last executing test programs: 7.80290707s ago: executing program 4 (id=1406): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000ac0)={'filter\x00', 0x102, 0x4, 0x418, 0x220, 0x0, 0x220, 0x330, 0x330, 0x330, 0x4, 0x0, {[{{@arp={@remote, @remote, 0x0, 0x0, 0x0, 0xfd, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @remote, @multicast1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0xb}, @multicast2, @dev={0xac, 0x14, 0x14, 0x3d}, 0x9, 0xffffffff}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'batadv_slave_1\x00', 'ipvlan1\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e9fb760d26c0", @multicast2, @broadcast}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468) 6.052812141s ago: executing program 4 (id=1416): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x40d51e82f7aa5494}}, 0x18) 5.577889424s ago: executing program 4 (id=1419): syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, 0x0, 0x0) r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xcc) ioctl$sock_ax25_SIOCADDRT(r1, 0x890b, &(0x7f0000000000)={@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x8, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @bcast, @null]}) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$nfc_llcp(r2, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "750538d1ee602ec4802ae2e97cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f8fbd71ec275000386e7d95f0669b740a5418d69d0", 0x1000000000003f}, 0x60) syz_usb_disconnect(0xffffffffffffffff) r3 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200008c0) sendmsg$kcm(r3, 0x0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]}) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, 0x0, 0x77) unshare(0x200) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)) close_range(r4, 0xffffffffffffffff, 0x0) 5.510584815s ago: executing program 0 (id=1420): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) r1 = socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e086dd200000006006000aac14140ce0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 5.325451328s ago: executing program 0 (id=1422): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000800)='bbr', 0x3) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x80040000}}], 0x1, 0x20000810) 5.193011086s ago: executing program 0 (id=1425): r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1}) r2 = dup(r1) syz_io_uring_setup(0xd, &(0x7f0000000200), &(0x7f00000003c0), 0x0) r3 = mq_open(0x0, 0x6e93ebbbcc0884f2, 0x0, 0x0) mq_timedsend(r3, 0x0, 0x0, 0x4, 0x0) epoll_create(0x8) r4 = getpgrp(0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1a1b6000) r6 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x1, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) fchdir(0xffffffffffffffff) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r2, 0x0) 4.021174693s ago: executing program 4 (id=1431): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0) capset(0x0, 0x0) r0 = socket$nl_audit(0x10, 0x3, 0x9) bind$netlink(r0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = socket$inet_udp(0x2, 0x2, 0x0) recvmsg(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x40000100) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) ioctl$SNDCTL_FM_LOAD_INSTR(r1, 0x40285107) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa845942824251d7d17b5191584bcd4fbe40a23424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"b3472eb9cd42d2030000002000", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000100)={'ip6tnl0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0, 0x3}, 0x94) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 3.851252397s ago: executing program 0 (id=1433): syz_usb_connect(0x0, 0x36, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r1 = memfd_create(&(0x7f00000004c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g&\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05N\xb9\x1dOr\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x3) ftruncate(r1, 0xffff) close(0x3) fcntl$addseals(r1, 0x409, 0x7) ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000001c0)={r1, 0x1, 0x0, 0x8000}) r2 = syz_io_uring_setup(0x23d, &(0x7f0000000240)={0x0, 0x9c0e, 0x10100, 0x0, 0x200}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x2df0, 0x0, 0x0, 0x0, 0x0) 3.152524533s ago: executing program 1 (id=1438): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7c}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=") syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x0, 0x7ff, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000780)={0x0, 0x80, 0x1, 'queue0\x00', 0x9}) 2.952908285s ago: executing program 3 (id=1441): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="c4000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000500000000000000fbffffffffffffff00000000000000000000000000004000000000000000000200000000000000000200"/107], 0xc4}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000087"], 0xb8}}, 0x0) 2.853103556s ago: executing program 4 (id=1443): r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1}) r2 = dup(r1) syz_io_uring_setup(0xd, &(0x7f0000000200), &(0x7f00000003c0), 0x0) r3 = mq_open(0x0, 0x6e93ebbbcc0884f2, 0x0, 0x0) mq_timedsend(r3, 0x0, 0x0, 0x4, 0x0) epoll_create(0x8) r4 = getpgrp(0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1a1b6000) r6 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x1, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) fchdir(0xffffffffffffffff) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, r2, 0x0) 2.818125632s ago: executing program 3 (id=1445): creat(&(0x7f00000002c0)='./file0\x00', 0x109) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) creat(&(0x7f0000000200)='./file0\x00', 0x0) 1.948508828s ago: executing program 4 (id=1447): fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x6) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x2, 0x0, 0x3}}, 0x26) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r5, 0x1, 0xfffffffd, 0x1000, {0x7}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}]}, 0x24}}, 0x890) 1.886672925s ago: executing program 3 (id=1448): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x2, 0x204031, r0, 0xffffd000) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4003, &(0x7f0000000180)=0x2, 0x9, 0x1) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) preadv(r0, &(0x7f00000018c0)=[{&(0x7f00000001c0)=""/194, 0xc2}], 0x1, 0x5fae, 0x5) 1.775701791s ago: executing program 3 (id=1449): socket$tipc(0x1e, 0x2, 0x0) r0 = creat(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) accept4$netrom(r0, 0x0, &(0x7f00000002c0), 0x8a26ec534a20c963) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) open_tree(0xffffffffffffff9c, 0x0, 0x800) socket(0x2, 0x80805, 0x0) 1.576464068s ago: executing program 1 (id=1450): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="20000000181401"], 0x20}}, 0x0) 1.50660287s ago: executing program 2 (id=1451): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000300), 0xffffffffffffffff) r2 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="890c04000000000020001280080001006774700014000280050005"], 0x40}}, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000ffdbdf250100000008000200010000ef08000100", @ANYRES32=r3], 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x4) 1.461435863s ago: executing program 1 (id=1452): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="20000000140009050000000000000000020100ff", @ANYRES32=r1, @ANYBLOB="080002006a"], 0x20}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="70000000140009050000000000000000020100ff", @ANYRES32=r4, @ANYBLOB="1400060006000000000000f0000000000000000008000200ac"], 0x70}, 0x1, 0x0, 0x0, 0x40880}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) r6 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x4e21, @empty}}) 1.400182573s ago: executing program 2 (id=1453): socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) socket$kcm(0x10, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000240), 0x1, 0x100) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x2, 0x300) socket$inet_sctp(0x2, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000000), 0xd) 1.338375832s ago: executing program 0 (id=1454): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="01240000000000000000020008004500004180b8ba"], 0x0) 1.273440692s ago: executing program 2 (id=1455): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x900, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000580)=0x14) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x4, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1000}, [@call={0x85, 0x0, 0x0, 0xb0}]}, &(0x7f00000003c0)='syzkaller\x00', 0xe, 0x0, 0x0, 0x41100, 0x1, '\x00', r0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000005c0)={0x2, 0x9, 0x3, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000a00), &(0x7f0000000a40), 0x10, 0x2}, 0x94) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, 0x0, 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r2, &(0x7f0000000040)=0x1f00, 0x12) syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000c80)='./file0\x00', 0x800400, &(0x7f0000000200)=ANY=[@ANYBLOB='lastblock=00000000000000000226,mode=00000000000000000000000,session=00000000000000000000,noadinicb,nostrict,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c73686f727461642c7569643d69676e6f72652c73686f727461642c757466382c00c686dcc61a339255aaa76420c8c424db3c1339e528df2219ac3c0bc1e29d4d297bd457b47f230ae905dcc992ea60d614d13525d6b39ed99cc32fb16f7bbc6d4109d7db08e9355cd3d2d31136bd458b41cc1f965abd948802718f125b7c394c53eafdf096e17380b4bc297c66e70145e2e44274e41cfaf97f93268479be0eca9244b04384665d20cb8cdbc5c5d74600f04aa994741ec3770324330d4b2146b45f974feb9b1f7b641fe77a90d3c90126fb747bd60269db11c6ee269b6de27cf8ae875a392e9180803219389350fcfee3ed285b2b4a02056201c499d1bdeb8ee008a58ef356649d6c"], 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG") openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0xf8) r3 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15) pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xe7c) 1.271868916s ago: executing program 1 (id=1456): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_OCB(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x24, r2, 0x1, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x3c300413fdc24515}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040895}, 0x66814) 1.172855113s ago: executing program 0 (id=1457): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3a00084, &(0x7f0000000240)={[{}, {@nls={'nls', 0x3d, 'iso8859-7'}}, {@umask={'umask', 0x3d, 0x1001}}, {@uid}, {@force}, {@force}]}, 0x1, 0x6b9, &(0x7f0000000a00)="$eJzs3U1sHGcZB/D/bJx1Nkip26ZtQEi1GqmCRiR2ViVBQmpACOUQoQguvVqJ01jZpJXtorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHh5BuHSNw45AAYzezsem1vHDuOvab9/aTJvLPv1zOP52N37GgDfGpdfD2Huyly8dSl2+X2yr12Z+Ve+2a/nGQySSOZ6K1StJLi4+RCeks+W75YD1c8bJ5X739UTLz/Ybu3NVEvVfvGVv02GdmymxwZbBxKMt0r/nvbw24ar1qqca6sjfeYikHcZcJO9hMH47a6SXetsvHI7ts/b4ED607vvrnJVHI0vbtr+T4g9dXh0VeG8dvy2tTdvzgAAABgr4z8LD/sqQd5kNs5tj/hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCdD0fvOwKJeGv3ydIr+9/83h75TvznmcHfpvWvV6ttPjTsQAAAAAAAAANiVFx/kQW7nWH97tah+5/9StXG8+vczeTtLmc9iTud25rKc5SxmNsnU0EDN23PLy4uzwz2rPxJY+nnKnqurq3fqnmdH9jy7Pq7uxkBH/aXBpkYAAAAAAAAA8Kn1g1xc+/0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBEVyqLeqluP98lQaE0mOJGkW04PmzbEG+wT8cdwBAAAAwN5r1etjxX97hdWi+sz/fPW5/0jezq0sZyHL6WQ+V6tnAb1P/Y2/dtudlXvtm+WyeeCv/XNHcVQjpvfsYfTMM1WL5wY9Luab+U5OZTqXs5iFfDdzWc58pvONqjSXIlP104uplXut9GPdHO+FdVuXN8b24lC5jO9EFUkr17JQxXY6V5r90Bt1uxNDs/2+mWyY8W6ZneK12jZzdLVel3v0s3p9MExVe354kJGZOvdlNp4ezvvm3O/wONk402wag2dQx9dmKTc3zvRYOT9ar8tc/3hvc77DR2nrM9H9abnVP/qe3zrnyRf/9qfL1xu3bly/tnTq4BxGj2njMdEeysQL28pEp8xEdxeZOLKb+J+cZp2N3lV0Z1fLl6q+x7KQb+XNXM18zmUmszmfmXwlZ9PO2aG8Prd1XqtzrbGzc+3kF+pCeU/6ydC9ad9MPqyizOvTQ3kdvtJNVXXDr6xl6ZltZKloZnSW/j4ylInP1YVyjh8O3XHGb5CJxtq1uR/ds1tn4pf/WU2y1Ll1Y/H63FvbnO/lel2etu+tvzb/6ons0M7Vu1seL8+UP6z0bhvDR0dZ92y/bt2RM1vVHR/Urb/PNZupzude3aPO1HKk5++OGqlX98LIWdpV3YmhunXvcvJmOoN3IQAcYEdfOdps3W/9pfVB60et661LR74+eX7y880c/vPEHw79pvHrxleLV/JBvp9j444UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CZbeeffGXKczv3gAC2k84QHvjqzqp6L3SvNg7PtWhcP7O+mhnTSe3OqI+m2SLbo3x5HMVpID8DOd62RiH+aazIiqS4NXWkljEE+SGwfkC+6AvXBm+eZbZ5beefdLCzfn3ph/Y/7W2fPnXjvX/vLsnTPXFjrzM71/xx0lsBfW3gaMOxIAAAAAAAAAAABgu3bz3wn+cWl7jUdMW3THsK8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/6eLr+dwN0VmZ07PlNsr99qdcumX11pOJGkkKb6XFB8nF9JbMjU0XPGweV69/9EvXn7/w/baWBP99o0N/X73r9XVHe5Ft14yneRQvX60yW2Nd2VovO4OA+spBntYJuxkP3Ewbv8LAAD///zfBvQ=") creat(0x0, 0x4a) r2 = getpid() syz_pidfd_open(r2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000ac0), 0x4000000000001dd, 0x40000) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x50, r1, 0x1, 0x4, 0x1, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) 1.161360755s ago: executing program 2 (id=1458): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(0xffffffffffffffff, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xa, 0x0, 0x700, 0x0, 0x14, {[@window={0x9, 0x3}, @timestamp={0x5, 0xa}, @generic={0x0, 0x5, "d58838"}]}}}}}}, 0x4a) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000540)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 1.098578297s ago: executing program 2 (id=1459): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x0) write$FUSE_INIT(r1, &(0x7f0000000400)={0x50, 0x0, r2, {0x7, 0x1f, 0x1, 0x50, 0x0, 0x0, 0x5}}, 0x50) syz_fuse_handle_req(r1, &(0x7f0000008280)="cab1f92d585917232bcfa47f91900c936355a83b5a41f6f43bd8b0d1a1e13674b6a8596a8376e6851e0b96decd071d92ce4887ddad2b82183858d82c7d11948024607d92ec0f1c23a4e755f29fa557d1353a3ced680f530e822eed64b4d1aaf20d1320f3583cadb9dfde95993487f96bc290dc10cfccc5ec8ea864590fc1678b79b0a36c9668b27ae142d22c305496881af0d0546076ec21e31bdab2465010e779e7140036d2b12f59b971792cfed8d07f0b8ae13ee944268f573ec11c1b14d53880a64fd2fdbe981f4d9af8863191efc03a39d5a3f19badf65dd49443297b38bf0c009eafad5879cb78e63b00e961de7d7180941f0d1e87a2635294bcb4619e9d84be1816784325d23fcb9c66388b586c8e719f3edfa2aa37cc3f6511add854c10fe546d1c11f11eeaff24cecc0d47ec8fd336ec08470f06227e4a9410074a3d715eb6a697b04bdfeda0b6753d880d012ef8fada7f4ed649ca214609e31cace9a33937813012e4c1b787d8f71ce9b495a69e5c8810ff9954b7b96743dcdd7e52ebbf526f339d3c8ad2550326d3a396de5ac90787b352feabe013c4044ca813344c97f836851d6daf2de3a8b07a61d1052bd302a641706af7629a042dc2f0374671b287f1325763e1818beba9f7cab9e25d6f8749f7dea4c5ef684723d33938aca32e19b1c6a6237d899fb397e9023764b3f4d6399885533a802e4d3ca76f2e0234ed6d7257f8cebddc900af88cc21ee2816513045e92f71fc8523894d684678f17b5fdb4adeda98fc019c0ba05efeffeff3bbda1d6d84a98002a74237cb8d13cb30d8a9a7e47e4da8273a47df4e6ea53036b5b154b9597e6eb00fcad29ed04a820b1ce807bf1818344122a6f0aac52d24426feeba0af56925cb4a1e70a84251f2b4d4693e689518a0e159647b5b60a62db699a25275520c208652ce4401bb5dcd633e7c889758d3d213f4dbe69c9bb76e80b6e892bb5f5809e042ee5cb1982a2373b1886711d1e68d0bc3d4c9d69ac605432bf84cd81104e77c71cd7c0708244fc9428edd52f8cc8f3023b4c6d3bbad7a9b874111098c4652b34c428a8f789c5e5f3f84354ab7afec1a7b11d2a34771ebad2f15c169a61b431c8a1cca9ca1596fce65242d03814ebf977da9bbde5707b22b5002cce68bd0f6d196df341c96bd0cf0916b8775e75021663ea82c99a90b844cc5f8b6c56b21b1fbbbf6fb40ed0c29ee4ecc2998df2cbe3a4d75025ef73dd9f3aa5bc7aa694fe573a73453c9ff873d0a8840afd91be319181836de45260b4e252394edae58f840858a9b64f0ff37bb1820031e563250e62ceea5a7c4d2cd4d5d10e57176fcf576e774920db06b36ea02f9cae9c1087bd1866fb4bcf7fbf393093b339860a61c61248000a2a1bbc982fa691e311fa1bf2a38afdf08b574eed0df42bdc30c3db7cdcb71687f48070077f91fef93e8e47e248d3e53e8a79fcb5a8f8aa39b3bfa2dd88d5c5840d517ae8c132d423a37a8be3301d62a99753bc72f674205a11850e045430abbdc4e68223a93c76d6d2f1d646af10a15705793e2fc5a532af3dda88f52063a091f1f79cd5a5b23ea7742b149eab1aa43c21c2f15227a1f94b5580adbb1e1c49ade49d6e8b838cff43aa2426651817f479252c8ef7af9e4a5ad33839be6c15b50016c59f13c26cfca796cfc01207acc69e9d3952f6e71c975bc77d5a001f6f6c044770f54d86a4518a4898e3136988d643dd2de907859f0b4d4de2a2d461ba5e05cff49eda86772799b2e7947fdbb89fc5b0347e87f1b9dbb94842cc1457d07f3e0c41342510f5ccb551cdf0fcac1a758041bff75812de1b2abf341ed5f667c9b0581d2c33e0b17f1b46c2287399c62252edb9c1cf2b80b7a1b4c3c903aa4cf5332a2998b9072f61f589ae5df1168f8d18e98fce2bec1d5d876f9757017b73495a4e8f4f2423cde8875aa8c95a9ce180cac6690657b8a70e5541d5ef46575cd74e063759fe4889f4d9737a6c9732f8b7f7836508814093b9bdac5733938e761b3642910d4df0b646c1b9583a502246988e9ab78de3d011e8590e48eadfcdb70c8aad6dfbe1dbd3ef20d9ba393db4e6cf91e3bb4e84883c60dc20ed974a5decde12d3c5a1c9a00999f8eefc244465f518425820b9713cbfc6027f427b9cd8756edec5b3a0301a01ebb12c6d412ee3422aeb8b291619f62f4ce41511156f73e54b5097051ea777af7cb73b36e1274ce1a3892007466cc793eb0515b8984acb99c04c7eaa51e175bd73d99bc0c67c8ea84d808a7906a6ad330ba2c9651b2ab82d0781a969873dcddb068c15b7899fd560a1c3d44b34e81cce079c46fd86522052659e2c3151c79a8ccab1dfcdb91f53ca067ea1b2aa507278e4166e817eb0d7dea67cde1598a1bdb76a8caf82add2b43fdd10bf80b0d2f32365849c425d6ac3d2d88a76378d23961eb96c8422e785ea61f33e4daec02393d51f44b177755749fe84b43f5246d20177800af05752af524265f34f62bd5167fa647d2118aa905a1af53f07e7447bee29675cc23f547339af140c0818aa974ca16da33e767d508e4f56726c7076acce57a9957d08348ef84a39188e800ca44682fccaa9ee1b42e1aaf7738dced1dce3ef2dadfcba2863f36b5f8080ed22539b5176bc2c57e52e4cfde659c1ce9e179c79f85d60ca51c7453dad593190b19a1be8f5c5b0249d70079f10f9d0f07f25a98bd95e6e6f71101842b55347ee008d58522e8f7598c1636c58fd20984a6bb17fd47e7db4bc72854054e7900cac4174cf0b4eda2406842955fd8a2ba00ea4d490dbbab02d659cea4c449d9ee37c8f35daa4740b3273693ee2c1b00965a79d18ad98ae92bf2e1ea84ff1e6181937d38765cb353c6223ead1257d88a8844cb0be17aecc2dd56b78dcd6e2999fe695db248dd68275a5ad0f223a4629b17a040a766b2bd2376d77a422375de14a3daaf4fee92f23ca831452826bc66d0cee2049acbde07bdbb6ce228147f9ed4f9437301e8ca9e1ace0684700e9623a1534212d4c557712a3196d86c86077e97172d7e89436e95e1d7e7629d5bc908e346e504839498890210ca15bea51bb2840f1275d36b99490ff0706aa3ca9e89f33fd99df863acc3bca504c15501ba9d987999ee118f47b7737d2dfe73ab257d680f983da1f5fd5975491ad966989f7b15e76e4e6b1a2987801adb3b7cd4cb1d2c9d0454429c2955643c8fb82ccf8e93051cc10081f8181af0d143deee686f67ec42db1e9914ed047e4bf0006af01028e3839451fa3e17d33586022c63cafaf6d0fc773c96143473316988d32f9943d7477604a27ae4b8a7093bee2cefe10cc02109c748d0676692a2411e5c3b4c4c1b9ac7f9b71a1a7126dacf4615e8c9c3d38f536e8b32e37f406b3dc44db80a00d6e423deec869edb32a411986be1517b6ea45e1f984a6fbd08edb25a305122fe5a90cc46af48ebc36433a1f27f43d85492ea60fd2f43125e7328da93f7aad97f97910112fed7ae7b1785822356a525df1f3ab4637b68d92ecd8d7f234973c686fb11821bb1de5f8459b57892f1dae08aae1924ee60a904d7be6e6611ec3d00002152ab7e0c29c7bf124dbec9a6eff25e619d89c27d187e3ffff63c996c33f4b7e967b607f36a8ac8dba6beb43395c9c9b2e3e36de29b07f9c2d60cdfd1d02813d4e508c56b99405b752758a01cc25bb5436ea1efd52c536fa1d2fb1cd9b1ee006d42b58600be2c1aba59c480cb6e9224d7a4df920598950634033087d3e356f35cd2f8b021d30f4ba79bc60eb6715c6c9bed84648552395cffa97c8cdb8f562f8f127f0e6f86dc61fab11ff782560d88cf2872d0e07a27f38120a0831a93c377298c2ed4fe180eb078422e5f030540fd21ebd414e6c42f1fa5491b5b8fdcada476376732edbfd66e10a475e2c0a43ccf6a41f7879f4577e987695d8d5097f6920fbe2b9ac2cb424de7afded1b5b7db89f3612c487770d58a7bb7517f1fa7a98ff6db3778d40c5f36b27d233a0c18587220f900f4a8e867e33e24c1981acb3445de995132d8fcc58f79ddb1475ba69c464071e95c0707c396c0b1b710cceb51efba5f30a271cd456d5f7216d90b412156ecb01dd41f15ac31980649c5eabc7fbb085a38318d43b0683cba055deb9dde4dc4584935473508837c1023993d50b434b311f126df6a0be0653b97a97bbc9b165098dac8dfd6ed6f033ccf7b32cfa3292296222aebfaec4dcd5066b66be45696067dfab907e2984f1bb6067c170e0617e245c9c09a85a061c4b7e2873ce0571b48d557007d5c7ddf5cc2ffa533e2a3975f3687a6d08a09dc1d285cfed129ec887d70bb5aded429b676c242d57c8f36721bf5732b1f25eced0ffedba7254486c9caab3fb3e0ad3b2dc332a06dadd39e5483a314b1d3086cc198b6b6b272fb56e35e0388b1dcddd484fde0ef9d855ca7bd98ebf0f686cec7d5e37f7b5dffbe4ab28c4422adbaef0c45649b0b830dfff90bbea3b7103ea9dd87d856ba7c5bb485319eecc71acc943c733f489ad72e13b1b232cd1eb4ce87917daad4b0405c9905f7a35501c75332d9acb36057715a6abd0958061fda860c00000000bc9aeac4f47acd022927c381012150fed83a99c2d7b268ff2e1c8d162d3feae2c5bdee747aa10566a94f13d4e1a00a4043bd179310e72ec8e4c68659be77907bba82fc416a72c0d2076821f77e8afdbeac769195a01515ab45ba73ec85a2f8a52146dbbc8d585def095aef4e4491362b596a84d2e9fd0131de2c72b71c4bd239146011eaa209957b2bb3f74bf2f42a17440749688d66a18a9d4a7d1e2bbb34dbb2a45460e69a1ec43467665c59438d35fe9b04a94e408ec4bcf7ba1a25bfc287d6189b65711904be9860f8a68d1bab99eed54890f963caef1fa0179224b650f090f67dca59f1241c2a25bc921d522f61e57d2bad88c057d3f7729499a0391fca3a62b27cc0a9b976da3eef333d88ad128ea757697ffdd50633b66b73ea3ddb565bc3d8780f9c0bb2347551969aaa500e7c030da2a92eb3f78d88b91eb547dba2e9be7ab2aa617f0890c39c73c8c2b35ff7ec529f6b8d08e3fcf2630e454bdb6474185ae72ba69310654c9c0b3ba158fe223954e1d46f9d27b0a4e090b0084918b2964bdcee31d258325b89ef96790ed1df4842b482023f1d22fb3e01280f1c8616153035f10bd65de57c1fa7d5a17e77b12e348bd3019092ef548c5249694168dd24df8a7318eccd779da4f547e9f162f484eb3ab9f5bd196f6b68656725d2624b61d09f73586753a1fb7eeb1721973f8e15522487f1dd1412b0f4846801d1abbfe53b755f15047981b162a1de04d52b4d4762ac877e4d718619e8cdba16df688fe95bdc9a1ee99c21004ba7e72985752d89d6892a4169296703fde314457f014ed89c129a4c83b5bee0bb93cb69a83313442837bc03679ee317cf8d1b908b70fae1b1461a398f310ac073642f954ab39e0eda329a94a5c12cf262ca4a25831dbc10aecf83d9d54776c379c230bb488cd6c9295bc31cfab61eb9b5486726f5c854db8aad2642d4468643f3bc8b25cdc9fda7aad04b06b61b185868a44acd46a0bd8debc1e431f19aeddfa3d0e480949bd361f6c988744acafae954c140192306c3066e8e434f70e8cd67b65a59923d166a95ca5e0515e2059e1f1aa9a74bfd49e4e37638bfa6b6117b790c4ec7f536d046c38f8ab6eedac1713bcb8860a18cac43e9add3c68c3ce5d17fbf76e966afcd3ed7795540650e093d39926f5e3719156baa54307b4f5e934f24951b3644a7657e798525d3f1207b28527a5bcdeb33e296c6c0e9e1757941ddd24a0d15c9a21918514a3143ef3fc2e775345ea10aeba6767686e9cfa646da377e88fd759a33ff20c9b258fd37d063d02fe22f090c5e324b507cd3bc42248a7abb2c7d0b1b85ecb5a67bf53a2f25d139ea523808678942e1588fd677df161b67b563a446a2cc69d9126fbf308258a13fcd6f53d92d9947311e3de4fa5acd7c2684d9eb3b4feb024e05bbf090836d92e30b68df6a7619542c9acbbb69dc73c781bdc7ef4b25c2af77186f493a5038a56508cc56b7085e13f4264e02a2a3bb515e15301371520481302f2367c883a5ac503ae4269cbbc8fb2f0f77ecaea7b8af04bc24aa90f677a72bbecfdb225864714344a8fd1c07ef664abaefe53bd76ba12c8bf45860a316812af87348682ee7005ac6a00523f4313102742ee5502d8c61c3321d1b872780192f4d00b12b38d0aedd34619c42f49b81d7bddc4ca481ed8f448bc3ad98b13f7176748838d623e007a24948480e978b80ce67ec952eca613091ad4f81cd521b2851bb8b2a6b1da0420eca80aecac9c0887988e1f29906c9ce65b990a00f22ba6f115a7a0001f511ec35dbcd401130173fded8b2e23365caf3d6d7c8f404383f16fcd76b17c220f88c1fe96211bd92c5803c63d9537a2ceb258508d9b1d74ca43174eaefd677ed6db63bb3d7712c9558c7879fbe67b7396c721407953db9dad13291f96d7d0290ad56cf1f65ccf58d3f5b8ba1f78f81d86ae0ea50926ff352d73629da44a6d31598dcdcf81355faed4f5a6ad8cc39d4a414b97f193c896bd3c270097cc96e4a5e36ca9a56a27c52a03decc4837d7b008acc1fd2724f97e0e9591afb5de3af3ec5fc16e1bee79098cc94d638375d69ae5065bedaed575e11b1b0a4d1189830856e8d48a6c50bf18cb9f8919fd8a55ad0b2f7d8c096c7f549fec8e1522be0de2a69699afe47e899ac6d5405c08e2e374326808ba76259d85b971dcce55aceed11583603dd280fd15c8e7b206e8bade3f6d83c6041838ea8b489fb9f92ab220ad5d3cd2af3f45cb2df7094d550b2cfea314469943a159e12c01897a7cc42904eeb24cc507e7ce7ffb4d22efdcd5cb5d75975582e14960fb0f2b83cb774faea32dfba7ed0e8b6a749785166cb5c77dde7498f67f7f20d0b85a7fe6e7f8a8e3f95bd795165f36440d84434cef17f81697816030e3a86bf003272ca4868ab935fa0d465fb10637a706c9fd04fa4d4eb421e87aa6628a1d6174833af4dbfceab7fc5989550c0847bf27a5243e3b318fffde95d11cf507bc4e092180dd228df9f89d193a160d50c223309eae580a09f2e78855f17f8ad25c1f5814becdfca7948c7045b242e22d5efab676fe717eb34d2f0fcb77289c8b12caadd2377b7ccdcfab61900971b4a2ac132587174117428739ebb109fa133e483956bd499dfa530cbb3d1df42309f6f0755b043d85776807f25c3b4b518a2274671eb38f3e82ad4397377f85201771877a7cc43b838791a4d4d655ecadf03d8c1687e961c83dbb64c4d54d4b745a3abca7e381a00c6f51f48f6f7ce29ec656d89a1fab216675febedfe6b08c35add5aeb8cf6c0b226d309a222e1783e45e560f6ea64bf7706787f199116341f874321b52b1135830ab8979ae5546aad4ecfdac0045d4d15b4ed2fe26e484793db6aa61d40333355fa96ac5d1b8a5b5fc033475cba14f344007bfd82deb64b5c2eda6c0d528e4de0c21802d6b27554c0e2090f2c4ebd19208ce904cc02756b44bb2f8ebc1d37961c0957a4815487cbf76fdbe1f2b77b563a5663a00952c92579399f7acc1d41d9289ea0345f02f6f760ced802c8e0b14760a43dd04e6c371ceab9f5cb3617cd7ab31457b6821c6a4f34b243fba61f5c553e58ca253d5723382cf5d3f8357347ee2af2d48d86367f993e4b80b849dd3f50b2a89338af97e11b9a796ae2548856cce01334bca0c558e160f16e74699c7eaefd699acdf4d5019bf70f2d9c083f62b5254262f05c01dba59b1779502d3ad310a3039447d730a2cebb1242331a9849921c07336e985a844c55ce6129a650b3fd7cbda52a0cfdf0ef566f24adb8c959e442e9d5663fa16561b185cfb18355863d9b9f91c3829c4b0ba580668402a7a100fcd4a4e901b660863a9537f46e4f36446945e8f62e53e8282ccd7cfe14fca161d7daf592188eb2e11e275f616f4e692db8f318e8fb635d1a2582a3c8ad3050995f4cd810c04b23aaa6b26a2276133b443280f0526c9b1c016a7fdc052eff91d167b2813ec4f868c2da5fd9568da148e0ced0229f415716c1caddba880efa2017a82829125e734b96333da0b15340c149b50be86e3017bdaae3d80ae51c35df37e67684e81b5933cc7bfbe7ef0486d57e3901f9ae3eb1d592eb3fc244ce6555d3d69922dd3dcefecbba207fcbd5144a5ff97bf2216c046348a633284db59c10662350c7484ced762f353cd01a971c88d0eabb68eef856d585e8f5a684dc948b094754362ba8d606f85a755a27895ff5b6b4ea0387574afdf362a43b5535a2838b3f00f24612b9ae47e95f15d8b828efe56152d77871cfda0e0ff9936db3fe9c49f0d0f5ef9b71b81efd2e92d0166a4970254950a51235b66866d5402740adaa584e892572a6f46714704660cfbcaa56cc27cb538a908d1ee2fc7adaa674ce7a717f6e0481a2374f768fa3df8368bf4281bce6f9777f958f36502908d7c921ba745d0cc16b8a9a67f15c26d4b005788b1e90b19cc13f3e925fc14ef31d624c7500710d8f80e5bd4b14dd6bf70c210db6077c69d2d1751fe999442502d3542be12b732e3793e6c5e5c33a15a792ea344b0ed0be1ebb1d4e896e3e62d8d85afad2ae134dabc4f0d3fc719c6245d3bfafa42f0cdc9c0d5c4ba5c20b9da975bfd2f211bee8589ce1dc9652c2c3cee2a5e8a00049e42afe4403a905b60e0dcda1120d32ce36b91719d6308c93dfaa16c23a3b37e88194778be77d5e9e64b39477b76b4644ca32525b73bcf1fd9dc9af7776f2149e368053c58e1c93e1ec4575cb5e0b2da61d5e6b19436f3c095cdb4af4ddfc3364975700e5ff5275f9336b8cb3b959a1cd94f6b9c3a33f35e9ba4b7fea0466edf54e5e2e06a79bd170392c02b09749f3d111ef60baa8016dbf9ba581beab2c43d094add0d7fb7e16f198f3050641255f30a57c3045c1b51dd6e5d65613167596365b9c67aaa36fc89c44fbc4c8c96c328554a63a15511b04692651dd5e30780caf0dfce976c665e7b05fa6143914837bc82fb9d9dc5a1660e28a697e8a0a32eb8db109c5a045243d86ea11847fb64ec450112d77ecba32de418629a4ea2ae3f7ed3625b26def5c19813a6386ab4e43838c1fad3d4e92dfd7d3f98b3cf46d6e20304851899c59661e9639f3ff52fa023114907d930d74d605f3f7c5fd9ebb446d807e96cf3bf3517e369dc98f489026ec035a86f3719e1e50a48c0381f7fd2a7eea1d3a09ef7a0ba50b2ae28c2c955db4761ac005226ebc0c18d108e8ac066371be249b80eed88afee799411a50381cacb2d5164f0827720eb9d11b5cc548c2e145291dfbc5d4f70646dfbca077ce8ad3a3f8c627021295cbef70f5013c53e8fce32116e678a7b1dc535d43b429d330e9193f8de1a6c1da4353a86bc722ef1cffe59a012ff9c5f45b85e55ebdaa6b36a519c544ef8a86095e522d7dfbb9cac41e826fcc4bc676297141195f839ebcd8f64599fb15856960f97bc70d2336507d5060282d0988f354eb757c6f4b0ee77e2c0889e5336633ac28e2651c98e7f2fa4c163f8fc196b6798c1400c46710abed12a33a95afa56c7fe55de0b48cc984c80f6d98d212daeefdbcb457217b3962436e481d70967cab6b0943d5da59021ea9fbebf66e86943e029ef95d46d347b834098e1c8fb4c35d15945bc2e336f74c6c80430ad5fc4f5b9c6b41245ecf151eea90763ce3e09e050ae1c0925fa7a5ddbb7f210226cdcf9ee406041b73a5988646b90ed382d08e7a147078f9de025f5617017ec70f65dd25d7ccdb47ad7209474f4ca461ca46f0afe3cb405c3b72d320016d01b62def93fa4fa5a34df145c526fc497329a9e29ce17a929893f7beb417c88804418271dbeb51115821db4737b9cc467f190209649f543675defbf95640d20cdd124e85788b703213f4e99b4f36b74b5d44b67b7bc995ba133da4ae92f3a3db49c9ec039e0285001fc16760da0d07552e1ad621a4bac6d0b6409316e8a78273b79aa70df0e3ca024336d42c530550be8c68897bfa6a44f595bf5be48f8b25b48825ebcba815db4b3124522bc71e3970dbcafd479a6dab40f745a655cc3f9dd5aeb046d25baaaa160ba21f8b3c0292329ae107483c8caafcd70d041facfbf705dda95370a91879fc0ab9132e3b7b02cad69417178c4f34909df7a373bacb289476c25c901be7b52aabfdfcb3415ef3a565c7de2f0128c63e16984e2e98ad23e06b890f22894ebeceefdb472192e501e2c791232933b52ea4b9c4e9fe3654b8b1e08048fbcf58fada1cd49ca6658ce6ecd12102d90c81eac26090efa36514553abb298f7cf1a43bd6d473c1436b6be9e87445de726cfffb00c72de49db0585d677d5b245e15f9a53b4c258ba2fd67d38afd9ccd0d409c0bad675fcfbc1f4e5166fd1b29203274f758f55a266b8f7c9ec8ef1dd4913727fa392ce6b11baf902ea708adddd836982a609718c1dfb810aee6f21e47c27dc6b4eeebe5fc21aae6fe7d2908679c873e2aa45a1ee14cd7e10586216d5e17cdbfacd4bfedf00b7ba7fc46d4ac90667329ba76b4fcc6b991a55c9ed159a2fb9525c975bc0aa4a291fdde14a78b95adcde52fcb5a893ee7b4df6631b3ed5a9d9d9ebe36c7cedea777a9e67faad7f7004f0a820aeb6636f24685a15d12abc639aab2233b36584670c667f9e7a3fe1195d35b268d1052d5b4c9625dc963640c2c5e6c37d36acc31755b34f3ee2af7b7ba5dbe105322a3741c567c9edd817f6488fe69301b19481fe2e2cf74b19d4b224598b0ce1fa151fa1ef3d69aaeaab397a5eac72e0b969a09b85e3258e891db207393bc281afa93468b29b7e55cc2decf8292fc68e1a02b2faa873a846680992b37a548c8f724c0125027faa58be5b2836206cc34c063b50270d7fc968dab0d38072ca90bdef91119b72ab417d811d2f32bd41e6ab2bc5b5293f92f7a0a4f172bfea5403cd418db95e1a4232f78f6afd3d13978e206d85fa9ebe2abe444db065d03b6169bc9f0dbfc19237a74bd13c1ef844f839b20018fdaf1be6f1a171f6f3ce2205fdcce38330b88ceba0c5eae812e12be99993d265f806e61ec42c9527287967a1c3b27afb1edc35a5d17bb7f4d20ea708c62c9170ba2ab710f2d7f5dca7b33e0f9434cf0b6ee846fc8bc45d39f252ec682732fb090f46032491155d83a30894a259e037e57de7523481bcc2d704d8d728fbdf048df30f7e4861f62b8e63de47b3838b5062ccd2c125bc581024ea76bd4b1f53057f37d329f7861a2a70fd3b6d6fe252a1b892192ed75c585ab809f702e27e237c4aa2dc947585c2086eeaa29c3ff7e02cb7d3a0aa3a8156d2897daa9c45a2e28ba14fd40c8a3a058805e4b5b10641c3c25b9ab80cce83206b13a1e2bc362eb5ab7e0e677c01fc0486aa32862ad0afa4f1cc8496b961a0eec71c26ad107ead599d8ddd59d85adceb3ea442efcf8ed64f4c66547344dc81ef5b6ac102434395203f58d59656d41dcc192774d70f4f2964e304efde831126d402a240325e603347aa43626b5eb69b0", 0x2000, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x90, 0x0, 0x80000, {0x5, 0x0, 0x8001, 0x0, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000, 0x0, 0x0, 0xee01}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) 972.327975ms ago: executing program 2 (id=1460): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7c}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=") syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000040)={0x0, 0x7ff, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000000780)={0x0, 0x80, 0x1, 'queue0\x00', 0x9}) 971.913934ms ago: executing program 1 (id=1461): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, 0x0, 0x0) 431.09667ms ago: executing program 3 (id=1462): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000640)=""/104, 0x68}], 0x4}, 0x12040) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 300.006539ms ago: executing program 1 (id=1463): socket$inet(0x2, 0x1, 0x100) socket$packet(0x11, 0x3, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) socket$inet6_mptcp(0xa, 0x1, 0x106) openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000c40)='comm\x00') socket$nl_route(0x10, 0x3, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b18, &(0x7f0000000000)={'wlan0\x00'}) openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0) 0s ago: executing program 3 (id=1464): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000300), 0xffffffffffffffff) r2 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="890c04000000000020001280080001006774700014000280050005"], 0x40}}, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000ffdbdf250100000008000200010000ef08000100", @ANYRES32=r3], 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x4) kernel console output (not intermixed with test programs): [ T6085] usb 4-1: config 0 interface 35 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 85.823667][ T5829] udevd[5829]: incorrect cramfs checksum on /dev/loop2 [ 85.846574][ T6105] cramfs: Error -3 while decompressing! [ 85.864251][ T106] usb 1-1: Using ep0 maxpacket: 32 [ 85.870426][ T5881] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 85.889072][ T6105] cramfs: ffffffff99c10248(26)->ffff88804b275000(4096) [ 85.889463][ T106] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11 [ 85.917453][ T5881] usb 2-1: Using ep0 maxpacket: 8 [ 85.922626][ T106] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 85.936139][ T5881] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 85.943733][ T5881] usb 2-1: can't read configurations, error -61 [ 85.948461][ T6105] cramfs: Error -3 while decompressing! [ 85.964317][ T6085] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=3e.04 [ 85.986143][ T6105] cramfs: ffffffff99c10262(26)->ffff88804b274000(4096) [ 85.992447][ T106] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 86.010241][ T6085] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.032772][ T6085] usb 4-1: Product: syz [ 86.034508][ T6105] cramfs: Error -3 while decompressing! [ 86.044232][ T106] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 86.046819][ T6094] BTRFS info (device loop4): rebuilding free space tree [ 86.064370][ T6085] usb 4-1: Manufacturer: syz [ 86.073679][ T6085] usb 4-1: SerialNumber: syz [ 86.083821][ T106] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 86.110194][ T5881] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 86.110227][ T6085] usb 4-1: config 0 descriptor?? [ 86.132256][ T6105] cramfs: ffffffff99c10248(26)->ffff88804b275000(4096) [ 86.136042][ T5881] usb 2-1: Using ep0 maxpacket: 8 [ 86.157030][ T106] usb 1-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68 [ 86.169246][ T5881] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 86.176537][ T106] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.195630][ T5881] usb 2-1: can't read configurations, error -61 [ 86.206596][ T6094] BTRFS info (device loop4): disabling free space tree [ 86.206844][ T106] usb 1-1: Product: syz [ 86.237796][ T5881] usb usb2-port1: unable to enumerate USB device [ 86.245077][ T6094] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 86.245172][ T106] usb 1-1: Manufacturer: syz [ 86.286320][ T6094] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 86.286549][ T106] usb 1-1: SerialNumber: syz [ 86.325306][ T106] usb 1-1: config 0 descriptor?? [ 86.329447][ T6094] BTRFS info (device loop4): enabling ssd optimizations [ 86.341938][ T6103] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 86.355331][ T6094] BTRFS info (device loop4): turning on async discard [ 86.373253][ T6094] BTRFS info (device loop4): force clearing of disk cache [ 86.389003][ T106] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 86.416525][ T5908] usb 4-1: USB disconnect, device number 3 [ 86.416835][ T6094] BTRFS info (device loop4): enabling auto defrag [ 86.462554][ T5182] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 86.496996][ T6094] BTRFS info (device loop4): max_inline set to 0 [ 86.548173][ C0] xpad 1-1:0.0: xpad_irq_in - usb_submit_urb failed with result -1 [ 86.622025][ T5182] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 86.738232][ T794] cfg80211: failed to load regulatory.db [ 86.962385][ T6103] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 87.229143][ T5841] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 87.247976][ T794] usb 1-1: USB disconnect, device number 2 [ 87.248012][ C0] xpad 1-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19 [ 87.330559][ T6131] loop1: detected capacity change from 0 to 256 [ 87.379958][ T6131] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 87.444779][ T6131] exFAT-fs (loop1): valid_size(150994954) is greater than size(10) [ 87.485782][ T5827] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 87.779449][ T6140] infiniband: Added to hash: ib_dev=ffff88807fbd8000 (0)() ndev=ffff88807d148000 (27)(veth0_to_bridge) [ 87.918391][ T6142] loop1: detected capacity change from 0 to 512 [ 87.923619][ T6144] input: syz0 as /devices/virtual/input/input6 [ 87.955503][ T6140] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 88.021755][ T6142] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 88.124140][ T6140] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 88.146840][ T6142] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 88.300352][ T6153] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 88.379926][ T6142] EXT4-fs (loop1): 1 orphan inode deleted [ 88.450331][ T6167] loop4: detected capacity change from 0 to 512 [ 88.467411][ T6166] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 88.479544][ T6167] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 88.495933][ T6142] EXT4-fs (loop1): 1 truncate cleaned up [ 88.503291][ T6142] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.525643][ T6134] loop2: detected capacity change from 0 to 40427 [ 88.533766][ T6134] F2FS-fs: heap/no_heap options were deprecated [ 88.537015][ T6166] xt_CT: You must specify a L4 protocol and not use inversions on it [ 88.581396][ T6167] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 88.594922][ T6134] F2FS-fs (loop2): invalid crc value [ 88.661060][ T6167] EXT4-fs (loop4): 1 truncate cleaned up [ 88.695988][ T6167] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.750303][ T29] audit: type=1800 audit(1768775136.416:2): pid=6167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.49" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 88.776865][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.840963][ T6134] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 88.916180][ T6134] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 88.964611][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.098493][ T6176] netlink: 12 bytes leftover after parsing attributes in process `syz.3.51'. [ 89.520158][ T6178] loop1: detected capacity change from 0 to 65536 [ 89.580098][ T6178] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 89.590038][ T6178] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 89.747242][ T6178] XFS (loop1): Ending clean mount [ 89.753888][ T6178] XFS (loop1): Quotacheck needed: Please wait. [ 89.775219][ T6129] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 [ 89.805730][ T5830] syz-executor: attempt to access beyond end of device [ 89.805730][ T5830] loop2: rw=2049, sector=45096, nr_sectors = 32 limit=40427 [ 89.835251][ T6129] XFS (loop1): Unmount and run xfs_repair [ 89.851871][ T6129] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 89.865275][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 89.865303][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 89.865320][ T5830] Call Trace: [ 89.865327][ T5830] [ 89.865335][ T5830] dump_stack_lvl+0xe8/0x150 [ 89.865363][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 89.865389][ T5830] f2fs_write_end_io+0x886/0xb60 [ 89.865426][ T5830] __submit_merged_bio+0x256/0x660 [ 89.865451][ T5830] __submit_merged_write_cond+0x398/0x4b0 [ 89.865478][ T5830] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 89.865513][ T5830] f2fs_write_data_pages+0x2756/0x3290 [ 89.865560][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 89.865594][ T5830] ? do_raw_spin_lock+0x121/0x290 [ 89.865638][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 89.865665][ T5830] ? free_unref_folios+0x12ed/0x13e0 [ 89.865702][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 89.865730][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 89.865765][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 89.865786][ T5830] do_writepages+0x32e/0x550 [ 89.865822][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 89.865843][ T5830] filemap_fdatawrite+0x199/0x240 [ 89.865861][ T5830] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 89.865921][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 89.865941][ T5830] f2fs_sync_dirty_inodes+0x30f/0x810 [ 89.865976][ T5830] f2fs_write_checkpoint+0x94c/0x2550 [ 89.865995][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 89.866044][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 89.866117][ T5830] kill_f2fs_super+0x2d2/0x6c0 [ 89.866143][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 89.866187][ T5830] deactivate_locked_super+0xbc/0x130 [ 89.866209][ T5830] cleanup_mnt+0x425/0x4c0 [ 89.866231][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 89.866252][ T5830] task_work_run+0x1d4/0x260 [ 89.866272][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 89.866300][ T5830] exit_to_user_mode_loop+0xef/0x4e0 [ 89.866321][ T5830] ? rcu_is_watching+0x15/0xb0 [ 89.866346][ T5830] do_syscall_64+0x2c1/0xf80 [ 89.866366][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.866381][ T5830] ? trace_irq_disable+0x37/0x100 [ 89.866396][ T5830] ? clear_bhb_loop+0x40/0x90 [ 89.866416][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.866433][ T5830] RIP: 0033:0x7f3385d90a77 [ 89.866454][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 89.866468][ T5830] RSP: 002b:00007ffc700fbff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 89.866486][ T5830] RAX: 0000000000000000 RBX: 00007f3385e13d7d RCX: 00007f3385d90a77 [ 89.866497][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc700fc0b0 [ 89.866507][ T5830] RBP: 00007ffc700fc0b0 R08: 0000000000000000 R09: 0000000000000000 [ 89.866517][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc700fd140 [ 89.866527][ T5830] R13: 00007f3385e13d7d R14: 0000000000015db5 R15: 00007ffc700fd180 [ 89.866557][ T5830] [ 89.868917][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 90.159323][ T6129] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00 XAGF..........@. [ 90.263433][ T6129] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01 ................ [ 90.287602][ T6129] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 01 00 00 04 ................ [ 90.310896][ T5830] CPU: 1 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 90.310920][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 90.310930][ T5830] Call Trace: [ 90.310937][ T5830] [ 90.310945][ T5830] dump_stack_lvl+0xe8/0x150 [ 90.310974][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 90.311000][ T5830] f2fs_write_end_io+0x886/0xb60 [ 90.311038][ T5830] __submit_merged_bio+0x256/0x660 [ 90.311064][ T5830] __submit_merged_write_cond+0x398/0x4b0 [ 90.311091][ T5830] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 90.311132][ T5830] f2fs_write_data_pages+0x2756/0x3290 [ 90.311185][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 90.311219][ T5830] ? do_raw_spin_lock+0x121/0x290 [ 90.311264][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 90.311285][ T5830] ? free_unref_folios+0x12ed/0x13e0 [ 90.311319][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 90.311348][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 90.311390][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 90.311413][ T5830] do_writepages+0x32e/0x550 [ 90.311449][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 90.311471][ T5830] filemap_fdatawrite+0x199/0x240 [ 90.311488][ T5830] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 90.311550][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 90.311571][ T5830] f2fs_sync_dirty_inodes+0x30f/0x810 [ 90.311609][ T5830] f2fs_write_checkpoint+0x94c/0x2550 [ 90.311629][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 90.311679][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 90.311754][ T5830] kill_f2fs_super+0x2d2/0x6c0 [ 90.311782][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 90.311825][ T5830] deactivate_locked_super+0xbc/0x130 [ 90.311848][ T5830] cleanup_mnt+0x425/0x4c0 [ 90.311870][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 90.311892][ T5830] task_work_run+0x1d4/0x260 [ 90.311913][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 90.311940][ T5830] exit_to_user_mode_loop+0xef/0x4e0 [ 90.311960][ T5830] ? rcu_is_watching+0x15/0xb0 [ 90.311986][ T5830] do_syscall_64+0x2c1/0xf80 [ 90.312005][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.312021][ T5830] ? trace_irq_disable+0x37/0x100 [ 90.312036][ T5830] ? clear_bhb_loop+0x40/0x90 [ 90.312057][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.312073][ T5830] RIP: 0033:0x7f3385d90a77 [ 90.312090][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 90.312103][ T5830] RSP: 002b:00007ffc700fbff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 90.312121][ T5830] RAX: 0000000000000000 RBX: 00007f3385e13d7d RCX: 00007f3385d90a77 [ 90.312132][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc700fc0b0 [ 90.312142][ T5830] RBP: 00007ffc700fc0b0 R08: 0000000000000000 R09: 0000000000000000 [ 90.312152][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc700fd140 [ 90.312163][ T5830] R13: 00007f3385e13d7d R14: 0000000000015db5 R15: 00007ffc700fd180 [ 90.312193][ T5830] [ 90.312199][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 90.525984][ T6201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.58'. [ 90.532126][ T6129] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00 ......?...?..... [ 90.654445][ T6129] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 90.663339][ T6129] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.672368][ T6129] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.681289][ T6129] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 90.690690][ T6129] XFS (loop1): metadata I/O error in "xfs_read_agf+0x271/0x5a0" at daddr 0x1 len 1 error 74 [ 90.694340][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 90.694361][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 90.694378][ T5830] Call Trace: [ 90.694385][ T5830] [ 90.694392][ T5830] dump_stack_lvl+0xe8/0x150 [ 90.694417][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 90.694443][ T5830] f2fs_write_end_io+0x886/0xb60 [ 90.694481][ T5830] __submit_merged_bio+0x256/0x660 [ 90.694505][ T5830] __submit_merged_write_cond+0x398/0x4b0 [ 90.694532][ T5830] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 90.694571][ T5830] f2fs_write_data_pages+0x2756/0x3290 [ 90.694622][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 90.694655][ T5830] ? do_raw_spin_lock+0x121/0x290 [ 90.694697][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 90.694719][ T5830] ? free_unref_folios+0x12ed/0x13e0 [ 90.694751][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 90.694779][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 90.694813][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 90.694835][ T5830] do_writepages+0x32e/0x550 [ 90.694870][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 90.694890][ T5830] filemap_fdatawrite+0x199/0x240 [ 90.694908][ T5830] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 90.694965][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 90.694986][ T5830] f2fs_sync_dirty_inodes+0x30f/0x810 [ 90.695022][ T5830] f2fs_write_checkpoint+0x94c/0x2550 [ 90.695042][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 90.695095][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 90.695166][ T5830] kill_f2fs_super+0x2d2/0x6c0 [ 90.695192][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 90.695234][ T5830] deactivate_locked_super+0xbc/0x130 [ 90.695255][ T5830] cleanup_mnt+0x425/0x4c0 [ 90.695275][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 90.695297][ T5830] task_work_run+0x1d4/0x260 [ 90.695317][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 90.695343][ T5830] exit_to_user_mode_loop+0xef/0x4e0 [ 90.695363][ T5830] ? rcu_is_watching+0x15/0xb0 [ 90.695394][ T5830] do_syscall_64+0x2c1/0xf80 [ 90.695412][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.695428][ T5830] ? trace_irq_disable+0x37/0x100 [ 90.695442][ T5830] ? clear_bhb_loop+0x40/0x90 [ 90.695462][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.695478][ T5830] RIP: 0033:0x7f3385d90a77 [ 90.695493][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 90.695507][ T5830] RSP: 002b:00007ffc700fbff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 90.695524][ T5830] RAX: 0000000000000000 RBX: 00007f3385e13d7d RCX: 00007f3385d90a77 [ 90.695535][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc700fc0b0 [ 90.695545][ T5830] RBP: 00007ffc700fc0b0 R08: 0000000000000000 R09: 0000000000000000 [ 90.695555][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc700fd140 [ 90.695566][ T5830] R13: 00007f3385e13d7d R14: 0000000000015db5 R15: 00007ffc700fd180 [ 90.695595][ T5830] [ 90.695676][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 90.703306][ T6178] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 91.035773][ T5926] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 91.053681][ T6178] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 [ 91.054147][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 91.054171][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 91.054179][ T5830] Call Trace: [ 91.054184][ T5830] [ 91.054190][ T5830] dump_stack_lvl+0xe8/0x150 [ 91.054213][ T5830] f2fs_handle_critical_error+0x37c/0x540 [ 91.054238][ T5830] f2fs_write_end_io+0x886/0xb60 [ 91.054278][ T5830] __submit_merged_bio+0x256/0x660 [ 91.054303][ T5830] __submit_merged_write_cond+0x398/0x4b0 [ 91.054328][ T5830] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 91.054379][ T5830] f2fs_write_data_pages+0x2756/0x3290 [ 91.054434][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 91.054469][ T5830] ? do_raw_spin_lock+0x121/0x290 [ 91.054515][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 91.054536][ T5830] ? free_unref_folios+0x12ed/0x13e0 [ 91.054571][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 91.054600][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 91.054635][ T5830] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 91.054656][ T5830] do_writepages+0x32e/0x550 [ 91.054692][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 91.054713][ T5830] filemap_fdatawrite+0x199/0x240 [ 91.054730][ T5830] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 91.054799][ T5830] ? do_raw_spin_unlock+0xf6/0x210 [ 91.054819][ T5830] f2fs_sync_dirty_inodes+0x30f/0x810 [ 91.054857][ T5830] f2fs_write_checkpoint+0x94c/0x2550 [ 91.054877][ T5830] ? __lock_acquire+0x6b6/0x2cf0 [ 91.054932][ T5830] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 91.055011][ T5830] kill_f2fs_super+0x2d2/0x6c0 [ 91.055038][ T5830] ? __pfx_kill_f2fs_super+0x10/0x10 [ 91.055083][ T5830] deactivate_locked_super+0xbc/0x130 [ 91.055105][ T5830] cleanup_mnt+0x425/0x4c0 [ 91.055126][ T5830] ? _raw_spin_unlock_irq+0x23/0x50 [ 91.055148][ T5830] task_work_run+0x1d4/0x260 [ 91.055168][ T5830] ? __pfx_task_work_run+0x10/0x10 [ 91.055196][ T5830] exit_to_user_mode_loop+0xef/0x4e0 [ 91.055216][ T5830] ? rcu_is_watching+0x15/0xb0 [ 91.055240][ T5830] do_syscall_64+0x2c1/0xf80 [ 91.055259][ T5830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.055275][ T5830] ? trace_irq_disable+0x37/0x100 [ 91.055289][ T5830] ? clear_bhb_loop+0x40/0x90 [ 91.055310][ T5830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.055326][ T5830] RIP: 0033:0x7f3385d90a77 [ 91.055341][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 91.055355][ T5830] RSP: 002b:00007ffc700fbff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 91.055377][ T5830] RAX: 0000000000000000 RBX: 00007f3385e13d7d RCX: 00007f3385d90a77 [ 91.055388][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc700fc0b0 [ 91.055398][ T5830] RBP: 00007ffc700fc0b0 R08: 0000000000000000 R09: 0000000000000000 [ 91.055407][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc700fd140 [ 91.055417][ T5830] R13: 00007f3385e13d7d R14: 0000000000015db5 R15: 00007ffc700fd180 [ 91.055447][ T5830] [ 91.059338][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 91.065847][ T6178] XFS (loop1): Unmount and run xfs_repair [ 91.111839][ T6206] loop0: detected capacity change from 0 to 1024 [ 91.117021][ T6178] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 91.117044][ T6178] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00 XAGF..........@. [ 91.117059][ T6178] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01 ................ [ 91.117071][ T6178] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 01 00 00 04 ................ [ 91.117082][ T6178] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00 ......?...?..... [ 91.117094][ T6178] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 91.117107][ T6178] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 91.117120][ T6178] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 91.117132][ T6178] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 91.117148][ T6178] XFS (loop1): metadata I/O error in "xfs_read_agf+0x271/0x5a0" at daddr 0x1 len 1 error 74 [ 91.473212][ T5926] usb 5-1: device descriptor read/64, error -71 [ 91.485769][ T6178] XFS (loop1): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8a0 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 91.500431][ T6178] XFS (loop1): Please unmount the filesystem and rectify the problem(s) [ 91.567524][ T5820] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 91.599625][ T6206] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 91.612147][ T6206] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.652487][ T29] audit: type=1800 audit(1768775139.336:3): pid=6206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.59" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 91.754280][ T5926] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 91.917080][ T6211] loop3: detected capacity change from 0 to 2048 [ 91.954311][ T5926] usb 5-1: device descriptor read/64, error -71 [ 92.068934][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 92.089725][ T5926] usb usb5-port1: attempt power cycle [ 92.272553][ T6213] loop0: detected capacity change from 0 to 256 [ 92.281668][ T6211] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 92.299080][ T6213] exfat: Deprecated parameter 'utf8' [ 92.325626][ T6213] exfat: Deprecated parameter 'namecase' [ 92.391069][ T6213] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 92.431992][ T6213] exFAT-fs (loop0): failed to test first cluster bit of root dir(5) [ 92.444049][ T5926] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 92.496186][ T5926] usb 5-1: device descriptor read/8, error -71 [ 92.584933][ T6219] loop1: detected capacity change from 0 to 512 [ 92.668028][ T6219] EXT4-fs (loop1): 1 truncate cleaned up [ 92.701754][ T6219] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 92.718081][ T6224] netlink: 'syz.0.64': attribute type 1 has an invalid length. [ 92.731439][ T6224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.64'. [ 92.733575][ T6211] netlink: 8 bytes leftover after parsing attributes in process `syz.3.61'. [ 92.741289][ T6224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.64'. [ 92.758226][ T5926] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 92.804697][ T5926] usb 5-1: device descriptor read/8, error -71 [ 92.842845][ T29] audit: type=1800 audit(1768775140.526:4): pid=6219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.60" name="file0" dev="loop1" ino=13 res=0 errno=0 [ 92.867428][ T6219] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.60: bg 0: block 465: padding at end of block bitmap is not set [ 92.912256][ T6219] EXT4-fs (loop1): Delayed block allocation failed for inode 13 at logical offset 3 with max blocks 9 with error 28 [ 92.942137][ T5926] usb usb5-port1: unable to enumerate USB device [ 92.950460][ T6228] sctp: [Deprecated]: syz.2.66 (pid 6228) Use of int in maxseg socket option. [ 92.950460][ T6228] Use struct sctp_assoc_value instead [ 92.975126][ T6219] EXT4-fs (loop1): This should not happen!! Data will be lost [ 92.975126][ T6219] [ 92.994813][ T6219] EXT4-fs (loop1): Total free blocks count 0 [ 93.000938][ T6219] EXT4-fs (loop1): Free/Dirty block details [ 93.011149][ T6219] EXT4-fs (loop1): free_blocks=0 [ 93.020632][ T6226] loop0: detected capacity change from 0 to 4096 [ 93.021240][ T6219] EXT4-fs (loop1): dirty_blocks=9 [ 93.072264][ T6219] EXT4-fs (loop1): Block reservation details [ 93.105949][ T6219] EXT4-fs (loop1): i_reserved_data_blocks=9 [ 93.113996][ T6230] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 93.387527][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.855563][ T6247] fuse: Bad value for 'fd' [ 94.187419][ T6257] netlink: 12 bytes leftover after parsing attributes in process `syz.0.75'. [ 94.255700][ T5926] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 94.396636][ T6264] 9p: Bad value for 'wfdno' [ 94.494483][ T5926] usb 5-1: device descriptor read/64, error -71 [ 94.497777][ T5977] usb 3-1: new full-speed USB device number 3 using dummy_hcd [ 94.580914][ T6264] netlink: 'syz.0.77': attribute type 10 has an invalid length. [ 94.643931][ T6264] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.669424][ T6264] bond0: (slave team0): Enslaving as an active interface with an up link [ 94.861698][ T5977] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 94.953127][ T5977] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.058385][ T5977] usb 3-1: New USB device found, idVendor=0eef, idProduct=480e, bcdDevice= 0.00 [ 95.148753][ T5977] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.337178][ T5977] usb 3-1: config 0 descriptor?? [ 95.434308][ T5926] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 95.580367][ T6270] loop1: detected capacity change from 0 to 2048 [ 95.587555][ T6259] capability: warning: `syz.2.76' uses deprecated v2 capabilities in a way that may be insecure [ 95.601294][ T5926] usb 5-1: device descriptor read/64, error -71 [ 95.650584][ T6274] --map-set only usable from mangle table [ 95.659393][ T6270] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 95.716601][ T5926] usb usb5-port1: attempt power cycle [ 95.742204][ T6274] loop0: detected capacity change from 0 to 4096 [ 95.771140][ T6274] NILFS (loop0): invalid segment: Checksum error in segment payload [ 95.780173][ T6274] NILFS (loop0): trying rollback from an earlier position [ 95.821052][ T5977] usb 3-1: string descriptor 0 read error: -71 [ 95.848938][ T6274] NILFS (loop0): recovery complete [ 95.850717][ T5977] usbhid 3-1:0.0: can't add hid device: -71 [ 95.899917][ T5977] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 95.900602][ T6275] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 95.964629][ T5977] usb 3-1: USB disconnect, device number 3 [ 96.054365][ T5926] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 96.104827][ T5926] usb 5-1: device descriptor read/8, error -71 [ 96.136123][ T5940] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 96.177758][ T5940] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 96.291906][ T6285] netlink: 4 bytes leftover after parsing attributes in process `syz.3.84'. [ 96.364306][ T5926] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 96.394697][ T5926] usb 5-1: device descriptor read/8, error -71 [ 96.423489][ T6277] loop1: detected capacity change from 0 to 32768 [ 96.431306][ T6285] hsr_slave_1 (unregistering): left promiscuous mode [ 96.460525][ T6277] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.81 (6277) [ 96.487971][ T6277] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 96.500314][ T6277] BTRFS info (device loop1): using crc32c checksum algorithm [ 96.511751][ T5926] usb usb5-port1: unable to enumerate USB device [ 96.522457][ T6277] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 96.603509][ T6288] loop2: detected capacity change from 0 to 4096 [ 96.685884][ T3524] Bluetooth: hci5: Frame reassembly failed (-84) [ 96.692470][ T78] Bluetooth: hci5: Frame reassembly failed (-84) [ 96.809503][ T6277] BTRFS info (device loop1): rebuilding free space tree [ 96.833545][ T6277] BTRFS info (device loop1): disabling free space tree [ 96.854400][ T6277] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 96.882181][ T6277] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 97.066580][ T6310] xt_TCPMSS: Only works on TCP SYN packets [ 97.132425][ T6277] BTRFS info (device loop1): enabling ssd optimizations [ 97.261060][ T6277] BTRFS info (device loop1): enabling disk space caching [ 97.345179][ T6277] BTRFS info (device loop1): force clearing of disk cache [ 97.388496][ T6313] tipc: Trying to set illegal importance in message [ 97.396438][ T6277] BTRFS info (device loop1): force zstd compression, level 3 [ 97.444655][ T6313] netlink: 4 bytes leftover after parsing attributes in process `syz.4.87'. [ 97.477031][ T29] audit: type=1800 audit(1768775145.166:5): pid=6277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.81" name="file1" dev="loop1" ino=260 res=0 errno=0 [ 98.219260][ T6315] loop4: detected capacity change from 0 to 32768 [ 98.297070][ T6340] loop2: detected capacity change from 0 to 16 [ 98.364082][ T6340] erofs (device loop2): mounted with root inode @ nid 36. [ 98.371131][ T5820] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 98.385586][ T6315] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 98.418523][ T5926] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 98.578739][ T6315] XFS (loop4): Ending clean mount [ 98.588840][ T5926] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 98.604520][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 98.620715][ T5926] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 98.632898][ T5926] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 98.647326][ T5926] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 98.660560][ T6347] netlink: 34 bytes leftover after parsing attributes in process `syz.2.93'. [ 98.673255][ T5926] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.744476][ T5148] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 98.830824][ T6315] XFS (loop4): Quotacheck needed: Please wait. [ 99.053503][ T5926] usb 4-1: config 0 descriptor?? [ 99.099246][ T5926] hdpvr 4-1:0.0: Could not find bulk-in endpoint [ 99.106735][ T6315] XFS (loop4): Quotacheck: Done. [ 99.129717][ T5926] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12 [ 99.385098][ T6351] loop0: detected capacity change from 0 to 2048 [ 99.393911][ T6351] EXT4-fs: Ignoring removed bh option [ 99.767020][ T6351] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.806039][ T5827] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 100.022318][ T6357] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 100.040253][ T6357] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28 [ 100.052672][ T6357] EXT4-fs (loop0): This should not happen!! Data will be lost [ 100.052672][ T6357] [ 100.062359][ T6357] EXT4-fs (loop0): Total free blocks count 0 [ 100.068391][ T6357] EXT4-fs (loop0): Free/Dirty block details [ 100.074336][ T6357] EXT4-fs (loop0): free_blocks=2415919104 [ 100.080066][ T6357] EXT4-fs (loop0): dirty_blocks=64 [ 100.085250][ T6357] EXT4-fs (loop0): Block reservation details [ 100.091241][ T6357] EXT4-fs (loop0): i_reserved_data_blocks=4 [ 100.239297][ T3524] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 100.401558][ T6359] loop0: detected capacity change from 0 to 2048 [ 101.473145][ T5926] usb 4-1: USB disconnect, device number 4 [ 101.683908][ T6376] loop2: detected capacity change from 0 to 512 [ 101.693987][ T6376] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 101.731585][ T6376] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 101.733728][ T6376] EXT4-fs: failed to create workqueue [ 101.752263][ T6376] EXT4-fs (loop2): mount failed [ 101.775630][ T6378] netlink: 28 bytes leftover after parsing attributes in process `syz.4.101'. [ 102.044854][ T6386] loop4: detected capacity change from 0 to 128 [ 102.059074][ T6386] vfat: Unknown parameter 'u¯#sïóM Ê' [ 102.612151][ T6389] loop3: detected capacity change from 0 to 512 [ 102.707975][ T6389] IPVS: set_ctl: invalid protocol: 92 172.20.20.170:20000 [ 102.869131][ T6389] loop3: detected capacity change from 0 to 4096 [ 102.894466][ T6389] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 102.989747][ T6372] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 102.998369][ T6372] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 103.066004][ T6372] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 103.128798][ T6372] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 103.138258][ T6372] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 103.177835][ T6372] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 103.213464][ T6372] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 103.231502][ T6372] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 103.251711][ T6372] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 103.271491][ T6372] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 103.294750][ T6372] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 103.301758][ T6372] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 103.327296][ T6372] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 103.333342][ T6372] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 103.355375][ T6372] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 103.501621][ T6402] netlink: 'syz.1.103': attribute type 1 has an invalid length. [ 103.510765][ T6402] netlink: 'syz.1.103': attribute type 2 has an invalid length. [ 103.523309][ T6402] netlink: 'syz.1.103': attribute type 1 has an invalid length. [ 103.624436][ T5949] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 103.694563][ T5148] Bluetooth: hci1: command 0x0c1a tx timeout [ 103.759875][ T6402] netlink: 4 bytes leftover after parsing attributes in process `syz.1.103'. [ 103.816962][ T5949] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.864884][ T5949] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 103.894245][ T24] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 103.901953][ T5949] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.967592][ T5949] usb 4-1: config 0 descriptor?? [ 104.302826][ T6397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 104.455025][ T6397] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 104.624731][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 104.631727][ T24] usb 5-1: config 0 has an invalid interface number: 176 but max is 0 [ 104.642774][ T24] usb 5-1: config 0 has no interface number 0 [ 104.654234][ T24] usb 5-1: config 0 interface 176 altsetting 58 bulk endpoint 0x8 has invalid maxpacket 32 [ 104.673199][ T24] usb 5-1: config 0 interface 176 altsetting 58 bulk endpoint 0x7 has invalid maxpacket 32 [ 104.692198][ T5949] lenovo 0003:17EF:6047.0003: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0 [ 104.722642][ T24] usb 5-1: config 0 interface 176 has no altsetting 0 [ 104.756663][ T24] usb 5-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=68.dc [ 104.786103][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.821077][ T24] usb 5-1: Product: syz [ 104.828570][ T24] usb 5-1: Manufacturer: syz [ 104.833231][ T24] usb 5-1: SerialNumber: syz [ 104.855996][ T24] usb 5-1: config 0 descriptor?? [ 104.882148][ T6400] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 104.896819][ T6400] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 104.920322][ T6422] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 105.134269][ T5148] Bluetooth: hci0: command 0x0c1a tx timeout [ 105.187988][ T24] usb 5-1: probing VID:PID(0424:012C) [ 105.195772][ T24] usb 5-1: vub300 testing BULK OUT EndPoint(0) 08 [ 105.202244][ T24] usb 5-1: vub300 testing BULK OUT EndPoint(1) 07 [ 105.208724][ T24] usb 5-1: Could not find two sets of bulk-in/out endpoint pairs [ 105.214300][ T5148] Bluetooth: hci2: command 0x0c1a tx timeout [ 105.216576][ T24] vub300 5-1:0.176: probe with driver vub300 failed with error -22 [ 105.305352][ T5148] Bluetooth: hci3: command 0x0c1a tx timeout [ 105.374369][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout [ 105.382421][ T5148] Bluetooth: hci5: command 0x1003 tx timeout [ 105.391389][ T5840] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 105.629429][ T24] usb 5-1: USB disconnect, device number 10 [ 105.689718][ T5949] lenovo 0003:17EF:6047.0003: Sensitivity setting failed: -71 [ 105.731907][ T5949] usb 4-1: USB disconnect, device number 5 [ 105.774861][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 106.093471][ T6440] loop4: detected capacity change from 0 to 256 [ 106.143874][ T6440] MINIX-fs: mounting file system with errors, running fsck is recommended [ 106.189641][ T6440] MINIX-fs warning: remounting fs with errors, running fsck is recommended [ 106.306484][ T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 106.415144][ T5979] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 106.573742][ T6446] loop4: detected capacity change from 0 to 2048 [ 106.589593][ T5979] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 106.599955][ T24] usb 1-1: config 0 has an invalid interface number: 17 but max is 0 [ 106.611047][ T24] usb 1-1: config 0 has no interface number 0 [ 107.655802][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 107.661852][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 107.902519][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout [ 107.908616][ T5148] Bluetooth: hci0: command 0x0c1a tx timeout [ 108.434460][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 108.511036][ T24] usb 1-1: New USB device found, idVendor=07ca, idProduct=a800, bcdDevice=98.f4 [ 108.523376][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.532295][ T24] usb 1-1: Product: syz [ 108.536915][ T24] usb 1-1: Manufacturer: syz [ 108.555773][ T24] usb 1-1: SerialNumber: syz [ 108.660052][ T6446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.667441][ T24] usb 1-1: config 0 descriptor?? [ 108.697020][ T24] dvb-usb: found a 'AVerMedia AverTV DVB-T USB 2.0 (A800)' in warm state. [ 108.757849][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 108.794418][ T24] dvbdev: DVB: registering new adapter (AVerMedia AverTV DVB-T USB 2.0 (A800)) [ 108.802323][ T6442] loop2: detected capacity change from 0 to 32768 [ 108.805334][ T24] usb 1-1: media controller created [ 108.867515][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 108.926180][ T6467] loop1: detected capacity change from 0 to 128 [ 109.012221][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 109.037241][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 109.038377][ T6467] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 109.047364][ T24] dvb-usb: no frontend was attached by 'AVerMedia AverTV DVB-T USB 2.0 (A800)' [ 109.118655][ T6470] lo: entered allmulticast mode [ 109.127171][ T6470] tunl0: entered allmulticast mode [ 109.135586][ T6470] gre0: entered allmulticast mode [ 109.143386][ T6470] gretap0: entered allmulticast mode [ 109.152137][ T6470] erspan0: entered allmulticast mode [ 109.159952][ T6470] ip_vti0: entered allmulticast mode [ 109.168990][ T6470] ip6_vti0: entered allmulticast mode [ 109.177156][ T6470] sit0: entered allmulticast mode [ 109.185193][ T6470] ip6tnl0: entered allmulticast mode [ 109.193407][ T6470] ip6gre0: entered allmulticast mode [ 109.201564][ T6470] syz_tun: entered allmulticast mode [ 109.210282][ T6470] ip6gretap0: entered allmulticast mode [ 109.218641][ T6470] bridge0: entered allmulticast mode [ 109.228137][ T6470] vcan0: entered allmulticast mode [ 109.236694][ T6470] bond0: entered allmulticast mode [ 109.241961][ T6470] bond_slave_0: entered allmulticast mode [ 109.248433][ T6470] bond_slave_1: entered allmulticast mode [ 109.260857][ T6470] team0: entered allmulticast mode [ 109.266115][ T6470] team_slave_0: entered allmulticast mode [ 109.271954][ T6470] team_slave_1: entered allmulticast mode [ 109.282062][ T6470] dummy0: entered allmulticast mode [ 109.297788][ T6470] nlmon0: entered allmulticast mode [ 109.306482][ T6470] caif0: entered allmulticast mode [ 109.312612][ T6470] batadv0: entered allmulticast mode [ 109.321995][ T6470] vxcan0: entered allmulticast mode [ 109.330261][ T6470] vxcan1: entered allmulticast mode [ 109.338349][ T6470] veth0: entered allmulticast mode [ 109.346368][ T6470] veth1: entered allmulticast mode [ 109.355374][ T6470] wg0: entered allmulticast mode [ 109.363114][ T6470] wg1: entered allmulticast mode [ 109.371195][ T6470] wg2: entered allmulticast mode [ 109.377008][ T6470] veth0_to_bridge: entered allmulticast mode [ 109.384608][ T6470] veth1_to_bridge: entered allmulticast mode [ 109.392212][ T6470] veth0_to_bond: entered allmulticast mode [ 109.399280][ T6470] veth1_to_bond: entered allmulticast mode [ 109.406423][ T6470] veth0_to_team: entered allmulticast mode [ 109.413703][ T6470] veth1_to_team: entered allmulticast mode [ 109.421114][ T6470] veth0_to_batadv: entered allmulticast mode [ 109.428186][ T6467] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 109.439696][ T6470] batadv_slave_0: entered allmulticast mode [ 109.446381][ T6470] veth1_to_batadv: entered allmulticast mode [ 109.454041][ T6470] batadv_slave_1: entered allmulticast mode [ 109.460645][ T6470] xfrm0: entered allmulticast mode [ 109.461523][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.466372][ T6470] veth0_to_hsr: entered allmulticast mode [ 109.481234][ T6470] hsr_slave_0: entered allmulticast mode [ 109.487623][ T6470] hsr0: entered allmulticast mode [ 109.493324][ T6470] veth1_virt_wifi: entered allmulticast mode [ 109.500080][ T6470] veth0_virt_wifi: entered allmulticast mode [ 109.506887][ T6470] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 109.514370][ T6470] veth1_vlan: entered allmulticast mode [ 109.520633][ T6470] veth0_vlan: entered allmulticast mode [ 109.526889][ T6470] vlan0: entered allmulticast mode [ 109.532728][ T6470] vlan1: entered allmulticast mode [ 109.539729][ T6470] macvlan0: entered allmulticast mode [ 109.547354][ T6470] macvlan1: entered allmulticast mode [ 109.554298][ T6470] ipvlan0: entered allmulticast mode [ 109.561502][ T6470] ipvlan1: entered allmulticast mode [ 109.567821][ T6470] veth1_macvtap: entered allmulticast mode [ 109.574870][ T6470] veth0_macvtap: entered allmulticast mode [ 109.581726][ T6470] macvtap0: entered allmulticast mode [ 109.611028][ T6470] macsec0: entered allmulticast mode [ 109.617016][ T6470] geneve0: entered allmulticast mode [ 109.624764][ T6470] geneve1: entered allmulticast mode [ 109.630424][ T6470] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 109.638261][ T6470] netdevsim netdevsim3 netdevsim1: entered allmulticast mode [ 109.646086][ T6470] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 109.653818][ T6470] netdevsim netdevsim3 netdevsim3: entered allmulticast mode [ 109.662198][ T6470] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 109.669664][ T6470] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode [ 110.452637][ T24] rc_core: IR keymap rc-avermedia-m135a not found [ 110.494434][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 110.500619][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 110.506813][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout [ 110.512946][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 110.691899][ T24] Registered IR keymap rc-empty [ 110.863281][ T5820] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 110.873850][ T24] rc rc0: AVerMedia AverTV DVB-T USB 2.0 (A800) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0 [ 110.921770][ T24] input: AVerMedia AverTV DVB-T USB 2.0 (A800) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input8 [ 110.945449][ T24] dvb-usb: schedule remote query interval to 150 msecs. [ 110.974687][ T24] dvb-usb: AVerMedia AverTV DVB-T USB 2.0 (A800) successfully initialized and connected. [ 111.034621][ T24] usb 1-1: USB disconnect, device number 3 [ 111.234635][ T6484] overlayfs: missing 'workdir' [ 111.735990][ T24] dvb-usb: AVerMedia AverTV DVB-T USB 2.0 (A800) successfully deinitialized and disconnected. [ 112.471217][ T6497] loop1: detected capacity change from 0 to 256 [ 112.508177][ T6497] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 112.541127][ T6497] FAT-fs (loop1): Filesystem has been set read-only [ 112.748969][ T6503] loop3: detected capacity change from 0 to 1164 [ 112.781398][ T6479] loop0: detected capacity change from 0 to 32768 [ 112.852392][ T6479] (syz.0.130,6479,1):ocfs2_validate_inode_block:1449 ERROR: Invalid dinode #65: Corrupt state (nlink = 0 or mode = 16877) detected! [ 112.871617][ T6505] kAFS: unable to lookup cell '(0.Â|dÒùyx²LTrwˆž0 Æâœí\Ø[È ó¬]V' [ 112.904660][ T6479] (syz.0.130,6479,1):ocfs2_read_locked_inode:599 ERROR: status = -117 [ 112.943424][ T6479] (syz.0.130,6479,1):ocfs2_init_global_system_inodes:444 ERROR: status = -117 [ 113.009550][ T6479] (syz.0.130,6479,1):ocfs2_init_global_system_inodes:476 ERROR: status = -117 [ 113.079375][ T6479] (syz.0.130,6479,0):ocfs2_initialize_super:2198 ERROR: status = -117 [ 113.126180][ T6479] (syz.0.130,6479,0):ocfs2_fill_super:1177 ERROR: status = -117 [ 113.222241][ T6513] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 113.544586][ T6523] loop1: detected capacity change from 0 to 512 [ 113.555660][ T6523] EXT4-fs: Ignoring removed mblk_io_submit option [ 113.573690][ T6523] EXT4-fs (loop1): blocks per group (255) and clusters per group (8192) inconsistent [ 113.688986][ T6524] netlink: 'syz.4.146': attribute type 10 has an invalid length. [ 114.744414][ T5888] IPVS: starting estimator thread 0... [ 114.834370][ T6531] IPVS: using max 28 ests per chain, 67200 per kthread [ 115.232055][ T6542] loop0: detected capacity change from 0 to 256 [ 115.852797][ T6543] netlink: 'syz.1.149': attribute type 1 has an invalid length. [ 115.860581][ T6543] netlink: 224 bytes leftover after parsing attributes in process `syz.1.149'. [ 115.962163][ T6542] FAT-fs (loop0): Directory bread(block 64) failed [ 115.970896][ T6542] FAT-fs (loop0): Directory bread(block 65) failed [ 115.977962][ T6542] FAT-fs (loop0): Directory bread(block 66) failed [ 115.984737][ T6542] FAT-fs (loop0): Directory bread(block 67) failed [ 115.992904][ T6542] FAT-fs (loop0): Directory bread(block 68) failed [ 116.003893][ T6542] FAT-fs (loop0): Directory bread(block 69) failed [ 116.015890][ T6542] FAT-fs (loop0): Directory bread(block 70) failed [ 116.023503][ T6542] FAT-fs (loop0): Directory bread(block 71) failed [ 116.032151][ T6542] FAT-fs (loop0): Directory bread(block 72) failed [ 116.039539][ T6542] FAT-fs (loop0): Directory bread(block 73) failed [ 116.058658][ T5979] libceph: connect (1)[c::]:6789 error -101 [ 116.081303][ T5979] libceph: mon0 (1)[c::]:6789 connect error [ 116.247046][ T6538] ceph: No mds server is up or the cluster is laggy [ 117.447836][ T6570] loop4: detected capacity change from 0 to 512 [ 120.367819][ T6578] loop2: detected capacity change from 0 to 128 [ 120.485268][ T6578] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 120.524328][ T5974] kworker/u8:14: attempt to access beyond end of device [ 120.524328][ T5974] loop4: rw=1, sector=2416, nr_sectors = 2936 limit=512 [ 120.539121][ T6578] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 120.559072][ T5974] kworker/u8:14: attempt to access beyond end of device [ 120.559072][ T5974] loop4: rw=1, sector=5352, nr_sectors = 3048 limit=512 [ 120.607396][ T5974] kworker/u8:14: attempt to access beyond end of device [ 120.607396][ T5974] loop4: rw=1, sector=8400, nr_sectors = 2928 limit=512 [ 120.647718][ T5974] kworker/u8:14: attempt to access beyond end of device [ 120.647718][ T5974] loop4: rw=1, sector=11328, nr_sectors = 2088 limit=512 [ 120.688138][ T5974] kworker/u8:14: attempt to access beyond end of device [ 120.688138][ T5974] loop4: rw=1, sector=13416, nr_sectors = 2112 limit=512 [ 120.730385][ T5974] kworker/u8:14: attempt to access beyond end of device [ 120.730385][ T5974] loop4: rw=1, sector=15528, nr_sectors = 936 limit=512 [ 120.804294][ T5881] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 120.866846][ T6593] netlink: 24 bytes leftover after parsing attributes in process `syz.1.166'. [ 121.010270][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 121.079607][ T6590] loop3: detected capacity change from 0 to 4096 [ 121.094425][ T5881] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 121.103496][ T5881] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.232355][ T5881] usb 1-1: config 0 descriptor?? [ 121.272085][ T5830] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 121.311603][ T6586] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 121.445242][ T6590] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 121.551572][ T29] audit: type=1800 audit(1768775169.236:6): pid=6590 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.164" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 121.928871][ T24] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 123.233916][ T5881] elan 0003:04F3:0755.0005: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0 [ 123.332989][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.396053][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 123.426205][ T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 123.470880][ T24] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 123.497334][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.565608][ T24] usb 3-1: config 0 descriptor?? [ 124.073583][ T24] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 124.188852][ T5979] usb 1-1: USB disconnect, device number 4 [ 124.870069][ T6630] netlink: 'syz.4.175': attribute type 3 has an invalid length. [ 124.888720][ T6630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.175'. [ 126.332551][ C1] plantronics 0003:047F:FFFF.0006: usb_submit_urb(ctrl) failed: -1 [ 126.397696][ T5908] usb 3-1: USB disconnect, device number 4 [ 126.489755][ T6637] netlink: 'syz.4.178': attribute type 39 has an invalid length. [ 126.791752][ T6645] syz_tun: entered allmulticast mode [ 126.800767][ T6645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.181'. [ 127.079452][ T6650] loop0: detected capacity change from 0 to 512 [ 127.188948][ T6645] syz_tun (unregistering): left allmulticast mode [ 128.330113][ T5938] IPVS: starting estimator thread 0... [ 128.494639][ T6666] IPVS: using max 24 ests per chain, 57600 per kthread [ 131.822669][ T6697] ceph: No mds server is up or the cluster is laggy [ 131.832515][ T5908] libceph: connect (1)[c::]:6789 error -101 [ 131.857217][ T5908] libceph: mon0 (1)[c::]:6789 connect error [ 132.854654][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.962641][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.342318][ T6730] netlink: 1208 bytes leftover after parsing attributes in process `syz.4.207'. [ 135.345048][ T6748] loop2: detected capacity change from 0 to 8192 [ 136.166920][ T6755] loop0: detected capacity change from 0 to 128 [ 136.235315][ T6755] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 136.471281][ T6762] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 136.770679][ T6770] loop0: detected capacity change from 0 to 2048 [ 136.852208][ T6781] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 137.158279][ T5832] Bluetooth: hci0: unexpected Set CIG Parameters response data [ 137.174685][ T5832] Bluetooth: hci0: unexpected event for opcode 0x2062 [ 140.346464][ T29] audit: type=1107 audit(1768775188.026:7): pid=6800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='s' [ 140.380186][ T6801] netlink: 'syz.2.227': attribute type 10 has an invalid length. [ 140.679471][ T6804] xt_TPROXY: Can be used only with -p tcp or -p udp [ 141.073913][ T6801] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 141.257388][ T5832] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 141.271181][ T5832] Bluetooth: hci0: Injecting HCI hardware error event [ 141.280788][ T5824] Bluetooth: hci0: hardware error 0x00 [ 141.391286][ T6812] netlink: 'syz.4.233': attribute type 3 has an invalid length. [ 141.400815][ T6812] netlink: 'syz.4.233': attribute type 3 has an invalid length. [ 141.418105][ T6781] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 141.479970][ T6781] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 141.884848][ T6781] Remounting filesystem read-only [ 141.929173][ T5828] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 142.376701][ T6824] loop2: detected capacity change from 0 to 32768 [ 142.387291][ T6824] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.236 (6824) [ 142.420373][ T6824] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 142.432253][ T6824] BTRFS info (device loop2): using sha256 checksum algorithm [ 142.597465][ T6824] BTRFS info (device loop2): enabling ssd optimizations [ 142.604492][ T6824] BTRFS info (device loop2): turning on async discard [ 142.611242][ T6824] BTRFS info (device loop2): enabling free space tree [ 143.034567][ T29] audit: type=1800 audit(1768775190.636:8): pid=6847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.236" name="file2" dev="loop2" ino=261 res=0 errno=0 [ 143.325435][ T5824] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 143.460300][ T6846] loop3: detected capacity change from 0 to 4096 [ 144.675280][ T6853] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 144.735121][ T29] audit: type=1800 audit(1768775192.426:9): pid=6846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.239" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 144.759168][ T5830] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 146.135921][ T6870] netlink: 24 bytes leftover after parsing attributes in process `syz.3.248'. [ 146.249840][ T6870] netlink: 24 bytes leftover after parsing attributes in process `syz.3.248'. [ 146.618468][ T6876] loop1: detected capacity change from 0 to 512 [ 146.656222][ T6876] EXT4-fs: Ignoring removed orlov option [ 146.688126][ T6876] EXT4-fs: Ignoring removed mblk_io_submit option [ 146.761125][ T6876] EXT4-fs error (device loop1): ext4_iget_extra_inode:5072: inode #15: comm syz.1.249: corrupted in-inode xattr: e_value size too large [ 146.864331][ T6876] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.249: couldn't read orphan inode 15 (err -117) [ 146.879017][ T29] audit: type=1326 audit(1768775194.566:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6882 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7ffc0000 [ 146.924255][ T29] audit: type=1326 audit(1768775194.586:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6882 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f272038f749 code=0x7ffc0000 [ 146.951816][ T6876] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.978179][ T29] audit: type=1326 audit(1768775194.586:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6882 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7ffc0000 [ 147.004492][ T29] audit: type=1326 audit(1768775194.586:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6882 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7ffc0000 [ 147.062626][ T6881] loop4: detected capacity change from 0 to 4096 [ 147.091359][ T6881] ntfs3: Unknown parameter 'nohide_dot_files' [ 147.230523][ T5824] Bluetooth: hci3: unexpected event for opcode 0x203b [ 147.596368][ T6893] loop4: detected capacity change from 0 to 128 [ 147.606417][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.690793][ T6893] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 147.718862][ T6893] ext4 filesystem being mounted at /50/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 147.897741][ T29] audit: type=1800 audit(1768775195.586:14): pid=6893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.251" name="bus" dev="loop4" ino=12 res=0 errno=0 [ 148.805810][ T6909] loop0: detected capacity change from 0 to 4096 [ 149.317521][ T6912] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 149.416275][ T6914] netlink: 168 bytes leftover after parsing attributes in process `syz.0.243'. [ 150.217404][ T5827] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 151.127739][ T6934] loop2: detected capacity change from 0 to 1024 [ 151.158514][ T6934] EXT4-fs: Ignoring removed nomblk_io_submit option [ 151.263643][ T6934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 152.000646][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.323628][ T6956] mmap: syz.1.274 (6956) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 153.294213][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.533937][ T6971] capability: warning: `syz.4.281' uses 32-bit capabilities (legacy support in use) [ 154.204448][ T5908] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 154.424301][ T5908] usb 4-1: Using ep0 maxpacket: 16 [ 154.495014][ T29] audit: type=1326 audit(1768775202.186:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6991 comm="syz.4.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 154.514307][ T5908] usb 4-1: config 0 has no interfaces? [ 154.530524][ T29] audit: type=1326 audit(1768775202.206:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6991 comm="syz.4.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 154.546447][ T5908] usb 4-1: config 0 has no interfaces? [ 154.553721][ T29] audit: type=1326 audit(1768775202.206:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6991 comm="syz.4.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 154.581532][ T29] audit: type=1326 audit(1768775202.206:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6991 comm="syz.4.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 154.603861][ T29] audit: type=1326 audit(1768775202.206:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6991 comm="syz.4.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 154.687797][ T5908] usb 4-1: config 0 has no interfaces? [ 154.712453][ T5908] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 154.729980][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.764241][ T5908] usb 4-1: Product: syz [ 154.768547][ T5908] usb 4-1: Manufacturer: syz [ 154.773124][ T5908] usb 4-1: SerialNumber: syz [ 154.835885][ T5908] r8152-cfgselector 4-1: Unknown version 0x0000 [ 154.842184][ T5908] r8152-cfgselector 4-1: config 0 descriptor?? [ 155.163720][ T7009] loop4: detected capacity change from 0 to 2048 [ 155.217725][ T7009] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 157.435551][ T5879] r8152-cfgselector 4-1: USB disconnect, device number 6 [ 159.715587][ T7058] loop0: detected capacity change from 0 to 131072 [ 159.742629][ T7058] F2FS-fs (loop0): Invalid log sectorsize (67108873) [ 159.751473][ T7058] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 159.780031][ T7058] F2FS-fs (loop0): invalid crc value [ 159.946766][ T7058] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 159.959416][ T7058] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 159.966594][ T7058] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 160.352889][ T7058] F2FS-fs (loop0): switch atgc option is not allowed [ 160.904395][ T5879] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 161.575722][ T5879] usb 2-1: Using ep0 maxpacket: 16 [ 161.581613][ T5879] usb 2-1: too many configurations: 123, using maximum allowed: 8 [ 161.598466][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.635459][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.706273][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.709982][ T7086] loop2: detected capacity change from 0 to 64 [ 161.728509][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.765266][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.799714][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.847762][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.871175][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 161.893008][ T5879] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 161.912531][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 161.932806][ T5879] usb 2-1: SerialNumber: syz [ 161.956270][ T5879] usb 2-1: config 0 descriptor?? [ 161.991563][ T5879] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input9 [ 162.647564][ T5182] bcm5974 2-1:0.0: could not read from device [ 162.934125][ T5879] usb 2-1: USB disconnect, device number 14 [ 162.947341][ T5182] bcm5974 2-1:0.0: could not read from device [ 163.682588][ T7105] loop4: detected capacity change from 0 to 4096 [ 163.728764][ T7105] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 165.698356][ T7123] loop0: detected capacity change from 0 to 64 [ 167.095265][ T7111] loop1: detected capacity change from 0 to 32768 [ 167.115586][ T7111] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.326 (7111) [ 167.187104][ T7137] Cannot find set identified by id 0 to match [ 167.215880][ T7137] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 168.083450][ T7136] loop2: detected capacity change from 0 to 256 [ 168.239243][ T5901] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 168.324964][ T7136] exfat: Deprecated parameter 'utf8' [ 168.330385][ T7136] exfat: Deprecated parameter 'utf8' [ 168.388604][ T7136] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 168.504451][ T5901] usb 1-1: Using ep0 maxpacket: 8 [ 168.519044][ T5901] usb 1-1: config 0 has an invalid interface number: 24 but max is 0 [ 168.558475][ T5901] usb 1-1: config 0 has no interface number 0 [ 168.603849][ T5901] usb 1-1: New USB device found, idVendor=050d, idProduct=0122, bcdDevice=5b.65 [ 168.623198][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 168.657267][ T5901] usb 1-1: Product: syz [ 168.661480][ T5901] usb 1-1: Manufacturer: syz [ 168.698455][ T5901] usb 1-1: SerialNumber: syz [ 168.715832][ T5901] usb 1-1: config 0 descriptor?? [ 169.849892][ T5901] pegasus 1-1:0.24: probe with driver pegasus failed with error -32 [ 170.002172][ T7162] netlink: 'syz.2.344': attribute type 4 has an invalid length. [ 170.025280][ T7162] netlink: 32 bytes leftover after parsing attributes in process `syz.2.344'. [ 172.195091][ T29] audit: type=1326 audit(1768775219.876:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 172.423971][ T5879] usb 1-1: USB disconnect, device number 5 [ 172.837244][ T29] audit: type=1326 audit(1768775219.876:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.247262][ T29] audit: type=1326 audit(1768775219.916:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.410448][ T29] audit: type=1326 audit(1768775219.926:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.475092][ T29] audit: type=1326 audit(1768775219.926:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.558445][ T29] audit: type=1326 audit(1768775219.936:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.642512][ T29] audit: type=1326 audit(1768775219.946:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.678734][ T7205] syz.2.354 uses obsolete (PF_INET,SOCK_PACKET) [ 173.783227][ T29] audit: type=1326 audit(1768775219.966:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.840409][ T7210] loop2: detected capacity change from 0 to 512 [ 173.949055][ T29] audit: type=1326 audit(1768775219.966:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 173.977823][ T29] audit: type=1326 audit(1768775220.166:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 174.025170][ T7205] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 175.448231][ T7205] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 175.872958][ T7200] infiniband: Removed from hash: ib_dev=ffff88807fbd8000 (0)(syz0) ndev=ffff88807d148000 (23)(veth0_to_bridge) [ 175.942868][ T7226] loop1: detected capacity change from 0 to 512 [ 175.963721][ T7210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.036845][ T7226] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 176.094530][ T7226] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 176.105639][ T7210] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 176.354658][ T7200] EXT4-fs error (device loop2): ext4_get_first_dir_block:3535: inode #12: block 32: comm syz.2.354: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0 [ 176.385817][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.478808][ T7200] EXT4-fs error (device loop2): ext4_get_first_dir_block:3538: inode #12: comm syz.2.354: directory missing '.' [ 179.371246][ T7241] warning: `syz.1.365' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 179.470486][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.961963][ T7255] loop4: detected capacity change from 0 to 512 [ 180.057550][ T7255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.150426][ T7255] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 180.218314][ T7267] loop3: detected capacity change from 0 to 128 [ 180.245838][ T5949] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 180.274077][ T7267] EXT4-fs: Ignoring removed nobh option [ 180.357878][ T7267] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 180.434744][ T7267] ext4 filesystem being mounted at /73/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 180.449635][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.117686][ T5949] usb 2-1: device descriptor read/all, error -71 [ 181.381210][ T5821] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 182.596069][ T7292] tmpfs: Bad value for 'mpol' [ 184.603982][ T7305] loop1: detected capacity change from 0 to 2048 [ 184.661589][ T7308] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 184.693145][ T7309] loop3: detected capacity change from 0 to 764 [ 185.038291][ T7313] Symlink component flag not implemented [ 185.044820][ T7313] Symlink component flag not implemented (116) [ 187.000996][ T7337] loop0: detected capacity change from 0 to 256 [ 187.367005][ T5888] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 188.604214][ T5888] usb 2-1: Using ep0 maxpacket: 8 [ 188.618964][ T5888] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 189.007082][ T5888] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 189.968114][ T5888] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 189.977819][ T5888] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 189.996581][ T5888] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 190.005830][ T5888] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.032613][ T5888] usb 2-1: Product: syz [ 190.081101][ T5888] usb 2-1: Manufacturer: syz [ 190.114409][ T5888] usb 2-1: SerialNumber: syz [ 190.134202][ T5888] usb 2-1: can't set config #1, error -71 [ 190.155013][ T5888] usb 2-1: USB disconnect, device number 17 [ 190.218979][ T7352] loop0: detected capacity change from 0 to 2048 [ 190.344756][ T7352] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 190.370871][ T7362] loop3: detected capacity change from 0 to 8 [ 190.657335][ T7365] loop1: detected capacity change from 0 to 128 [ 191.146873][ T7366] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 191.167346][ T7364] syz.1.406: attempt to access beyond end of device [ 191.167346][ T7364] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 192.789935][ T7379] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.812219][ T7379] bond0: (slave rose0): Enslaving as an active interface with an up link [ 193.272877][ T7393] loop2: detected capacity change from 0 to 1024 [ 193.516834][ T7393] hfsplus: failed to extend attributes file [ 193.661889][ T7399] loop4: detected capacity change from 0 to 1024 [ 193.805734][ T7399] hfsplus: bad catalog entry type [ 193.909510][ T12] hfsplus: b-tree write err: -5, ino 4 [ 194.013351][ T7373] loop1: detected capacity change from 0 to 32768 [ 194.066637][ T7373] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.412 (7373) [ 194.152603][ T7373] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 194.184644][ T7373] BTRFS info (device loop1): using crc32c checksum algorithm [ 194.234302][ T6607] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 194.346706][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.353047][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.447701][ T6607] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.663231][ T6607] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 194.854014][ T7373] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 194.912270][ T6607] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.955750][ T7398] loop3: detected capacity change from 0 to 32768 [ 194.980067][ T6607] usb 1-1: config 0 descriptor?? [ 196.346830][ T7398] (syz.3.417,7398,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 196.417401][ T7373] BTRFS error (device loop1): open_ctree failed: -12 [ 196.479846][ T7398] (syz.3.417,7398,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 196.654532][ T7398] (syz.3.417,7398,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x656d756e, computed 0x79bdf9ad. Applying ECC. [ 196.671471][ T7444] loop2: detected capacity change from 0 to 7 [ 196.694619][ T7398] (syz.3.417,7398,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x656d756e, computed 0xa5e14d6c [ 196.713029][ T6607] keytouch 0003:0926:3333.0007: fixing up Keytouch IEC report descriptor [ 196.748536][ T7398] (syz.3.417,7398,1):ocfs2_validate_dir_block:465 ERROR: Checksum failed for dinode 288 [ 196.758618][ T7444] loop2: [POWERTEC] p1 p2 p3 [ 196.775243][ T6607] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0007/input/input10 [ 196.807390][ T7444] loop2: p1 start 4294902272 is beyond EOD, truncated [ 196.824244][ T7398] (syz.3.417,7398,0):ocfs2_read_virt_blocks:1037 ERROR: status = -5 [ 196.878822][ T7444] loop2: p2 start 16712448 is beyond EOD, truncated [ 196.885546][ T7398] (syz.3.417,7398,0):ocfs2_read_dir_block:524 ERROR: status = -5 [ 196.893291][ T7398] (syz.3.417,7398,0):ocfs2_find_entry_el:741 ERROR: reading directory 18, offset 0 [ 196.935620][ T7444] loop2: p3 start 655360 is beyond EOD, truncated [ 196.998645][ T7398] (syz.3.417,7398,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 197.059119][ T7398] (syz.3.417,7398,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 197.059153][ T7398] (syz.3.417,7398,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 197.096623][ T6607] keytouch 0003:0926:3333.0007: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 197.145328][ T5979] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 197.171691][ T7398] (syz.3.417,7398,0):ocfs2_initialize_super:2198 ERROR: status = -22 [ 197.180103][ T6607] usb 1-1: USB disconnect, device number 6 [ 197.224354][ T7398] (syz.3.417,7398,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 197.258725][ T7453] fido_id[7453]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 197.327667][ T5979] usb 2-1: Using ep0 maxpacket: 16 [ 197.355476][ T5979] usb 2-1: config 0 has an invalid interface number: 140 but max is 0 [ 197.401108][ T5979] usb 2-1: config 0 has an invalid interface number: 140 but max is 0 [ 197.447769][ T5979] usb 2-1: config 0 has no interface number 0 [ 197.482555][ T5979] usb 2-1: config 0 interface 140 altsetting 0 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 197.520315][ T5979] usb 2-1: config 0 interface 140 altsetting 0 endpoint 0x9 has invalid maxpacket 1024, setting to 64 [ 197.590895][ T5979] usb 2-1: too many endpoints for config 0 interface 140 altsetting 83: 41, using maximum allowed: 30 [ 197.644563][ T5979] usb 2-1: config 0 interface 140 altsetting 83 has 0 endpoint descriptors, different from the interface descriptor's value: 41 [ 197.683574][ T5979] usb 2-1: config 0 interface 140 has no altsetting 1 [ 197.727414][ T5979] usb 2-1: New USB device found, idVendor=06cd, idProduct=011c, bcdDevice=9a.2b [ 197.764596][ T5979] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.775247][ T7463] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 197.794812][ T5979] usb 2-1: Product: syz [ 197.799118][ T5979] usb 2-1: Manufacturer: syz [ 197.803724][ T5979] usb 2-1: SerialNumber: syz [ 197.834053][ T5979] usb 2-1: config 0 descriptor?? [ 197.852211][ T5979] keyspan 2-1:0.140: Keyspan 1 port adapter converter detected [ 197.865676][ T7466] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'. [ 197.914898][ T5979] keyspan 2-1:0.140: found no endpoint descriptor for endpoint 84 [ 197.946841][ T5979] keyspan 2-1:0.140: found no endpoint descriptor for endpoint 81 [ 197.962419][ T5979] keyspan 2-1:0.140: found no endpoint descriptor for endpoint 82 [ 197.993768][ T5979] keyspan 2-1:0.140: found no endpoint descriptor for endpoint 1 [ 198.013719][ T5979] keyspan 2-1:0.140: found no endpoint descriptor for endpoint 2 [ 198.068107][ T5979] keyspan 2-1:0.140: found no endpoint descriptor for endpoint 83 [ 198.077426][ T7471] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT [ 198.097989][ T5979] keyspan 2-1:0.140: found no endpoint descriptor for endpoint 3 [ 198.149255][ T5979] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 198.218992][ T5979] usb 2-1: USB disconnect, device number 18 [ 198.318904][ T5979] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 198.334057][ T5979] keyspan 2-1:0.140: device disconnected [ 198.439282][ T7481] loop2: detected capacity change from 0 to 8 [ 198.482396][ T7481] SQUASHFS error: lzo decompression failed, data probably corrupt [ 198.490897][ T7481] SQUASHFS error: Failed to read block 0x82: -5 [ 198.497688][ T7481] SQUASHFS error: Unable to read metadata cache entry [80] [ 198.505048][ T7481] SQUASHFS error: Unable to read inode 0x11f [ 198.948833][ T7486] loop0: detected capacity change from 0 to 128 [ 199.006054][ T7486] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 200.417213][ T7502] loop2: detected capacity change from 0 to 1024 [ 200.455071][ T7502] EXT4-fs: Ignoring removed i_version option [ 200.485481][ T7502] EXT4-fs: inline encryption not supported [ 200.525172][ T7502] EXT4-fs (loop2): Test dummy encryption mode enabled [ 200.686917][ T7502] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 202.377781][ T7524] loop0: detected capacity change from 0 to 256 [ 202.379697][ T7520] loop3: detected capacity change from 0 to 4096 [ 202.405743][ T7524] exfat: Invalid uid '0x00000000ffffffff' [ 202.486134][ T7520] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 202.502825][ T7527] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 202.527901][ T7520] ntfs3(loop3): ino=1a, mi_enum_attr [ 202.533403][ T7520] ntfs3(loop3): ino=1a, mi_enum_attr [ 202.565198][ T7520] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 203.094353][ T7541] loop0: detected capacity change from 0 to 1024 [ 203.398434][ T7544] loop4: detected capacity change from 0 to 128 [ 203.590895][ T7544] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 203.794624][ T7544] ext4 filesystem being mounted at /97/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 204.147104][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.877939][ T5827] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 205.196459][ T7561] netlink: 9275 bytes leftover after parsing attributes in process `syz.2.455'. [ 205.473685][ T7564] loop2: detected capacity change from 0 to 7 [ 205.566893][ T7564] Dev loop2: unable to read RDB block 7 [ 205.574240][ T7564] loop2: unable to read partition table [ 205.594559][ T7564] loop2: partition table beyond EOD, truncated [ 205.622940][ T7564] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 207.278127][ T7603] netlink: 8 bytes leftover after parsing attributes in process `syz.1.471'. [ 207.368656][ T7603] netlink: 16 bytes leftover after parsing attributes in process `syz.1.471'. [ 208.685627][ T7620] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 208.692538][ T7620] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 208.702813][ T7620] vhci_hcd vhci_hcd.0: Device attached [ 208.709557][ T7622] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0 [ 208.727476][ T49] vhci_hcd vhci_hcd.0: stop threads [ 208.753045][ T49] vhci_hcd vhci_hcd.0: release socket [ 208.763914][ T49] vhci_hcd vhci_hcd.0: disconnect device [ 208.793428][ T7621] 8021q: adding VLAN 0 to HW filter on device bond2 [ 208.807214][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 208.807231][ T29] audit: type=1800 audit(1768775256.496:31): pid=7621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.477" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 208.967745][ T7594] loop4: detected capacity change from 0 to 40427 [ 209.426983][ T7594] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 209.449928][ T6607] IPVS: starting estimator thread 0... [ 209.461882][ T7594] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 209.545905][ T7633] IPVS: using max 53 ests per chain, 127200 per kthread [ 209.731556][ T7594] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 209.755910][ T7594] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 209.763326][ T7594] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 209.954113][ T7650] pimreg: entered allmulticast mode [ 210.087496][ T7650] netlink: 4 bytes leftover after parsing attributes in process `syz.2.484'. [ 210.104292][ T7650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.134371][ T7650] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 210.181639][ T7594] syz.4.468 (7594): drop_caches: 2 [ 210.212997][ T7650] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 210.253725][ T7658] loop3: detected capacity change from 0 to 64 [ 210.261258][ T7650] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.849869][ T7665] nbd: must specify a size in bytes for the device [ 211.294549][ T5888] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 211.448865][ T7687] tipc: Started in network mode [ 211.464371][ T7687] tipc: Node identity ac1414aa, cluster identity 4711 [ 211.465204][ T5888] usb 4-1: Using ep0 maxpacket: 32 [ 211.483817][ T7687] tipc: Enabled bearer , priority 10 [ 211.498663][ T5888] usb 4-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 211.534669][ T5888] usb 4-1: config 1 interface 0 has no altsetting 0 [ 211.566353][ T5888] usb 4-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.40 [ 211.578690][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.616911][ T5888] usb 4-1: Product: syz [ 211.621122][ T5888] usb 4-1: Manufacturer: syz [ 211.644170][ T5888] usb 4-1: SerialNumber: syz [ 211.897551][ T5888] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input11 [ 212.033983][ T5182] bcm5974 4-1:1.0: could not read from device [ 212.048524][ T5182] bcm5974 4-1:1.0: could not read from device [ 212.051723][ T5888] usb 4-1: USB disconnect, device number 7 [ 212.966630][ T5979] tipc: Node number set to 2886997162 [ 213.126557][ T7707] loop4: detected capacity change from 0 to 128 [ 213.139672][ T7707] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 213.157184][ T7707] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 213.213598][ T7683] loop1: detected capacity change from 0 to 32768 [ 213.316857][ T7683] OCFS2: ERROR (device loop1): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 70: chain list count 1 [ 213.458371][ T7683] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 213.490155][ T7715] netlink: 16 bytes leftover after parsing attributes in process `syz.2.507'. [ 213.515699][ T29] audit: type=1800 audit(1768775261.206:32): pid=7707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.505" name="file1" dev="loop4" ino=104 res=0 errno=0 [ 213.534418][ T7683] OCFS2: File system is now read-only. [ 213.545973][ T7683] (syz.1.499,7683,0):ocfs2_read_locked_inode:599 ERROR: status = -30 [ 213.560710][ T7683] (syz.1.499,7683,0):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 213.577422][ T7683] (syz.1.499,7683,0):ocfs2_init_global_system_inodes:465 ERROR: status = -30 [ 213.586689][ T7683] (syz.1.499,7683,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs? [ 213.586719][ T7683] (syz.1.499,7683,0):ocfs2_init_global_system_inodes:476 ERROR: status = -30 [ 213.694202][ T7683] (syz.1.499,7683,0):ocfs2_initialize_super:2198 ERROR: status = -30 [ 213.734365][ T7683] (syz.1.499,7683,0):ocfs2_fill_super:1177 ERROR: status = -30 [ 213.748398][ T7719] loop3: detected capacity change from 0 to 1024 [ 213.896250][ T7719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.766685][ T5821] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.818052][ T29] audit: type=1326 audit(1768775263.506:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 215.894239][ T29] audit: type=1326 audit(1768775263.516:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 215.934299][ T29] audit: type=1326 audit(1768775263.516:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 216.025919][ T29] audit: type=1326 audit(1768775263.516:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 216.070310][ T29] audit: type=1326 audit(1768775263.516:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 216.124219][ T29] audit: type=1326 audit(1768775263.516:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 216.166951][ T29] audit: type=1326 audit(1768775263.516:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 216.253523][ T29] audit: type=1326 audit(1768775263.516:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 216.451708][ T7741] loop1: detected capacity change from 0 to 32768 [ 216.474335][ T29] audit: type=1326 audit(1768775263.516:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc583d8df90 code=0x7ffc0000 [ 216.582341][ T29] audit: type=1326 audit(1768775263.516:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7746 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 216.728853][ T7741] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.515 (7741) [ 217.580979][ T7741] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 217.602806][ T7741] BTRFS info (device loop1): using crc32c checksum algorithm [ 217.824862][ T7741] BTRFS info (device loop1): turning off barriers [ 217.844294][ T7741] BTRFS info (device loop1): enabling free space tree [ 217.890943][ T7741] BTRFS info (device loop1): use zstd compression, level 3 [ 218.157560][ T5820] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 220.458908][ T7817] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma? [ 220.715998][ T7830] netlink: 8 bytes leftover after parsing attributes in process `syz.1.541'. [ 220.731495][ T7830] netlink: 16 bytes leftover after parsing attributes in process `syz.1.541'. [ 221.174804][ T7836] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 223.384958][ T7852] veth1_macvtap: left promiscuous mode [ 223.684675][ T5824] Bluetooth: hci3: unexpected Set CIG Parameters response data [ 223.694437][ T5824] Bluetooth: hci3: unexpected event for opcode 0x2062 [ 225.189910][ T7867] netlink: 8 bytes leftover after parsing attributes in process `syz.0.554'. [ 225.302113][ T7867] netlink: 16 bytes leftover after parsing attributes in process `syz.0.554'. [ 227.221505][ T7885] netlink: 28 bytes leftover after parsing attributes in process `syz.4.558'. [ 228.315920][ T5824] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 228.324733][ T5824] Bluetooth: hci3: Injecting HCI hardware error event [ 228.334270][ T5832] Bluetooth: hci3: hardware error 0x00 [ 228.386517][ T7894] netlink: 48 bytes leftover after parsing attributes in process `syz.2.561'. [ 228.401406][ T7898] netlink: 755 bytes leftover after parsing attributes in process `syz.1.562'. [ 229.138941][ T7905] 9p: Bad value for 'wfdno' [ 229.520232][ T7913] loop1: detected capacity change from 0 to 256 [ 229.891143][ T7916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.569'. [ 229.974302][ T7918] netlink: 16 bytes leftover after parsing attributes in process `syz.0.569'. [ 230.273832][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 230.273851][ T29] audit: type=1326 audit(1768775277.956:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 230.411431][ T29] audit: type=1326 audit(1768775277.996:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 230.449404][ T5832] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 230.500875][ T29] audit: type=1326 audit(1768775277.996:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 230.624232][ T29] audit: type=1326 audit(1768775277.996:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 230.715053][ T29] audit: type=1326 audit(1768775278.006:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 230.808868][ T29] audit: type=1326 audit(1768775278.006:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 231.163585][ T29] audit: type=1326 audit(1768775278.016:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 231.417874][ T29] audit: type=1326 audit(1768775278.016:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 232.107304][ T29] audit: type=1326 audit(1768775278.016:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 232.180850][ T29] audit: type=1326 audit(1768775278.026:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7920 comm="syz.0.573" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f890578f749 code=0x7ffc0000 [ 233.417184][ T7927] loop3: detected capacity change from 0 to 32768 [ 233.463594][ T7955] netlink: 16 bytes leftover after parsing attributes in process `syz.0.583'. [ 233.497727][ T7927] JBD2: Ignoring recovery information on journal [ 233.587815][ T7927] jbd2_journal_bmap: journal block not found at offset 32 on loop3-75 [ 233.674755][ T7927] JBD2: bad block at offset 32 [ 233.708891][ T7959] loop1: detected capacity change from 0 to 256 [ 233.716843][ T7927] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 233.745327][ T7959] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 233.816500][ T7959] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 233.866234][ T7959] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 233.890272][ T7959] exFAT-fs (loop1): failed to load alloc-bitmap [ 233.896920][ T7959] exFAT-fs (loop1): failed to recognize exfat type [ 234.036803][ T5821] ocfs2: Unmounting device (7,3) on (node local) [ 234.230302][ T7972] xt_CT: You must specify a L4 protocol and not use inversions on it [ 235.219617][ T7996] sctp: [Deprecated]: syz.1.601 (pid 7996) Use of int in max_burst socket option. [ 235.219617][ T7996] Use struct sctp_assoc_value instead [ 237.564486][ T42] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 237.744220][ T42] usb 4-1: Using ep0 maxpacket: 16 [ 237.750173][ T42] usb 4-1: too many configurations: 123, using maximum allowed: 8 [ 237.775894][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.805411][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.835415][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.864461][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.885390][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.905920][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.925488][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.945815][ T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.978750][ T42] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 237.995279][ T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 238.013824][ T42] usb 4-1: SerialNumber: syz [ 238.027806][ T42] usb 4-1: config 0 descriptor?? [ 238.049953][ T42] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input12 [ 238.268978][ T5182] bcm5974 4-1:0.0: could not read from device [ 239.395228][ T5182] bcm5974 4-1:0.0: could not read from device [ 239.395422][ T42] usb 4-1: USB disconnect, device number 8 [ 239.429224][ T5182] bcm5974 4-1:0.0: could not read from device [ 240.513116][ T8064] Invalid ELF header type: 3 != 1 [ 241.536202][ T8075] netlink: 20 bytes leftover after parsing attributes in process `syz.4.629'. [ 242.887456][ T8088] netlink: 28 bytes leftover after parsing attributes in process `syz.1.636'. [ 242.948704][ T8088] netlink: 36 bytes leftover after parsing attributes in process `syz.1.636'. [ 245.429934][ T8119] loop0: detected capacity change from 0 to 256 [ 245.484520][ T8119] exfat: Deprecated parameter 'namecase' [ 245.510650][ T8119] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 246.406104][ T5901] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 247.276114][ T5901] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 247.292728][ T5901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.320743][ T5901] usb 1-1: config 0 descriptor?? [ 247.336996][ T5901] cp210x 1-1:0.0: cp210x converter detected [ 247.493277][ T8162] netlink: 36 bytes leftover after parsing attributes in process `syz.2.660'. [ 247.900712][ T5901] usb 1-1: cp210x converter now attached to ttyUSB0 [ 248.084342][ T5888] usb 1-1: USB disconnect, device number 7 [ 248.105859][ T5888] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 248.155162][ T5888] cp210x 1-1:0.0: device disconnected [ 248.575741][ T8182] loop3: detected capacity change from 0 to 256 [ 248.585398][ T8182] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 249.372342][ T8188] netlink: 36 bytes leftover after parsing attributes in process `syz.1.672'. [ 250.542307][ T8241] 9p: Unknown access argument 00000000000000000000 rejected, failed to enable media [ 266.234469][ T8529] netlink: 8 bytes leftover after parsing attributes in process `syz.4.786'. [ 266.255527][ T8529] netlink: 16 bytes leftover after parsing attributes in process `syz.4.786'. [ 267.143706][ T8537] netlink: 16 bytes leftover after parsing attributes in process `syz.1.789'. [ 267.199031][ T8540] No control pipe specified [ 267.431966][ T8549] netlink: 4 bytes leftover after parsing attributes in process `syz.0.794'. [ 267.464307][ T8549] bridge_slave_1: left allmulticast mode [ 267.470000][ T8549] bridge_slave_1: left promiscuous mode [ 267.502003][ T8549] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.562015][ T8549] bridge_slave_0: left allmulticast mode [ 268.251568][ T8556] netlink: 68 bytes leftover after parsing attributes in process `syz.4.797'. [ 268.289196][ T8549] bridge_slave_0: left promiscuous mode [ 268.324515][ T8549] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.978694][ T8564] could not allocate digest TFM handle sha3-512-generic [ 269.150869][ T8572] autofs: Bad value for 'fd' [ 272.898636][ T8629] lo: left allmulticast mode [ 272.906138][ T8629] tunl0: left allmulticast mode [ 272.911832][ T8629] gre0: left allmulticast mode [ 272.917426][ T8629] gretap0: left allmulticast mode [ 272.923177][ T8629] erspan0: left allmulticast mode [ 272.930829][ T8629] ip_vti0: left allmulticast mode [ 272.936595][ T8629] ip6_vti0: left allmulticast mode [ 272.943427][ T8629] sit0: left allmulticast mode [ 272.948960][ T8629] ip6tnl0: left allmulticast mode [ 272.954811][ T8629] ip6gre0: left allmulticast mode [ 272.960423][ T8629] syz_tun: left allmulticast mode [ 272.966120][ T8629] ip6gretap0: left allmulticast mode [ 272.971949][ T8629] bridge0: left allmulticast mode [ 272.977763][ T8629] vcan0: left allmulticast mode [ 272.983240][ T8629] bond0: left allmulticast mode [ 272.990452][ T8629] team0: left allmulticast mode [ 272.996323][ T8629] dummy0: left allmulticast mode [ 273.003391][ T8629] nlmon0: left allmulticast mode [ 273.367751][ T8629] caif0: left allmulticast mode [ 273.372678][ T8629] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 273.766372][ T8641] netlink: 12 bytes leftover after parsing attributes in process `syz.0.824'. [ 275.619489][ T8677] netlink: 100 bytes leftover after parsing attributes in process `syz.2.838'. [ 275.649321][ T8677] tipc: Started in network mode [ 275.654361][ T8677] tipc: Node identity ac14142f, cluster identity 4711 [ 275.663952][ T8677] tipc: New replicast peer: 0.0.0.0 [ 275.671848][ T8677] tipc: Enabled bearer , priority 10 [ 275.683298][ T8677] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000 [ 277.256151][ T5908] tipc: Node number set to 2886997039 [ 284.581257][ T8771] overlayfs: failed to clone upperpath [ 285.101189][ T8779] netlink: 'syz.4.874': attribute type 1 has an invalid length. [ 285.111710][ T8778] netlink: 60 bytes leftover after parsing attributes in process `syz.3.873'. [ 286.183120][ T8793] unsupported nlmsg_type 40 [ 287.471273][ T5908] kernel write not supported for file bpf-prog (pid: 5908 comm: kworker/1:4) [ 292.500855][ T8871] netlink: 20 bytes leftover after parsing attributes in process `syz.1.907'. [ 293.353051][ T8879] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.911'. [ 293.915445][ T29] audit: type=1326 audit(1768775340.344:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8882 comm="syz.2.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3385d8f749 code=0x7ffc0000 [ 294.087837][ T29] audit: type=1326 audit(1768775340.475:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8882 comm="syz.2.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3385d8f749 code=0x7ffc0000 [ 294.141553][ T29] audit: type=1326 audit(1768775340.475:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8882 comm="syz.2.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3385d8f749 code=0x7ffc0000 [ 294.183934][ T8888] netlink: 16211 bytes leftover after parsing attributes in process `syz.3.915'. [ 294.217856][ T29] audit: type=1326 audit(1768775340.475:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8882 comm="syz.2.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3385d8f749 code=0x7ffc0000 [ 294.516355][ T29] audit: type=1326 audit(1768775340.475:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8882 comm="syz.2.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f3385d8f749 code=0x7ffc0000 [ 294.547988][ T29] audit: type=1326 audit(1768775340.475:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8882 comm="syz.2.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3385d8f749 code=0x7ffc0000 [ 298.239560][ T29] audit: type=1326 audit(1768775344.376:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 298.314074][ T29] audit: type=1326 audit(1768775344.376:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 298.888898][ T29] audit: type=1326 audit(1768775344.376:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 299.754486][ T29] audit: type=1326 audit(1768775344.376:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 299.777037][ T29] audit: type=1326 audit(1768775344.376:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 299.800054][ T29] audit: type=1326 audit(1768775344.376:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 299.975342][ T29] audit: type=1326 audit(1768775344.376:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 299.998335][ T29] audit: type=1326 audit(1768775344.376:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 300.024870][ T29] audit: type=1326 audit(1768775344.376:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 300.489741][ T29] audit: type=1326 audit(1768775344.376:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 300.512438][ T29] audit: type=1326 audit(1768775344.376:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 300.591328][ T29] audit: type=1326 audit(1768775344.376:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 300.682052][ T29] audit: type=1326 audit(1768775344.376:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8926 comm="syz.3.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f272038f749 code=0x7fc00000 [ 300.881591][ T8959] fuse: Bad value for 'fd' [ 301.016749][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.945'. [ 301.042385][ T8965] netlink: 16 bytes leftover after parsing attributes in process `syz.2.945'. [ 309.186728][ T9044] netlink: 16 bytes leftover after parsing attributes in process `syz.4.968'. [ 310.297617][ T9059] overlayfs: failed to clone upperpath [ 311.983956][ T9075] netlink: 16 bytes leftover after parsing attributes in process `syz.0.980'. [ 315.788189][ T6607] IPVS: starting estimator thread 0... [ 315.894237][ T9113] IPVS: using max 32 ests per chain, 76800 per kthread [ 319.295331][ T9200] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1015'. [ 320.117732][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 320.124383][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 321.328667][ T9212] No control pipe specified [ 321.464289][ T9218] xt_CT: You must specify a L4 protocol and not use inversions on it [ 322.773094][ T9223] pimreg: entered allmulticast mode [ 322.784735][ T9228] pimreg: left allmulticast mode [ 323.120796][ T9243] fuse: Bad value for 'fd' [ 323.295614][ T9248] No control pipe specified [ 326.002472][ T9264] overlayfs: failed to clone upperpath [ 326.164224][ T9270] Illegal XDP return value 685735995 on prog (id 158) dev syz_tun, expect packet loss! [ 326.355805][ T9273] No control pipe specified [ 336.940732][ T9416] fuse: Bad value for 'fd' [ 337.666858][ T5908] kernel write not supported for file bpf-prog (pid: 5908 comm: kworker/1:4) [ 337.732988][ T9438] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1105'. [ 337.772529][ T9438] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1105'. [ 338.572537][ T9453] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1112'. [ 338.582160][ T9453] nbd: must specify an index to disconnect [ 338.846474][ T9462] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1116'. [ 339.575481][ T5879] kernel write not supported for file bpf-prog (pid: 5879 comm: kworker/0:4) [ 340.617264][ T9495] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1128'. [ 340.681764][ T9499] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1130'. [ 346.558993][ T9539] x_tables: ip_tables: RATEEST.0 target: invalid size 32 (kernel) != (user) 0 [ 347.560493][ T9555] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1147'. [ 348.095717][ T9572] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1155'. [ 353.312986][ T9635] netlink: 5052 bytes leftover after parsing attributes in process `syz.0.1177'. [ 353.322568][ T9635] netlink: 5052 bytes leftover after parsing attributes in process `syz.0.1177'. [ 354.131695][ T5908] kernel write not supported for file bpf-prog (pid: 5908 comm: kworker/1:4) [ 354.734953][ T9648] netlink: 9275 bytes leftover after parsing attributes in process `syz.1.1182'. [ 358.095500][ T9682] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1193'. [ 358.186504][ T42] kernel write not supported for file bpf-prog (pid: 42 comm: kworker/1:1) [ 358.265198][ T9688] netlink: 9275 bytes leftover after parsing attributes in process `syz.4.1195'. [ 359.377219][ T9714] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1206'. [ 359.677056][ T9724] netlink: 9275 bytes leftover after parsing attributes in process `syz.3.1210'. [ 363.132443][ T9745] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1218'. [ 363.557964][ T9757] bridge_slave_1: entered promiscuous mode [ 363.569975][ T9757] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1225'. [ 365.078444][ T9786] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1235'. [ 365.087519][ T9786] tipc: Started in network mode [ 365.092389][ T9786] tipc: Node identity 403, cluster identity 4711 [ 365.107398][ T9786] tipc: Node number set to 1027 [ 365.112709][ T9786] tipc: Cannot configure node identity twice [ 367.901937][ T9840] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1251'. [ 370.583359][ T9877] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1264'. [ 370.637072][ T9880] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1266'. [ 372.196009][ T9918] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1279'. [ 372.447397][ T9923] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1281'. [ 374.844282][ T9940] bad cache= option: no%e [ 374.844282][ T9940] [ 374.851255][ T9940] CIFS: VFS: bad cache= option: no%e [ 374.856978][ T9940] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 374.883311][ T9940] CIFS mount error: No usable UNC path provided in device string! [ 374.883311][ T9940] [ 374.894092][ T9940] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 378.807060][ T9982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 385.536335][T10084] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.1337'. [ 385.709910][ T42] kernel write not supported for file bpf-prog (pid: 42 comm: kworker/1:1) [ 385.756838][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 385.764171][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 386.217183][T10104] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1346'. [ 387.282655][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 387.282667][ T29] audit: type=1326 audit(1768775683.695:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 387.285196][T10119] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.1350'. [ 387.295672][ T29] audit: type=1326 audit(1768775683.704:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 387.718935][ T29] audit: type=1326 audit(1768775683.704:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 387.797321][ T29] audit: type=1326 audit(1768775683.704:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 387.938913][ T29] audit: type=1326 audit(1768775683.704:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 387.966106][ T29] audit: type=1326 audit(1768775683.704:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 387.988939][ T29] audit: type=1326 audit(1768775683.704:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 388.049656][ T29] audit: type=1326 audit(1768775683.704:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 388.073392][ T5927] kernel write not supported for file bpf-prog (pid: 5927 comm: kworker/0:8) [ 388.111698][ T29] audit: type=1326 audit(1768775683.704:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10120 comm="syz.4.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc583d8f749 code=0x7ffc0000 [ 388.192180][T10139] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1359'. [ 389.575582][ T5901] kernel write not supported for file bpf-prog (pid: 5901 comm: kworker/1:3) [ 390.506708][ T5901] Process accounting resumed [ 391.675474][ T5901] kernel write not supported for file bpf-prog (pid: 5901 comm: kworker/1:3) [ 391.887791][T10208] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1386'. [ 392.826540][T10219] Process accounting resumed [ 393.449067][T10232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'. [ 393.475238][T10232] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1395'. [ 393.503444][T10237] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1396'. [ 393.918771][T10254] xt_CT: You must specify a L4 protocol and not use inversions on it [ 395.235578][T10275] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1409'. [ 395.255073][T10276] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1408'. [ 395.271499][T10276] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1408'. [ 395.606351][T10269] Process accounting resumed [ 398.125743][T10322] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1427'. [ 399.301748][T10350] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1440'. [ 399.481850][T10353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1441'. [ 400.854400][T10374] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1450'. [ 400.952918][T10376] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1451'. [ 401.006284][T10378] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1452'. [ 401.845445][T10405] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 514.431895][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 514.438975][ C1] rcu: 0-...!: (1 GPs behind) idle=7f4c/0/0x1 softirq=36643/36644 fqs=1 [ 514.448611][ C1] rcu: (detected by 1, t=10505 jiffies, g=35073, q=173 ncpus=2) [ 514.456355][ C1] Sending NMI from CPU 1 to CPUs 0: [ 514.456391][ C0] NMI backtrace for cpu 0 [ 514.456424][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G L syzkaller #0 PREEMPT(full) [ 514.456447][ C0] Tainted: [L]=SOFTLOCKUP [ 514.456452][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 514.456468][ C0] RIP: 0010:rb_erase+0x3f1/0xe60 [ 514.456497][ C0] Code: 03 80 3c 28 00 74 08 4c 89 e7 e8 aa 07 ce f6 4d 8b 2c 24 41 83 e5 01 49 f7 dd 4d 21 fd eb 75 48 89 d8 48 c1 e8 03 80 3c 28 00 <0f> 84 a5 05 00 00 48 89 df e8 71 08 ce f6 e9 98 05 00 00 48 b8 00 [ 514.456512][ C0] RSP: 0018:ffffc90000007ca8 EFLAGS: 00000046 [ 514.456526][ C0] RAX: 1ffff110170c507a RBX: ffff8880b86283d0 RCX: dffffc0000000000 [ 514.456538][ C0] RDX: 0000000000010000 RSI: ffff8880b86283d0 RDI: ffff88807b425308 [ 514.456549][ C0] RBP: dffffc0000000000 R08: ffffffff8fa2d9f7 R09: 1ffffffff1f45b3e [ 514.456561][ C0] R10: dffffc0000000000 R11: fffffbfff1f45b3f R12: ffff88807b425300 [ 514.456572][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 514.456582][ C0] FS: 0000000000000000(0000) GS:ffff888125bf9000(0000) knlGS:0000000000000000 [ 514.456595][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 514.456606][ C0] CR2: 00007ffc2e42afb8 CR3: 00000000748b4000 CR4: 00000000003526f0 [ 514.456621][ C0] Call Trace: [ 514.456629][ C0] [ 514.456641][ C0] timerqueue_del+0xae/0x100 [ 514.456668][ C0] __hrtimer_run_queues+0x364/0xc30 [ 514.456699][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 514.456719][ C0] ? read_tsc+0x9/0x20 [ 514.456739][ C0] hrtimer_interrupt+0x45b/0xaa0 [ 514.456773][ C0] __sysvec_apic_timer_interrupt+0x102/0x3e0 [ 514.456796][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 514.456813][ C0] [ 514.456818][ C0] [ 514.456825][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 514.456847][ C0] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 514.456864][ C0] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 bd 29 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 514.456877][ C0] RSP: 0018:ffffffff8de07dc0 EFLAGS: 00000242 [ 514.456890][ C0] RAX: 00000000008600d3 RBX: ffffffff8197831e RCX: 0000000080000001 [ 514.456901][ C0] RDX: 0000000000000001 RSI: ffffffff8d9a73db RDI: ffffffff8be09760 [ 514.456911][ C0] RBP: ffffffff8de07eb0 R08: ffff8880b863375b R09: 1ffff110170c66eb [ 514.456923][ C0] R10: dffffc0000000000 R11: ffffed10170c66ec R12: ffffffff8fa2d9f0 [ 514.456935][ C0] R13: 1ffffffff1bd29d0 R14: 0000000000000000 R15: 0000000000000000 [ 514.456947][ C0] ? do_idle+0x1be/0x4d0 [ 514.456972][ C0] default_idle+0x9/0x20 [ 514.456991][ C0] default_idle_call+0x73/0xb0 [ 514.457010][ C0] do_idle+0x1be/0x4d0 [ 514.457032][ C0] ? __pfx_do_idle+0x10/0x10 [ 514.457053][ C0] ? do_idle+0x4a9/0x4d0 [ 514.457074][ C0] cpu_startup_entry+0x44/0x60 [ 514.457094][ C0] rest_init+0x2de/0x300 [ 514.457116][ C0] start_kernel+0x386/0x3d0 [ 514.457133][ C0] x86_64_start_reservations+0x24/0x30 [ 514.457153][ C0] x86_64_start_kernel+0x143/0x1c0 [ 514.457173][ C0] common_startup_64+0x13e/0x147 [ 514.457203][ C0] [ 514.457382][ C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g35073 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 514.779503][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 514.789482][ C1] rcu: RCU grace-period kthread stack dump: [ 514.795369][ C1] task:rcu_preempt state:R running task stack:27016 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 514.808869][ C1] Call Trace: [ 514.812148][ C1] [ 514.815080][ C1] __schedule+0x14db/0x5030 [ 514.819617][ C1] ? __pfx___schedule+0x10/0x10 [ 514.824478][ C1] ? schedule+0x91/0x360 [ 514.828723][ C1] schedule+0x165/0x360 [ 514.832882][ C1] schedule_timeout+0x12b/0x270 [ 514.837745][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 514.843130][ C1] ? __pfx_process_timeout+0x10/0x10 [ 514.848427][ C1] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 514.854236][ C1] ? prepare_to_swait_event+0x341/0x380 [ 514.859787][ C1] rcu_gp_fqs_loop+0x301/0x11b0 [ 514.864662][ C1] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 514.870563][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 514.875849][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 514.881057][ C1] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 514.886871][ C1] rcu_gp_kthread+0x9b/0x2d0 [ 514.891469][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 514.896667][ C1] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 514.902481][ C1] ? __kthread_parkme+0x7b/0x200 [ 514.907435][ C1] ? __kthread_parkme+0x1a1/0x200 [ 514.912472][ C1] kthread+0x389/0x480 [ 514.916547][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 514.921749][ C1] ? __pfx_kthread+0x10/0x10 [ 514.926340][ C1] ret_from_fork+0x510/0xa50 [ 514.930936][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 514.936049][ C1] ? __switch_to+0xc9e/0x1480 [ 514.940733][ C1] ? __pfx_kthread+0x10/0x10 [ 514.945329][ C1] ret_from_fork_asm+0x1a/0x30 [ 514.950118][ C1] [ 514.953136][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 514.959463][ C1] CPU: 1 UID: 0 PID: 6129 Comm: kworker/u8:18 Tainted: G L syzkaller #0 PREEMPT(full) [ 514.970576][ C1] Tainted: [L]=SOFTLOCKUP [ 514.974896][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 514.984951][ C1] Workqueue: events_unbound toggle_allocation_gate [ 514.991470][ C1] RIP: 0010:smp_call_function_many_cond+0xcc5/0x1260 [ 514.998151][ C1] Code: 45 8b 2c 24 44 89 ee 83 e6 01 31 ff e8 b4 9a 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 5f 96 0b 00 eb 38 f3 90 <42> 0f b6 04 2b 84 c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 43 96 [ 515.017760][ C1] RSP: 0018:ffffc9000b80f760 EFLAGS: 00000293 [ 515.023832][ C1] RAX: ffffffff81b5835d RBX: 1ffff110170c85c1 RCX: ffff8880278cdac0 [ 515.031805][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 515.039772][ C1] RBP: ffffc9000b80f8a0 R08: ffffffff8fa2d9f7 R09: 1ffffffff1f45b3e [ 515.047743][ C1] R10: dffffc0000000000 R11: fffffbfff1f45b3f R12: ffff8880b8642e08 [ 515.055714][ C1] R13: dffffc0000000000 R14: ffff8880b873bd80 R15: 0000000000000000 [ 515.063685][ C1] FS: 0000000000000000(0000) GS:ffff888125cf9000(0000) knlGS:0000000000000000 [ 515.072613][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 515.079197][ C1] CR2: 00007f3638ed9fb8 CR3: 000000000df3e000 CR4: 00000000003526f0 [ 515.087173][ C1] Call Trace: [ 515.090454][ C1] [ 515.093390][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 515.098435][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 515.104763][ C1] ? rcu_is_watching+0x15/0xb0 [ 515.109540][ C1] ? kmem_cache_alloc_bulk_noprof+0xaa/0x720 [ 515.115530][ C1] ? __pfx___text_poke+0x10/0x10 [ 515.120486][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 515.125535][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 515.130654][ C1] smp_text_poke_batch_finish+0x5f9/0x1130 [ 515.136471][ C1] ? arch_jump_label_transform_apply+0x17/0x30 [ 515.142641][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 515.147674][ C1] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 515.153933][ C1] ? arch_jump_label_transform_queue+0x97/0x110 [ 515.160187][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 515.166167][ C1] static_key_enable_cpuslocked+0x128/0x240 [ 515.172069][ C1] static_key_enable+0x1a/0x20 [ 515.176833][ C1] toggle_allocation_gate+0xad/0x240 [ 515.182125][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 515.188032][ C1] ? process_one_work+0x868/0x15a0 [ 515.193158][ C1] ? process_one_work+0x868/0x15a0 [ 515.198276][ C1] ? process_one_work+0x868/0x15a0 [ 515.203387][ C1] process_one_work+0x93a/0x15a0 [ 515.208348][ C1] ? __pfx_process_one_work+0x10/0x10 [ 515.213719][ C1] ? do_raw_spin_lock+0x121/0x290 [ 515.218758][ C1] ? assign_work+0x3c7/0x5b0 [ 515.223358][ C1] worker_thread+0x9b0/0xee0 [ 515.227978][ C1] kthread+0x389/0x480 [ 515.232044][ C1] ? __pfx_worker_thread+0x10/0x10 [ 515.237157][ C1] ? __pfx_kthread+0x10/0x10 [ 515.241747][ C1] ret_from_fork+0x510/0xa50 [ 515.246344][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 515.251454][ C1] ? __switch_to+0xc9e/0x1480 [ 515.256143][ C1] ? __pfx_kthread+0x10/0x10 [ 515.260737][ C1] ret_from_fork_asm+0x1a/0x30 [ 515.265528][ C1]