave_1: left promiscuous mode [ 797.543380][ T76] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 797.563195][ T76] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 797.583443][ T76] bridge_slave_1: left allmulticast mode [ 797.590506][ T76] bridge_slave_1: left promiscuous mode [ 797.596364][ T76] bridge0: port 2(bridge_slave_1) entered disabled state [ 797.612665][ T76] bridge_slave_0: left allmulticast mode [ 797.620818][ T76] bridge_slave_0: left promiscuous mode [ 797.626579][ T76] bridge0: port 1(bridge_slave_0) entered disabled state [ 797.639737][T13565] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 797.849405][T13565] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 797.860367][T13565] usb 3-1: config 0 has no interface number 0 [ 797.870036][T13565] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 797.883192][T13565] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 797.894196][T13565] usb 3-1: Product: syz [ 797.904591][T13565] usb 3-1: Manufacturer: syz [ 797.910377][T13565] usb 3-1: SerialNumber: syz [ 797.920520][T13565] usb 3-1: config 0 descriptor?? [ 798.060791][ T50] Bluetooth: hci4: command tx timeout [ 798.267046][ T76] team0 (unregistering): Port device team_slave_1 removed [ 798.326118][ T76] team0 (unregistering): Port device team_slave_0 removed [ 798.410732][ T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 798.469897][ T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 799.766915][ T76] bond0 (unregistering): Released all slaves [ 800.137845][ T50] Bluetooth: hci4: command tx timeout [ 800.452953][T13565] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 800.508957][T13565] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71 [ 800.554338][T13565] asix: probe of 3-1:0.251 failed with error -5 [ 800.594768][T13565] usb 3-1: USB disconnect, device number 8 [ 800.646234][T14959] loop2: detected capacity change from 0 to 8 [ 800.710516][T14959] SQUASHFS error: Unable to read inode 0x11f [ 802.023555][T14748] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 802.054190][T14748] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 802.163806][T14748] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 802.243067][T14748] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 802.298824][T14989] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2598'. [ 804.340088][T14748] 8021q: adding VLAN 0 to HW filter on device bond0 [ 804.376261][T14748] 8021q: adding VLAN 0 to HW filter on device team0 [ 804.455048][ T2116] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.462251][ T2116] bridge0: port 1(bridge_slave_0) entered forwarding state [ 804.489337][ T2116] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.496557][ T2116] bridge0: port 2(bridge_slave_1) entered forwarding state [ 804.952478][T14748] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 805.069451][T14748] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 805.228111][ T27] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 805.668814][ T27] usb 3-1: Using ep0 maxpacket: 16 [ 805.739569][ T27] usb 3-1: too many configurations: 112, using maximum allowed: 8 [ 806.068077][ T27] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 806.287955][ T27] usb 3-1: New USB device strings: Mfr=144, Product=246, SerialNumber=0 [ 806.302573][ T27] usb 3-1: Product: syz [ 806.307342][ T27] usb 3-1: Manufacturer: syz [ 806.314937][ T27] r8152-cfgselector 3-1: config 0 descriptor?? [ 806.324236][ T27] cdc_acm 3-1:0.0: Zero length descriptor references [ 806.337942][ T27] cdc_acm: probe of 3-1:0.0 failed with error -22 [ 807.050251][ T27] r8152-cfgselector 3-1: Unknown version 0x0000 [ 807.070285][ T27] r8152-cfgselector 3-1: USB disconnect, device number 9 [ 807.084375][T14748] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 807.236436][T14748] veth0_vlan: entered promiscuous mode [ 807.272299][T14748] veth1_vlan: entered promiscuous mode [ 807.369089][T14748] veth0_macvtap: entered promiscuous mode [ 807.392901][T14748] veth1_macvtap: entered promiscuous mode [ 807.445164][T14748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 807.480292][T14748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.504142][T14748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 807.517394][T14748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.548844][T14748] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 807.575227][T14748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 807.606539][T14748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.625629][T14748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 807.649992][T14748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 807.664778][T14748] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 807.681071][T14748] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.710674][T14748] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.753437][T14748] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.797627][T14748] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 809.172644][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.185005][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.749245][ T2116] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.814786][ T2116] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.874005][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.985369][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 811.094094][T15108] loop2: detected capacity change from 0 to 8 [ 811.158917][T15108] SQUASHFS error: Unable to read inode 0x11f [ 811.431836][T15118] loop0: detected capacity change from 0 to 128 [ 811.679257][T15118] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 812.065039][T15118] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 812.567304][T14748] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 813.757387][T15139] loop2: detected capacity change from 0 to 2048 [ 813.786831][ T5797] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 813.798390][ T5797] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 813.822477][ T5797] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 813.958931][ T5797] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 813.967437][ T5797] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 813.974982][ T5797] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 816.914978][ T5797] Bluetooth: hci0: command tx timeout [ 818.299293][T15187] syz_tun: entered allmulticast mode [ 819.220224][ T5797] Bluetooth: hci0: command tx timeout [ 821.247766][ T5797] Bluetooth: hci0: command tx timeout [ 821.409147][T15215] loop0: detected capacity change from 0 to 8 [ 821.545738][T15215] SQUASHFS error: Unable to read inode 0x11f [ 821.749159][ T42] tipc: Disabling bearer [ 821.905783][ T42] tipc: Left network mode [ 822.491591][T15234] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2649'. [ 823.504778][ T5797] Bluetooth: hci0: command tx timeout [ 823.780654][ T28] audit: type=1326 audit(1756537470.605:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 823.803262][ T28] audit: type=1326 audit(1756537470.615:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 823.834291][ T28] audit: type=1326 audit(1756537470.615:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 823.888000][T15148] chnl_net:caif_netlink_parms(): no params data found [ 823.935410][ T28] audit: type=1326 audit(1756537470.615:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 824.073351][ T28] audit: type=1326 audit(1756537470.615:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 824.115414][ T28] audit: type=1326 audit(1756537470.625:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 824.213490][ T28] audit: type=1326 audit(1756537470.625:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 824.297881][ T28] audit: type=1326 audit(1756537470.625:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 824.499642][ T28] audit: type=1326 audit(1756537470.625:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 824.884583][ T28] audit: type=1326 audit(1756537470.625:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15235 comm="syz.0.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e9ad8ebe9 code=0x7ffc0000 [ 825.715052][T15148] bridge0: port 1(bridge_slave_0) entered blocking state [ 825.746597][T15148] bridge0: port 1(bridge_slave_0) entered disabled state [ 825.911429][T15148] bridge_slave_0: entered allmulticast mode [ 826.056729][T15148] bridge_slave_0: entered promiscuous mode [ 826.325484][T15148] bridge0: port 2(bridge_slave_1) entered blocking state [ 826.413583][T15148] bridge0: port 2(bridge_slave_1) entered disabled state [ 826.420929][T15148] bridge_slave_1: entered allmulticast mode [ 826.428221][T15148] bridge_slave_1: entered promiscuous mode [ 826.494326][T15286] futex_wake_op: syz.3.2658 tries to shift op by 32; fix this program [ 826.790547][T15148] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 826.987518][T15148] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 827.105767][T15300] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 827.725193][T15148] team0: Port device team_slave_0 added [ 827.737860][T15148] team0: Port device team_slave_1 added [ 827.812511][T15303] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 827.996700][T15148] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 828.004050][T15148] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 828.034742][T15148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 828.073041][T15148] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 828.083216][T15148] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 828.145012][T15148] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 828.280316][T15312] loop0: detected capacity change from 0 to 8 [ 828.305558][T15312] SQUASHFS error: Unable to read inode 0x11f [ 829.184408][T15148] hsr_slave_0: entered promiscuous mode [ 829.196368][T15148] hsr_slave_1: entered promiscuous mode [ 829.204682][T15148] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 829.212708][T15148] Cannot create hsr debugfs directory [ 829.235383][ T42] hsr_slave_0: left promiscuous mode [ 829.242655][ T42] hsr_slave_1: left promiscuous mode [ 829.263812][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 829.288805][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 829.309265][ T42] bridge_slave_1: left allmulticast mode [ 829.322121][ T42] bridge_slave_1: left promiscuous mode [ 829.328708][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 829.338480][ T42] bridge_slave_0: left allmulticast mode [ 829.345018][ T42] bridge_slave_0: left promiscuous mode [ 829.357059][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 829.957455][ T42] team0 (unregistering): Port device team_slave_1 removed [ 830.010704][ T42] team0 (unregistering): Port device team_slave_0 removed [ 830.062879][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 830.113989][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 830.647418][ T42] bond0 (unregistering): Released all slaves [ 835.063850][T15148] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 835.131648][T15148] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 835.220491][T15148] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 835.276244][T15148] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 837.224505][T15148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 837.276093][T15148] 8021q: adding VLAN 0 to HW filter on device team0 [ 837.376369][ T2937] bridge0: port 1(bridge_slave_0) entered blocking state [ 837.383520][ T2937] bridge0: port 1(bridge_slave_0) entered forwarding state [ 837.416239][ T2937] bridge0: port 2(bridge_slave_1) entered blocking state [ 837.423385][ T2937] bridge0: port 2(bridge_slave_1) entered forwarding state [ 838.666612][T15411] xt_hashlimit: max too large, truncated to 1048576 [ 839.920763][T15148] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 840.750293][T15148] veth0_vlan: entered promiscuous mode [ 840.870291][T15148] veth1_vlan: entered promiscuous mode [ 841.676613][T15148] veth0_macvtap: entered promiscuous mode [ 841.727201][T15148] veth1_macvtap: entered promiscuous mode [ 843.517067][T15148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 843.552631][T15148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 843.594900][T15148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 843.629489][T15148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 843.643602][T15148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 843.657497][T15148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 843.675519][T15148] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 843.781018][T15148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 843.820227][T15148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 843.857676][T15148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 843.885197][T15148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 843.920815][T15148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 843.938065][T15148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 844.049230][T15148] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 844.114298][T15148] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.145716][T15148] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.154667][T15148] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.164000][T15148] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.169168][T15472] loop0: detected capacity change from 0 to 512 [ 844.259658][T15472] EXT4-fs: Ignoring removed oldalloc option [ 844.297070][ T3451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 844.321123][ T3451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 844.385604][T15472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 844.399049][T15472] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 844.433053][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 844.448205][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 846.787354][T14748] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 846.933842][ T5797] Bluetooth: hci2: command 0x0406 tx timeout [ 848.735863][T15518] overlay: Unknown parameter '\' [ 848.764040][ T5797] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 848.789411][ T5797] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 848.802110][ T5797] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 849.053438][ T5797] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 849.072637][ T5797] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 849.084616][ T5797] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 851.198370][ T5797] Bluetooth: hci3: command tx timeout [ 851.306947][ T76] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 851.635737][ T76] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 851.774398][T15520] chnl_net:caif_netlink_parms(): no params data found [ 852.024745][ T76] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 852.491230][ T76] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 853.332231][ T5797] Bluetooth: hci3: command tx timeout [ 855.163783][T15564] loop1: detected capacity change from 0 to 512 [ 855.291072][T15564] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002] [ 855.350297][T15564] System zones: 1-12 [ 855.369409][T15564] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.2720: Directory hole found for htree index block 0 [ 855.398098][T15520] bridge0: port 1(bridge_slave_0) entered blocking state [ 855.405270][T15520] bridge0: port 1(bridge_slave_0) entered disabled state [ 855.416476][ T5797] Bluetooth: hci3: command tx timeout [ 855.418217][T15564] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 855.435312][T15520] bridge_slave_0: entered allmulticast mode [ 855.448771][T15564] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.2720: Directory hole found for htree index block 0 [ 855.455238][T15520] bridge_slave_0: entered promiscuous mode [ 855.470870][T15520] bridge0: port 2(bridge_slave_1) entered blocking state [ 855.478271][T15520] bridge0: port 2(bridge_slave_1) entered disabled state [ 855.485503][T15520] bridge_slave_1: entered allmulticast mode [ 855.493301][T15520] bridge_slave_1: entered promiscuous mode [ 855.513074][T15564] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 855.543745][T15564] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 855.605385][T15520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 855.707126][T15564] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.2720: Directory hole found for htree index block 0 [ 855.724168][T15520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 856.133788][T15578] EXT4-fs error (device loop1): dx_probe:823: inode #2: comm syz.1.2720: Directory hole found for htree index block 0 [ 856.479323][T15148] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 856.613505][T15520] team0: Port device team_slave_0 added [ 856.755930][T15520] team0: Port device team_slave_1 added [ 856.816739][T15587] loop2: detected capacity change from 0 to 512 [ 856.878669][T15587] EXT4-fs: Ignoring removed mblk_io_submit option [ 856.977866][T15587] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 857.096555][T15587] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal [ 857.342242][T15520] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 857.481915][T15520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 857.509043][ T5797] Bluetooth: hci3: command tx timeout [ 857.539204][T15520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 857.619895][T15520] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 857.626881][T15520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 857.716193][T15520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 857.734459][ T76] tipc: Disabling bearer [ 857.742812][ T76] tipc: Left network mode [ 860.660190][T15520] hsr_slave_0: entered promiscuous mode [ 860.698021][T15520] hsr_slave_1: entered promiscuous mode [ 863.716411][T15665] loop1: detected capacity change from 0 to 256 [ 863.769125][T15665] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d) [ 864.073443][T15677] overlay: Unknown parameter '\' [ 867.110441][T15520] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 867.391307][T15520] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 867.931476][T15520] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 867.979038][T15520] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 868.155619][T15722] overlay: Unknown parameter '\' [ 868.187831][ T76] hsr_slave_0: left promiscuous mode [ 868.214385][ T76] hsr_slave_1: left promiscuous mode [ 868.221250][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 868.229047][ T76] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 868.237078][ T76] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 868.247079][ T76] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 868.261834][ T76] bridge_slave_1: left allmulticast mode [ 868.268287][ T76] bridge_slave_1: left promiscuous mode [ 868.274602][ T76] bridge0: port 2(bridge_slave_1) entered disabled state [ 868.302871][ T76] bridge_slave_0: left allmulticast mode [ 868.308702][ T76] bridge_slave_0: left promiscuous mode [ 868.314517][ T76] bridge0: port 1(bridge_slave_0) entered disabled state [ 868.346736][ T76] veth1_macvtap: left promiscuous mode [ 868.973523][ T76] team0 (unregistering): Port device team_slave_1 removed [ 869.057442][ T76] team0 (unregistering): Port device team_slave_0 removed [ 869.131845][ T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 869.338646][ T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 870.458707][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.497659][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.321446][ T76] bond0 (unregistering): Released all slaves [ 872.865573][T15520] 8021q: adding VLAN 0 to HW filter on device bond0 [ 872.925957][T15769] overlay: Unknown parameter '\' [ 873.563721][T15520] 8021q: adding VLAN 0 to HW filter on device team0 [ 873.650996][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 873.658319][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 873.758294][ T76] IPVS: stop unused estimator thread 0... [ 873.881040][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 873.888357][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 874.394719][T15520] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 874.435802][T15520] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 876.290776][T15809] loop1: detected capacity change from 0 to 8 [ 876.328131][T15809] SQUASHFS error: Unable to read inode 0x11f [ 876.722189][T15520] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 876.872703][T15520] veth0_vlan: entered promiscuous mode [ 876.915734][T15520] veth1_vlan: entered promiscuous mode [ 877.363138][T15520] veth0_macvtap: entered promiscuous mode [ 877.658661][T15520] veth1_macvtap: entered promiscuous mode [ 877.714404][T15826] overlay: Unknown parameter '\' [ 877.722537][T15520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 877.792296][T15520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 877.842396][T15520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 877.875045][T15520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 877.906103][T15520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 877.940864][T15520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 877.966775][T15520] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 878.006256][T15520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 878.035220][T15520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.077603][T15520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 878.110234][T15520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.133162][T15520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 878.157908][T15520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 878.181545][T15520] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 878.230036][T15520] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 878.246141][T15520] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 878.263075][T15520] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 878.273475][T15520] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 878.761549][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 878.776297][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 879.018667][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 879.084172][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 879.725632][T15855] loop1: detected capacity change from 0 to 8 [ 879.763468][T15855] SQUASHFS error: Unable to read inode 0x11f [ 881.171106][T15876] overlay: Unknown parameter '\' [ 883.904548][T15912] loop3: detected capacity change from 0 to 8 [ 884.160340][T15912] SQUASHFS error: Unable to read inode 0x11f [ 885.696456][T15933] overlay: Unknown parameter '\' [ 886.147547][ C0] hrtimer: interrupt took 47312 ns [ 889.480619][T15962] loop1: detected capacity change from 0 to 8 [ 889.532051][T15962] SQUASHFS error: Unable to read inode 0x11f [ 889.830173][T15659] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 890.790604][T15978] overlay: Unknown parameter '\' [ 893.761990][T16007] loop0: detected capacity change from 0 to 8 [ 893.894764][T16007] SQUASHFS error: Unable to read inode 0x11f [ 895.638020][T16020] overlay: Unknown parameter '\' [ 898.438866][T16047] loop2: detected capacity change from 0 to 8 [ 898.520797][T16047] SQUASHFS error: Unable to read inode 0x11f [ 900.674204][T16058] overlay: Unknown parameter '\' [ 902.791986][T16084] loop2: detected capacity change from 0 to 8 [ 902.821552][T16084] SQUASHFS error: Unable to read inode 0x11f [ 904.162791][T16099] overlay: Unknown parameter '\' [ 908.463835][T16124] loop2: detected capacity change from 0 to 8 [ 908.618162][T16124] SQUASHFS error: Unable to read inode 0x11f [ 909.849434][T16139] overlay: Unknown parameter '\' [ 914.491607][T16166] loop3: detected capacity change from 0 to 8 [ 914.528009][T16166] SQUASHFS error: Unable to read inode 0x11f [ 915.736860][T16185] overlay: Unknown parameter '\' [ 918.609964][T16190] Bluetooth: hci4: command 0x0406 tx timeout [ 920.606663][T16217] loop2: detected capacity change from 0 to 8 [ 920.632944][T16217] SQUASHFS error: Unable to read inode 0x11f [ 920.672460][T16219] overlay: Unknown parameter '\' [ 925.288973][T16265] loop0: detected capacity change from 0 to 8 [ 925.318203][T16265] SQUASHFS error: Unable to read inode 0x11f [ 925.427454][T16267] overlay: Unknown parameter '\' [ 927.688350][T16285] loop0: detected capacity change from 0 to 8 [ 927.710887][T16285] SQUASHFS error: Unable to read inode 0x11f [ 928.034582][T16289] fuse: Unknown parameter 'grou00000000000000000000' [ 928.266254][T16292] fuse: Bad value for 'user_id' [ 928.669492][T15659] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 928.746700][T16294] netlink: 'syz.1.2906': attribute type 4 has an invalid length. [ 928.952244][T16299] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2908'. [ 929.048729][T16299] syz_tun (unregistering): left allmulticast mode [ 929.291428][T16308] fuse: Unknown parameter 'use00000000000000000000' [ 930.237489][T16312] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 930.365726][T16318] overlay: Unknown parameter '\' [ 930.657716][ T5829] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 931.427642][ T5829] usb 4-1: Using ep0 maxpacket: 16 [ 931.809940][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.816524][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.731234][T16329] fuse: Unknown parameter 'grou00000000000000000000' [ 935.357319][T16336] fuse: Bad value for 'user_id' [ 936.102871][T16338] netlink: 'syz.0.2918': attribute type 4 has an invalid length. [ 937.297095][ T5829] usb 4-1: device descriptor read/all, error -110 [ 937.498228][T16349] overlay: Unknown parameter '\' [ 939.038954][T16190] Bluetooth: hci0: command 0x0406 tx timeout [ 939.271330][T16361] fuse: Unknown parameter 'grou00000000000000000000' [ 939.968225][T16373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2927'. [ 940.140875][T16376] fuse: Bad value for 'user_id' [ 943.208140][T16391] fuse: Unknown parameter 'use00000000000000000000' [ 943.240459][T16391] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 943.667823][T13923] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 944.372153][T13923] usb 1-1: Using ep0 maxpacket: 16 [ 944.414479][T13923] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 944.561087][T13923] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 944.604083][T13923] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 944.664828][T13923] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 944.777110][T13923] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 945.616997][T13923] usb 1-1: string descriptor 0 read error: -71 [ 945.647333][T13923] usb 1-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 945.687790][T13923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 945.708715][T16412] overlay: Unknown parameter '\' [ 945.757686][T13923] usb 1-1: can't set config #1, error -71 [ 945.985113][T13923] usb 1-1: USB disconnect, device number 18 [ 946.734044][T16418] fuse: Unknown parameter 'group_i00000000000000000000' [ 947.841746][T16430] fuse: Bad value for 'fd' [ 947.958626][T16431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2938'. [ 949.683127][T16451] fuse: Unknown parameter 'use00000000000000000000' [ 949.768725][T16451] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 950.797712][T13565] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 951.027745][T13565] usb 1-1: Using ep0 maxpacket: 16 [ 951.896167][T13565] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 952.047786][T13565] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 952.085122][T13565] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 952.117693][T13565] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 952.186931][T13565] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 952.349785][T13565] usb 1-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 952.425350][T13565] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 952.479120][T13565] usb 1-1: SerialNumber: syz [ 953.263922][T13565] usb 1-1: can't set config #1, error -71 [ 953.322854][T13565] usb 1-1: USB disconnect, device number 19 [ 953.336338][T16474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2949'. [ 953.513001][T16476] netlink: 'syz.0.2950': attribute type 4 has an invalid length. [ 954.757266][T16487] loop1: detected capacity change from 0 to 8 [ 954.814442][T16487] SQUASHFS error: Unable to read inode 0x11f [ 955.073277][T16491] loop2: detected capacity change from 0 to 8 [ 955.105226][T16491] SQUASHFS error: Unable to read inode 0x11f [ 956.136271][T16504] netlink: 'syz.2.2959': attribute type 4 has an invalid length. [ 956.343035][T16508] fuse: Unknown parameter 'user_i00000000000000000000' [ 956.354983][T16508] fuse: Unknown parameter '0xffffffffffffffff‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 956.797576][T13923] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 957.087667][T13923] usb 4-1: Using ep0 maxpacket: 16 [ 957.095226][T13923] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 957.127028][T13923] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 957.185358][T13923] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 957.443809][T16516] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2961'. [ 957.453248][T13923] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 957.533979][T13923] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 957.653143][T13923] usb 4-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 957.710904][T13923] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 957.776920][T13923] usb 4-1: SerialNumber: syz [ 957.829772][T16508] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 957.857992][T13923] cdc_acm 4-1:1.0: Control and data interfaces are not separated! [ 957.948065][T13923] cdc_acm: probe of 4-1:1.0 failed with error -12 [ 958.560327][T16531] loop1: detected capacity change from 0 to 8 [ 958.587918][T16531] SQUASHFS error: Unable to read inode 0x11f [ 960.203573][T16540] netlink: 'syz.1.2968': attribute type 4 has an invalid length. [ 960.376200][T16542] loop1: detected capacity change from 0 to 8 [ 960.433464][T16542] SQUASHFS error: Unable to read inode 0x11f [ 960.574426][T13923] usb 4-1: USB disconnect, device number 17 [ 961.374390][T16558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2973'. [ 962.259750][T16566] loop0: detected capacity change from 0 to 8 [ 962.315496][T16566] SQUASHFS error: Unable to read inode 0x11f [ 963.554814][T16576] netlink: 'syz.0.2978': attribute type 4 has an invalid length. [ 963.738066][T16582] fuse: Unknown parameter 'user_i00000000000000000000' [ 963.746682][T16582] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 964.057631][T13565] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 964.105564][T16585] loop2: detected capacity change from 0 to 8 [ 964.128929][T16585] SQUASHFS error: Unable to read inode 0x11f [ 964.221920][T15659] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 964.489456][T13565] usb 2-1: Using ep0 maxpacket: 16 [ 964.581429][T13565] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 964.608090][T13565] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 964.629618][T13565] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 964.643220][T13565] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 964.669580][T13565] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 964.696592][T13565] usb 2-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 964.706942][T13565] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 964.718208][T13565] usb 2-1: SerialNumber: syz [ 965.120110][T16582] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 965.148507][T13565] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 965.160049][T13565] cdc_acm: probe of 2-1:1.0 failed with error -12 [ 965.823606][T16602] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2984'. [ 966.143612][T16605] loop0: detected capacity change from 0 to 8 [ 966.160458][T16605] SQUASHFS error: Unable to read inode 0x11f [ 967.534142][T16613] netlink: 'syz.0.2988': attribute type 4 has an invalid length. [ 968.182156][T13923] usb 2-1: USB disconnect, device number 11 [ 968.332169][T16627] loop1: detected capacity change from 0 to 8 [ 968.373885][T16627] SQUASHFS error: Unable to read inode 0x11f [ 968.772882][T16637] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2994'. [ 970.352111][T16646] netlink: 'syz.2.2997': attribute type 4 has an invalid length. [ 970.639306][T16648] loop2: detected capacity change from 0 to 8 [ 970.692755][T16648] SQUASHFS error: Unable to read inode 0x11f [ 971.277966][T16661] fuse: Unknown parameter 'user_i00000000000000000000' [ 971.307467][T16661] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 971.607612][ T5829] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 971.633643][T16671] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3004'. [ 971.982160][ T5829] usb 1-1: Using ep0 maxpacket: 16 [ 972.919164][ T5829] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 972.967691][ T5829] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 972.977464][ T5829] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 973.066103][T16679] netlink: 'syz.2.3006': attribute type 4 has an invalid length. [ 973.089988][ T5829] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 973.167074][ T5829] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 973.261307][ T5829] usb 1-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 973.313380][ T5829] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 973.354361][ T5829] usb 1-1: SerialNumber: syz [ 973.369559][T16681] loop2: detected capacity change from 0 to 8 [ 973.408080][T16661] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 973.462096][ T5829] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 973.468977][T16681] SQUASHFS error: Unable to read inode 0x11f [ 973.540282][ T5829] cdc_acm: probe of 1-1:1.0 failed with error -12 [ 974.562791][T16699] loop2: detected capacity change from 0 to 8 [ 974.834765][T16699] SQUASHFS error: Unable to read inode 0x11f [ 974.857729][T16190] Bluetooth: hci3: command 0x0406 tx timeout [ 975.235631][ T5829] usb 1-1: USB disconnect, device number 20 [ 976.368599][T16715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3015'. [ 976.457286][T16717] netlink: 'syz.1.3016': attribute type 4 has an invalid length. [ 976.462168][T16719] loop0: detected capacity change from 0 to 8 [ 976.536051][T16719] SQUASHFS error: Unable to read inode 0x11f [ 977.096682][T16730] loop0: detected capacity change from 0 to 8 [ 977.166937][T16730] SQUASHFS error: Unable to read inode 0x11f [ 977.924830][T16744] fuse: Unknown parameter 'user_id00000000000000000000' [ 977.954240][T16744] fuse: Unknown parameter '0x0000000000000008‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 978.950259][ T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 979.321149][ T9] usb 2-1: Using ep0 maxpacket: 16 [ 979.357372][ T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 979.495524][ T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 979.495853][T16754] netlink: 'syz.2.3027': attribute type 4 has an invalid length. [ 980.097527][ T9] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 980.107348][ T9] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 980.146513][T16762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3028'. [ 980.176374][ T9] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 980.326543][ T9] usb 2-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 980.339677][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 980.349435][ T9] usb 2-1: SerialNumber: syz [ 980.359681][T16744] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 980.374672][ T9] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 980.409110][ T9] cdc_acm: probe of 2-1:1.0 failed with error -12 [ 980.524509][T16766] loop0: detected capacity change from 0 to 8 [ 980.577442][T16766] SQUASHFS error: Unable to read inode 0x11f [ 980.702261][T16768] loop2: detected capacity change from 0 to 8 [ 980.765586][T16768] SQUASHFS error: Unable to read inode 0x11f [ 980.901562][ T9] usb 2-1: USB disconnect, device number 12 [ 981.098260][T16778] netlink: 'syz.1.3037': attribute type 4 has an invalid length. [ 982.183370][T16789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3040'. [ 983.409756][T16801] loop0: detected capacity change from 0 to 8 [ 983.484125][T16801] SQUASHFS error: Unable to read inode 0x11f [ 984.268787][T16809] loop2: detected capacity change from 0 to 8 [ 984.332167][T16810] fuse: Unknown parameter 'user_id00000000000000000000' [ 984.339903][T16809] SQUASHFS error: Unable to read inode 0x11f [ 984.359898][T16810] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 984.396489][T16812] netlink: 'syz.0.3047': attribute type 4 has an invalid length. [ 984.423065][T15659] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 984.667663][ T5829] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 984.900230][T16819] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3049'. [ 984.957597][ T5829] usb 4-1: Using ep0 maxpacket: 16 [ 985.649825][ T5829] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 985.668800][ T5829] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 985.692173][T16829] loop0: detected capacity change from 0 to 8 [ 985.698486][ T5829] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 985.725428][T16829] SQUASHFS error: Unable to read inode 0x11f [ 985.737327][ T5829] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 985.900847][ T5829] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 985.923141][ T5829] usb 4-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 985.937990][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 985.954843][ T5829] usb 4-1: SerialNumber: syz [ 986.008443][T16810] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 986.041923][ T5829] cdc_acm 4-1:1.0: Control and data interfaces are not separated! [ 986.065310][ T5829] cdc_acm: probe of 4-1:1.0 failed with error -12 [ 987.604617][T16845] netlink: 'syz.1.3057': attribute type 4 has an invalid length. [ 987.977422][ T5774] usb 4-1: USB disconnect, device number 18 [ 988.046308][T16849] loop2: detected capacity change from 0 to 8 [ 988.084246][T16849] SQUASHFS error: Unable to read inode 0x11f [ 988.643813][T16858] loop2: detected capacity change from 0 to 8 [ 989.045777][T16858] SQUASHFS error: Unable to read inode 0x11f [ 990.905489][T16886] loop2: detected capacity change from 0 to 8 [ 990.923435][T16886] SQUASHFS error: Unable to read inode 0x11f [ 990.991740][T15659] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 991.108763][T16888] fuse: Unknown parameter 'user_id00000000000000000000' [ 991.141341][T16888] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 991.422079][ T5774] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 991.553503][ C0] raw-gadget.0 gadget.1: ignoring, device is not running [ 991.793035][T16902] loop0: detected capacity change from 0 to 8 [ 991.994781][ T5774] usb 2-1: device descriptor read/64, error -32 [ 992.298090][ T5774] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 992.618914][T16902] SQUASHFS error: Unable to read inode 0x11f [ 992.843189][ T5774] usb 2-1: Using ep0 maxpacket: 16 [ 993.013625][ T5829] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 993.117457][ T5774] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 993.140928][ T5774] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 993.152949][ T5774] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 993.163448][ T5774] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 993.174615][ T5774] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 993.210248][ T5829] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 993.219487][ T5829] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 993.231653][ T5829] usb 3-1: config 0 descriptor?? [ 993.246012][ T5829] cp210x 3-1:0.0: cp210x converter detected [ 993.265618][ T5774] usb 2-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 993.268459][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.281289][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.375295][ T5774] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 993.438139][ T5774] usb 2-1: SerialNumber: syz [ 993.485877][T16888] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 993.502424][ T5774] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 993.531051][ T5774] cdc_acm: probe of 2-1:1.0 failed with error -12 [ 993.733080][ T5829] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 993.791993][T16907] loop2: detected capacity change from 0 to 1024 [ 993.952208][ T5829] cp210x 3-1:0.0: GPIO initialisation failed: -524 [ 994.137031][ T5829] usb 3-1: cp210x converter now attached to ttyUSB0 [ 994.302113][ T5829] usb 3-1: USB disconnect, device number 10 [ 994.437996][ T5829] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 994.467998][ T5829] cp210x 3-1:0.0: device disconnected [ 995.312675][T16935] loop3: detected capacity change from 0 to 8 [ 995.383813][ T1186] usb 2-1: USB disconnect, device number 14 [ 995.419414][T16935] SQUASHFS error: Unable to read inode 0x11f [ 996.628818][T16948] loop3: detected capacity change from 0 to 8 [ 996.681544][T16948] SQUASHFS error: Unable to read inode 0x11f [ 997.061495][T16954] loop3: detected capacity change from 0 to 1024 [ 997.104169][T16954] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 997.207331][T16954] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 48: comm syz.3.3088: bad entry in directory: inode out of bounds - offset=0, inode=2306, rec_len=12, size=1024 fake=1 [ 997.306975][T16954] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #2: block 48: comm syz.3.3088: bad entry in directory: inode out of bounds - offset=0, inode=2306, rec_len=12, size=1024 fake=1 [ 997.447661][T15520] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 998.400844][T16975] fuse: Bad value for 'fd' [ 998.419129][T16975] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 998.812175][ T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 999.047837][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 999.538084][ T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 999.607164][ T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 999.617561][ T9] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 999.627824][ T9] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 999.638447][ T9] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 999.714479][ T9] usb 3-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 999.743321][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 999.757585][ T9] usb 3-1: SerialNumber: syz [ 1000.028435][T16975] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1000.047348][ T9] cdc_acm 3-1:1.0: Control and data interfaces are not separated! [ 1000.066679][ T9] cdc_acm: probe of 3-1:1.0 failed with error -12 [ 1002.581037][ T1186] usb 3-1: USB disconnect, device number 11 [ 1005.177234][T17043] loop1: detected capacity change from 0 to 2048 [ 1005.211750][T17043] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 1005.232294][T17043] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1005.285510][T17043] UDF-fs: error (device loop1): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field [ 1005.343962][T17048] fuse: Bad value for 'fd' [ 1005.361367][T17048] fuse: Unknown parameter '0x0000000000000006‡ëò àgçÙ%wAÝÕ˘Év…¾û' [ 1005.427884][T17050] loop2: detected capacity change from 0 to 256 [ 1005.672878][ T5829] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 1005.998453][ T5829] usb 1-1: Using ep0 maxpacket: 16 [ 1006.142710][T17058] loop1: detected capacity change from 0 to 8 [ 1006.183149][ T5829] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1006.199266][T17058] SQUASHFS error: Unable to read inode 0x11f [ 1006.242550][ T5829] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1006.259473][ T5829] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 1006.272795][ T5829] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576 [ 1006.284662][ T5829] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 1006.346708][T17063] loop2: detected capacity change from 0 to 256 [ 1007.168507][ T5829] usb 1-1: New USB device found, idVendor=0505, idProduct=a4a1, bcdDevice= 0.40 [ 1007.221129][ T5829] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1007.267610][ T5829] usb 1-1: SerialNumber: syz [ 1007.461687][T17048] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1007.470619][ T5829] cdc_acm 1-1:1.0: Control and data interfaces are not separated! [ 1007.479392][ T5829] cdc_acm: probe of 1-1:1.0 failed with error -12 [ 1007.536518][T17072] trusted_key: syz.2.3124 sent an empty control message without MSG_MORE. [ 1007.555778][T17072] loop2: detected capacity change from 0 to 256 [ 1009.901613][ T5829] usb 1-1: USB disconnect, device number 21 [ 1010.094273][T17097] loop0: detected capacity change from 0 to 8 [ 1010.165103][T17097] SQUASHFS error: Unable to read inode 0x11f [ 1011.384389][T17120] loop2: detected capacity change from 0 to 1024 [ 1011.455346][T17120] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1011.671983][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 1011.671997][ T28] audit: type=1800 audit(1756537659.395:125): pid=17120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3141" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 1011.699427][T17120] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.3141: Allocating blocks 497-513 which overlap fs metadata [ 1011.899835][T13535] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1012.273004][T17136] loop2: detected capacity change from 0 to 8 [ 1012.296451][T17136] SQUASHFS error: Unable to read inode 0x11f [ 1014.939290][T17168] loop0: detected capacity change from 0 to 8 [ 1014.959581][T17168] SQUASHFS error: Unable to read inode 0x11f [ 1015.168857][T17174] loop1: detected capacity change from 0 to 16 [ 1015.188702][T17174] erofs: (device loop1): mounted with root inode @ nid 36. [ 1015.370501][T17179] loop3: detected capacity change from 0 to 4096 [ 1015.385143][T17179] EXT4-fs: Ignoring removed i_version option [ 1015.402712][T17179] EXT4-fs: Ignoring removed orlov option [ 1015.420238][T17179] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1015.465879][T17179] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1015.518823][T17179] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1015.631591][T17179] [ 1015.633953][T17179] ====================================================== [ 1015.640967][T17179] WARNING: possible circular locking dependency detected [ 1015.647993][T17179] syzkaller #0 Not tainted [ 1015.652406][T17179] ------------------------------------------------------ [ 1015.659508][T17179] syz.3.3157/17179 is trying to acquire lock: [ 1015.665575][T17179] ffff888148ddf0c0 (mapping.invalidate_lock#2){++++}-{3:3}, at: page_cache_ra_unbounded+0xdc/0x770 [ 1015.676322][T17179] [ 1015.676322][T17179] but task is already holding lock: [ 1015.683684][T17179] ffff88802e969810 (&type->i_mutex_dir_key#3){++++}-{3:3}, at: iterate_dir+0xcb/0x580 [ 1015.693384][T17179] [ 1015.693384][T17179] which lock already depends on the new lock. [ 1015.693384][T17179] [ 1015.703789][T17179] [ 1015.703789][T17179] the existing dependency chain (in reverse order) is: [ 1015.712800][T17179] [ 1015.712800][T17179] -> #4 (&type->i_mutex_dir_key#3){++++}-{3:3}: [ 1015.721243][T17179] down_read+0x46/0x2e0 [ 1015.725915][T17179] lookup_one_unlocked+0x171/0x290 [ 1015.731535][T17179] lookup_positive_unlocked+0x2b/0xb0 [ 1015.737412][T17179] dquot_quota_on_mount+0x57/0xe0 [ 1015.742944][T17179] ext4_orphan_cleanup+0x6e1/0x1400 [ 1015.748651][T17179] ext4_fill_super+0x5de7/0x66c0 [ 1015.754092][T17179] get_tree_bdev+0x3e4/0x510 [ 1015.759189][T17179] vfs_get_tree+0x8c/0x280 [ 1015.764105][T17179] do_new_mount+0x24b/0xa40 [ 1015.769114][T17179] __se_sys_mount+0x2da/0x3c0 [ 1015.774306][T17179] do_syscall_64+0x55/0xb0 [ 1015.779241][T17179] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1015.785649][T17179] [ 1015.785649][T17179] -> #3 (&type->s_umount_key#31){++++}-{3:3}: [ 1015.793901][T17179] down_read+0x46/0x2e0 [ 1015.798575][T17179] super_lock+0x167/0x360 [ 1015.803415][T17179] fs_bdev_sync+0xa4/0x170 [ 1015.808335][T17179] blkdev_common_ioctl+0x880/0x23d0 [ 1015.814040][T17179] blkdev_ioctl+0x4eb/0x6f0 [ 1015.819054][T17179] __se_sys_ioctl+0xfd/0x170 [ 1015.824156][T17179] do_syscall_64+0x55/0xb0 [ 1015.829079][T17179] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1015.835481][T17179] [ 1015.835481][T17179] -> #2 (&bdev->bd_holder_lock){+.+.}-{3:3}: [ 1015.843819][T17179] __mutex_lock+0x129/0xcc0 [ 1015.848842][T17179] bd_finish_claiming+0x22f/0x3f0 [ 1015.854373][T17179] blkdev_get_by_dev+0x45c/0x600 [ 1015.859824][T17179] bdev_open_by_dev+0x77/0x100 [ 1015.865094][T17179] setup_bdev_super+0x59/0x660 [ 1015.870363][T17179] mount_bdev+0x1dd/0x2d0 [ 1015.875197][T17179] legacy_get_tree+0xea/0x180 [ 1015.880381][T17179] vfs_get_tree+0x8c/0x280 [ 1015.885299][T17179] do_new_mount+0x24b/0xa40 [ 1015.890310][T17179] init_mount+0xd2/0x120 [ 1015.895156][T17179] do_mount_root+0x97/0x230 [ 1015.900172][T17179] mount_root_generic+0x195/0x3c0 [ 1015.905707][T17179] prepare_namespace+0xc2/0x100 [ 1015.911067][T17179] kernel_init_freeable+0x413/0x570 [ 1015.916774][T17179] kernel_init+0x1d/0x1c0 [ 1015.921619][T17179] ret_from_fork+0x48/0x80 [ 1015.926544][T17179] ret_from_fork_asm+0x11/0x20 [ 1015.931816][T17179] [ 1015.931816][T17179] -> #1 (bdev_lock){+.+.}-{3:3}: [ 1015.938925][T17179] __mutex_lock+0x129/0xcc0 [ 1015.943940][T17179] bd_prepare_to_claim+0x1ba/0x480 [ 1015.949568][T17179] truncate_bdev_range+0x4e/0x260 [ 1015.955093][T17179] blkdev_fallocate+0x4e0/0x670 [ 1015.960448][T17179] vfs_fallocate+0x58e/0x700 [ 1015.965558][T17179] __x64_sys_fallocate+0xc1/0x110 [ 1015.971099][T17179] do_syscall_64+0x55/0xb0 [ 1015.976031][T17179] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1015.982443][T17179] [ 1015.982443][T17179] -> #0 (mapping.invalidate_lock#2){++++}-{3:3}: [ 1015.990950][T17179] __lock_acquire+0x2ddb/0x7c80 [ 1015.996308][T17179] lock_acquire+0x197/0x410 [ 1016.001315][T17179] down_read+0x46/0x2e0 [ 1016.005987][T17179] page_cache_ra_unbounded+0xdc/0x770 [ 1016.011874][T17179] ext4_readdir+0xb71/0x39d0 [ 1016.016990][T17179] iterate_dir+0x1c2/0x580 [ 1016.021923][T17179] __se_sys_getdents64+0xe9/0x260 [ 1016.027455][T17179] do_syscall_64+0x55/0xb0 [ 1016.032384][T17179] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1016.038785][T17179] [ 1016.038785][T17179] other info that might help us debug this: [ 1016.038785][T17179] [ 1016.049080][T17179] Chain exists of: [ 1016.049080][T17179] mapping.invalidate_lock#2 --> &type->s_umount_key#31 --> &type->i_mutex_dir_key#3 [ 1016.049080][T17179] [ 1016.064371][T17179] Possible unsafe locking scenario: [ 1016.064371][T17179] [ 1016.071802][T17179] CPU0 CPU1 [ 1016.077235][T17179] ---- ---- [ 1016.082579][T17179] rlock(&type->i_mutex_dir_key#3); [ 1016.087855][T17179] lock(&type->s_umount_key#31); [ 1016.095390][T17179] lock(&type->i_mutex_dir_key#3); [ 1016.103179][T17179] rlock(mapping.invalidate_lock#2); [ 1016.108534][T17179] [ 1016.108534][T17179] *** DEADLOCK *** [ 1016.108534][T17179] [ 1016.116656][T17179] 2 locks held by syz.3.3157/17179: [ 1016.121833][T17179] #0: ffff8880777d00c8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2a3/0x330 [ 1016.131049][T17179] #1: ffff88802e969810 (&type->i_mutex_dir_key#3){++++}-{3:3}, at: iterate_dir+0xcb/0x580 [ 1016.141041][T17179] [ 1016.141041][T17179] stack backtrace: [ 1016.146917][T17179] CPU: 1 PID: 17179 Comm: syz.3.3157 Not tainted syzkaller #0 [ 1016.154354][T17179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1016.164405][T17179] Call Trace: [ 1016.167670][T17179] [ 1016.170592][T17179] dump_stack_lvl+0x16c/0x230 [ 1016.175257][T17179] ? load_image+0x3b0/0x3b0 [ 1016.179745][T17179] ? show_regs_print_info+0x20/0x20 [ 1016.184932][T17179] ? print_circular_bug+0x12b/0x1a0 [ 1016.190118][T17179] check_noncircular+0x2bd/0x3c0 [ 1016.195045][T17179] ? print_deadlock_bug+0x5d0/0x5d0 [ 1016.200227][T17179] ? lockdep_lock+0xe0/0x220 [ 1016.204800][T17179] ? _find_first_zero_bit+0xd3/0x100 [ 1016.210086][T17179] __lock_acquire+0x2ddb/0x7c80 [ 1016.214939][T17179] ? verify_lock_unused+0x140/0x140 [ 1016.220128][T17179] ? verify_lock_unused+0x140/0x140 [ 1016.225318][T17179] ? xas_descend+0x3a4/0x490 [ 1016.229901][T17179] lock_acquire+0x197/0x410 [ 1016.234397][T17179] ? page_cache_ra_unbounded+0xdc/0x770 [ 1016.239950][T17179] ? __might_sleep+0xe0/0xe0 [ 1016.244546][T17179] ? read_lock_is_recursive+0x20/0x20 [ 1016.249906][T17179] ? blk_cgroup_congested+0x1f/0x220 [ 1016.255180][T17179] down_read+0x46/0x2e0 [ 1016.259323][T17179] ? page_cache_ra_unbounded+0xdc/0x770 [ 1016.264859][T17179] page_cache_ra_unbounded+0xdc/0x770 [ 1016.270223][T17179] ? do_page_cache_ra+0xdf/0x100 [ 1016.275149][T17179] ext4_readdir+0xb71/0x39d0 [ 1016.279942][T17179] ? ext4_dir_llseek+0x4b0/0x4b0 [ 1016.284872][T17179] ? __might_sleep+0xe0/0xe0 [ 1016.289448][T17179] ? read_lock_is_recursive+0x20/0x20 [ 1016.294804][T17179] ? lockdep_hardirqs_on+0x98/0x150 [ 1016.299991][T17179] ? __fdget_pos+0x2a3/0x330 [ 1016.304574][T17179] ? mutex_lock_nested+0x20/0x20 [ 1016.309495][T17179] ? end_current_label_crit_section+0x149/0x170 [ 1016.315727][T17179] ? down_read_killable+0x1d0/0x340 [ 1016.320912][T17179] ? fsnotify_perm+0x271/0x5e0 [ 1016.325666][T17179] iterate_dir+0x1c2/0x580 [ 1016.330070][T17179] __se_sys_getdents64+0xe9/0x260 [ 1016.335085][T17179] ? __x64_sys_getdents64+0x80/0x80 [ 1016.340288][T17179] ? filldir+0x680/0x680 [ 1016.344538][T17179] ? lockdep_hardirqs_on+0x98/0x150 [ 1016.349742][T17179] do_syscall_64+0x55/0xb0 [ 1016.354163][T17179] ? clear_bhb_loop+0x40/0x90 [ 1016.358919][T17179] ? clear_bhb_loop+0x40/0x90 [ 1016.363580][T17179] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1016.369475][T17179] RIP: 0033:0x7fd085b8ebe9 [ 1016.373889][T17179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1016.393491][T17179] RSP: 002b:00007fd083df6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 1016.401892][T17179] RAX: ffffffffffffffda RBX: 00007fd085dc5fa0 RCX: 00007fd085b8ebe9 [ 1016.409854][T17179] RDX: 00000000000000b3 RSI: 0000200000000200 RDI: 0000000000000005 [ 1016.417809][T17179] RBP: 00007fd085c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1016.425765][T17179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1016.433722][T17179] R13: 00007fd085dc6038 R14: 00007fd085dc5fa0 R15: 00007ffca9bdc688 [ 1016.441689][T17179] [ 1016.493328][T17179] EXT4-fs error (device loop3): ext4_readdir:263: inode #12: block 80: comm syz.3.3157: path /81/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 1016.518428][T17179] EXT4-fs (loop3): Remounting filesystem read-only [ 1016.780310][T15520] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.