last executing test programs: 12.082033967s ago: executing program 3 (id=361): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0xf, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {{0x6, 0x0, 0xb}, {0x6d}}, [], {{0x6, 0x1, 0xc, 0x3}, {0x5, 0x0, 0xb, 0x3}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 11.432873387s ago: executing program 1 (id=363): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r0}, 0xc) 11.145841287s ago: executing program 3 (id=365): r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) accept$alg(r3, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x4) writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a04000800ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000080)) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) 10.72905982s ago: executing program 1 (id=367): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) read(r0, &(0x7f00000002c0)=""/196, 0x20) close(r0) syz_clone(0x40b04000, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x27, &(0x7f0000b4bffc), 0x4) 10.519288943s ago: executing program 3 (id=369): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) brk(0x400000ffc000) 8.873953362s ago: executing program 2 (id=372): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x44, r0, 0x801, 0x200000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac06}]}]}, 0x44}}, 0x0) 8.532852496s ago: executing program 3 (id=374): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008004, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708c49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b45b349cfe9cd308933da9b574e4f040f00"/118], 0x1, 0x5ec, &(0x7f0000001640)="$eJzs3cFvHFcdB/Dvbhxn10jpxk3agCphFalCWCS7tkRShASUgixUoUocOFvESaxs0sreIrcHCIhDxal/Qjn4H0Aci5QD7RFOPRv1iMQZ31zN7Ky9jreuHbvZdfP5SLPvvXkzb3/vN7OTmbWiDfDMWprP1KPUsjT/xkbR3tpc7G5tLt4f1JNcSFJPGklqxeq/J/kseZj+km8OOobKAz79qHHnkw8+fr/falRLuX3tsP0Oao5YtxtLqx9rWZ7AvvEWTjze/hnOJpk7WXxwOnYG/jOy+xifSwDgrKkl50atbyUz1c168RzQvyvu32OfaQ/HHQAAAAA8Bc9tZzsbuTjuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAsqX7/v1Yt9UF9LrXB7/9PV+tS1c+0R+MOAAAAAAAAAACOZuawzm9vZzsbuTho79TKv/m/XDYul6/fyDtZz0rWci0bWU4vvaylk6Q1NND0xnKvt9Y5wp4LI/dc2G1PndK8AQAAAAAAAOBZ8qcs7f39HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJkEtOdcvyuXyoN5KfSpJI8l0sd3D5N+D+ln2aNwBAAAAwFPw3Ha2s5GLg/ZOrXzmf6F87m/knTxIL6vppZuV3Cq/C+g/9de3Nhe7W5uL94vl4Lg//d+xwihHTP+7h9HvfLXcopnbWS3XXMtv81a6uZV6uWfh6iCe0XH9sYip9uPKESO7VZXFzH9ZlZOhVWbk/G5G2lVsRTYuHZ6JYx6dx9+pk/ruNz+Xv4Kcz1RlMZ/XJzrnC0Nn3wuHZyKZ/c1fbtztPrh39/b6/ORM6Qk9nonFoUy8+Exlol1m4spueym/yK8zn7m8mbWs5ndZTi8rmcvrZW25Op+L19bhmfrJvtabXxbJdHVc+lfR48X0crnvxazmV3krt8oj2s6N3MhCfpBX0953hK+MjPsPO1V3+amvH+9T/53vVpXzSX5elZOhyOulobwOX3NbZd/wmr0szZ7+tXHqW1WlOHtem7hr46XH/pUYZOL5wzPx1/LEWe8+uLd2d/ntI77fK1VZZOBnBzKxc+7EE3pixfkyWxyssrX/7Cj6nh/Z1yn7Lu/21Q/0Xdnt+7JP6nR1D3dwpIWy78WRff39rvb7mkXvqPstACbezPdmppv/bf6r+WHzz827zTcar124eeGl6Zz/5/kfTrXPvVJ/qfa3fJjf7z3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT2793ffuLXe7K2uTXfn/Tt+kxKOi8jWvjPvKBHzVrvfuv319/d33vr96f/nOyp2VB6+2b97sdDo32tdvr3ZXqtdxRwkAnKa9m/5xRwIAAAAAAAAAAAAAAHyRp/Hficc9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OttaT5Tj1JLp32tXbS3Nhe7xTKo723ZSFIrKv9I8lnyMP0lraHhal/0Pp9+1LjzyQcfv783VmOwfe2w/Y7mRzNDsdQfi+kJ7JvbwonH25vhXJLZqoSx+zwAAP//3pMKTQ==") open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) socket$packet(0x11, 0x3, 0x300) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9) syz_emit_ethernet(0xd6, &(0x7f0000000680)=ANY=[@ANYBLOB="0180c2000000000000000800a9dd6000000000a03afffe880000000000000000000000000001ff0200000000000000000000f715065c47e7eabe6eb04cd2290872000000018900907800000000fe800000000000000000000000000000fe800000000000000000000000000000020f1d6ace8f8c56fa1ede4bc5398bd6606aaa671ffdd8e79d60cde5302fa555d0f9e0b2fa0d62fffea7fab292bbcd05812814821553a38e86fe6101bf2c4e313e4f930b10cd9a70cebc77f319c1857a5b0a72830661024057a871249feab9b7b485d93f657e39377fb957d1b7fa15bd4f4affff31f820a8e9c7672aaa162ebd65db72c1394ba37e34a1d530c5f9db25f66fc53c614c7750a2d58de460883936c9351610ae0b7d7fc3c8283689cb4c34b34bb0a02aedafddaa2df81db1c88594ada8946afdc0d5ba0c8d8f0222dcf6d4a3fc92290bae1817fb42e473e2058f0c8c2832a391d8357caaa6e6dd7567b6c42b60b47aa54d08cb4e0a265e7c9e9623256216e0d4f5100d365b2bb8067cdf7211822a5551b9b6f9f21d46040d63f1405d3f27d067729e04b244a15c501f18e8d2508bbd32884c9d4ef3148f2c6d6387ca34c3dddc446cc146ef8b023dd0f4e72269000000000000000000966e6c54da4aeddf81d8238d97ae5c7ac0b75912d53cb24ccc0d4dbea44f12e7060c2c7bfca81da30451dce550d38d2001e41821cea728806d95c2fef861fcb1a42b85690730e18b776ad41bae4d87d5a623dab5778812"], 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x84042, 0x1fb) write$P9_RUNLINKAT(r1, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7) 8.114272808s ago: executing program 1 (id=375): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x3, 0x4c5, &(0x7f0000001cc0)="$eJzs3U1rW1caAOD3ynbiJM7YmZlFJjCZMJPBCTOR7HiSmFlkPFDaVaBpunddWzbGsmUsOYlNKA79AYXSL9pVV90Uui6Fkp9QCoF2X0ppCW2SLrpoqyL5qkld+YtYVmI9Dxzfcz+k9z0W90hH56IbQNs6EREjEdEREacjojfdnklLrKyW6nH37t4Yr5YkKpUr3yaRpNvqz5Wky0Ppw7oj4rlnIl5Mfh+3tLQ8M1Yo5BfS9Vx5dj5XWlo+Mz07NpWfys+NDA2eH74wfG54YMfaevGpr9545b2nL37872tfjH5z6qVqWj3pvofbsRUrWzxuteldtf9FXWdELGwn2GOsI21PV6sTAQBgS6qf8f8YEX+PiPtvtzobAAAAoBkq/+uJH5OICgAAALBnZWrXwCaZbHotQE9kMtns6jW8f46DmUKxVP7XZHFxbmL1Wtm+6MpMThfyA+m1wn3RlVTXB2v1B+tn16wPRcSRiHit90BtPTteLEy0+ssPAAAAaBOH1oz/v+9dHf8DAAAAe0xfqxMAAAAAms74HwAAAPa+dcf/SefuJgIAAAA0w7OXLlVLpX7/64mrS4szxatnJvKlmezs4nh2vLgwn50qFqdqv9k3u9nzFYrF+f/E3OL1XDlfKudKS8ujs8XFufJo7b7eo3n3iQYAAIDdd+Rvtz5PImLlvwdqpWpfum8LY/WR5mYHNFNme4cnzcoD2H0drU4AaBkX+EL7Mh8PbDKwf33N+ja/NgAAAB4H/X95pPl/84HwBDOQh/Zl/h/al/l/aF/m/6HN7d/8kO71dnyyw7kAAABN01MrSSabzgX2RCaTzUYcrt0WoCuZnC7kByLiDxHxWW/X/ur6YKuTBgAAAAAAAAAAAAAAAAAAAAAAAIAnTKWSRAUAAADY0yIyXyfpjfz7e0/2rP1+YF/yQ29tGRHX3rny5vWxcnlhsLr9u1+3l99Kt5+tbwEAAABaqT5Or4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAn3bt7Y7xedjPunf9HRF+j+J3RXVt2f9gbEQfvJ9H50OOSiOjYgfgrNyPiaKP4STWt6EuzWBs/ExEHWhz/0A7Eh3Z2q9r/jFTPv641518mTtSWjc+/zrQ8qjsn1uv/MvX+r9bPNer/Dm/81N31yrHbH+TWjX8z4lhn4/6nHj95xP73heeXl9fbV3k3on+T959qrFx5dj5XWlo+Mz07NpWfys8NDQ2eH74wfG54IDc5XcinfxvGePWvH/28UfsPNoy/2v9u1P6TW2z/T7ev3/3TBvFP/aPx6390g/jV//0/0/eB6v7+en1ltf6w4+9/enyj9k+s0/7NXv9TW2z/6csvf7nFQwGAXVBaWp4ZKxTyCyoqKnuvcjk90bf98BZ3TAAAwI578KG/1ZkAAAAAAAAAAAAAAAAAAABA+2r6j5Dt/+0vC3S3rqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABv6JQAA///dfdKW") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x1d0) 7.149863064s ago: executing program 0 (id=376): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) dup3(r1, r0, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000040)) 7.073373857s ago: executing program 4 (id=377): r0 = socket$inet6_udp(0xa, 0x2, 0x0) unshare(0x2040400) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b05, 0x0) 6.985346533s ago: executing program 3 (id=378): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000200)="66ba400066ed0f20d835200000000f22d8b8000001000f23d80f21f835800000000f23f866baf80cb8accf8c03ef66bafc0cb007ee66baf80cb831ed278cef66bafc0cecc7442400bb000000c7442402130c486ec7442406000000000f011c2426f30f2adb0f07660f209bf30f09", 0x6e}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 6.726281666s ago: executing program 2 (id=379): socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, @address_request}}}}, 0x0) 6.605268524s ago: executing program 0 (id=380): bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0xfffffffd, @mcast1, 0x1}, 0x1c) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) 6.415103046s ago: executing program 4 (id=381): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000200)='./file1\x00', 0x800010, &(0x7f0000000240)=ANY=[@ANYBLOB="757466383d312c726f6469722c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c636865636b3d7374726963742c756e695f786c6174653d302c6e6f636173652c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c71756965742c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c757466383d302c666c7573682c726f6469722c73686f72746e616d653d6d697865642c73686f77657865632c636865636b3d72656c617865642c726f6469722c726f6469722c007cbda5978eff1afd303a09806ce0c610fe00684c0c67004cdbbd0b9992b0bbea8911a2050000006311c61fb0edf19ed5b7f8d03bfbf22d5655a02f9c7e7307c4f0cbeda2b4e5b2821ba502f452ce09bae8f886c9b612847e26f9afb26c9805000000000000000bc8604552e1dcb75008cfdd8a85c302b83f5ba6d806e8f77268091776f01e8c0465aa4a0ac02f13f9daeab1932f5688fd0ba15f0fc0d94f21c352fe6bc02b893c57f77281db316d62c523025b2c545ab273f28000ba55a384f4ddaa65567a7eb6e51c9d5b69a84c1cec408643486d4c6a17a1fe12f05c1bf8b7494265dc0493bbc87c7f86f7e5e9ed79d5822adebabbe3c1e9320ad777219218ae6103ce6a392927ef866f4b0bcfecea44742736cfc57fe72eee93d416f6ff7da7641eb9865ee1f09a9b76f87189d2f0113ebf44794240ccdfdee8fa1eccb4abfa1d4d470623d6e1530497c7e64924d946272d4fa346cfecac39646cbbf431869c533429e09b", @ANYRESHEX], 0x1, 0x2a9, &(0x7f0000000c00)="$eJzs3T9rc1UYAPDnpmmSV4dkcJKCF3RwKm1XlxRpoZhJyaAOWmwL0gShhYJ/MHZydXH0EwiCm1/CxW8guApudihcuTf3mqSmaSNN9S2/39LTc89zznNOz6V0yNMPN4anR2mcXH7xa7RaSdS68SyukuhELSpfxYzuNwEAPM+usiz+yMaWiUsiorW6tACAFVr69/+PK08JAFixd959763dXm/v7TRtxf7w64t+/pd9/nX8fPckPo5BHMdWtOM6IvvbuL2fZdmonuY68dpwdNHPI4cf/FzOv/t7RBG/He3oFF2z8Qe9ve10bCp+lOfxQrl+N4/fiXa8NGf9g97ezpz46Dfi9Ven8t+MdvzyUXwSgzgqkpjEf7mdpm9m3/75+ft5enl8MrroN4txE9naI/9oAAAAAAAAAAAAAAAAAAAAAAB4wjbL2jnNKOr35F1l/Z216/yb9Ugrndn6POP4pJroRn2gURbfVfV1ttI0zcqBk/h6vFyP+n+zawAAAAAAAAAAAAAAAAAAAPh/Of/0s9PDweD47EEaVTWA6mP9/3ae7lTPK7F4cHOyVq1sLpg51qoxScTCNPJNPNCx3NV4dlvO3/+w7IStu8esLzqfh2lUt+v0MJl/hs2oelrVJflpekwj7rlW47ZHG0UC1eW4a57G3EftpffeeLFojBaMiWTRe/HGb+OEy57k5kvUKE51bvh62ZgKv3E3brvP1SnNvin/kKjWAQAAAAAAAAAAAAAAAAAAKzX5GPCch5cLQ2tZc2VpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCjmvz//yUaozL4HoMbcXY+f+X6Y24TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ+6vAAAA//+lillR") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r0, 0x0, 0x0, 0x1001f0) truncate(&(0x7f00000001c0)='./bus\x00', 0x8) 6.262498697s ago: executing program 3 (id=382): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000400)=0x13) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xd) 6.24983061s ago: executing program 1 (id=383): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)=@ipv6_getnexthop={0x18, 0x6a, 0x1, 0x0, 0x25dfdbfb}, 0x18}}, 0x4004014) 6.014001237s ago: executing program 2 (id=384): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@ipv6_delroute={0x1c, 0x19, 0x1, 0x800, 0x0, {0xa, 0x14, 0x80, 0x0, 0xff, 0x1, 0x0, 0xb, 0x3000}}, 0x1c}, 0x1, 0x0, 0x0, 0x30000001}, 0x0) 5.942190501s ago: executing program 0 (id=385): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) capget(&(0x7f0000000180)={0x20071026, r0}, &(0x7f0000000240)={0xffff, 0x5, 0x6, 0xc, 0x749e, 0xea2a}) 2.560206213s ago: executing program 32 (id=382): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000400)=0x13) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xd) 2.523674386s ago: executing program 0 (id=387): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x101142, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) 2.512383843s ago: executing program 1 (id=388): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x3, 0x9, 0x10000) fallocate(r0, 0x0, 0x1, 0x2000402) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x7c00, 0x0, 0x9) 2.425429872s ago: executing program 2 (id=389): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x7, @none, 0x0, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000200)={0x1f, 0x0, @none, 0x9, 0x1}, 0xe) 2.425215575s ago: executing program 4 (id=390): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="500000000102010200000000000000000a0002003c0001800c00028005000100110000002c00018014000300fc000000000000000000200000000001140004"], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 1.66384239s ago: executing program 4 (id=391): r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000880)="e930c11471112b86e4b5de8680fb12d9db005e63555cfce0f9df10487c06a534760b1e82ba4e0d5a30cca4df8cd6cc0f3665ce324436d7dd9b5dab865dd66d584b205b9d5ce6f0f77a4e93836d48461a6bc314f3d7d1ad20950a5210f849469fba643ad3ab0c7b8947d171726d72c4e5ce287d8ad7144af0d5d94b4f5573cd0aa3a08b41090e0f32671100c926898fcc3d760606daeb2a4b1973bd69216ffaaa2fad79181cc3541cbcc12dd76bce9304ba389e21a7ccf69c20fbc60c1c101c4a1affbcfa2db6c068faac88fcb082d6145eb4a06e3c893d3fe3f9312274286b3aae0f8cd3a10e10b3d938a9d42f0889c775478e7885bd278c7dd4c0b628aac77c2f5d6b8ee14f5cc404709a6b0a8d9ffaba8ff527be0b462fb36fde6e42a9fb0282d11e74b4e5cd71f7e43b78e084c4e0f88b2bb72a9ecb8f11a342c6b1149956f835508156700276cf467859c00b1ce96aa0592c45dd8a1b5d429f57758b8633a9e7823fde97c24ff159ab8b91881218fc8ca82cf7c5504b0419bd9a281c4662d3affc5acf2c49579c0f33e875d6be4b4dc662c8ababdd665c1a71cd125d235ad5a094b23145f219f927d8fbefd8e1a42cfc53dfbdc27a2088d0f3a118bea79f7f6bed3ecbae05f2ab7e61365bc223d1f833078ea6191b031ee28602c085adbb9a83700f65c080159362af98c3f325782bb0e094110fba9349fa4dc363e2f10fe2874c95d82a0bd927d2bd481976b98404f18ba423fba3aa1b5a0242af69cf6ff3f61f76be2081750da2a8a399b14347a3ce4f77afbb96d050dafd20b769148774204d8873368a7296f2cd341d65b26562cfa1c6fab4b1c5a836403ce3c8d3be2b030e5b94a5f7759e7acd0241a54d9aa5ba120924947649d0ed6b856791e7756d59898926d7d699c70abff110333bc91c21bd578b9bd129e372dc421fdaa4f18f849e4063095764c33387c91932b8c1b6bb918c2c80d87687426df366b3edd57bfea97375c7158b19d117925b7df87b4b8ce676869d20775f1d4247058440aea90d7ef86480656b5992b091a66111efc5a892a37677c14a3c1df27cd639fa2b5217da2bad85cc23b5b9f4f7f3105b0a2ba5db68529a58e345f6dfd95935c1d383c0ecb95be4639d57a357b3c5867d2e2393645cfffc5f646f3ec41dcc04ecf2572fa2f085c06e6f08f9af2d28403189ce039dd3459bc3084756a9f6dfe5e1e2c2cd5d83155779b63642a14bc982c28d4e202bcc66dad4abe47de90fac3c0cd06cc42ec6eff2056d2e0b654c092b71e0019911b427f166e73c09d07006a98a34ff6da313c88d12a06f5ccc9c4e3bc40f9f6561a839fb7023efcfc9cf32cdfe7b78cbea61242aa139c51319a5d66c3fafa2dfcb2a48e7b6a3cff4bd879305b81dc4cf8d740cd52aa341e6c185ca60c2eec9bbe78f5a5bc4e86990ba721518e255b8de2627a6f7b7ee28a554f4a85a0cb59bb0db7519e4a717578c0362a72d3b9c7c07b9078b4e93d376e78280dea61839734218b194a3ca1c8012f3c71fd78711f17d17a237c3b3ff4053b86955bd120f1a5013111b9872fd5175ebda049fc26c9869e6d34e71817fb8029410398551b499f2b6836d97e9ede750e24d8d2082c0ef84af3ef38ccd83bdd9f1546bfc", 0x48e}], 0x1) 1.573046196s ago: executing program 2 (id=392): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)="c1c4c0f24bb0729f0526d2b695f0a2afdfe080f1408517c9fdec39e8954db9aab43ce1c690854cd0c18ae643c7bec050002bac63945e77c73dc2511b8e20556f59bb44e8d6993ddcd71faa23fb5e65ccb6359fd87d2c295bb70afd4da16c853a138dabf380bf3696a310fc4ffe2a0ae89c5fb11bf11b552eb152ec2301c109d02e21c69f577f6e6f2ff78ca3ef95ddca3c2c6fa5a84b5177897ef584b855a678e725debf5e2b60b2c2a8cb8898dabc7ce87ac5af38561bb75c686e96bc2d2233ac71b65e6bd0e6dcdf0c98dab188a1ef5b3573d5", 0xd4}, {&(0x7f0000000200)="c67a7da94dd0acd32281ae5113d7c4210b4157d005225015e6f04bd90db0fc5ef7c51646d3148e26d332e62e36a1f8f46b55504a", 0x34}, {&(0x7f0000000500)="d976485216e6a323b37749924316e343c597f60ede86951e1c260774946acd3ac21334fd9a0c391129553d54b31ebd1a05661058e54086a1e4aa3a226ea5541b2a63373efe63dcefee38317195e9ea2b5f26074eb51bb21e4640d96db55023c71f22ae45f9818a192c6c792f08dc0fca2b1d8a899ca8266b2fecfdd5faaa422fcbf12c8e1d45e0c16344627227f97ccec1c6e5fb4d6da4ec", 0x98}, {&(0x7f0000000440)="016edfa3763e63fd964208c0b80c", 0xe}], 0x4}, 0x4000010) 1.269617485s ago: executing program 0 (id=393): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x19, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000001480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x401}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.151906558s ago: executing program 1 (id=394): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0xf001}}}}}}}, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000000340)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x28, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0xa, 0xc2, 0xffff, 0x0, 0x0, {[@exp_smc={0xfe, 0x6}, @timestamp={0x8, 0xa, 0x25, 0x1}, @exp_fastopen={0xfe, 0x4}]}}}}}}}}, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) 666.494759ms ago: executing program 4 (id=395): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x22a4069, &(0x7f00000002c0)={[{@inode32}]}) 271.10202ms ago: executing program 0 (id=396): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES32=0x0], 0x11, 0x6e4, &(0x7f0000000d00)="$eJzs3U9oJXcdAPDvvLwk720xm7bb7QqFxhaquLibP6QaLxtFJEKRsoKeQzfbDfv2j0kqaQ9uqoJXD16FeogXPSkiCMJCPeuteAueCoKXnnZ7cGT+vUzie8nLpslL7edTfju/md/Mb77znZnfvPdomAA+s5YuR/NhtGPp8mub2fzO9lxnZ3vuTlFvdCJiPCIaEc3aVsn7EYtRlPh8tqBq6LefX64uXP/go50Pi7lmWRpR/NPuH2BzkKPYKktMRcRIOT2GPf298WT9je9Wk25msoS9XCUOhm00ItI9fnhxt6WXdKQ20/d+Bz49kuK5WVPc/5MR5yKiVT3QtorGxulHeKgjjUVbJxcHAAAAnBnnHz2I2IyJYccBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnybl+/+Tsjyu6lORVO//H6u9Y39syOH2d3BkrarysHEawQAAAAAAAADAyXrxUfz2eppOVPNpEo3vj5Qz7XL6VqzHSjPiSmzGcmzERqzFTERM1joa21ze2FibiZfyuQsfp2kaTxVbxtqeLWd7bjk7YMDt4x4xAAAAAAAAAPxfuTY/nk9/EksxMexgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgLokYKSZ5uVDVJ6PRjIhWRIxl621F/L2qnyHNo27w8GTiAAAAgDPl/KN4FJsxUc2nSf6d/2L+vb8Vb8Xd2IjV2IhOrMSN/LeA4lt/Y2d7rrOzPXcnKxExurffb/x7t/6HiUPDyHuM4reH3nu+lK/Rjpuxmi+5Em/EvejEjWjkW2YuVfHU4qp5N4spuVZI0xgfJEE3yml25L8op6eifdgKk3lGRrsZmc5iS4o8Pn1wJupnZwD79zQTje4vPxf676n7Y0yV82sH7iX5T5oWtXPVkoinvnNgzvPrZfRIB3Ms+zMxW7v6Lh6c84gv/vF3P7jVuXv7VrJ1+dQuoyfyYu/F4/+szlCVicJWrMRcLRPPD5yJm+tnPBN97f2lsRHPdetL8e34XlyOqXg91mI1fhTLsRErMRXfymvL5fWc/Tt5cKYW98y9flhMY+V5GdkX0xfOF9ODYnop33YiVuO7cS9uxEq8mv83GzPx1ZiP+VioneHnBhhpGz3u+j/1D/7lL5WVbOD7+e4AeIp3dz9ZXp+u5bU+5k7mbfUljUjLJ8szR3geHTw2VnYfWdmZ+GntHhy+biZa0X1KVNE9W2VgtGcmfp0PK+udu7fXbi3f39dvstV7f6/E3sM/OwNJdr080x0j9l4dWduzPdtm8rYL3bbG/rbftLtth92pY+VnuP/taTZvez4iflVGm7VlsjE8a7tU2y77vNXK2z5O07T4vAXAmXfuy+fG2v9q/639Xvtn7Vvt11rfHP/a+AtjMfrX0a83p0deabyQ/D7eix/H4d/QAQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAQ62//c7t5U5nZW1fJU3TB32aTqQSzYg9S/7y59o6+bvGImLwDrO1FxsR+ZJmlJWjBfbgyQ7n3SdNwj/Kc3IqCT+gkgy8cqvv9VNW7n2uPJzHaZqe+uFU72o78uZpaWin4BOuVK/IOspWQxmOgFN0dePO/avrb7/zldU7y2+uvLlyd2F+fmF6Yf7Vuas3VzutYYcHnKD8WZ9/zhl2JAAAAAAAAAAAAMCgBvvjnOT2chRLmkf8KwL/ZyEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwXEuXo/kwkpiZvjKdze9sz3WyUtWz6Ui+5uOIaEREMhWRvB+xGEWJyVp3Sb/9bEVc/+CjnQ+LuWZZ8vUbxz+KrbLEVBnuVO/1Wr0Wpg/69Zfk/dzv39+AkrKMdJcsHqs/+IT8NwAA///gUwsO") r1 = open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x38) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000002, 0x28011, r1, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, 0x0) 146.436385ms ago: executing program 2 (id=397): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) write$char_usb(r0, &(0x7f0000000540)="5e5144049183a4166cbf91c7fcf6fb39248cf6c5dd3384203c8b870ad6a0925a68bb6fb15a8d7465a654b3949a06284bbd547f312be5b40b3f2c7f0c0981e81f45d9a48862213418e12144bc4f0801fcc25005eaf74d5c186498a44d6a5ae998751934a600e51e4bc6298dffd9c572868df46b7ae318cf9b0c488f2a3e31add4dcd9771b26be99df4ffc690dc6652ad01d392de46ba6b841c3f497bf61b4094d9b2c500e7e8e42beb1707535720a928aab9fa731607df23662b05ee56b39e516fb1bde67e96fe2f61ee6b942f1758ff01b0d4e", 0xff97) 0s ago: executing program 4 (id=398): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="15000000100000000004"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040), 0x2}, 0x20) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000b40)='./file1\x00', 0x4810, &(0x7f00000001c0), 0x0, 0x507, &(0x7f0000000b80)="$eJzs3E1vVFUfAPD/nZkW+gBP+/C8yYsyisZGI6XldeFCjCZsTEw0pi5rWwhSwNCaAGmkvgQTFxo+AerOxE/gSjdGjQuNW4kujQkxXVh0YcbcmTtl2plpO+20hfb3S0rPvffce8655x56XuZOAJtWMf0nidgeET9GRHdlc26EYuXX7enJ4T+mJ4eTKJVe+C0px5uZnvywGrV63rZsozcXkXsniT0N0h2/fOXs0NjY6MXK5ts3J3LZkXNDp0dPj54fOH788KGuY0cHjrSlnGmeZna/cWHvrpMvX39uePD6K19/mua3lB2fmZ4cnntGT4sp5Ov2FKM4917WeKTFq9/tdlR+Fe7sya1bXli6fFZpHeX23x35mirsjmffmo0EbDilUqm0pW7vbIOfKtVKksoJwAaRtNykC6uTEWAN7az5iz8znY5UJ4frx8Eb260TUR4BpeW+nf1UjhTKI9hiT2Vs1LFK6f8nIgan/ryR/kTDeQgAgPb6/ERE6effO9J+R/WnciQX/6uJ989sbagnIv4VEWnf8d9Z/+W/EeW4/4+I+2rOSXuUWxdJvzhvu77/831XFki7rMsuZzNp/+/JbG1rbv9vdv2iJ59t7SiXvyM5dWZs9GB2T3qjY0u63V9/6dlptS+e+eGDZukXs/5fLip9wDT9al8wy8evhXkTdCNDE0MrLXfVrTfLN/ZqffmTKCTVUMSuiNi9jOun9+zMY5/sbXa8Wv7BfNwYTMtZV/73m1+8sIwMzVP6KOLRSv1PxbzypzqzUN/Eudf6xi9feeJM7fpk/7GjA0f6tsbY6MG+6lNR75vvrj2fBeuGEcWa/n/j+l9daf3/o+HzP7ty2ZPUrteOt57GtZvvNh3T1JQ/Hy08/53Ji+VwZ7bv0tDExMX+iM5kqn7/wJ1zLw11zYmflr93f+P2vzPir+ri9p6ISB/i+yPigYjYl+X9wYh4KCL2L1D+r55++NVmQ8i7of5HWqr/ZoGnvo1ofCh/9svP6hJ+r7jE8qf1f7gc6s32jAxNLPZnJRbKaW1gxTcQAAAA7gH7ImJ7JLkD2Rzn9sjlDhyI2DY7gzI+8fipC6+fH6m8I9ATHbnqTFd3zXxofzY3nG6nZw3UbKfHD5XnjUulUqkr3U7H72M71rfosOlta9L+U7/43D9sfC2tozV7ow24Jy1/Hb39H8gA1lYbPkcD3KO0f9i8ltz+V+stOGDdNGr/VyNur0NWgDXWqP2/tA75ANae8T9sXto/bF7aP2xK5Tfh87HEt+WXHth5cv6emu8QSAptTWsJgVws/C0APRHVPdUPOC58wZ9yEe3JYb6tJe2a810NuYZxtraluiNNauE4hRa+iGFtA7kWzyosUtIVBbZExCJP7+zDdrUauLLaN6rcCD5e3/+dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVu7vAAAA//+eAMuV") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x26, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB], 0x14}}, 0x40000) mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1) kernel console output (not intermixed with test programs): 5][ T5094] Bluetooth: hci0: command tx timeout [ 243.730976][ T5094] Bluetooth: hci1: command tx timeout [ 243.816418][ T5810] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 243.860843][ T5810] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 243.912796][ T5810] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 243.966152][ T5094] Bluetooth: hci4: command tx timeout [ 243.972042][ T5803] Bluetooth: hci2: command tx timeout [ 244.003867][ T5812] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 244.107749][ T5812] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 244.176800][ T5812] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 244.208329][ T5803] Bluetooth: hci3: command tx timeout [ 244.256247][ T5812] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 244.642927][ T5802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.680319][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.886470][ T5806] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.916253][ T5802] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.936441][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.976066][ T4773] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.983885][ T4773] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.099896][ T4773] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.108184][ T4773] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.123943][ T4773] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.131986][ T4773] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.224255][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 245.376210][ T5810] 8021q: adding VLAN 0 to HW filter on device team0 [ 245.401899][ T4773] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.409838][ T4773] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.601988][ T4773] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.610029][ T4773] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.647137][ T4773] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.654691][ T4773] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.727868][ T5811] 8021q: adding VLAN 0 to HW filter on device team0 [ 245.799973][ T5802] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 245.812291][ T5802] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 245.982191][ T4773] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.990438][ T4773] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.014340][ T4773] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.022371][ T4773] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.246096][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 246.536967][ T5812] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.662170][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.670035][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.769665][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.777532][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.798330][ T5802] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.003232][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.062740][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.563833][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.619783][ T5810] veth0_vlan: entered promiscuous mode [ 248.646312][ T5802] veth0_vlan: entered promiscuous mode [ 248.744536][ T5802] veth1_vlan: entered promiscuous mode [ 248.764247][ T5810] veth1_vlan: entered promiscuous mode [ 249.139995][ T5810] veth0_macvtap: entered promiscuous mode [ 249.195839][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 249.208539][ T5802] veth0_macvtap: entered promiscuous mode [ 249.263145][ T5811] veth0_vlan: entered promiscuous mode [ 249.292804][ T5802] veth1_macvtap: entered promiscuous mode [ 249.318012][ T5810] veth1_macvtap: entered promiscuous mode [ 249.407675][ T5811] veth1_vlan: entered promiscuous mode [ 249.488195][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 249.561581][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 249.609438][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 249.707351][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 249.736705][ T5802] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.746013][ T5802] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.755227][ T5802] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.764315][ T5802] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.832379][ T5812] veth0_vlan: entered promiscuous mode [ 249.852495][ T5810] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.861688][ T5810] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.871008][ T5810] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.880225][ T5810] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.959415][ T5811] veth0_macvtap: entered promiscuous mode [ 250.034166][ T5812] veth1_vlan: entered promiscuous mode [ 250.080266][ T5811] veth1_macvtap: entered promiscuous mode [ 250.261129][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 250.377410][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 250.407729][ T5812] veth0_macvtap: entered promiscuous mode [ 250.477870][ T5811] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.487066][ T5811] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.496273][ T5811] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.505451][ T5811] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.534245][ T5812] veth1_macvtap: entered promiscuous mode [ 250.727829][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 250.880822][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 250.978400][ T5812] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.987596][ T5812] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.996834][ T5812] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.006001][ T5812] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.139483][ T5806] veth0_vlan: entered promiscuous mode [ 251.253980][ T5806] veth1_vlan: entered promiscuous mode [ 251.688539][ T5806] veth0_macvtap: entered promiscuous mode [ 251.781467][ T5806] veth1_macvtap: entered promiscuous mode [ 251.946841][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 252.064541][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 252.165426][ T5806] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.174493][ T5806] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.183636][ T5806] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.192852][ T5806] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.401845][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 256.410967][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 256.581871][ T3539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 256.591385][ T3539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 256.760320][ T3539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 256.770919][ T3539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 256.940549][ T3848] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 256.948934][ T3848] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.205936][ T5802] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 257.221244][ T3539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.230735][ T3539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.447559][ T3553] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.459476][ T3553] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.940840][ T3553] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.949094][ T3553] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.217819][ T4515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.226684][ T4515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.266723][ T5882] usb 3-1: new low-speed USB device number 2 using dummy_hcd [ 258.465303][ T5882] usb 3-1: device descriptor read/64, error -71 [ 258.693457][ T5987] loop0: detected capacity change from 0 to 1024 [ 258.727370][ T5987] hfsplus: Unknown parameter 'syzkaller' [ 258.736357][ T5882] usb 3-1: new low-speed USB device number 3 using dummy_hcd [ 258.928065][ T5882] usb 3-1: device descriptor read/64, error -71 [ 259.056586][ T5882] usb usb3-port1: attempt power cycle [ 259.220801][ T5994] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 259.465455][ T5851] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 259.477557][ T3539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 259.486936][ T3539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.495876][ T5882] usb 3-1: new low-speed USB device number 4 using dummy_hcd [ 259.595610][ T5882] usb 3-1: device descriptor read/8, error -71 [ 259.656309][ T5851] usb 1-1: Using ep0 maxpacket: 16 [ 259.677650][ T5851] usb 1-1: config 128 has too many interfaces: 254, using maximum allowed: 32 [ 259.686971][ T5851] usb 1-1: config 128 has 0 interfaces, different from the descriptor's value: 254 [ 259.696934][ T5851] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 259.711531][ T5851] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.756371][ T1601] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 259.845654][ T5882] usb 3-1: new low-speed USB device number 5 using dummy_hcd [ 259.875533][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 259.883760][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.930302][ T1601] usb 4-1: device descriptor read/64, error -71 [ 259.950974][ T5882] usb 3-1: device descriptor read/8, error -71 [ 260.052480][ T5987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 260.064208][ T5987] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 260.079655][ T5882] usb usb3-port1: unable to enumerate USB device [ 260.144674][ T5851] usb 1-1: USB disconnect, device number 2 [ 260.205652][ T1601] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 260.283437][ T6004] FAULT_INJECTION: forcing a failure. [ 260.283437][ T6004] name failslab, interval 1, probability 0, space 0, times 1 [ 260.300629][ T6004] CPU: 0 UID: 0 PID: 6004 Comm: syz.1.7 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 260.300766][ T6004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 260.300856][ T6004] Call Trace: [ 260.300907][ T6004] [ 260.300953][ T6004] __dump_stack+0x26/0x30 [ 260.301137][ T6004] dump_stack_lvl+0x1df/0x270 [ 260.301324][ T6004] dump_stack+0x1e/0x25 [ 260.301479][ T6004] should_fail_ex+0x7dc/0x8a0 [ 260.301663][ T6004] should_failslab+0x15b/0x200 [ 260.301859][ T6004] kmem_cache_alloc_node_noprof+0xf3/0xf00 [ 260.302009][ T6004] ? __alloc_skb+0x1e0/0x7d0 [ 260.302212][ T6004] ? kmsan_get_metadata+0xfb/0x160 [ 260.302401][ T6004] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 260.302602][ T6004] __alloc_skb+0x1e0/0x7d0 [ 260.302799][ T6004] netlink_alloc_large_skb+0xa5/0x280 [ 260.302999][ T6004] netlink_sendmsg+0xaea/0x1250 [ 260.303184][ T6004] ? __pfx_netlink_sendmsg+0x10/0x10 [ 260.303331][ T6004] ? __pfx_netlink_sendmsg+0x10/0x10 [ 260.303485][ T6004] __sock_sendmsg+0x333/0x3d0 [ 260.303659][ T6004] ____sys_sendmsg+0x7e0/0xd80 [ 260.303833][ T6004] ___sys_sendmsg+0x271/0x3b0 [ 260.304003][ T6004] ? __rcu_read_unlock+0x6d/0xd0 [ 260.304153][ T6004] ? __fget_files+0x3b4/0x4a0 [ 260.304294][ T6004] ? __fget_files+0x3b9/0x4a0 [ 260.304433][ T6004] ? kmsan_get_metadata+0xfb/0x160 [ 260.304622][ T6004] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 260.304826][ T6004] __x64_sys_sendmsg+0x211/0x3e0 [ 260.304987][ T6004] ? kmsan_get_metadata+0xfb/0x160 [ 260.305199][ T6004] x64_sys_call+0x32fb/0x3db0 [ 260.305409][ T6004] do_syscall_64+0xd9/0x210 [ 260.305557][ T6004] ? irqentry_exit+0x16/0x60 [ 260.305745][ T6004] ? clear_bhb_loop+0x40/0x90 [ 260.305914][ T6004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.306066][ T6004] RIP: 0033:0x7fb18ed8e929 [ 260.306191][ T6004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.306297][ T6004] RSP: 002b:00007fb18fb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 260.306434][ T6004] RAX: ffffffffffffffda RBX: 00007fb18efb5fa0 RCX: 00007fb18ed8e929 [ 260.306528][ T6004] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 260.306640][ T6004] RBP: 00007fb18fb77090 R08: 0000000000000000 R09: 0000000000000000 [ 260.306733][ T6004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.306822][ T6004] R13: 0000000000000000 R14: 00007fb18efb5fa0 R15: 00007ffc58206608 [ 260.306956][ T6004] [ 260.625172][ T1601] usb 4-1: device descriptor read/64, error -71 [ 260.751689][ T1601] usb usb4-port1: attempt power cycle [ 261.005647][ T6009] FAULT_INJECTION: forcing a failure. [ 261.005647][ T6009] name failslab, interval 1, probability 0, space 0, times 0 [ 261.019143][ T6009] CPU: 1 UID: 0 PID: 6009 Comm: syz.4.8 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 261.019323][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 261.019414][ T6009] Call Trace: [ 261.019466][ T6009] [ 261.019519][ T6009] __dump_stack+0x26/0x30 [ 261.019704][ T6009] dump_stack_lvl+0x1df/0x270 [ 261.019900][ T6009] dump_stack+0x1e/0x25 [ 261.020069][ T6009] should_fail_ex+0x7dc/0x8a0 [ 261.020277][ T6009] should_failslab+0x15b/0x200 [ 261.020493][ T6009] __kmalloc_cache_noprof+0xcb/0xed0 [ 261.020657][ T6009] ? kmsan_get_metadata+0xfb/0x160 [ 261.020849][ T6009] ? alloc_pipe_info+0x14a/0xc50 [ 261.021060][ T6009] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 261.021261][ T6009] ? kmsan_get_metadata+0xfb/0x160 [ 261.021483][ T6009] alloc_pipe_info+0x14a/0xc50 [ 261.021690][ T6009] ? __rcu_read_unlock+0x6d/0xd0 [ 261.021841][ T6009] ? aa_file_perm+0x24c/0x18d0 [ 261.022004][ T6009] ? kmsan_get_metadata+0xfb/0x160 [ 261.022215][ T6009] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 261.022436][ T6009] splice_direct_to_actor+0x1174/0x1550 [ 261.022644][ T6009] ? __pfx_direct_splice_actor+0x10/0x10 [ 261.022840][ T6009] ? filter_irq_stacks+0x49/0x190 [ 261.023006][ T6009] ? stack_depot_save_flags+0x35/0x7b0 [ 261.023179][ T6009] ? kmsan_get_metadata+0xfb/0x160 [ 261.023370][ T6009] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 261.023549][ T6009] ? kmsan_get_metadata+0xfb/0x160 [ 261.023739][ T6009] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 261.023947][ T6009] do_splice_direct+0x1e0/0x350 [ 261.024139][ T6009] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 261.024348][ T6009] do_sendfile+0x9eb/0x1110 [ 261.024561][ T6009] __se_sys_sendfile64+0xfb/0x280 [ 261.024737][ T6009] __x64_sys_sendfile64+0xbd/0x120 [ 261.024917][ T6009] x64_sys_call+0xd49/0x3db0 [ 261.025116][ T6009] do_syscall_64+0xd9/0x210 [ 261.025270][ T6009] ? clear_bhb_loop+0x40/0x90 [ 261.025442][ T6009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.025607][ T6009] RIP: 0033:0x7fe0a018e929 [ 261.025726][ T6009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.025846][ T6009] RSP: 002b:00007fe0a103f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 261.025981][ T6009] RAX: ffffffffffffffda RBX: 00007fe0a03b5fa0 RCX: 00007fe0a018e929 [ 261.026087][ T6009] RDX: 0000200000002080 RSI: 0000000000000004 RDI: 0000000000000005 [ 261.026173][ T6009] RBP: 00007fe0a103f090 R08: 0000000000000000 R09: 0000000000000000 [ 261.026261][ T6009] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001 [ 261.026344][ T6009] R13: 0000000000000000 R14: 00007fe0a03b5fa0 R15: 00007ffd2188b7a8 [ 261.026471][ T6009] [ 261.300051][ T1601] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 261.328454][ T1601] usb 4-1: device descriptor read/8, error -71 [ 261.596146][ T1601] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 261.722401][ T1601] usb 4-1: device descriptor read/8, error -71 [ 261.852062][ T1601] usb usb4-port1: unable to enumerate USB device [ 263.225511][ T5851] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 263.527886][ T5851] usb 4-1: config 0 has an invalid interface number: 128 but max is 0 [ 263.536680][ T5851] usb 4-1: config 0 has no interface number 0 [ 263.635665][ T5851] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 263.645899][ T5851] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.654192][ T5851] usb 4-1: Product: syz [ 263.658831][ T5851] usb 4-1: Manufacturer: syz [ 263.663674][ T5851] usb 4-1: SerialNumber: syz [ 263.730309][ T6036] netlink: 68 bytes leftover after parsing attributes in process `syz.1.17'. [ 263.741266][ T6036] netlink: 68 bytes leftover after parsing attributes in process `syz.1.17'. [ 263.776465][ T6029] loop2: detected capacity change from 0 to 40427 [ 263.833137][ T6029] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 263.841312][ T6029] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 263.871032][ T6029] F2FS-fs (loop2): invalid crc value [ 263.878705][ T5851] usb 4-1: config 0 descriptor?? [ 264.251937][ T6029] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 264.259916][ T6029] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 266.092471][ T5851] usb 4-1: Firmware version (0.0) predates our first public release. [ 266.104635][ T5851] usb 4-1: Please update to version 0.2 or newer [ 266.307038][ T5851] usb 4-1: USB disconnect, device number 6 [ 266.755979][ T5859] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 266.868844][ T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 266.986728][ T5859] usb 5-1: Using ep0 maxpacket: 8 [ 267.047607][ T5859] usb 5-1: unable to get BOS descriptor or descriptor too short [ 267.118795][ T5859] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 267.127230][ T5859] usb 5-1: can't read configurations, error -61 [ 267.135931][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 267.178117][ T24] usb 1-1: config 1 has an invalid interface number: 105 but max is 0 [ 267.193017][ T24] usb 1-1: config 1 has no interface number 0 [ 267.201593][ T24] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 267.212413][ T24] usb 1-1: config 1 interface 105 has no altsetting 0 [ 267.291285][ T6071] loop2: detected capacity change from 0 to 512 [ 267.299695][ T24] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 267.309605][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.318281][ T24] usb 1-1: Product: syz [ 267.322921][ T24] usb 1-1: Manufacturer: syz [ 267.329884][ T24] usb 1-1: SerialNumber: syz [ 267.395871][ T5859] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 267.539170][ T6066] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 267.586738][ T5859] usb 5-1: Using ep0 maxpacket: 8 [ 267.633141][ T5859] usb 5-1: unable to get BOS descriptor or descriptor too short [ 267.706388][ T5859] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 267.715133][ T5859] usb 5-1: can't read configurations, error -61 [ 267.723090][ T5859] usb usb5-port1: attempt power cycle [ 267.912672][ T24] aqc111 1-1:1.105: probe with driver aqc111 failed with error -22 [ 267.996834][ T24] usb 1-1: USB disconnect, device number 3 [ 268.026393][ T6072] udevd[6072]: setting mode of /dev/bus/usb/001/003 to 020664 failed: No such file or directory [ 268.071994][ T6072] udevd[6072]: setting owner of /dev/bus/usb/001/003 to uid=0, gid=0 failed: No such file or directory [ 268.138632][ T6078] netlink: 'syz.1.29': attribute type 10 has an invalid length. [ 268.202156][ T6078] veth0_vlan: left promiscuous mode [ 268.224265][ T6078] veth0_vlan: entered promiscuous mode [ 268.249049][ T6078] team0: Device veth0_vlan failed to register rx_handler [ 268.346219][ T5859] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 268.421420][ T5859] usb 5-1: Using ep0 maxpacket: 8 [ 268.477784][ T5859] usb 5-1: unable to get BOS descriptor or descriptor too short [ 268.540829][ T5859] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 268.549220][ T5859] usb 5-1: can't read configurations, error -61 [ 268.590364][ T6071] EXT4-fs (loop2): Test dummy encryption mode enabled [ 268.598150][ T6071] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 268.612316][ T6071] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 268.690757][ T6071] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.27: bad orphan inode 131083 [ 268.796759][ T5859] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 268.839429][ T6071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 268.877023][ T5859] usb 5-1: Using ep0 maxpacket: 8 [ 268.962209][ T5859] usb 5-1: unable to get BOS descriptor or descriptor too short [ 269.000167][ T5859] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 269.009168][ T5859] usb 5-1: can't read configurations, error -61 [ 269.020212][ T6071] netlink: 'syz.2.27': attribute type 4 has an invalid length. [ 269.065854][ T5859] usb usb5-port1: unable to enumerate USB device [ 269.087715][ T6087] netlink: 'syz.2.27': attribute type 4 has an invalid length. [ 269.578963][ T6093] FAULT_INJECTION: forcing a failure. [ 269.578963][ T6093] name failslab, interval 1, probability 0, space 0, times 0 [ 269.592157][ T6093] CPU: 0 UID: 0 PID: 6093 Comm: syz.4.33 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 269.592292][ T6093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 269.592366][ T6093] Call Trace: [ 269.592422][ T6093] [ 269.592469][ T6093] __dump_stack+0x26/0x30 [ 269.592639][ T6093] dump_stack_lvl+0x1df/0x270 [ 269.592804][ T6093] dump_stack+0x1e/0x25 [ 269.592951][ T6093] should_fail_ex+0x7dc/0x8a0 [ 269.593127][ T6093] should_failslab+0x15b/0x200 [ 269.593322][ T6093] __kmalloc_noprof+0x182/0x1310 [ 269.593461][ T6093] ? tomoyo_file_ioctl+0x3d/0x50 [ 269.593625][ T6093] ? tomoyo_realpath_from_path+0xeb/0x9f0 [ 269.593814][ T6093] ? __msan_warning+0x1b/0x30 [ 269.593979][ T6093] ? filter_irq_stacks+0x13f/0x190 [ 269.594114][ T6093] ? kmsan_get_metadata+0xfb/0x160 [ 269.594342][ T6093] tomoyo_realpath_from_path+0xeb/0x9f0 [ 269.594529][ T6093] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 269.594739][ T6093] ? __srcu_read_lock+0x5e/0xd0 [ 269.594918][ T6093] tomoyo_path_number_perm+0x1d0/0x7d0 [ 269.595066][ T6093] ? stack_depot_save_flags+0x35/0x7b0 [ 269.595251][ T6093] ? kmsan_get_metadata+0xfb/0x160 [ 269.595442][ T6093] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 269.595679][ T6093] tomoyo_file_ioctl+0x3d/0x50 [ 269.595850][ T6093] security_file_ioctl+0x141/0x590 [ 269.596057][ T6093] __se_sys_ioctl+0xbb/0x400 [ 269.596240][ T6093] __x64_sys_ioctl+0x97/0xe0 [ 269.596422][ T6093] x64_sys_call+0x1ebe/0x3db0 [ 269.596620][ T6093] do_syscall_64+0xd9/0x210 [ 269.596761][ T6093] ? irqentry_exit+0x16/0x60 [ 269.596954][ T6093] ? clear_bhb_loop+0x40/0x90 [ 269.597115][ T6093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.597269][ T6093] RIP: 0033:0x7fe0a018e929 [ 269.597391][ T6093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.597515][ T6093] RSP: 002b:00007fe0a103f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 269.597660][ T6093] RAX: ffffffffffffffda RBX: 00007fe0a03b5fa0 RCX: 00007fe0a018e929 [ 269.597757][ T6093] RDX: 00002000000001c0 RSI: 0000000000005412 RDI: 0000000000000004 [ 269.597855][ T6093] RBP: 00007fe0a103f090 R08: 0000000000000000 R09: 0000000000000000 [ 269.597934][ T6093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 269.598010][ T6093] R13: 0000000000000000 R14: 00007fe0a03b5fa0 R15: 00007ffd2188b7a8 [ 269.598128][ T6093] [ 269.845422][ T6093] ERROR: Out of memory at tomoyo_realpath_from_path. [ 269.852478][ T6093] Bluetooth: (null): Out-of-order packet arrived (4 != 0) [ 269.985344][ T4238] Bluetooth: (null): Invalid header checksum [ 269.991928][ T4238] Bluetooth: (null): Invalid header checksum [ 269.998574][ T4238] Bluetooth: (null): Invalid header checksum [ 270.190404][ T6071] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 270.289972][ T6100] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 270.300330][ T6100] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 270.433415][ T6071] fscrypt (loop2): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 270.565365][ T5854] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 270.797108][ T5854] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 270.797287][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 270.806679][ T5854] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.806812][ T5854] usb 1-1: Product: syz [ 270.828741][ T5854] usb 1-1: Manufacturer: syz [ 270.833583][ T5854] usb 1-1: SerialNumber: syz [ 270.976966][ T5854] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 271.201361][ T1601] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 271.292292][ T6109] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 271.477192][ T6100] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 272.317556][ T1601] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 272.328070][ T1601] ath9k_htc: Failed to initialize the device [ 272.579535][ T1601] usb 1-1: ath9k_htc: USB layer deinitialized [ 273.610384][ T6123] loop4: detected capacity change from 0 to 40427 [ 273.642636][ T6123] F2FS-fs (loop4): Image doesn't support compression [ 273.711050][ T6123] F2FS-fs (loop4): invalid crc value [ 273.926830][ T6100] Zero length message leads to an empty skb [ 274.154839][ T6123] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 274.219216][ T6135] netlink: 8 bytes leftover after parsing attributes in process `syz.1.43'. [ 274.355460][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 274.365103][ T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!! [ 274.384327][ T6137] xt_l2tp: v2 doesn't support IP mode [ 274.435108][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 274.505008][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 274.605000][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 274.614966][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 274.618017][ T6123] syz.4.41 (6123): drop_caches: 2 [ 274.645004][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 275.112877][ T5854] usb 1-1: USB disconnect, device number 4 [ 276.265371][ T5859] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 276.485943][ T5859] usb 2-1: Using ep0 maxpacket: 8 [ 276.508558][ T6154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 276.516705][ T6154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 276.568552][ T6154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 276.577226][ T6154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 276.608885][ T5859] usb 2-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 276.618436][ T5859] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.627465][ T5859] usb 2-1: Product: syz [ 276.631892][ T5859] usb 2-1: Manufacturer: syz [ 276.636888][ T5859] usb 2-1: SerialNumber: syz [ 276.724015][ T5859] usb 2-1: config 0 descriptor?? [ 277.532053][ T6156] loop3: detected capacity change from 0 to 32768 [ 277.543358][ T6156] ======================================================= [ 277.543358][ T6156] WARNING: The mand mount option has been deprecated and [ 277.543358][ T6156] and is ignored by this kernel. Remove the mand [ 277.543358][ T6156] option from the mount to silence this warning. [ 277.543358][ T6156] ======================================================= [ 277.585559][ T6156] ocfs2: Unknown parameter '¤Ê&ص Á¤»¢û' [ 277.692240][ T6161] FAULT_INJECTION: forcing a failure. [ 277.692240][ T6161] name failslab, interval 1, probability 0, space 0, times 0 [ 277.697585][ T5859] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 277.706417][ T6161] CPU: 0 UID: 0 PID: 6161 Comm: syz.0.51 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 277.706592][ T6161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 277.706715][ T6161] Call Trace: [ 277.706777][ T6161] [ 277.706835][ T6161] __dump_stack+0x26/0x30 [ 277.707040][ T6161] dump_stack_lvl+0x1df/0x270 [ 277.707247][ T6161] dump_stack+0x1e/0x25 [ 277.707428][ T6161] should_fail_ex+0x7dc/0x8a0 [ 277.707651][ T6161] should_failslab+0x15b/0x200 [ 277.707903][ T6161] __kmalloc_cache_noprof+0xcb/0xed0 [ 277.708064][ T6161] ? alloc_fs_context+0x6c/0xda0 [ 277.708252][ T6161] ? kmsan_get_metadata+0xfb/0x160 [ 277.708471][ T6161] ? kmsan_get_metadata+0xfb/0x160 [ 277.708708][ T6161] alloc_fs_context+0x6c/0xda0 [ 277.708894][ T6161] ? _raw_read_unlock+0x38/0x50 [ 277.709105][ T6161] fs_context_for_mount+0x3b/0x50 [ 277.709334][ T6161] do_new_mount+0x26c/0x1610 [ 277.709556][ T6161] ? kmsan_get_metadata+0xfb/0x160 [ 277.709754][ T6161] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 277.709986][ T6161] path_mount+0x6db/0x1e90 [ 277.710188][ T6161] ? user_path_at+0x32d/0x3d0 [ 277.710378][ T6161] __se_sys_mount+0x6eb/0x7d0 [ 277.710586][ T6161] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 277.710802][ T6161] __x64_sys_mount+0xe4/0x150 [ 277.711022][ T6161] x64_sys_call+0xfa7/0x3db0 [ 277.711211][ T6161] do_syscall_64+0xd9/0x210 [ 277.711339][ T6161] ? irqentry_exit+0x16/0x60 [ 277.711535][ T6161] ? clear_bhb_loop+0x40/0x90 [ 277.711705][ T6161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.711862][ T6161] RIP: 0033:0x7fb750f8e929 [ 277.711972][ T6161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.712095][ T6161] RSP: 002b:00007fb74edf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 277.712235][ T6161] RAX: ffffffffffffffda RBX: 00007fb7511b5fa0 RCX: 00007fb750f8e929 [ 277.712339][ T6161] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 0000000000000000 [ 277.712435][ T6161] RBP: 00007fb74edf6090 R08: 0000000000000000 R09: 0000000000000000 [ 277.712526][ T6161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 277.712619][ T6161] R13: 0000000000000001 R14: 00007fb7511b5fa0 R15: 00007fff5bd24028 [ 277.712752][ T6161] [ 278.380035][ T6156] loop2: detected capacity change from 0 to 7 [ 278.389353][ T6156] Dev loop2: unable to read RDB block 7 [ 278.395510][ T6156] loop2: AHDI p1 p2 p3 [ 278.399952][ T6156] loop2: partition table partially beyond EOD, truncated [ 278.408257][ T6156] loop2: p3 start 335544320 is beyond EOD, truncated [ 279.105365][ T6167] loop4: detected capacity change from 0 to 2048 [ 279.254108][ T5967] loop4: p1 < > p4 < > [ 279.345650][ T6167] loop4: p1 < > p4 < > [ 279.410204][ T6173] loop2: detected capacity change from 0 to 512 [ 279.549913][ T6173] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 279.641302][ T6173] EXT4-fs (loop2): 1 truncate cleaned up [ 279.649893][ T6173] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.650762][ T6178] FAULT_INJECTION: forcing a failure. [ 279.650762][ T6178] name failslab, interval 1, probability 0, space 0, times 0 [ 279.682694][ T6178] CPU: 1 UID: 0 PID: 6178 Comm: syz.0.56 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 279.682830][ T6178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 279.682906][ T6178] Call Trace: [ 279.682952][ T6178] [ 279.682999][ T6178] __dump_stack+0x26/0x30 [ 279.683168][ T6178] dump_stack_lvl+0x1df/0x270 [ 279.683339][ T6178] dump_stack+0x1e/0x25 [ 279.683486][ T6178] should_fail_ex+0x7dc/0x8a0 [ 279.683662][ T6178] should_failslab+0x15b/0x200 [ 279.683851][ T6178] __kmalloc_cache_noprof+0xcb/0xed0 [ 279.683992][ T6178] ? nf_tables_newflowtable+0x20c4/0x43c0 [ 279.684153][ T6178] ? kmsan_get_metadata+0xfb/0x160 [ 279.684348][ T6178] nf_tables_newflowtable+0x20c4/0x43c0 [ 279.684560][ T6178] ? __pfx_nf_tables_newflowtable+0x10/0x10 [ 279.684711][ T6178] nfnetlink_rcv+0x2292/0x5420 [ 279.684989][ T6178] ? __netlink_deliver_tap+0xda9/0xdd0 [ 279.685152][ T6178] ? kmsan_get_metadata+0xfb/0x160 [ 279.685323][ T6178] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 279.685497][ T6178] ? kmsan_get_metadata+0xfb/0x160 [ 279.685669][ T6178] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 279.685840][ T6178] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 279.685992][ T6178] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 279.686149][ T6178] netlink_unicast+0xed5/0x1290 [ 279.686302][ T6178] netlink_sendmsg+0x10b3/0x1250 [ 279.686472][ T6178] ? __pfx_netlink_sendmsg+0x10/0x10 [ 279.686629][ T6178] ? __pfx_netlink_sendmsg+0x10/0x10 [ 279.686804][ T6178] __sock_sendmsg+0x333/0x3d0 [ 279.686992][ T6178] ____sys_sendmsg+0x7e0/0xd80 [ 279.687184][ T6178] ___sys_sendmsg+0x271/0x3b0 [ 279.687355][ T6178] ? __rcu_read_unlock+0x6d/0xd0 [ 279.687502][ T6178] ? __fget_files+0x3b4/0x4a0 [ 279.687640][ T6178] ? __fget_files+0x3b9/0x4a0 [ 279.687784][ T6178] ? kmsan_get_metadata+0xfb/0x160 [ 279.687987][ T6178] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 279.688196][ T6178] __x64_sys_sendmsg+0x211/0x3e0 [ 279.688356][ T6178] ? kmsan_get_metadata+0xfb/0x160 [ 279.688562][ T6178] x64_sys_call+0x32fb/0x3db0 [ 279.688748][ T6178] do_syscall_64+0xd9/0x210 [ 279.688877][ T6178] ? irqentry_exit+0x16/0x60 [ 279.689048][ T6178] ? clear_bhb_loop+0x40/0x90 [ 279.689200][ T6178] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.689335][ T6178] RIP: 0033:0x7fb750f8e929 [ 279.689432][ T6178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.689541][ T6178] RSP: 002b:00007fb74edf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 279.689665][ T6178] RAX: ffffffffffffffda RBX: 00007fb7511b5fa0 RCX: 00007fb750f8e929 [ 279.689759][ T6178] RDX: 0000000004000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 279.689843][ T6178] RBP: 00007fb74edf6090 R08: 0000000000000000 R09: 0000000000000000 [ 279.689926][ T6178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 279.690005][ T6178] R13: 0000000000000000 R14: 00007fb7511b5fa0 R15: 00007fff5bd24028 [ 279.690159][ T6178] [ 280.138585][ T5859] usb 2-1: USB disconnect, device number 2 [ 280.210423][ T30] audit: type=1800 audit(1751558014.071:2): pid=6173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.55" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 280.328228][ T30] audit: type=1800 audit(1751558014.271:3): pid=6182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.55" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 280.704255][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.984000][ T5967] udevd[5967]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 281.032433][ T5971] udevd[5971]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 281.357310][ T6194] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 281.365509][ T6194] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 281.463333][ T6194] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 281.471721][ T6194] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 281.487678][ T5967] udevd[5967]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 281.523652][ T5971] udevd[5971]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 281.670361][ T6198] loop0: detected capacity change from 0 to 128 [ 283.213200][ T6204] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 283.635383][ T6214] capability: warning: `syz.0.70' uses deprecated v2 capabilities in a way that may be insecure [ 283.935408][ T5859] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 284.174706][ T5859] usb 2-1: config 0 has an invalid interface number: 128 but max is 0 [ 284.188484][ T5859] usb 2-1: config 0 has no interface number 0 [ 284.259282][ T5859] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 284.269965][ T5859] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.279016][ T5859] usb 2-1: Product: syz [ 284.288305][ T5859] usb 2-1: Manufacturer: syz [ 284.293156][ T5859] usb 2-1: SerialNumber: syz [ 284.440381][ T5859] usb 2-1: config 0 descriptor?? [ 284.746842][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 284.754739][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 284.902588][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 284.910784][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 285.144224][ T6234] loop3: detected capacity change from 0 to 1024 [ 285.270284][ T6238] syz.0.79 uses obsolete (PF_INET,SOCK_PACKET) [ 285.280625][ T6234] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 285.293578][ T6234] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 285.458736][ T6234] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 285.531697][ T5859] usb 2-1: Firmware version (0.0) predates our first public release. [ 285.540341][ T5859] usb 2-1: Please update to version 0.2 or newer [ 285.673587][ T6236] 9pnet: Could not find request transport: f‚ [ 285.766321][ T5859] usb 2-1: USB disconnect, device number 3 [ 285.873278][ T6248] loop2: detected capacity change from 0 to 128 [ 285.942535][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 285.949356][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.288891][ T4515] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 420 with error 28 [ 286.302921][ T4515] EXT4-fs (loop3): This should not happen!! Data will be lost [ 286.302921][ T4515] [ 286.313196][ T4515] EXT4-fs (loop3): Total free blocks count 0 [ 286.319841][ T4515] EXT4-fs (loop3): Free/Dirty block details [ 286.326217][ T4515] EXT4-fs (loop3): free_blocks=4293918720 [ 286.337614][ T4515] EXT4-fs (loop3): dirty_blocks=432 [ 286.343086][ T4515] EXT4-fs (loop3): Block reservation details [ 286.351410][ T4515] EXT4-fs (loop3): i_reserved_data_blocks=27 [ 287.348656][ T5812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.803994][ T6257] loop0: detected capacity change from 0 to 1024 [ 287.902207][ T6263] loop2: detected capacity change from 0 to 512 [ 287.957398][ T6257] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.109005][ T6257] mmap: syz.0.85 (6257) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 288.226418][ T6269] loop8: detected capacity change from 0 to 8 [ 288.241668][ T6263] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 288.255257][ T6263] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 288.315309][ T6269] Dev loop8: unable to read RDB block 8 [ 288.321245][ T6269] loop8: unable to read partition table [ 288.362030][ T5803] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 288.386629][ T6263] FAULT_INJECTION: forcing a failure. [ 288.386629][ T6263] name failslab, interval 1, probability 0, space 0, times 0 [ 288.407373][ T6263] CPU: 1 UID: 0 PID: 6263 Comm: syz.2.86 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 288.407536][ T6263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.407622][ T6263] Call Trace: [ 288.407676][ T6263] [ 288.407731][ T6263] __dump_stack+0x26/0x30 [ 288.407921][ T6263] dump_stack_lvl+0x1df/0x270 [ 288.408103][ T6263] dump_stack+0x1e/0x25 [ 288.408264][ T6263] should_fail_ex+0x7dc/0x8a0 [ 288.408443][ T6263] should_failslab+0x15b/0x200 [ 288.408640][ T6263] kmem_cache_alloc_noprof+0xf0/0xec0 [ 288.408780][ T6263] ? getname_flags+0x102/0xac0 [ 288.408915][ T6263] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 288.409089][ T6263] ? kmsan_get_metadata+0xfb/0x160 [ 288.409283][ T6263] getname_flags+0x102/0xac0 [ 288.409429][ T6263] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 288.409623][ T6263] __x64_sys_rename+0x70/0x140 [ 288.409759][ T6263] x64_sys_call+0x3553/0x3db0 [ 288.409932][ T6263] do_syscall_64+0xd9/0x210 [ 288.410066][ T6263] ? irqentry_exit+0x16/0x60 [ 288.410237][ T6263] ? clear_bhb_loop+0x40/0x90 [ 288.410386][ T6263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.410534][ T6263] RIP: 0033:0x7fcece98e929 [ 288.410630][ T6263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.410744][ T6263] RSP: 002b:00007fcecf7ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 288.410866][ T6263] RAX: ffffffffffffffda RBX: 00007fcecebb5fa0 RCX: 00007fcece98e929 [ 288.410959][ T6263] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000200000000180 [ 288.411043][ T6263] RBP: 00007fcecf7ba090 R08: 0000000000000000 R09: 0000000000000000 [ 288.411124][ T6263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 288.411200][ T6263] R13: 0000000000000000 R14: 00007fcecebb5fa0 R15: 00007ffe4e579c48 [ 288.411318][ T6263] [ 288.434667][ T6277] netlink: 'syz.4.90': attribute type 10 has an invalid length. [ 288.478546][ T6269] loop8: partition table beyond EOD, truncated [ 288.637441][ T6269] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 288.834577][ T6275] loop4: detected capacity change from 0 to 1024 [ 289.020692][ T6281] loop1: detected capacity change from 0 to 512 [ 289.151393][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.227691][ T6281] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 289.236478][ T6281] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 289.371776][ T6281] EXT4-fs (loop1): 1 truncate cleaned up [ 289.380111][ T6281] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.678510][ T6287] loop3: detected capacity change from 0 to 164 [ 289.836264][ T6285] process 'syz.3.92' launched '/dev/fd/3' with NULL argv: empty string added [ 289.866472][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.932330][ T3848] hfsplus: b-tree write err: -5, ino 4 [ 290.288152][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.369629][ T6289] loop2: detected capacity change from 0 to 512 [ 290.593205][ T6293] loop4: detected capacity change from 0 to 256 [ 290.663751][ T6294] loop0: detected capacity change from 0 to 1024 [ 290.665831][ T6289] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 290.684115][ T6289] ext4 filesystem being mounted at /15/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 290.771232][ T6299] loop3: detected capacity change from 0 to 128 [ 291.243967][ T6308] tmpfs: Bad value for 'mpol' [ 292.061982][ T6308] loop1: detected capacity change from 0 to 32768 [ 292.187945][ T6308] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 292.189416][ T6294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.211443][ T6294] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 292.450115][ T30] audit: type=1804 audit(1751558026.401:4): pid=6308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.98" name="/newroot/22/bus/cgroup.controllers" dev="loop1" ino=17058 res=1 errno=0 [ 292.550791][ T6299] FAT-fs (loop3): error, invalid FAT chain (i_pos 548, last_block 8) [ 292.559333][ T6299] FAT-fs (loop3): Filesystem has been set read-only [ 292.581430][ T6294] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 292.670716][ T30] audit: type=1800 audit(1751558026.501:5): pid=6299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.96" name="file1" dev="loop3" ino=1048612 res=0 errno=0 [ 292.739567][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 293.439536][ T3539] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 420 with error 28 [ 293.457173][ T3539] EXT4-fs (loop0): This should not happen!! Data will be lost [ 293.457173][ T3539] [ 293.468088][ T3539] EXT4-fs (loop0): Total free blocks count 0 [ 293.474312][ T3539] EXT4-fs (loop0): Free/Dirty block details [ 293.480557][ T3539] EXT4-fs (loop0): free_blocks=4293918720 [ 293.486729][ T3539] EXT4-fs (loop0): dirty_blocks=432 [ 293.492175][ T3539] EXT4-fs (loop0): Block reservation details [ 293.502122][ T3539] EXT4-fs (loop0): i_reserved_data_blocks=27 [ 294.156361][ T5810] ocfs2: Unmounting device (7,1) on (node local) [ 294.839540][ T6317] loop3: detected capacity change from 0 to 65536 [ 294.849613][ T6317] XFS: ikeep mount option is deprecated. [ 294.994622][ T6317] XFS (loop3): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 295.043351][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.395136][ T6317] XFS (loop3): Ending clean mount [ 295.416885][ T6317] XFS (loop3): Quotacheck needed: Please wait. [ 295.627866][ T6317] XFS (loop3): Quotacheck: Done. [ 295.941595][ T5812] XFS (loop3): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 295.977639][ T6345] netlink: 8 bytes leftover after parsing attributes in process `syz.4.107'. [ 296.006755][ T6340] loop2: detected capacity change from 0 to 32768 [ 296.016748][ T6340] btrfs: Deprecated parameter 'usebackuproot' [ 296.023102][ T6340] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 296.045464][ T6340] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.106 (6340) [ 296.956457][ T6340] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 296.967206][ T6340] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm [ 296.976599][ T6340] BTRFS info (device loop2): using free-space-tree [ 297.420224][ T3539] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 297.434499][ T6340] BTRFS error (device loop2): failed to load root extent [ 297.442126][ T6340] BTRFS warning (device loop2): try to load backup roots slot 1 [ 297.655157][ T3539] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 297.669368][ T6340] BTRFS warning (device loop2): couldn't read tree root [ 297.676777][ T6340] BTRFS warning (device loop2): try to load backup roots slot 2 [ 297.715403][ T6345] loop4: detected capacity change from 0 to 65536 [ 297.725338][ T6345] XFS: ikeep mount option is deprecated. [ 297.748965][ T6363] fuseblk: Unknown parameter 'euid<00000000000000000000' [ 297.811534][ T3539] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 297.824079][ T6340] BTRFS warning (device loop2): couldn't read tree root [ 297.831766][ T6340] BTRFS warning (device loop2): try to load backup roots slot 3 [ 297.852696][ T6345] XFS (loop4): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 297.949127][ T6340] BTRFS info (device loop2): rebuilding free space tree [ 298.012661][ T6340] BTRFS info (device loop2): checking UUID tree [ 298.092083][ T6340] netlink: 'syz.2.106': attribute type 10 has an invalid length. [ 298.117078][ T6340] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 298.141529][ T6340] fuse: Bad value for 'fd' [ 298.168452][ T6345] XFS (loop4): Ending clean mount [ 298.217695][ T6345] XFS (loop4): Quotacheck needed: Please wait. [ 298.444490][ T6345] XFS (loop4): Quotacheck: Done. [ 298.571404][ T5802] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 298.629557][ T5806] XFS (loop4): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 298.888656][ T6384] loop0: detected capacity change from 0 to 128 [ 300.404839][ T6392] loop3: detected capacity change from 0 to 1024 [ 300.582414][ T6384] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8) [ 300.591132][ T6384] FAT-fs (loop0): Filesystem has been set read-only [ 300.698202][ T30] audit: type=1800 audit(1751558034.541:6): pid=6384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.111" name="file1" dev="loop0" ino=1048613 res=0 errno=0 [ 300.797466][ T6392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 300.810329][ T6392] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 301.154201][ T6392] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 301.399826][ T6403] FAULT_INJECTION: forcing a failure. [ 301.399826][ T6403] name failslab, interval 1, probability 0, space 0, times 0 [ 301.413223][ T6403] CPU: 0 UID: 0 PID: 6403 Comm: syz.4.117 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 301.413365][ T6403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 301.413453][ T6403] Call Trace: [ 301.413504][ T6403] [ 301.413554][ T6403] __dump_stack+0x26/0x30 [ 301.413727][ T6403] dump_stack_lvl+0x1df/0x270 [ 301.413914][ T6403] dump_stack+0x1e/0x25 [ 301.414072][ T6403] should_fail_ex+0x7dc/0x8a0 [ 301.414258][ T6403] should_failslab+0x15b/0x200 [ 301.414459][ T6403] __kmalloc_cache_noprof+0xcb/0xed0 [ 301.414607][ T6403] ? device_add+0x101/0x1c10 [ 301.414786][ T6403] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 301.414961][ T6403] ? kmsan_get_metadata+0xfb/0x160 [ 301.415157][ T6403] device_add+0x101/0x1c10 [ 301.415349][ T6403] input_register_device+0xffd/0x19f0 [ 301.415498][ T6403] ? kmsan_get_metadata+0xfb/0x160 [ 301.415717][ T6403] uinput_create_device+0x6b8/0xa20 [ 301.415924][ T6403] uinput_ioctl_handler+0x544/0x1f40 [ 301.416146][ T6403] uinput_ioctl+0x42/0x50 [ 301.416303][ T6403] ? __pfx_uinput_ioctl+0x10/0x10 [ 301.416468][ T6403] __se_sys_ioctl+0x23c/0x400 [ 301.416659][ T6403] __x64_sys_ioctl+0x97/0xe0 [ 301.416847][ T6403] x64_sys_call+0x1ebe/0x3db0 [ 301.417035][ T6403] do_syscall_64+0xd9/0x210 [ 301.417181][ T6403] ? irqentry_exit+0x16/0x60 [ 301.417375][ T6403] ? clear_bhb_loop+0x40/0x90 [ 301.417529][ T6403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.417694][ T6403] RIP: 0033:0x7fe0a018e929 [ 301.417806][ T6403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.417923][ T6403] RSP: 002b:00007fe0a103f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 301.418069][ T6403] RAX: ffffffffffffffda RBX: 00007fe0a03b5fa0 RCX: 00007fe0a018e929 [ 301.418168][ T6403] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 301.418251][ T6403] RBP: 00007fe0a103f090 R08: 0000000000000000 R09: 0000000000000000 [ 301.418338][ T6403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.418439][ T6403] R13: 0000000000000000 R14: 00007fe0a03b5fa0 R15: 00007ffd2188b7a8 [ 301.418571][ T6403] [ 301.705677][ T5859] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 302.039672][ T5859] usb 3-1: config 0 has an invalid interface number: 52 but max is 0 [ 302.048199][ T5859] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 302.058747][ T5859] usb 3-1: config 0 has no interface number 0 [ 302.065641][ T5859] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 302.077287][ T5859] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 302.087533][ T5859] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 302.105744][ T5859] usb 3-1: config 0 interface 52 has no altsetting 0 [ 302.231349][ T3848] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 224 with error 28 [ 302.244805][ T3848] EXT4-fs (loop3): This should not happen!! Data will be lost [ 302.244805][ T3848] [ 302.255026][ T3848] EXT4-fs (loop3): Total free blocks count 0 [ 302.261257][ T3848] EXT4-fs (loop3): Free/Dirty block details [ 302.267640][ T3848] EXT4-fs (loop3): free_blocks=4293918720 [ 302.273651][ T3848] EXT4-fs (loop3): dirty_blocks=240 [ 302.279209][ T3848] EXT4-fs (loop3): Block reservation details [ 302.285610][ T3848] EXT4-fs (loop3): i_reserved_data_blocks=15 [ 302.499549][ T5859] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00 [ 302.513952][ T5859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=35 [ 302.524044][ T5859] usb 3-1: SerialNumber: syz [ 302.577922][ T5859] usb 3-1: config 0 descriptor?? [ 302.707035][ T5812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.836903][ T5859] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 302.837862][ T5859] synaptics_usb 3-1:0.52: probe with driver synaptics_usb failed with error -5 [ 303.938340][ T5859] usb 3-1: USB disconnect, device number 6 [ 304.796352][ T6426] loop3: detected capacity change from 0 to 32768 [ 304.829089][ T6426] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section replicas_v0: invalid device 1 in entry (unknown data_type 122): 1/246 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 5 5 6 7 8 9 10 11 14 14 24 27 31 35 43 47 47 51 56 65 68 80 89 96 102 119 128 132 172 173 174 179 205 222 235 245] [ 304.829089][ T6426] replicas_v0 (size 64): [ 304.829089][ T6426] (unknown data_type 122): 246 [119 43 0 222 65 89 132 205 31 174 173 5 172 235 128 0 0 0 0 0 0 0 0 0 0 1 8 0 0 0 179 245 51 102 0 0 0 0 0 0 14 96 0 0 0 0 0 0 0 0 0 0 0 0 5 0 0 0 1 0 0 0 9 0 0 0 0 0 0 0 7 0 0 0 0 0 0 0 24 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 80 0 0 0 10 0 0 0 0 0 0 0 0 0 0 0 56 68 14 0 0 0 0 0 0 0 0 0 0 [ 304.830079][ T6426] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry [ 305.334422][ T6432] loop0: detected capacity change from 0 to 128 [ 305.816282][ T5859] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 305.979605][ T6426] loop3: detected capacity change from 0 to 164 [ 306.054378][ T6426] rock: directory entry would overflow storage [ 306.061102][ T6426] rock: sig=0x5053, size=7, remaining=4 [ 306.067167][ T6426] isofs_fill_super: root inode is not a directory. Corrupted media? [ 306.160613][ T5859] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 306.171322][ T5859] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 306.180721][ T5859] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 306.191978][ T5859] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 306.680137][ T5859] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40 [ 306.690277][ T5859] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.698765][ T5859] usb 2-1: Product: syz [ 306.703175][ T5859] usb 2-1: Manufacturer: syz [ 306.713062][ T5859] usb 2-1: SerialNumber: syz [ 306.993151][ T5859] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found [ 307.000726][ T5859] cdc_ncm 2-1:1.0: bind() failure [ 307.024615][ T5859] usbtest 2-1:1.0: couldn't get endpoints, -22 [ 307.026971][ T6432] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8) [ 307.039452][ T6432] FAT-fs (loop0): Filesystem has been set read-only [ 307.039577][ T5859] usbtest 2-1:1.0: probe with driver usbtest failed with error -22 [ 307.234786][ T30] audit: type=1800 audit(1751558040.971:7): pid=6432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.125" name="file1" dev="loop0" ino=1048614 res=0 errno=0 [ 307.486563][ T5859] usb 2-1: USB disconnect, device number 4 [ 307.863721][ T6442] loop0: detected capacity change from 0 to 1024 [ 307.958416][ T6442] EXT4-fs: Ignoring removed nomblk_io_submit option [ 308.130114][ T6444] loop4: detected capacity change from 0 to 1024 [ 308.216169][ T6442] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 308.330876][ T6444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 308.344207][ T6444] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 308.613156][ T6458] FAULT_INJECTION: forcing a failure. [ 308.613156][ T6458] name failslab, interval 1, probability 0, space 0, times 0 [ 308.626381][ T6458] CPU: 1 UID: 0 PID: 6458 Comm: syz.1.134 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 308.626525][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 308.626607][ T6458] Call Trace: [ 308.626677][ T6458] [ 308.626729][ T6458] __dump_stack+0x26/0x30 [ 308.626904][ T6458] dump_stack_lvl+0x1df/0x270 [ 308.627085][ T6458] dump_stack+0x1e/0x25 [ 308.627237][ T6458] should_fail_ex+0x7dc/0x8a0 [ 308.627410][ T6458] should_failslab+0x15b/0x200 [ 308.627600][ T6458] __kvmalloc_node_noprof+0x24c/0x1530 [ 308.627752][ T6458] ? alloc_netdev_mqs+0xd77/0x2390 [ 308.627902][ T6458] ? kmsan_get_metadata+0xfb/0x160 [ 308.628084][ T6458] alloc_netdev_mqs+0xd77/0x2390 [ 308.628207][ T6458] ? snprintf+0x1d2/0x210 [ 308.628361][ T6458] ? __pfx_br_dev_setup+0x10/0x10 [ 308.628506][ T6458] rtnl_create_link+0x504/0x1ba0 [ 308.628621][ T6458] ? __pfx_br_dev_setup+0x10/0x10 [ 308.628771][ T6458] rtnl_newlink_create+0x300/0x1250 [ 308.628926][ T6458] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 308.629121][ T6458] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 308.629291][ T6458] ? kmsan_get_metadata+0x30/0x160 [ 308.629469][ T6458] rtnl_newlink+0x2f13/0x3a90 [ 308.629674][ T6458] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 308.629836][ T6458] ? kmsan_get_metadata+0xfb/0x160 [ 308.630048][ T6458] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 308.630233][ T6458] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 308.630406][ T6458] ? apparmor_capable+0x32d/0x410 [ 308.630577][ T6458] ? kmsan_get_metadata+0xfb/0x160 [ 308.630755][ T6458] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 308.630947][ T6458] ? kmsan_get_metadata+0xfb/0x160 [ 308.631131][ T6458] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 308.631323][ T6458] ? __rcu_read_unlock+0x6d/0xd0 [ 308.631456][ T6458] ? __pfx_rtnl_newlink+0x10/0x10 [ 308.631594][ T6458] rtnetlink_rcv_msg+0x106c/0x14b0 [ 308.631735][ T6458] ? stack_depot_save_flags+0x35/0x7b0 [ 308.631876][ T6458] ? kmsan_get_metadata+0xfb/0x160 [ 308.632076][ T6458] netlink_rcv_skb+0x54a/0x680 [ 308.632237][ T6458] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 308.632399][ T6458] rtnetlink_rcv+0x35/0x40 [ 308.632528][ T6458] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 308.632657][ T6458] netlink_unicast+0xed5/0x1290 [ 308.632805][ T6458] netlink_sendmsg+0x10b3/0x1250 [ 308.632966][ T6458] ? __pfx_netlink_sendmsg+0x10/0x10 [ 308.633099][ T6458] ? __pfx_netlink_sendmsg+0x10/0x10 [ 308.633244][ T6458] __sock_sendmsg+0x333/0x3d0 [ 308.633399][ T6458] ____sys_sendmsg+0x7e0/0xd80 [ 308.633558][ T6458] ___sys_sendmsg+0x271/0x3b0 [ 308.633707][ T6458] ? __rcu_read_unlock+0x6d/0xd0 [ 308.633837][ T6458] ? __fget_files+0x3b4/0x4a0 [ 308.633955][ T6458] ? __fget_files+0x3b9/0x4a0 [ 308.634080][ T6458] ? kmsan_get_metadata+0xfb/0x160 [ 308.634265][ T6458] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 308.634463][ T6458] __x64_sys_sendmsg+0x211/0x3e0 [ 308.634614][ T6458] ? kmsan_get_metadata+0xfb/0x160 [ 308.634811][ T6458] x64_sys_call+0x32fb/0x3db0 [ 308.634988][ T6458] do_syscall_64+0xd9/0x210 [ 308.635119][ T6458] ? irqentry_exit+0x16/0x60 [ 308.635293][ T6458] ? clear_bhb_loop+0x40/0x90 [ 308.635422][ T6458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.635547][ T6458] RIP: 0033:0x7fb18ed8e929 [ 308.635636][ T6458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.635733][ T6458] RSP: 002b:00007fb18fb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 308.635841][ T6458] RAX: ffffffffffffffda RBX: 00007fb18efb5fa0 RCX: 00007fb18ed8e929 [ 308.635926][ T6458] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 308.636000][ T6458] RBP: 00007fb18fb77090 R08: 0000000000000000 R09: 0000000000000000 [ 308.636069][ T6458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.636137][ T6458] R13: 0000000000000000 R14: 00007fb18efb5fa0 R15: 00007ffc58206608 [ 308.636243][ T6458] [ 309.345657][ T6444] EXT4-fs (loop4): shut down requested (2) [ 310.170853][ T6473] overlayfs: missing 'lowerdir' [ 310.238109][ T5806] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.302906][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.502632][ T6475] loop1: detected capacity change from 0 to 128 [ 310.755799][ T5859] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 311.130252][ T5859] usb 3-1: config 160 has an invalid interface number: 200 but max is 0 [ 311.139186][ T5859] usb 3-1: config 160 has no interface number 0 [ 311.146227][ T5859] usb 3-1: config 160 interface 200 has no altsetting 0 [ 312.275238][ T30] audit: type=1800 audit(1751558046.191:8): pid=6475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.140" name="file1" dev="loop1" ino=1048615 res=0 errno=0 [ 312.318258][ T6475] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8) [ 312.326907][ T6475] FAT-fs (loop1): Filesystem has been set read-only [ 312.823042][ T5859] usb 3-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b [ 312.833516][ T5859] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.841988][ T5859] usb 3-1: Product: syz [ 312.846516][ T5859] usb 3-1: Manufacturer: syz [ 312.856547][ T5859] usb 3-1: SerialNumber: syz [ 312.895300][ T6482] loop0: detected capacity change from 0 to 164 [ 312.913605][ T6482] rock: directory entry would overflow storage [ 312.920347][ T6482] rock: sig=0x5053, size=7, remaining=4 [ 312.928278][ T6482] isofs_fill_super: root inode is not a directory. Corrupted media? [ 313.820864][ T5859] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 313.830732][ T5859] usb 3-1: MIDIStreaming interface descriptor not found [ 314.181541][ T5859] usb 3-1: USB disconnect, device number 7 [ 314.536274][ T5851] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 314.628783][ T5998] udevd[5998]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 314.648786][ T6505] loop3: detected capacity change from 0 to 1024 [ 314.661603][ T6502] loop4: detected capacity change from 0 to 1024 [ 314.727960][ T5851] usb 2-1: Using ep0 maxpacket: 8 [ 314.730450][ T6502] EXT4-fs: Ignoring removed nomblk_io_submit option [ 314.748020][ T5851] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 314.757916][ T5851] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.802715][ T5851] usb 2-1: config 0 descriptor?? [ 314.928043][ T6502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.036684][ T6505] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.050679][ T6505] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 315.227181][ T6505] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 315.289300][ T5854] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 315.342233][ T6505] EXT4-fs (loop3): shut down requested (2) [ 315.384070][ T5803] Bluetooth: hci4: unexpected event 0x2f length: 763 > 260 [ 315.529171][ T5854] usb 3-1: Using ep0 maxpacket: 8 [ 315.599570][ T5806] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 315.687422][ T6519] netlink: 'syz.0.153': attribute type 10 has an invalid length. [ 315.715847][ T6519] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 315.744287][ T6519] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 315.776357][ T5854] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 315.785967][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.870981][ T5854] usb 3-1: config 0 descriptor?? [ 316.007265][ T5812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.209301][ T6516] loop0: detected capacity change from 0 to 1024 [ 316.352065][ T5851] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 316.362748][ T5851] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 316.430398][ T5851] asix 2-1:0.0: probe with driver asix failed with error -71 [ 316.513098][ T5851] usb 2-1: USB disconnect, device number 5 [ 316.771630][ T6516] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 316.780440][ T6516] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 316.815735][ T1601] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 316.821179][ T6525] loop3: detected capacity change from 0 to 164 [ 316.864090][ T6525] rock: directory entry would overflow storage [ 316.870766][ T6525] rock: sig=0x5053, size=7, remaining=4 [ 316.876753][ T6525] isofs_fill_super: root inode is not a directory. Corrupted media? [ 316.900905][ T6516] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 316.909155][ T6516] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 317.086236][ T1601] usb 5-1: Using ep0 maxpacket: 8 [ 317.120002][ T5854] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 317.130630][ T5854] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 317.167188][ T1601] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 317.178037][ T1601] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89 [ 317.190466][ T1601] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 317.201779][ T1601] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024 [ 317.213477][ T1601] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 317.225040][ T1601] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 317.278279][ T6516] bond0: (slave batadv0): Releasing backup interface [ 317.287156][ T5854] asix 3-1:0.0: probe with driver asix failed with error -71 [ 317.309494][ T5854] usb 3-1: USB disconnect, device number 8 [ 317.401959][ T1601] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8 [ 317.411714][ T1601] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 317.420409][ T1601] usb 5-1: Product: syz [ 317.424797][ T1601] usb 5-1: Manufacturer: syz [ 317.429791][ T1601] usb 5-1: SerialNumber: syz [ 317.441562][ T1601] usb 5-1: config 0 descriptor?? [ 317.450298][ T6523] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 317.914659][ T60] hfsplus: b-tree write err: -5, ino 4 [ 318.240886][ T6534] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11) [ 318.247850][ T6534] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 318.256148][ T6534] vhci_hcd vhci_hcd.0: Device attached [ 318.385665][ T6534] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(13) [ 318.392603][ T6534] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 318.400861][ T6534] vhci_hcd vhci_hcd.0: Device attached [ 318.505397][ T5851] vhci_hcd: vhci_device speed not set [ 318.567805][ T6534] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(18) [ 318.574753][ T6534] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 318.583595][ T6534] vhci_hcd vhci_hcd.0: Device attached [ 318.603785][ T5851] usb 39-1: new full-speed USB device number 2 using vhci_hcd [ 318.648443][ T6544] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(15) [ 318.655343][ T6544] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 318.663685][ T6544] vhci_hcd vhci_hcd.0: Device attached [ 319.143288][ T6541] vhci_hcd: connection closed [ 319.143716][ T6531] [U] ^C [ 319.152051][ T6535] vhci_hcd: connection reset by peer [ 319.160423][ T3539] vhci_hcd: stop threads [ 319.168286][ T3539] vhci_hcd: release socket [ 319.172960][ T3539] vhci_hcd: disconnect device [ 319.181978][ T6546] vhci_hcd: connection closed [ 319.182498][ T6545] vhci_hcd: connection closed [ 319.233618][ T3539] vhci_hcd: stop threads [ 319.243715][ T3539] vhci_hcd: release socket [ 319.248692][ T3539] vhci_hcd: disconnect device [ 319.256441][ T1601] rc_core: IR keymap rc-snapstream-firefly not found [ 319.263386][ T1601] Registered IR keymap rc-empty [ 319.271405][ T1601] rc rc0: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 319.284389][ T1601] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input8 [ 319.431811][ T3539] vhci_hcd: stop threads [ 319.437853][ T3539] vhci_hcd: release socket [ 319.443119][ T3539] vhci_hcd: disconnect device [ 319.459463][ T3539] vhci_hcd: stop threads [ 319.465087][ T3539] vhci_hcd: release socket [ 319.469748][ T3539] vhci_hcd: disconnect device [ 319.596402][ T1601] input: syz syz mouse as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input9 [ 319.813385][ C0] ati_remote 5-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19 [ 319.821586][ T1601] usb 5-1: USB disconnect, device number 6 [ 319.867132][ T6563] loop1: detected capacity change from 0 to 1024 [ 320.066292][ T6563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 320.079446][ T6563] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 320.232329][ T6569] loop0: detected capacity change from 0 to 164 [ 320.265706][ T6563] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 320.343993][ T6569] rock: directory entry would overflow storage [ 320.350922][ T6569] rock: sig=0x5053, size=7, remaining=4 [ 320.357023][ T6569] isofs_fill_super: root inode is not a directory. Corrupted media? [ 320.390266][ T6574] EXT4-fs (loop1): shut down requested (2) [ 320.760212][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.808343][ T6579] netlink: 16 bytes leftover after parsing attributes in process `syz.3.169'. [ 320.882495][ T6579] openvswitch: netlink: IP tunnel TTL not specified. [ 321.011933][ T6579] netlink: 24 bytes leftover after parsing attributes in process `syz.3.169'. [ 321.225483][ T1601] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 321.280913][ T6586] loop0: detected capacity change from 0 to 512 [ 321.347574][ T6586] EXT4-fs: Ignoring removed oldalloc option [ 321.437004][ T1601] usb 3-1: Using ep0 maxpacket: 8 [ 321.492195][ T1601] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 321.501882][ T1601] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.536958][ T6586] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 321.553442][ T1601] usb 3-1: config 0 descriptor?? [ 321.617709][ T6586] EXT4-fs (loop0): orphan cleanup on readonly fs [ 321.711407][ T6586] Quota error (device loop0): v2_read_file_info: Number of blocks too big for quota file size (4398012957696 > 6144). [ 321.724436][ T6586] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 321.741104][ T6586] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 321.933359][ T6586] EXT4-fs (loop0): 1 truncate cleaned up [ 321.942598][ T6586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 322.547935][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.587278][ T1601] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 322.597911][ T1601] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 322.693380][ T1601] asix 3-1:0.0: probe with driver asix failed with error -71 [ 322.758198][ T1601] usb 3-1: USB disconnect, device number 9 [ 322.781770][ T6600] loop3: detected capacity change from 0 to 8 [ 322.867029][ T6600] SQUASHFS error: Corrupted symlink [ 323.080066][ T6605] netlink: 24 bytes leftover after parsing attributes in process `syz.0.179'. [ 323.493605][ T6601] sctp: failed to load transform for md5: -2 [ 323.744129][ T5851] vhci_hcd: vhci_device speed not set [ 324.029064][ T6620] loop0: detected capacity change from 0 to 512 [ 324.093339][ T6621] loop2: detected capacity change from 0 to 1024 [ 324.108057][ T6620] EXT4-fs: Ignoring removed nobh option [ 324.208452][ T6623] syzkaller1: entered promiscuous mode [ 324.214220][ T6623] syzkaller1: entered allmulticast mode [ 324.224094][ T6620] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.183: iget: bad i_size value: 38620345925642 [ 324.251123][ T6620] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.183: couldn't read orphan inode 15 (err -117) [ 324.279197][ T6620] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.394476][ T6621] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.407512][ T6621] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 324.503642][ T6623] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2 [ 324.513242][ T6623] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0 [ 324.651282][ T6628] team_slave_1: entered promiscuous mode [ 324.667244][ T6628] netlink: 16 bytes leftover after parsing attributes in process `syz.1.185'. [ 324.806685][ T6621] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 324.953097][ T6621] EXT4-fs (loop2): shut down requested (2) [ 325.100169][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.537689][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.657130][ T6638] netlink: 16 bytes leftover after parsing attributes in process `syz.4.189'. [ 326.035292][ T5851] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 326.225508][ T5851] usb 2-1: Using ep0 maxpacket: 8 [ 326.246358][ T5851] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 326.255971][ T5851] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.286587][ T5851] usb 2-1: config 0 descriptor?? [ 326.435265][ T1601] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 326.571793][ T6650] kvm: pic: non byte write [ 326.625772][ T1601] usb 1-1: Using ep0 maxpacket: 16 [ 326.656640][ T1601] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 326.665668][ T1601] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 326.679807][ T1601] usb 1-1: config 0 has no interface number 0 [ 326.760641][ T1601] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 326.770283][ T1601] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.782205][ T1601] usb 1-1: Product: syz [ 326.787875][ T1601] usb 1-1: Manufacturer: syz [ 326.792780][ T1601] usb 1-1: SerialNumber: syz [ 326.942527][ T1601] usb 1-1: config 0 descriptor?? [ 326.975346][ T30] audit: type=1326 audit(1751558060.921:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.001323][ T30] audit: type=1326 audit(1751558060.941:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.025341][ T30] audit: type=1326 audit(1751558060.961:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.048263][ T30] audit: type=1326 audit(1751558060.991:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.070878][ T30] audit: type=1326 audit(1751558060.991:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.097317][ T30] audit: type=1326 audit(1751558061.011:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.121167][ T30] audit: type=1326 audit(1751558061.011:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.174753][ T1601] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 327.182309][ T1601] usb 1-1: No valid video chain found. [ 327.315019][ T1601] usb 1-1: USB disconnect, device number 5 [ 327.423741][ T5851] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 327.434562][ T5851] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 327.522297][ T5851] asix 2-1:0.0: probe with driver asix failed with error -71 [ 327.554206][ T30] audit: type=1326 audit(1751558061.181:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.577850][ T30] audit: type=1326 audit(1751558061.181:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.604174][ T30] audit: type=1326 audit(1751558061.181:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6630 comm="syz.3.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96c9b8e929 code=0x7ffc0000 [ 327.606700][ T5851] usb 2-1: USB disconnect, device number 6 [ 328.676825][ T6670] loop1: detected capacity change from 0 to 1024 [ 328.707080][ T1601] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 328.791026][ T6670] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.804107][ T6670] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 328.922711][ T1601] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.937864][ T1601] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 328.998091][ T1601] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 329.007963][ T1601] usb 3-1: New USB device strings: Mfr=0, Product=12, SerialNumber=0 [ 329.016556][ T1601] usb 3-1: Product: syz [ 329.051300][ T6676] EXT4-fs (loop1): shut down requested (2) [ 329.068708][ T1601] usb 3-1: config 0 descriptor?? [ 329.131307][ T1601] usbhid 3-1:0.0: can't add hid device: -22 [ 329.143359][ T1601] usbhid 3-1:0.0: probe with driver usbhid failed with error -22 [ 329.347597][ T6678] netlink: 16 bytes leftover after parsing attributes in process `syz.4.202'. [ 329.408855][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.822671][ T6683] loop1: detected capacity change from 0 to 128 [ 329.868170][ T6683] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8) [ 329.876988][ T6683] FAT-fs (loop1): Filesystem has been set read-only [ 330.929324][ T6694] loop4: detected capacity change from 0 to 2048 [ 331.039751][ T6694] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 331.048055][ T6694] UDF-fs: Scanning with blocksize 512 failed [ 331.192302][ T6694] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 331.227284][ T1601] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 331.416372][ T1601] usb 2-1: Using ep0 maxpacket: 8 [ 331.462668][ T1601] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 331.472390][ T1601] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.502564][ T5854] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 331.612623][ T1601] usb 2-1: config 0 descriptor?? [ 331.706819][ T5854] usb 4-1: Using ep0 maxpacket: 16 [ 331.747167][ T5854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 331.759449][ T5854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 331.769964][ T5854] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 331.783578][ T5854] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 331.793273][ T5854] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.996628][ T5859] usb 3-1: USB disconnect, device number 10 [ 331.998203][ T5854] usb 4-1: config 0 descriptor?? [ 332.330242][ T6708] loop0: detected capacity change from 0 to 1024 [ 332.457012][ T6708] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.470675][ T6708] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 332.564418][ T5854] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 332.572558][ T5854] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 332.580587][ T5854] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 332.588542][ T5854] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 332.596588][ T5854] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 332.624110][ T6711] netlink: 16 bytes leftover after parsing attributes in process `syz.2.215'. [ 332.750550][ T1601] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 332.762802][ T1601] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 332.794282][ T6719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 332.853333][ T6720] loop4: detected capacity change from 0 to 512 [ 332.880053][ T1601] asix 2-1:0.0: probe with driver asix failed with error -71 [ 332.936045][ T6721] EXT4-fs (loop0): shut down requested (2) [ 332.992802][ T5854] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0001/input/input10 [ 333.033469][ T6719] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 333.042161][ T1601] usb 2-1: USB disconnect, device number 7 [ 333.241118][ T6700] block device autoloading is deprecated and will be removed. [ 333.307097][ T6720] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.321460][ T6720] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 333.412534][ T5854] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 333.477771][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.536190][ T6710] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.213: corrupted inode contents [ 333.601416][ T6716] EXT4-fs (loop4): shut down requested (1) [ 333.605699][ T6710] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.213: mark_inode_dirty error [ 333.767599][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 333.767701][ T30] audit: type=1326 audit(1751558067.731:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.2.218" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcece98e929 code=0x0 [ 334.629204][ T5806] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.824448][ T6731] loop2: detected capacity change from 0 to 40427 [ 334.852487][ T3539] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 334.966213][ T6731] F2FS-fs (loop2): build fault injection rate: 690 [ 334.977100][ T6731] F2FS-fs (loop2): Image doesn't support compression [ 334.984482][ T6731] F2FS-fs (loop2): Image doesn't support compression [ 335.014551][ T6731] F2FS-fs (loop2): invalid crc value [ 335.438110][ T6731] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 335.866088][ T5802] syz-executor: attempt to access beyond end of device [ 335.866088][ T5802] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 335.881491][ T5802] CPU: 0 UID: 0 PID: 5802 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 335.881639][ T5802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 335.881720][ T5802] Call Trace: [ 335.881771][ T5802] [ 335.881821][ T5802] __dump_stack+0x26/0x30 [ 335.881989][ T5802] dump_stack_lvl+0x1df/0x270 [ 335.882175][ T5802] dump_stack+0x1e/0x25 [ 335.882332][ T5802] f2fs_handle_critical_error+0xa6f/0xc20 [ 335.882554][ T5802] f2fs_stop_checkpoint+0x65/0x80 [ 335.882743][ T5802] f2fs_write_end_io+0xb4b/0x1920 [ 335.882888][ T5802] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 335.883115][ T5802] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 335.883251][ T5802] bio_endio+0xe27/0xf80 [ 335.883429][ T5802] submit_bio_noacct+0x214/0x2710 [ 335.883654][ T5802] submit_bio+0x5a9/0x5d0 [ 335.883819][ T5802] f2fs_submit_write_bio+0x92/0x250 [ 335.883987][ T5802] __submit_merged_bio+0x16f/0x6a0 [ 335.884167][ T5802] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 335.884352][ T5802] __submit_merged_write_cond+0x458/0x9a0 [ 335.884573][ T5802] f2fs_write_data_pages+0x4bb2/0x5480 [ 335.884865][ T5802] ? kmsan_get_metadata+0xfb/0x160 [ 335.885094][ T5802] ? blk_trace_startstop+0x750/0xab0 [ 335.885229][ T5802] ? kmsan_get_metadata+0xfb/0x160 [ 335.885408][ T5802] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 335.885600][ T5802] ? free_unref_folios+0x2a2b/0x2aa0 [ 335.885753][ T5802] ? kmsan_get_metadata+0xfb/0x160 [ 335.885969][ T5802] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 335.886164][ T5802] ? kmsan_get_metadata+0xfb/0x160 [ 335.886376][ T5802] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 335.886570][ T5802] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 335.886784][ T5802] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 335.887009][ T5802] do_writepages+0x3ef/0x860 [ 335.887200][ T5802] ? _raw_spin_unlock+0x30/0x50 [ 335.887374][ T5802] ? wbc_attach_and_unlock_inode+0x131/0x680 [ 335.887554][ T5802] filemap_fdatawrite+0x207/0x260 [ 335.887833][ T5802] f2fs_sync_dirty_inodes+0x2ab/0x9e0 [ 335.888023][ T5802] f2fs_write_checkpoint+0xfe2/0x2b00 [ 335.888330][ T5802] kill_f2fs_super+0x2ff/0x970 [ 335.888500][ T5802] ? __pfx_kill_f2fs_super+0x10/0x10 [ 335.888671][ T5802] deactivate_locked_super+0xc8/0x3c0 [ 335.888862][ T5802] deactivate_super+0x12f/0x140 [ 335.889038][ T5802] cleanup_mnt+0x6fb/0x780 [ 335.889182][ T5802] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 335.889386][ T5802] ? __pfx___cleanup_mnt+0x10/0x10 [ 335.889532][ T5802] __cleanup_mnt+0x22/0x30 [ 335.889674][ T5802] task_work_run+0x209/0x2b0 [ 335.889848][ T5802] exit_to_user_mode_loop+0x2a6/0x330 [ 335.890034][ T5802] do_syscall_64+0x1e3/0x210 [ 335.890175][ T5802] ? irqentry_exit+0x16/0x60 [ 335.890359][ T5802] ? clear_bhb_loop+0x40/0x90 [ 335.890513][ T5802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.890657][ T5802] RIP: 0033:0x7fcece98fc57 [ 335.890762][ T5802] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 335.890881][ T5802] RSP: 002b:00007ffe4e578ed8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 335.891018][ T5802] RAX: 0000000000000000 RBX: 00007fcecea10925 RCX: 00007fcece98fc57 [ 335.891112][ T5802] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe4e578f90 [ 335.891197][ T5802] RBP: 00007ffe4e578f90 R08: 0000000000000000 R09: 0000000000000000 [ 335.891288][ T5802] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe4e57a020 [ 335.891390][ T5802] R13: 00007fcecea10925 R14: 0000000000051f5f R15: 00007ffe4e57a060 [ 335.891513][ T5802] [ 336.250987][ T5802] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 336.795137][ T5859] usb 4-1: USB disconnect, device number 7 [ 337.355486][ T24] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 337.611428][ T24] usb 2-1: not running at top speed; connect to a high speed hub [ 337.679937][ T24] usb 2-1: config 2 has an invalid interface number: 227 but max is 0 [ 337.688834][ T24] usb 2-1: config 2 has no interface number 0 [ 337.697099][ T24] usb 2-1: config 2 interface 227 has no altsetting 0 [ 337.732321][ T6763] loop0: detected capacity change from 0 to 1024 [ 337.803276][ T24] usb 2-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice=2c.d4 [ 337.813367][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.821915][ T24] usb 2-1: Product: syz [ 337.826500][ T24] usb 2-1: Manufacturer: syz [ 337.831415][ T24] usb 2-1: SerialNumber: syz [ 337.984441][ T6763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 337.997674][ T6763] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 338.342286][ T24] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 338.378991][ T6771] EXT4-fs (loop0): shut down requested (2) [ 338.442276][ T24] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 338.450994][ T24] pac7311 2-1:2.227: probe with driver pac7311 failed with error -71 [ 338.527878][ T6772] loop4: detected capacity change from 0 to 512 [ 338.569820][ T6774] netlink: 32 bytes leftover after parsing attributes in process `syz.3.230'. [ 338.573564][ T24] usb 2-1: USB disconnect, device number 8 [ 338.626781][ T5859] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 338.704716][ T6772] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 338.854630][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.877471][ T5859] usb 3-1: Using ep0 maxpacket: 8 [ 338.947438][ T5859] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 338.957152][ T5859] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.087784][ T6772] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 21) has entry past directory size at pos 128 [ 339.088026][ T5859] usb 3-1: config 0 descriptor?? [ 339.158787][ T6772] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 21) has entry past directory size at pos 128 [ 339.266430][ T6772] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 21) has entry past directory size at pos 128 [ 339.364749][ T6777] FAULT_INJECTION: forcing a failure. [ 339.364749][ T6777] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 339.383462][ T6777] CPU: 1 UID: 0 PID: 6777 Comm: syz.3.232 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 339.383601][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 339.383676][ T6777] Call Trace: [ 339.383723][ T6777] [ 339.383769][ T6777] __dump_stack+0x26/0x30 [ 339.383940][ T6777] dump_stack_lvl+0x1df/0x270 [ 339.384106][ T6777] dump_stack+0x1e/0x25 [ 339.384251][ T6777] should_fail_ex+0x7dc/0x8a0 [ 339.384427][ T6777] should_fail+0x2a/0x40 [ 339.384568][ T6777] should_fail_usercopy+0x2e/0x40 [ 339.384731][ T6777] _copy_to_user+0x35/0x120 [ 339.384905][ T6777] simple_read_from_buffer+0x1b2/0x340 [ 339.385110][ T6777] proc_fail_nth_read+0x1d2/0x2c0 [ 339.385275][ T6777] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 339.385423][ T6777] vfs_read+0x279/0xf00 [ 339.385590][ T6777] ? stack_depot_save_flags+0x35/0x7b0 [ 339.385756][ T6777] ? kmsan_get_metadata+0xfb/0x160 [ 339.385944][ T6777] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 339.386133][ T6777] __x64_sys_read+0x1fb/0x4d0 [ 339.386322][ T6777] x64_sys_call+0x39db/0x3db0 [ 339.386508][ T6777] do_syscall_64+0xd9/0x210 [ 339.386682][ T6777] ? irqentry_exit+0x16/0x60 [ 339.386874][ T6777] ? clear_bhb_loop+0x40/0x90 [ 339.387035][ T6777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.387182][ T6777] RIP: 0033:0x7f96c9b8d33c [ 339.387287][ T6777] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 339.387406][ T6777] RSP: 002b:00007f96ca92e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 339.387536][ T6777] RAX: ffffffffffffffda RBX: 00007f96c9db5fa0 RCX: 00007f96c9b8d33c [ 339.387636][ T6777] RDX: 000000000000000f RSI: 00007f96ca92e0a0 RDI: 0000000000000006 [ 339.387727][ T6777] RBP: 00007f96ca92e090 R08: 0000000000000000 R09: 0000000000000000 [ 339.387835][ T6777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.387934][ T6777] R13: 0000000000000000 R14: 00007f96c9db5fa0 R15: 00007ffce7d438c8 [ 339.388053][ T6777] [ 339.974463][ T6772] UDF-fs: error (device loop4): udf_read_inode: (ino 19) failed ident=264 [ 340.321564][ T5859] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 340.332142][ T5859] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 340.418672][ T5859] asix 3-1:0.0: probe with driver asix failed with error -71 [ 340.575413][ T5859] usb 3-1: USB disconnect, device number 11 [ 340.750357][ T6790] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 341.862683][ T6802] loop2: detected capacity change from 0 to 512 [ 341.967449][ T6802] EXT4-fs: Ignoring removed oldalloc option [ 342.047005][ T6804] loop1: detected capacity change from 0 to 1024 [ 342.087867][ T6802] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 342.166347][ T6802] EXT4-fs (loop2): orphan cleanup on readonly fs [ 342.238766][ T6802] Quota error (device loop2): v2_read_file_info: Number of blocks too big for quota file size (4398012957696 > 6144). [ 342.260167][ T6802] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 342.261303][ T6799] loop0: detected capacity change from 0 to 40427 [ 342.275419][ T6802] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 342.291488][ T6804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.304300][ T6804] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 342.355230][ T6799] F2FS-fs (loop0): Corrupted extension count (64 + 1 > 64) [ 342.362755][ T6799] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 342.395050][ T6806] netlink: 64 bytes leftover after parsing attributes in process `syz.4.242'. [ 342.554651][ T6802] EXT4-fs (loop2): 1 truncate cleaned up [ 342.563612][ T6802] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 342.763692][ T6799] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 342.771311][ T6799] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 342.803186][ T6816] EXT4-fs (loop1): shut down requested (2) [ 343.087955][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.366751][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.666024][ T5859] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 343.933689][ T5859] usb 5-1: not running at top speed; connect to a high speed hub [ 343.999692][ T5859] usb 5-1: config 2 has an invalid interface number: 227 but max is 0 [ 344.011659][ T5859] usb 5-1: config 2 has no interface number 0 [ 344.018334][ T5859] usb 5-1: config 2 interface 227 has no altsetting 0 [ 344.128784][ T5859] usb 5-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice=2c.d4 [ 344.139426][ T5859] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 344.148805][ T5859] usb 5-1: Product: syz [ 344.153222][ T5859] usb 5-1: Manufacturer: syz [ 344.159040][ T5859] usb 5-1: SerialNumber: syz [ 344.634704][ T5859] gspca_main: pac7311-2.14.0 probing 093a:2601 [ 344.675698][ T5859] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71 [ 344.684077][ T5859] pac7311 5-1:2.227: probe with driver pac7311 failed with error -71 [ 344.778472][ T5859] usb 5-1: USB disconnect, device number 7 [ 345.216394][ T6831] netlink: 4 bytes leftover after parsing attributes in process `syz.1.248'. [ 345.713697][ T6842] sp0: Synchronizing with TNC [ 346.065393][ T5859] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 346.175160][ T24] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 346.176117][ T6851] loop2: detected capacity change from 0 to 512 [ 346.245680][ T5859] usb 1-1: Using ep0 maxpacket: 32 [ 346.262745][ T6851] EXT4-fs: Ignoring removed oldalloc option [ 346.280703][ T6851] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 346.282615][ T5859] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 346.298159][ T5859] usb 1-1: config 0 has no interface number 0 [ 346.315131][ T6851] EXT4-fs (loop2): orphan cleanup on readonly fs [ 346.323679][ T6851] Quota error (device loop2): v2_read_file_info: Number of blocks too big for quota file size (4398012957696 > 6144). [ 346.341604][ T6851] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 346.357962][ T6851] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 346.370535][ T6851] EXT4-fs (loop2): 1 truncate cleaned up [ 346.379545][ T6851] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 346.428828][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 346.489441][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.505385][ T24] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 346.515058][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 346.561443][ T5859] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 346.570942][ T5859] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 346.579520][ T5859] usb 1-1: Product: syz [ 346.583973][ T5859] usb 1-1: Manufacturer: syz [ 346.589000][ T5859] usb 1-1: SerialNumber: syz [ 346.625284][ T24] usb 4-1: config 0 descriptor?? [ 346.698778][ T6857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 346.820910][ T5859] usb 1-1: config 0 descriptor?? [ 346.935959][ T5859] smsc95xx v2.0.0 [ 347.317570][ T5859] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 347.370485][ T5859] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 347.397235][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.403931][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 347.807897][ T24] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 347.818879][ T24] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 347.866797][ T24] asix 4-1:0.0: probe with driver asix failed with error -71 [ 347.983231][ T24] usb 4-1: USB disconnect, device number 8 [ 348.279326][ T6869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 348.338448][ T6870] FAULT_INJECTION: forcing a failure. [ 348.338448][ T6870] name failslab, interval 1, probability 0, space 0, times 0 [ 348.351872][ T6870] CPU: 1 UID: 0 PID: 6870 Comm: syz.1.259 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 348.352017][ T6870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 348.352096][ T6870] Call Trace: [ 348.352144][ T6870] [ 348.352192][ T6870] __dump_stack+0x26/0x30 [ 348.352359][ T6870] dump_stack_lvl+0x1df/0x270 [ 348.352539][ T6870] dump_stack+0x1e/0x25 [ 348.352699][ T6870] should_fail_ex+0x7dc/0x8a0 [ 348.352880][ T6870] should_failslab+0x15b/0x200 [ 348.353083][ T6870] kmem_cache_alloc_noprof+0xf0/0xec0 [ 348.353229][ T6870] ? skb_clone+0x3ca/0x580 [ 348.353374][ T6870] ? stack_depot_save_flags+0x35/0x7b0 [ 348.353527][ T6870] ? kmsan_get_metadata+0xfb/0x160 [ 348.353735][ T6870] skb_clone+0x3ca/0x580 [ 348.353886][ T6870] nfnetlink_rcv+0x79c/0x5420 [ 348.354067][ T6870] ? stack_depot_save_flags+0x35/0x7b0 [ 348.354236][ T6870] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 348.354440][ T6870] ? ref_tracker_free+0x557/0xe80 [ 348.354592][ T6870] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 348.354790][ T6870] ? __skb_clone+0x4b9/0x650 [ 348.354911][ T6870] ? __dev_queue_xmit+0x30c/0x5e20 [ 348.355048][ T6870] ? kmsan_get_metadata+0xfb/0x160 [ 348.355234][ T6870] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 348.355415][ T6870] ? kmsan_get_metadata+0xfb/0x160 [ 348.355606][ T6870] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 348.355820][ T6870] ? __netlink_deliver_tap+0xda9/0xdd0 [ 348.355984][ T6870] ? kmsan_get_metadata+0xfb/0x160 [ 348.356156][ T6870] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 348.356330][ T6870] ? kmsan_get_metadata+0xfb/0x160 [ 348.356503][ T6870] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 348.356713][ T6870] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 348.356868][ T6870] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 348.357023][ T6870] netlink_unicast+0xed5/0x1290 [ 348.357174][ T6870] netlink_sendmsg+0x10b3/0x1250 [ 348.357342][ T6870] ? __pfx_netlink_sendmsg+0x10/0x10 [ 348.357480][ T6870] ? __pfx_netlink_sendmsg+0x10/0x10 [ 348.357620][ T6870] __sock_sendmsg+0x333/0x3d0 [ 348.357789][ T6870] ____sys_sendmsg+0x7e0/0xd80 [ 348.357968][ T6870] ___sys_sendmsg+0x271/0x3b0 [ 348.358120][ T6870] ? __rcu_read_unlock+0x6d/0xd0 [ 348.358250][ T6870] ? __fget_files+0x3b4/0x4a0 [ 348.358368][ T6870] ? __fget_files+0x3b9/0x4a0 [ 348.358490][ T6870] ? kmsan_get_metadata+0xfb/0x160 [ 348.358658][ T6870] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 348.358850][ T6870] __x64_sys_sendmsg+0x211/0x3e0 [ 348.358994][ T6870] ? kmsan_get_metadata+0xfb/0x160 [ 348.359181][ T6870] x64_sys_call+0x32fb/0x3db0 [ 348.359349][ T6870] do_syscall_64+0xd9/0x210 [ 348.359477][ T6870] ? irqentry_exit+0x16/0x60 [ 348.359640][ T6870] ? clear_bhb_loop+0x40/0x90 [ 348.359780][ T6870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.359910][ T6870] RIP: 0033:0x7fb18ed8e929 [ 348.360003][ T6870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.360108][ T6870] RSP: 002b:00007fb18fb56038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 348.360225][ T6870] RAX: ffffffffffffffda RBX: 00007fb18efb6080 RCX: 00007fb18ed8e929 [ 348.360315][ T6870] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005 [ 348.360392][ T6870] RBP: 00007fb18fb56090 R08: 0000000000000000 R09: 0000000000000000 [ 348.360470][ T6870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 348.360543][ T6870] R13: 0000000000000000 R14: 00007fb18efb6080 R15: 00007ffc58206608 [ 348.360659][ T6870] [ 349.454304][ T6880] netlink: 24 bytes leftover after parsing attributes in process `syz.2.262'. [ 349.465329][ T6880] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode 802.3ad(4) [ 350.261430][ T6886] sp0: Synchronizing with TNC [ 350.564740][ T6888] loop1: detected capacity change from 0 to 2048 [ 350.599484][ T6888] EXT4-fs: Ignoring removed nobh option [ 350.718746][ T6888] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 350.732207][ T6888] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 350.915501][ T6897] loop4: detected capacity change from 0 to 512 [ 350.991872][ T6897] EXT4-fs: Ignoring removed oldalloc option [ 351.108820][ T6897] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 351.157767][ T5859] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000006c: -71 [ 351.170131][ T5859] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71 [ 351.228984][ T5859] usb 1-1: USB disconnect, device number 6 [ 351.427422][ T6897] EXT4-fs (loop4): orphan cleanup on readonly fs [ 351.487780][ T6897] Quota error (device loop4): v2_read_file_info: Number of blocks too big for quota file size (4398012957696 > 6144). [ 351.500871][ T6897] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 351.516160][ T6897] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 351.620437][ T6897] EXT4-fs (loop4): 1 truncate cleaned up [ 351.628717][ T6897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 351.722732][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.975868][ T5806] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.335445][ T6914] netlink: 16 bytes leftover after parsing attributes in process `syz.4.271'. [ 352.345431][ T6914] netlink: 40 bytes leftover after parsing attributes in process `syz.4.271'. [ 352.644759][ T6916] overlayfs: missing 'lowerdir' [ 353.206097][ T5854] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 353.412602][ T6926] netlink: 14 bytes leftover after parsing attributes in process `syz.4.274'. [ 353.687345][ T6931] syz.3.276 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 353.706929][ T5854] usb 1-1: config 160 has an invalid interface number: 200 but max is 0 [ 353.719269][ T5854] usb 1-1: config 160 has no interface number 0 [ 353.727223][ T5854] usb 1-1: config 160 interface 200 has no altsetting 0 [ 353.955476][ T6931] loop3: detected capacity change from 0 to 512 [ 353.967435][ T5854] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b [ 353.980560][ T5854] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 353.989033][ T5854] usb 1-1: Product: syz [ 353.993480][ T5854] usb 1-1: Manufacturer: syz [ 353.998490][ T5854] usb 1-1: SerialNumber: syz [ 354.095316][ T6931] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 354.438461][ T6931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.452140][ T6931] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 355.007370][ T5812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.487083][ T5854] usb 1-1: Quirk or no altset; falling back to MIDI 1.0 [ 356.494359][ T5854] usb 1-1: MIDIStreaming interface descriptor not found [ 356.741317][ T5854] usb 1-1: USB disconnect, device number 7 [ 357.213769][ T5981] udevd[5981]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 358.772705][ T6996] netlink: 44 bytes leftover after parsing attributes in process `syz.1.296'. [ 359.083079][ T7001] loop3: detected capacity change from 0 to 256 [ 359.130565][ T7001] vfat: Bad value for 'fmask' [ 359.645283][ T6976] Bluetooth: hci0: command 0x0406 tx timeout [ 359.657533][ T6976] Bluetooth: hci2: command 0x0406 tx timeout [ 359.668323][ T49] Bluetooth: hci4: command 0x0406 tx timeout [ 359.674611][ T49] Bluetooth: hci1: command 0x0406 tx timeout [ 359.684662][ T6976] Bluetooth: hci3: command 0x0406 tx timeout [ 360.619246][ T7024] loop2: detected capacity change from 0 to 512 [ 360.692813][ T7024] EXT4-fs: Ignoring removed i_version option [ 360.825639][ T7024] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.308: bad orphan inode 4261412864 [ 360.911306][ T7024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 360.924716][ T7024] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 363.216821][ T7029] loop3: detected capacity change from 0 to 2048 [ 363.497029][ T7029] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.605594][ T5802] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.272973][ T5812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.412797][ T7046] loop0: detected capacity change from 0 to 512 [ 364.673347][ T7046] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 364.836002][ T7046] EXT4-fs (loop0): 1 truncate cleaned up [ 364.844112][ T7046] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 365.351731][ T7046] EXT4-fs warning (device loop0): verify_group_input:156: Last group not full [ 365.442158][ T7047] loop2: detected capacity change from 0 to 1764 [ 365.525490][ T5859] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 365.638822][ T7057] loop4: detected capacity change from 0 to 256 [ 365.855549][ T5859] usb 2-1: Using ep0 maxpacket: 8 [ 365.951853][ T5859] usb 2-1: unable to get BOS descriptor or descriptor too short [ 365.979560][ T7055] loop3: detected capacity change from 0 to 2048 [ 366.058033][ T5859] usb 2-1: config 5 has an invalid interface number: 227 but max is 1 [ 366.066600][ T5859] usb 2-1: config 5 has an invalid interface number: 199 but max is 1 [ 366.075365][ T5859] usb 2-1: config 5 has no interface number 0 [ 366.081697][ T5859] usb 2-1: config 5 has no interface number 1 [ 366.088231][ T5859] usb 2-1: config 5 interface 227 has no altsetting 0 [ 366.095380][ T5859] usb 2-1: config 5 interface 199 has no altsetting 0 [ 366.333964][ T7047] ISOFS: unable to read i-node block [ 366.339732][ T7047] isofs_fill_super: get root inode failed [ 366.708890][ T5859] usb 2-1: New USB device found, idVendor=1199, idProduct=9090, bcdDevice=f2.4f [ 366.723210][ T5859] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 366.732974][ T5859] usb 2-1: Product: syz [ 366.737810][ T5859] usb 2-1: Manufacturer: syz [ 366.742672][ T5859] usb 2-1: SerialNumber: syz [ 367.046461][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.449650][ T7055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.712340][ T7055] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 367.953831][ T5859] usb 2-1: USB disconnect, device number 9 [ 368.390176][ T5812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.415360][ T7069] netlink: 12 bytes leftover after parsing attributes in process `syz.4.321'. [ 368.424696][ T7069] netlink: 20 bytes leftover after parsing attributes in process `syz.4.321'. [ 369.277249][ T7079] loop4: detected capacity change from 0 to 512 [ 369.319308][ T7079] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 369.521564][ T7079] EXT4-fs (loop4): 1 truncate cleaned up [ 369.530250][ T7079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 369.530526][ T7081] loop1: detected capacity change from 0 to 512 [ 369.553897][ T7081] ext4: Unknown parameter 'seclabel' [ 369.794732][ T7079] EXT4-fs (loop4): shut down requested (1) [ 370.122634][ T5806] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.613365][ T7093] loop1: detected capacity change from 0 to 1024 [ 370.859591][ T5854] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 370.971554][ T3848] hfsplus: b-tree write err: -5, ino 8 [ 371.060592][ T5854] usb 3-1: Using ep0 maxpacket: 16 [ 371.096859][ T5854] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 371.107745][ T5854] usb 3-1: New USB device found, idVendor=07c0, idProduct=1525, bcdDevice= 0.00 [ 371.120250][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.174790][ T5854] usb 3-1: config 0 descriptor?? [ 371.201732][ T5854] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 371.755518][ T7108] loop1: detected capacity change from 0 to 8 [ 371.802083][ T7108] squashfs image failed sanity check [ 371.962998][ T7108] loop1: detected capacity change from 0 to 256 [ 372.089599][ T7108] loop1: detected capacity change from 0 to 512 [ 372.126490][ T7108] ext2: Unknown parameter 'measure' [ 372.643780][ T7115] loop4: detected capacity change from 0 to 2048 [ 372.789509][ T7115] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 372.908975][ T7115] EXT4-fs error (device loop4): ext4_lookup:1787: inode #16: comm syz.4.341: iget: bad i_size value: 8796093031208 [ 373.341311][ T5806] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 373.666654][ T5854] usb 3-1: USB disconnect, device number 12 [ 373.711230][ T7129] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 373.950510][ T7132] loop4: detected capacity change from 0 to 256 [ 375.793700][ T7146] loop0: detected capacity change from 0 to 512 [ 377.307632][ T7146] EXT4-fs: Ignoring removed orlov option [ 377.361550][ T7148] loop4: detected capacity change from 0 to 128 [ 377.424158][ T7146] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 377.497354][ T7146] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 377.580656][ T7146] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.353: corrupted in-inode xattr: e_value size too large [ 377.863693][ T7146] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.353: couldn't read orphan inode 15 (err -117) [ 378.013605][ T7159] syz.4.354: attempt to access beyond end of device [ 378.013605][ T7159] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 378.027934][ T7159] syz.4.354: attempt to access beyond end of device [ 378.027934][ T7159] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128 [ 378.042054][ T7159] syz.4.354: attempt to access beyond end of device [ 378.042054][ T7159] loop4: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 378.078558][ T7159] syz.4.354: attempt to access beyond end of device [ 378.078558][ T7159] loop4: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 378.110049][ T7159] syz.4.354: attempt to access beyond end of device [ 378.110049][ T7159] loop4: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 378.125673][ T7159] syz.4.354: attempt to access beyond end of device [ 378.125673][ T7159] loop4: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 378.205805][ T7146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.488551][ T7159] syz.4.354: attempt to access beyond end of device [ 378.488551][ T7159] loop4: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 378.743715][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 379.015526][ T5854] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 379.245952][ T5854] usb 3-1: Using ep0 maxpacket: 16 [ 379.322733][ T5854] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 379.337577][ T5854] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 379.424719][ T5854] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 379.434569][ T5854] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 379.443039][ T5854] usb 3-1: Product: syz [ 379.447629][ T5854] usb 3-1: Manufacturer: syz [ 379.452486][ T5854] usb 3-1: SerialNumber: syz [ 379.461034][ T4515] kworker/u8:30: attempt to access beyond end of device [ 379.461034][ T4515] loop4: rw=1, sector=257, nr_sectors = 8 limit=128 [ 379.475365][ T4515] kworker/u8:30: attempt to access beyond end of device [ 379.475365][ T4515] loop4: rw=1, sector=273, nr_sectors = 8 limit=128 [ 379.497410][ T4515] kworker/u8:30: attempt to access beyond end of device [ 379.497410][ T4515] loop4: rw=1, sector=289, nr_sectors = 8 limit=128 [ 380.044608][ T5854] usb 3-1: cannot find UAC_HEADER [ 380.149935][ T5854] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 380.266390][ T5854] usb 3-1: USB disconnect, device number 13 [ 380.320630][ T7177] binder_alloc: 7172: pid 7172 spamming oneway? 1 buffers allocated for a total size of 6144 [ 380.340114][ T7174] loop0: detected capacity change from 0 to 512 [ 380.385078][ T7174] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 380.667303][ T5971] udevd[5971]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 381.671721][ T7191] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.370' sets config #-1 [ 381.753359][ T7191] usb usb1: usbfs: process 7191 (syz.2.370) did not claim interface 4 before use [ 383.386408][ T7204] loop3: detected capacity change from 0 to 1024 [ 383.833153][ T30] audit: type=1800 audit(1751558117.771:33): pid=7204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.374" name="file1" dev="loop3" ino=20 res=0 errno=0 [ 384.017324][ T7210] loop1: detected capacity change from 0 to 512 [ 384.238388][ T7210] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 384.511106][ T7210] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 384.525749][ T7210] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 385.071858][ T3539] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.199674][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.250991][ T3539] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.360897][ T7224] loop4: detected capacity change from 0 to 256 [ 385.440321][ T3539] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.624634][ T3539] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 386.611814][ T3539] bridge_slave_1: left allmulticast mode [ 386.617956][ T3539] bridge_slave_1: left promiscuous mode [ 386.625018][ T3539] bridge0: port 2(bridge_slave_1) entered disabled state [ 386.787858][ T3539] bridge_slave_0: left allmulticast mode [ 386.793911][ T3539] bridge_slave_0: left promiscuous mode [ 386.800752][ T3539] bridge0: port 1(bridge_slave_0) entered disabled state [ 387.868276][ T3539] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 387.972878][ T3539] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 388.010025][ T3539] bond0 (unregistering): Released all slaves [ 388.986727][ T3539] hsr_slave_0: left promiscuous mode [ 389.001140][ T3539] hsr_slave_1: left promiscuous mode [ 389.012365][ T3539] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 389.020334][ T3539] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 389.137364][ T3539] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 389.147536][ T3539] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 389.189175][ T7237] loop1: detected capacity change from 0 to 512 [ 389.280901][ T3539] veth1_macvtap: left promiscuous mode [ 389.288625][ T3539] veth0_macvtap: left promiscuous mode [ 389.294754][ T3539] veth1_vlan: left promiscuous mode [ 389.300612][ T3539] veth0_vlan: left promiscuous mode [ 389.698272][ T7237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 389.711556][ T7237] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 389.942555][ T30] audit: type=1800 audit(1751558123.881:34): pid=7250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.388" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 390.309766][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.412991][ T5803] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 390.436420][ T5803] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 390.476818][ T5803] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 390.538534][ T5803] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 390.561530][ T5803] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 391.132257][ T7268] loop1: detected capacity change from 0 to 1024 [ 391.161572][ T3539] team0 (unregistering): Port device team_slave_1 removed [ 391.238606][ T7268] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 391.250302][ T7268] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 391.287592][ T3539] team0 (unregistering): Port device team_slave_0 removed [ 391.341494][ T7268] JBD2: no valid journal superblock found [ 391.348937][ T7268] EXT4-fs (loop1): Could not load journal inode [ 391.620691][ T7268] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 391.638188][ T7271] loop0: detected capacity change from 0 to 1024 [ 391.816528][ T7271] ===================================================== [ 391.823996][ T7271] BUG: KMSAN: uninit-value in hfsplus_attr_bin_cmp_key+0xd9/0x190 [ 391.832331][ T7271] hfsplus_attr_bin_cmp_key+0xd9/0x190 [ 391.838124][ T7271] hfs_find_rec_by_key+0xab/0x240 [ 391.843429][ T7271] __hfsplus_brec_find+0x274/0x840 [ 391.848948][ T7271] hfsplus_brec_find+0x4df/0x9f0 [ 391.854284][ T7271] hfsplus_find_attr+0x1eb/0x260 [ 391.859698][ T7271] __hfsplus_getxattr+0x401/0x1020 [ 391.865432][ T7271] hfsplus_getxattr+0x240/0x3f0 [ 391.870962][ T7271] hfsplus_security_getxattr+0x53/0x70 [ 391.876827][ T7271] vfs_getxattr_alloc+0x731/0xc00 [ 391.882138][ T7271] ima_read_xattr+0x51/0xe0 [ 391.887101][ T7271] process_measurement+0x26fd/0x40e0 [ 391.892638][ T7271] ima_file_check+0x8e/0xd0 [ 391.898044][ T7271] security_file_post_open+0xbf/0x530 [ 391.908070][ T7271] path_openat+0x5ac3/0x6760 [ 391.912939][ T7271] do_filp_open+0x280/0x660 [ 391.920757][ T7271] do_sys_openat2+0x1bb/0x2f0 [ 391.926217][ T7271] __x64_sys_open+0x219/0x2c0 [ 391.931128][ T7271] x64_sys_call+0x18ec/0x3db0 [ 391.936186][ T7271] do_syscall_64+0xd9/0x210 [ 391.940906][ T7271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.947196][ T7271] [ 391.949651][ T7271] Uninit was created at: [ 391.954164][ T7271] __kmalloc_noprof+0x95f/0x1310 [ 391.959462][ T7271] hfsplus_find_init+0x90/0x1d0 [ 391.964577][ T7271] __hfsplus_getxattr+0x355/0x1020 [ 391.970047][ T7271] hfsplus_getxattr+0x240/0x3f0 [ 391.975231][ T7271] hfsplus_security_getxattr+0x53/0x70 [ 391.980940][ T7271] vfs_getxattr_alloc+0x731/0xc00 [ 391.986801][ T7271] ima_read_xattr+0x51/0xe0 [ 391.991540][ T7271] process_measurement+0x26fd/0x40e0 [ 391.997262][ T7271] ima_file_check+0x8e/0xd0 [ 392.001999][ T7271] security_file_post_open+0xbf/0x530 [ 392.011946][ T7271] path_openat+0x5ac3/0x6760 [ 392.018341][ T7271] do_filp_open+0x280/0x660 [ 392.023173][ T7271] do_sys_openat2+0x1bb/0x2f0 [ 392.028297][ T7271] __x64_sys_open+0x219/0x2c0 [ 392.033222][ T7271] x64_sys_call+0x18ec/0x3db0 [ 392.038338][ T7271] do_syscall_64+0xd9/0x210 [ 392.043042][ T7271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.049385][ T7271] [ 392.051876][ T7271] CPU: 1 UID: 0 PID: 7271 Comm: syz.0.396 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 392.064291][ T7271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 392.074662][ T7271] ===================================================== [ 392.081983][ T7271] Disabling lock debugging due to kernel taint [ 392.088507][ T7271] Kernel panic - not syncing: kmsan.panic set ... [ 392.095139][ T7271] CPU: 1 UID: 0 PID: 7271 Comm: syz.0.396 Tainted: G B 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) [ 392.108980][ T7271] Tainted: [B]=BAD_PAGE [ 392.113280][ T7271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 392.123534][ T7271] Call Trace: [ 392.126954][ T7271] [ 392.130015][ T7271] __dump_stack+0x26/0x30 [ 392.134561][ T7271] dump_stack_lvl+0x53/0x270 [ 392.139358][ T7271] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 392.145414][ T7271] dump_stack+0x1e/0x25 [ 392.149785][ T7271] panic+0x4bd/0xd50 [ 392.153937][ T7271] kmsan_report+0x31c/0x320 [ 392.158699][ T7271] ? kmsan_get_metadata+0xfb/0x160 [ 392.164042][ T7271] ? __msan_warning+0x1b/0x30 [ 392.168935][ T7271] ? hfsplus_attr_bin_cmp_key+0xd9/0x190 [ 392.174784][ T7271] ? hfs_find_rec_by_key+0xab/0x240 [ 392.180244][ T7271] ? __hfsplus_brec_find+0x274/0x840 [ 392.185786][ T7271] ? hfsplus_brec_find+0x4df/0x9f0 [ 392.191144][ T7271] ? hfsplus_find_attr+0x1eb/0x260 [ 392.196442][ T7271] ? __hfsplus_getxattr+0x401/0x1020 [ 392.201917][ T7271] ? hfsplus_getxattr+0x240/0x3f0 [ 392.207155][ T7271] ? hfsplus_security_getxattr+0x53/0x70 [ 392.213004][ T7271] ? vfs_getxattr_alloc+0x731/0xc00 [ 392.218454][ T7271] ? ima_read_xattr+0x51/0xe0 [ 392.223314][ T7271] ? process_measurement+0x26fd/0x40e0 [ 392.228990][ T7271] ? ima_file_check+0x8e/0xd0 [ 392.233857][ T7271] ? security_file_post_open+0xbf/0x530 [ 392.239602][ T7271] ? path_openat+0x5ac3/0x6760 [ 392.244587][ T7271] ? do_filp_open+0x280/0x660 [ 392.249482][ T7271] ? do_sys_openat2+0x1bb/0x2f0 [ 392.254536][ T7271] ? __x64_sys_open+0x219/0x2c0 [ 392.259605][ T7271] ? x64_sys_call+0x18ec/0x3db0 [ 392.264677][ T7271] ? do_syscall_64+0xd9/0x210 [ 392.269535][ T7271] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.275805][ T7271] ? kmsan_get_metadata+0xfb/0x160 [ 392.281149][ T7271] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 392.287213][ T7271] ? kmsan_get_metadata+0xfb/0x160 [ 392.292566][ T7271] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 392.299047][ T7271] ? kmsan_get_metadata+0xfb/0x160 [ 392.304397][ T7271] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 392.310877][ T7271] ? kmsan_get_metadata+0xfb/0x160 [ 392.316253][ T7271] __msan_warning+0x1b/0x30 [ 392.320990][ T7271] hfsplus_attr_bin_cmp_key+0xd9/0x190 [ 392.326689][ T7271] hfs_find_rec_by_key+0xab/0x240 [ 392.331958][ T7271] ? __pfx_hfsplus_attr_bin_cmp_key+0x10/0x10 [ 392.338245][ T7271] __hfsplus_brec_find+0x274/0x840 [ 392.343639][ T7271] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 392.349537][ T7271] hfsplus_brec_find+0x4df/0x9f0 [ 392.354716][ T7271] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 392.360658][ T7271] hfsplus_find_attr+0x1eb/0x260 [ 392.365789][ T7271] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 392.371892][ T7271] __hfsplus_getxattr+0x401/0x1020 [ 392.377236][ T7271] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 392.383729][ T7271] ? __msan_memcpy+0x108/0x1c0 [ 392.388709][ T7271] hfsplus_getxattr+0x240/0x3f0 [ 392.393768][ T7271] hfsplus_security_getxattr+0x53/0x70 [ 392.399440][ T7271] ? __pfx_hfsplus_security_getxattr+0x10/0x10 [ 392.405800][ T7271] vfs_getxattr_alloc+0x731/0xc00 [ 392.411101][ T7271] ima_read_xattr+0x51/0xe0 [ 392.415892][ T7271] process_measurement+0x26fd/0x40e0 [ 392.421486][ T7271] ? security_file_post_open+0xbf/0x530 [ 392.427237][ T7271] ? __msan_warning+0x1b/0x30 [ 392.432149][ T7271] ? filter_irq_stacks+0x13f/0x190 [ 392.437547][ T7271] ? kmsan_get_metadata+0xfb/0x160 [ 392.442899][ T7271] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 392.448955][ T7271] ? end_current_label_crit_section+0x112/0x290 [ 392.455411][ T7271] ? kmsan_get_metadata+0xfb/0x160 [ 392.460749][ T7271] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 392.466821][ T7271] ima_file_check+0x8e/0xd0 [ 392.471573][ T7271] security_file_post_open+0xbf/0x530 [ 392.477257][ T7271] path_openat+0x5ac3/0x6760 [ 392.482202][ T7271] do_filp_open+0x280/0x660 [ 392.487001][ T7271] do_sys_openat2+0x1bb/0x2f0 [ 392.491916][ T7271] __x64_sys_open+0x219/0x2c0 [ 392.496818][ T7271] x64_sys_call+0x18ec/0x3db0 [ 392.501746][ T7271] do_syscall_64+0xd9/0x210 [ 392.506458][ T7271] ? irqentry_exit+0x16/0x60 [ 392.511303][ T7271] ? clear_bhb_loop+0x40/0x90 [ 392.516207][ T7271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.522311][ T7271] RIP: 0033:0x7fb750f8e929 [ 392.526938][ T7271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.546794][ T7271] RSP: 002b:00007fb74edf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 392.555421][ T7271] RAX: ffffffffffffffda RBX: 00007fb7511b5fa0 RCX: 00007fb750f8e929 [ 392.563560][ T7271] RDX: 0000000000000038 RSI: 0000000000185102 RDI: 0000200000000340 [ 392.571699][ T7271] RBP: 00007fb751010b39 R08: 0000000000000000 R09: 0000000000000000 [ 392.579825][ T7271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 392.587964][ T7271] R13: 0000000000000000 R14: 00007fb7511b5fa0 R15: 00007fff5bd24028 [ 392.596136][ T7271] [ 392.599644][ T7271] Kernel Offset: disabled [ 392.604067][ T7271] Rebooting in 86400 seconds..