last executing test programs: 48.783219555s ago: executing program 0 (id=53): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)={0x30, 0x2, 0x3, 0x801, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0xfffffffe, 0x2}}, @NFQA_CFG_QUEUE_MAXLEN={0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x28}}]}, 0x30}, 0x1, 0x0, 0x0, 0x410}, 0x8000) 48.315719907s ago: executing program 0 (id=55): r0 = syz_open_procfs(0x0, 0x0) fchdir(r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x7, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000002c0)={"8022e64e74e6f67b82f0d8a62127912e8e0facb291d8f00126635901181631134a20c7ef49c18bc0bbece53852b95bb8302f6c2286d6b0fb5b13bbdd128c382cebf211c3853f6fb48ab335f3ac853cf7c64d4f27ece7c262cdabfa5660cde1d28dc3eab72b8cfa5b08d6129c86ca79bd9dc43c37e75246dcf04b3816fd90365c877a2c10e8ef4c444ecb4784a0afbf5e962e390bb1ad3bbce049ae51325e79f5ab8bfa80b35fff1da6833ec7fa9ebfc93da9e4b190e5e3a752eca97dc669a937e6ab654169108a38d414fb90e1b894494f314298428ef482b0ff9084c95e735b6b09ca2de115d77f6a657fb7da142c896f9dce212aa58af72879da88687ce4620501a4ba17e906a02662f902745e8ddfb50874ce099ac0fc00ed05470d176364b1f30495b4a088bdde663172734fa8107e5fc0cd4fa60869c83a6669a4ea3040dbaa38f2571543d8521e37ab5aa5be850e3ade4b9eb09e6de146aa0c8fc98fea7bb50efa589af6978ec8d970f908dc4676ea3d15b3b6ebe8ae56a6292704900e611367b278b6716b4d04279792aeb649688ac6bcb7a5e58cbab0c07c8916a7cef3bb0d6303523bad9c0ad5f3024dfbdf364792b75f0ba19d56c5b3bf645fc40061edf7e042de07fc652ec4958373d9f3af542adc030334cc63caa85c8a2628bb1d257c746b2cc57798c23e30f2799f5f392f6af7a3d0cc47299928634afd54ce987c1951989ef81b39f5c7ba4cb2a74250f15261fedf3a25396b83199151ea4b406c2e1aa3135f2a77a8d75b75ef0b25efcdb3b031d8eaed29862173e93994f8d6e6e70df79978551804744eefa635c71d4b38da513f3ea8f48853322cfe5ef1b1ee632e0fcd3eae1993d883fc91f0f2437dce252b6ce5175e7d119afcb9c3c92baf3df6716ce61b54d0dd7dda2360a4c93e26f3eaa4a1637d108966074638697f5b374cf9ae6b32dce29da73fece352c94a1bdb45d6e0fe98533562ee5e55d2f2d3ce5c301ca9c5706a1d0605414f103878eb88169e6681297616b4e1c8c1a43a33f5d99b619962066e7c5698470772696f58dbed61d8507119769e30101f229e012a08b76c0d752cdb290d46f2504177164282fbd084a4817b5ed7448586bc3de1d30af5472e6b67d2ad120e1401ebdcc5358c8eff7e68f4a48aed32f55970a5a6a7c7dcba4887bc4bb1c7fde1610ed25f4f64f25a9f79fad21b5e558fcc97c120c0977a92f5471cc391edf228ff4bf7f9fc7b92737e32b3af48780cb96f5623b5f01dcd3cea45d72ccdb7a36682fd3094542726b24790534728f2c0b2757edc7599ccb170b2db42c9460c42082081ab86d9d5fc971b4d7987ee2c70ced65e08d74474763c6d6ec671c42f6acaa4ccbd2fe981121c04571c1794450b9650b0249f2a633e880ab386510ea86298112a2f01f0ac7f81ee00"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@arm64={0x9b, 0xa, 0x80, '\x00', 0x3}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, 0x0) 46.763980278s ago: executing program 0 (id=62): prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, &(0x7f0000000040)) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x2, 0x3, 0xff) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) 43.084223251s ago: executing program 0 (id=73): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0)) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f000028f000/0x4000)=nil, 0x400000, 0x2, 0x2}) 41.1940223s ago: executing program 0 (id=81): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(0x0, 0x80000) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) r0 = dup(0xffffffffffffffff) write$FUSE_BMAP(r0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0xffffff1f, 0x4, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0) write$FUSE_DIRENTPLUS(r0, 0x0, 0x298) write$FUSE_NOTIFY_RETRIEVE(r0, 0x0, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x13c) fchownat(r2, 0x0, 0x0, 0x0, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r3, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000280)=ANY=[], 0x8) recvmmsg(r3, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) 39.814671882s ago: executing program 0 (id=86): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r2 = socket$inet(0x2, 0xa, 0x20) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) shutdown(0xffffffffffffffff, 0x1) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'macvlan1\x00', 0x0}) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x6, 0x0, 0x2, "57d4915b52cdfd4e8ea56ed6c1ca719a"}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f00000004c0)={'gretap0\x00', &(0x7f0000000340)={'syztnl1\x00', r4, 0xc1, 0x40, 0x6, 0x1, {{0x17, 0x4, 0x3, 0x0, 0x5c, 0x64, 0x0, 0x5, 0x29, 0x0, @loopback, @multicast2, {[@timestamp_prespec={0x44, 0x34, 0x46, 0x3, 0x4, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}, {@empty, 0x5}, {@dev={0xac, 0x14, 0x14, 0x24}, 0x400007}, {@dev={0xac, 0x14, 0x14, 0x13}, 0x7}, {@loopback, 0xfffffff8}, {@remote, 0x1}]}, @end, @lsrr={0x83, 0x13, 0xf2, [@rand_addr=0x64010101, @private=0xa010102, @loopback, @broadcast]}]}}}}}) sendmsg$nl_route_sched(r5, &(0x7f00000006c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000500)=@delchain={0x94, 0x65, 0x300, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xc, 0xffff}, {0x8, 0x7}, {0x2, 0x10}}, [@TCA_CHAIN={0x8, 0xb, 0x4}, @filter_kind_options=@f_fw={{0x7}, {0x60, 0x2, [@TCA_FW_INDEV={0x14, 0x3, 'dvmrp0\x00'}, @TCA_FW_POLICE={0x48, 0x2, [@TCA_POLICE_RESULT={0x8, 0x5, 0xfffffff7}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffff4, 0x1, 0x5, 0x2, 0xfffffff1, {0x20, 0x2, 0x8, 0x8, 0x3, 0x800}, {0x7, 0x1, 0x5, 0x401, 0xffff, 0x6}, 0x6, 0x4, 0xffff}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x24008010}, 0x408d0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r6}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x94) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0xd13, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x111d1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004014}, 0x0) 24.583147766s ago: executing program 32 (id=86): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r2 = socket$inet(0x2, 0xa, 0x20) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) shutdown(0xffffffffffffffff, 0x1) sched_setscheduler(0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'macvlan1\x00', 0x0}) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x6, 0x0, 0x2, "57d4915b52cdfd4e8ea56ed6c1ca719a"}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f00000004c0)={'gretap0\x00', &(0x7f0000000340)={'syztnl1\x00', r4, 0xc1, 0x40, 0x6, 0x1, {{0x17, 0x4, 0x3, 0x0, 0x5c, 0x64, 0x0, 0x5, 0x29, 0x0, @loopback, @multicast2, {[@timestamp_prespec={0x44, 0x34, 0x46, 0x3, 0x4, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}, {@empty, 0x5}, {@dev={0xac, 0x14, 0x14, 0x24}, 0x400007}, {@dev={0xac, 0x14, 0x14, 0x13}, 0x7}, {@loopback, 0xfffffff8}, {@remote, 0x1}]}, @end, @lsrr={0x83, 0x13, 0xf2, [@rand_addr=0x64010101, @private=0xa010102, @loopback, @broadcast]}]}}}}}) sendmsg$nl_route_sched(r5, &(0x7f00000006c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000500)=@delchain={0x94, 0x65, 0x300, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xc, 0xffff}, {0x8, 0x7}, {0x2, 0x10}}, [@TCA_CHAIN={0x8, 0xb, 0x4}, @filter_kind_options=@f_fw={{0x7}, {0x60, 0x2, [@TCA_FW_INDEV={0x14, 0x3, 'dvmrp0\x00'}, @TCA_FW_POLICE={0x48, 0x2, [@TCA_POLICE_RESULT={0x8, 0x5, 0xfffffff7}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffff4, 0x1, 0x5, 0x2, 0xfffffff1, {0x20, 0x2, 0x8, 0x8, 0x3, 0x800}, {0x7, 0x1, 0x5, 0x401, 0xffff, 0x6}, 0x6, 0x4, 0xffff}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x24008010}, 0x408d0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r6}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x94) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0xd13, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x111d1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004014}, 0x0) 11.535529743s ago: executing program 3 (id=149): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x10, 0x7fff0000}]}) close_range(r0, 0xffffffffffffffff, 0x0) munlockall() 10.762056046s ago: executing program 3 (id=151): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000140)={0x0, 0xf, 0x5, "e41939a76f"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000c00)={0x34, &(0x7f00000009c0)={0x20, 0x8, 0x10, "882a0a11fedde5d8027522807b7dcbe4"}, 0x0, 0x0, 0x0, &(0x7f0000000b80)={0x20, 0x1, 0x1, 0x6}, &(0x7f0000000bc0)={0x20, 0x0, 0x1, 0x6}}) 8.687642903s ago: executing program 1 (id=158): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000440)='./file2\x00', 0x406, &(0x7f00000004c0)={[{@errors_remount}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@resgid}, {@nolazytime}, {@jqfmt_vfsv0}]}, 0x3, 0x42f, &(0x7f00000014c0)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0xe9, 0x800000, 0x0, 0xfffffffc, 0x40001000}) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2) 7.919094242s ago: executing program 2 (id=159): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000140)={0x0, 0x2c0, 0x0, &(0x7f0000000180)=[0x6bd1a312, 0x2ec66, 0x8, 0x8, 0x7, 0x800000000000005, 0x0, 0x1, 0x10000, 0x100, 0x9004, 0x40000000000000, 0x3, 0x5, 0x5, 0x49, 0x3ff, 0x2, 0x0, 0xb, 0x8000000008, 0x7, 0x1c1, 0x1000000003, 0x2, 0x2, 0x9, 0x7, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x9, 0x7, 0x5, 0x3, 0x2, 0x888f, 0x8, 0x8, 0x6, 0x6, 0x3, 0xa3de, 0x4, 0x8, 0x5c3e, 0x400, 0x1, 0x5, 0xfffffffffffffffa, 0x1, 0xe, 0x7, 0x4, 0x100000000, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0xc, 0xd, 0x9, 0xe8, 0x80000000, 0xfffffffffffffc00, 0x2, 0x4, 0x2, 0xcdc, 0x7, 0x2, 0x3, 0x2, 0x5, 0xfff, 0x6, 0x4, 0x6, 0xab6, 0x0, 0x4, 0x1, 0xffffffffffffff81, 0x9, 0xff, 0x5, 0xff8, 0x5, 0x400000000008061d, 0x6, 0x8, 0xf6, 0x7, 0x6, 0x200, 0x7, 0xe53e, 0x2c, 0x2, 0x2293332f, 0x6, 0x34, 0x0, 0xd, 0x2, 0x5, 0x2, 0x2, 0x7, 0xdfd7, 0xfffd, 0x10, 0x8, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x3, 0xfffffffffffffffe, 0xb692, 0x3ffc00000, 0x8, 0x3]}) ioctl$KVM_CAP_X86_GUEST_MODE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000540)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0x39}}}}], 0x20}}], 0x1, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x100000180, 0x4, 0xfffffffffffffff9, 0xf1, 0x50, 0x7fffffffffffe, 0x5, 0x0, 0xc, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 7.240681033s ago: executing program 3 (id=161): ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x18) syz_usb_connect(0x2, 0x778, &(0x7f0000000a80)=ANY=[@ANYBLOB="1201000014347710f0031d5880500102030109026607020904e0010904580906ff01070009210800050122d30209058002100000db0e072501020803001402dc06d26f73c49ae3689cf5b150d70e623eb009050802100052021008236dbdb498797609058000ff0303da040725010380050009050602080007a70207250180020010072501410804000905a4011000023703072501010a070093221f7ee797335292a4582c83c5eb8d957e801682b01aeae0f778aa496f8c8a35305a8825397fe5fbbcfd99681b665ee120df0260f06b07e7801ff2d6200f15c8964825e9d711fcd215554c94fb4cd5a43d56b4c494cfbc3803b814ba0b5ef782853a54705c4b198d0e6540060f496446f53a8d7fdcad70ed1b70fbe6ffe389da690e4ee177f761f920c9d94693e61dbd52dc09050501200001000b07250180000300072501800700000904"], 0x0) 7.237974352s ago: executing program 1 (id=162): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f00000019c0)=@raw={'raw\x00', 0x4001, 0x3, 0xa38, 0x0, 0xb, 0x148, 0x0, 0x148, 0x9a0, 0x240, 0x240, 0x9a0, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00', {}, {}, 0x11}, 0x2e8, 0x880, 0x8e8, 0x0, {0xff0f000000000000}, [@common=@inet=@udp={{0x30}}, @common=@unspec=@u32={{0x7e0}, {[], 0x1}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'team0\x00', 'netpci0\x00'}, 0xec010000, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xa98) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x1, 0x4) syz_emit_ethernet(0x6c, &(0x7f00000004c0)={@random="c3ad7f0ceb48", @random="f8794fda5bd6", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x4e20, 0x4a, 0x0, @opaque="22eefe2fba609fa597f45f655e81a8679bd9e47f11831dcf21fe57e99ef9e174e22e37fc14773f6983d6d92cb1e6c6ab7fa49d1f39fd872a8e483494fe9948861a25"}}}}}, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000300)='./file1\x00', 0x1008000, &(0x7f00000001c0)=ANY=[], 0x1, 0x5f6, &(0x7f0000000640)="$eJzs3U9vHGcdB/Dvrp3NOqDUcZM2oEpYRaoQFsnuWiIpF6AUZKEKVeLA2SJOYmWTVvYWuT1AQBwqTn0JRchvAHEsUg60Bw5w6tmoRyTuvi2a2dn12tmk8Z9mnfbzkWaf55ln5tnf85vZyYxX0Qb4ylpZyuyD1LKy9MZW0d7ZXu7ubC/fHdaTnE1ST5pJasXqvyX5LLmfwZJvDDvGyod8+lHz1icffPz+oFWM1azNFtufLfd55H5PZhTL/CDWsjyp8TrHHm//DBeSLB4vPjgZ/aH/lM3Gge5jfi4BgNOslsxMWj+fnKtu2IvngMFd8eAe+5l2f9oBAAAAwFPw3G52s5Xz044DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAniXV7//XqqU+rC+mNvz9/0a1LlX9mfZg2gEAAAAAAAAAwAn41m52s5Xzw3a/Vn7n/3LZuFi+fi3vZDNr2ciVbGU1vfSykXaS+bGBGlurvd5G+wn27Ezcs/N05gsAAAAAAAAAX1J/yMre9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAa1JKZQVEuF4f1+dRnkzSTNIrt7if/HtafZQ+mHQAAAAAcUv0I+zy3m91s5fyw3a+Vz/wvlM/9zbyTe+llPb10s5Yb5d8CBk/99Z3t5e7O9vLdYnl43B//71BhNKrwZ8rWpHe+XG4xl5tZL9dcya/zVrq5kfpo4peH8UyO6/dFTLUfVp4wshtVWcz851U5LV/f15ovM3JmlJFWFVuRjQuPz8Qhj87Bd2qnPvrLz8UvIOfnqrKYz+tTzvl+BzPRGTv7Xnh8JpKFX/3p2u3uvTu3b24unZ4pHdHBTCyPZeLFr1QmWmUmLo3aK/lZfpmlLObNbGQ9v8lqelnLYl4va6vV+Vy8zj8+Uz/a13rz8yJpVMdlcBU9XEwvl/uez3p+kbdyozyirVzLtXTy/bya1r4jfGli3L/rV927/X4/9cN96r/9napyJslPq/J0KPJ6YSyv49fc+bJvfM1elhZO/to4+82qUpw9r526a+OFA/9KDDPx/OMz8efyxNns3ruzcXv17Sd8v1eqssjAT0aZmK3W9mdOZFJHUpwvC6NY9p8dRd/zE/vaZd/FUV/9ob5Lo77P+6Q2qnu4h0fqlH0vTuwb7Hd5rG/S/RYAp965755rzP137l9zH879ce723BvN185eP/tSI2f+ceYHs62ZV+ov1f6aD/Pbved/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6Dbffe/Oare7tnHkyvCXiI47joqKyumpTPvKBHzRrvbuvn118933vrd+d/XW2q21e6+2rl9vt9vXWldvrnfXqtdpRwkAnKS9m/5pRwIAAAAAAAAAAAAAADzK0/jvxNOeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OW2spTZB6ml3brSKto728vdYhnW97ZsJqkVlb8n+Sy5n8GS+bHhao96n08/at765IOP398bq1lu/8/OScxiXyz1AzEdd7zO2Hh/OdJwtVFmFpMsVCVM3f8DAAD//4r0Bts=") removexattr(0x0, 0x0) 6.62813047s ago: executing program 2 (id=163): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{0x0, 0x4, 0x0, 0x9}, 'syz0\x00', 0x20}) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$UI_GET_SYSNAME(r0, 0x8040552c, 0x0) 5.812316683s ago: executing program 4 (id=165): r0 = creat(&(0x7f0000000000)='./file0\x00', 0x175) close(r0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) r1 = fanotify_init(0x12, 0x1000) openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x800000, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 5.074097541s ago: executing program 1 (id=166): pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) writev(r1, 0x0, 0x0) 4.950983172s ago: executing program 2 (id=167): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x200, 0x80, 0x20000, 0x0, 0x0, 0x8}, 0x1c) mmap(&(0x7f0000568000/0x2000)=nil, 0x1000000, 0x0, 0x11, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') pread64(r1, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000) 4.008070591s ago: executing program 1 (id=168): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_usb_connect(0x3, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000074020440fd07010099480102030109021b0001000000000904000001c5b3e30009058b"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) 3.793601997s ago: executing program 3 (id=169): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000540)="0f210b67f20f106a3b420f01fc64260f08c4a2b0f38d0200000066baf80cb8b263d588ef66bafc0c66edc42179706ef2ffb9800000c00f3235001000000f303ef031342bc74424000f000000c74424029ae06619c7442406000000000f011424", 0x60}], 0x1, 0x2, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_usb_connect(0x5, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000047482908951300037581000000010902360001000000000904960102502f7e00"], 0x0) 3.79119281s ago: executing program 4 (id=170): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, 0x0}], 0x1, 0x4, &(0x7f0000000240)=[@flags={0x3, 0x80000}, @efer={0x2, 0xe800}], 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 3.166191785s ago: executing program 2 (id=171): syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c09000304240202042402000424060244"], 0x0) syz_usb_connect$printer(0x4, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x9, 0x0, 0x7, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x7, 0x1, 0x3, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x8, 0x18, 0x5}}}}}]}}]}}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0}) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) 2.818431609s ago: executing program 4 (id=172): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000000)="2e67676765420f21d2f26466440f35c74424003c000000c7442402ad7d9c79ff1c2426460f01d166baf80cb8a0b4f888ef66bafc0c66b8007066ef3665a00bae00000000000066baa000ed362665470fc75a00b9800000c00f3235008000000f300f2219", 0x64}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f00000000c0)=@x86={0xa, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0xa, 0x4, 0x80, 0xa2, 0xfe, 0x0, 0x9, 0xd, 0xc6, 0x8, 0x3, 0x1, '\x00', 0x6, 0x8}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.21404726s ago: executing program 4 (id=173): socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d01000000520655a8056085f4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891e7d87a79d6fce424c2200af6cb784a1975fa657de38a3a32a4fd67ce446adb431d07db79240aca1dd9ba02450500000000000000e645f091231b986e77d05d988d6edc6f9b4eb883ec8f878300cabf2b5543ffc1bdb92618242852e6e8b3e56fefbfff81669557b3809d8c396d2c0361629d1822f722ec23812770d72cd0010000007889b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b0a0ae6feb6737c275dc2740f742b5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fe7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff251845d0fff45bdbaeba4d4e3c6f7f623579435b2c505fb711300000000040000000000000000000000004c00e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7611589906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6cfa4966e5937562a5649a1a0000a042a7097ddefe0671a5767014b09b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7be49833f3c435f9700bc84680549f9eb16682ecb72277ffaca907a3eac4bfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c5a87013b98649805216631e20d07dff3ae567ca0d38a828542625fc6096aedc0ac5c144f0965071274bea051007e398cf9090c53d4b8b7dc784e3d83b78b007a43d744aa99d6a7c576e20b4281eff511122ccb399bcef0a0471639c81aab7445cebfc9b00b31fcbaf63086b3c16f51b593acee0b3a4830dd6af1accb15cc6163cabc01442527aa10000000000000000a4ba25997affe74ec552bf9deafbd63e"], &(0x7f0000000140)='GPL\x00'}, 0x65) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x10034) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000040)=0x4, 0x4) syz_emit_ethernet(0x52, &(0x7f0000000540)=ANY=[@ANYBLOB="ffffffffffffffff907800000000ffffff"], 0x0) 1.500142943s ago: executing program 1 (id=174): sendmsg(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="817bb97cdac2f8f819447aa4a50c293af36b43cab2641b7753df26944b52221c709e644460", 0x25}], 0x1}, 0x404c050) io_submit(0x0, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x400000, 0xff0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0}]) sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x111}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008180}, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f47"]) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000008780)=ANY=[], 0x1a8}}, 0x4000000) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x4, 0x9, 0xfffffffffffffffd, 0x0, 0x200010000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x10000, 0x5, 0xc8, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.143873833s ago: executing program 4 (id=175): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0xc73}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x8, 0x9, 0x7, 0x0, 0x1, 0x0, 0x2, 0x0, 0x7e, 0x0, 0x7, 0x0, 0x7, 0x6, 0x1, 0x5], 0x8000000, 0x8340}) chdir(&(0x7f0000000000)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x48940, 0x10c) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.101924473s ago: executing program 3 (id=176): signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x800) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x2008a1f, &(0x7f0000000a00)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}], [{@flag='nolazytime'}]}, 0x1, 0x4c9, &(0x7f0000000f00)="$eJzs3d9rHFsdAPDvTLLX/sg1e9WH6wWvF++VpGh3k8a2wYdaQfSpoNb3GJNNCNlkQ3bTNqFoin+AIKKCTz75IvgHCNI/QYSCvouKItrqgw/akZ2drW2620S6zZTk84HTPWdmd7/fs82e3TNzmA3g1HovIq5HxFhEXIiIyWJ7WpSFbmO/d79HD+8udUsSWXbzb0kkxbb+c3Xb4xFxvveQOBMRX/9KxLeS5+O2d/fWF5vNxnbRrnc2turt3b2LaxuLq43Vxubc3OyV+avzl+dnssJL9bMaEde+9Kcffu9nX772q8/e/v3CX6a/3U1rotj/dD9Gqdf1Sv5a9HVfo+1XEawEY0V/KmUnAgDAkUxHxEci4lP59//JGMu/zQEAAAAnSfaFifh3EpEBAAAAJ1aar4FN0lqx3nci0rRW663h/VicS5utduczK62dzeXeWtlqVNKVtWZjplgrXI1K0m3PFmts++1LB9pzEfFWRPxg8mzeri21mstlH/wAAACAU+L8gfn/PyfTvA4AAACcMNWyEwAAAABeOfN/AAAAOPnM/wEAAOBE++qNG92S9X//evnW7s5669bF5UZ7vbaxs1Rbam1v1VZbrdX8mn0bhz1fs9Xa+lxs7typdxrtTr29u7ew0drZ7CysPfMT2AAAAMAxeuuT93+XRMT+58/mpSspOyng9fPHshMARmms7ASA0oyXnQBQmkrZCQClO+yY39DFO78efS4AAMCrMfXx58//v1Hsc2wATra07AQAgGPn/D+cXhUrAOHU+/Ah+1/+/H+W/V8JAQAAIzeRlyStFecCJyJNa7WIN/OfBagkK2vNxkwxP/jtZOVD3fZs/sjEdQIAAAAAAAAAAAAAAAAAAAAAAAAA4IiyLIkMAAAAONEi0j8n+dX8I6YmP5g4eHzgjeRfk/ltRNz+yc0f3VnsdLZnu9v//mR758fF9ktlHMEAAAAADurP0/vzeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpUcP7y71y3HG/esXI6I6KP54nMlvz0QlIs79I4nxpx6XRMTYCOLv38tDDYifxOMsy6pFFoPinx1V/LcHx6/mL83g+GlEnB9BfDjN7nfHn+uD3n9pvJffDn7/jRflZQ0f/9In49/YkPHnzSPGeOfBL+pD49+LeGfI+NePnwyJ//4R43/zG3t7w/ZlP42YGvj5kzwTq97Z2Kq3d/curm0srjZWG5tzc7NX5q/OX56fqa+sNRvFvwNjfP8Tv3z8ov6fGxK/ekj/Pzhi///z4M7Dj/aqlUHxp98f/Pn79pD4afHZ9+mi3t0/1a/v9+pPe/fnv3n3Rf1fHtL/w/7/p4/Y/wtf++4fjnhXAOAYtHf31hebzca2ikqJlew7vb/H1yWfXiV7PdIopVL2yAQAAIza/770l50JAAAAAAAAAAAAAAAAAAAAnF7HcTmxgzH3y+kqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAL/TcAAP//rBPfcA==") 806.574159ms ago: executing program 2 (id=177): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x50, 0x1, 0x1, 0x301, 0x0, 0x0, {0x2}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x181}]}, @CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x1f}}, {0x14, 0x4, @local}}}]}]}, 0x50}}, 0x0) 258.53871ms ago: executing program 4 (id=178): r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x221081e, &(0x7f0000000080)={[{@oldalloc}, {@errors_remount}, {@noload}]}, 0x1, 0x50a, &(0x7f0000001700)="$eJzs3c9vW0kdAPCvnThxstlNdukBEOyW3YWCVnUSdzda7QHKCSFUCdEjSG1I3CiKHUf5UZpQifTMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TB6D0/p25qN1aT2FH8+UhPb+aN4+936nrGnsSeAIbW1YjYj4ixiLgbEdPZ9Vx2xM3mkdzu2cHDpcODh0u5aDRu/zOXtifXou1nEm9k91mMiB98J+LHuZfjbu3urS1Wq5XNrD67XduY3drdu75aW1yprFTWy+WF+YW5T298Uj6zvr5XG8tKX376h/1v/DRJayq70t6Ps9TseuEoTmI0Ir53HsEGYCTrz9igE+G15CPinYh4P33+T8dI+mgCAJdZozEdjen2euGoBABcTvl0DSyXL2VrAVORz5dKzTW8KzE5nr0Y2Flfbq6VzUQhf2+1WpnL1gpnopBL6vNp+Xm9fKx+IyLejohfjE+k9dJSvbo8iBc8AEA6z7fP//8Zb87/AMAlVxx0AgBA35n/AWD4mP8BYPiY/wFg+DTn/4lBpwEA9JH3/wAwfMz/ADBUvn/rVnI0DrPvv16+v7uzVr9/fbmytVaq7SyVluqbG6WVen0l/c6e2kn3V63XN+Y/jp0HM9/c2Nqe3drdu1Or76xv30m/1/tOpfntgvt96BkA0M3b7z35cy6ZkT+bSI9o28uhMNDMgPOWH3QCwMCMDDoBYGBO3u3LfmBwWZ3iPb7lAbgkOmzR+4Jipw8INRqNxvmlBJyza1+w/g/Dqm39318Bw5Cx/g/Dy+o+DK9GI9frTv/R6w0BgIvNGj/Q5ff/72Tn32a/HPjR8vFbPD7PrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBia+3/W8r2Ap+KfL5UingzImaikLu3Wq3MRcRbEfGn8cJ4Up8fcM4AwGnl/5bL9v+6Nv3h1AtN775xVByLiJ/86vYvHyxub2/+MWIs96/x1vXtx9n1cv+zBwBO1pqn03PbG/lnBw+XWkc/8/n7tyOiGFeSuIcHY3F4FH80RtNzMQoRMfnvXFZvyrWtXZzG/qOI+Hyn/udiKl0Dae58ejx+EvvNvsbPvxA/n7Y1z8m/xefOIBcYNk+S8edmp+dfPq6m587P/2I6Qp1eNv4ld7V0mI6Bz+O3xr+RLuPf1V5jfPz77zZLEy+3PYr44mhEK/Zh2/jTip/rEv/DHuP/5Uvvvt+trfHriGvROX57rNnt2sbs1u7e9dXa4kplpbJeLi/ML8x9euOT8my6Rj3bfTb4x2cfvdWtLen/ZJf4xRP6/9Ue+/+b/9394VdeEf/rH3SKn48rr4ifzIlf6zH+4uTvit3akvjLXfp/0uP/UY/xn/51r7Vt+M96/BEA4Bxt7e6tLVarlU2FoS1k/xX2L0Q+yQvbV6c66Ay7Fb7Vr1hj0bnp5x80H8hjTY3Ga8XqNmKcxaobcBEcPekj4r+DTgYAAAAAAAAAAAAAAOioH59YGnQfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLz+HwAA///TQsBX") r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) pwrite64(r0, 0x0, 0x0, 0xfecc) fsetxattr$security_capability(r1, &(0x7f0000000040), &(0x7f00000000c0)=@v2={0x2000000, [{0xc33, 0x1}, {0xfffffff9, 0xbea}]}, 0x14, 0x1) truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9) 252.323955ms ago: executing program 1 (id=179): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES32=0x0], 0x11, 0x6e4, &(0x7f0000000d00)="$eJzs3U9oJXcdAPDvvLwk720xm7bb7QqFxhaquLibP6QaLxtFJEKRsoKeQzfbDfv2j0kqaQ9uqoJXD16FeogXPSkiCMJCPeuteAueCoKXnnZ7cGT+vUzie8nLpslL7edTfju/md/Mb77znZnfvPdomAA+s5YuR/NhtGPp8mub2fzO9lxnZ3vuTlFvdCJiPCIaEc3aVsn7EYtRlPh8tqBq6LefX64uXP/go50Pi7lmWRpR/NPuH2BzkKPYKktMRcRIOT2GPf298WT9je9Wk25msoS9XCUOhm00ItI9fnhxt6WXdKQ20/d+Bz49kuK5WVPc/5MR5yKiVT3QtorGxulHeKgjjUVbJxcHAAAAnBnnHz2I2IyJYccBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnybl+/+Tsjyu6lORVO//H6u9Y39syOH2d3BkrarysHEawQAAAAAAAADAyXrxUfz2eppOVPNpEo3vj5Qz7XL6VqzHSjPiSmzGcmzERqzFTERM1joa21ze2FibiZfyuQsfp2kaTxVbxtqeLWd7bjk7YMDt4x4xAAAAAAAAAPxfuTY/nk9/EksxMexgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgLokYKSZ5uVDVJ6PRjIhWRIxl621F/L2qnyHNo27w8GTiAAAAgDPl/KN4FJsxUc2nSf6d/2L+vb8Vb8Xd2IjV2IhOrMSN/LeA4lt/Y2d7rrOzPXcnKxExurffb/x7t/6HiUPDyHuM4reH3nu+lK/Rjpuxmi+5Em/EvejEjWjkW2YuVfHU4qp5N4spuVZI0xgfJEE3yml25L8op6eifdgKk3lGRrsZmc5iS4o8Pn1wJupnZwD79zQTje4vPxf676n7Y0yV82sH7iX5T5oWtXPVkoinvnNgzvPrZfRIB3Ms+zMxW7v6Lh6c84gv/vF3P7jVuXv7VrJ1+dQuoyfyYu/F4/+szlCVicJWrMRcLRPPD5yJm+tnPBN97f2lsRHPdetL8e34XlyOqXg91mI1fhTLsRErMRXfymvL5fWc/Tt5cKYW98y9flhMY+V5GdkX0xfOF9ODYnop33YiVuO7cS9uxEq8mv83GzPx1ZiP+VioneHnBhhpGz3u+j/1D/7lL5WVbOD7+e4AeIp3dz9ZXp+u5bU+5k7mbfUljUjLJ8szR3geHTw2VnYfWdmZ+GntHhy+biZa0X1KVNE9W2VgtGcmfp0PK+udu7fXbi3f39dvstV7f6/E3sM/OwNJdr080x0j9l4dWduzPdtm8rYL3bbG/rbftLtth92pY+VnuP/taTZvez4iflVGm7VlsjE8a7tU2y77vNXK2z5O07T4vAXAmXfuy+fG2v9q/639Xvtn7Vvt11rfHP/a+AtjMfrX0a83p0deabyQ/D7eix/H4d/QAQAAAAAAAAAAAAAAAAAAAAAAAAAAAACAQ62//c7t5U5nZW1fJU3TB32aTqQSzYg9S/7y59o6+bvGImLwDrO1FxsR+ZJmlJWjBfbgyQ7n3SdNwj/Kc3IqCT+gkgy8cqvv9VNW7n2uPJzHaZqe+uFU72o78uZpaWin4BOuVK/IOspWQxmOgFN0dePO/avrb7/zldU7y2+uvLlyd2F+fmF6Yf7Vuas3VzutYYcHnKD8WZ9/zhl2JAAAAAAAAAAAAMCgBvvjnOT2chRLmkf8KwL/ZyEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwXEuXo/kwkpiZvjKdze9sz3WyUtWz6Ui+5uOIaEREMhWRvB+xGEWJyVp3Sb/9bEVc/+CjnQ+LuWZZ8vUbxz+KrbLEVBnuVO/1Wr0Wpg/69Zfk/dzv39+AkrKMdJcsHqs/+IT8NwAA///gUwsO") listxattr(&(0x7f0000000300)='./file0\x00', 0x0, 0x0) 20.136723ms ago: executing program 3 (id=180): syz_clone(0x30280000, 0x0, 0xfffffffffffffc64, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) getpriority(0x0, 0x0) 0s ago: executing program 2 (id=181): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000002bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0xae0}, @assoc={0x18, 0x117, 0x4, 0x4}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0x20, 0x117, 0x2, 0x5, "cf6e70ecbd"}], 0x68}], 0x1, 0x40810) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.195' (ED25519) to the list of known hosts. [ 170.179855][ T5797] cgroup: Unknown subsys name 'net' [ 170.328572][ T5797] cgroup: Unknown subsys name 'cpuset' [ 170.343901][ T5797] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 176.721332][ T5797] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 182.131014][ T5816] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 182.152115][ T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 182.161529][ T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 182.182976][ T49] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 182.192198][ T49] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 182.201082][ T49] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 182.212542][ T49] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 182.217462][ T5820] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 182.222898][ T49] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 182.241781][ T5816] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 182.290082][ T5824] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 182.309738][ T5824] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 182.319132][ T5824] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 182.319604][ T5816] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 182.352754][ T5824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 182.355636][ T5816] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 182.369802][ T5824] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 182.372864][ T5816] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 182.415595][ T5109] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 182.454296][ T5109] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 182.464030][ T5109] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 182.479552][ T5109] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 182.491272][ T5109] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 182.562664][ T5109] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 182.607779][ T5109] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 183.656010][ T5819] chnl_net:caif_netlink_parms(): no params data found [ 184.228825][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 184.299286][ T5816] Bluetooth: hci1: command tx timeout [ 184.299359][ T49] Bluetooth: hci0: command tx timeout [ 184.489253][ T5816] Bluetooth: hci3: command tx timeout [ 184.536955][ T5816] Bluetooth: hci4: command tx timeout [ 184.602958][ T5815] chnl_net:caif_netlink_parms(): no params data found [ 184.629648][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 184.820785][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.829390][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.837246][ T5819] bridge_slave_0: entered allmulticast mode [ 184.847224][ T5819] bridge_slave_0: entered promiscuous mode [ 184.857074][ T5816] Bluetooth: hci2: command tx timeout [ 184.943448][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.954795][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.962685][ T5819] bridge_slave_1: entered allmulticast mode [ 184.972667][ T5819] bridge_slave_1: entered promiscuous mode [ 185.061178][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 185.325121][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.489691][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.826313][ T5819] team0: Port device team_slave_0 added [ 185.841625][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.851744][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.859584][ T5825] bridge_slave_0: entered allmulticast mode [ 185.869286][ T5825] bridge_slave_0: entered promiscuous mode [ 185.895920][ T5819] team0: Port device team_slave_1 added [ 185.921770][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.933161][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.941867][ T5825] bridge_slave_1: entered allmulticast mode [ 185.951638][ T5825] bridge_slave_1: entered promiscuous mode [ 186.281044][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.344900][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.391493][ T5816] Bluetooth: hci0: command tx timeout [ 186.398695][ T49] Bluetooth: hci1: command tx timeout [ 186.410859][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.418904][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.445322][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.457951][ T5815] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.465479][ T5815] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.473236][ T5815] bridge_slave_0: entered allmulticast mode [ 186.482949][ T5815] bridge_slave_0: entered promiscuous mode [ 186.537394][ T5816] Bluetooth: hci3: command tx timeout [ 186.617166][ T5816] Bluetooth: hci4: command tx timeout [ 186.623596][ T5815] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.632915][ T5815] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.640720][ T5815] bridge_slave_1: entered allmulticast mode [ 186.650540][ T5815] bridge_slave_1: entered promiscuous mode [ 186.662296][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.669651][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.696030][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.866080][ T5825] team0: Port device team_slave_0 added [ 186.902514][ T5825] team0: Port device team_slave_1 added [ 186.944838][ T5816] Bluetooth: hci2: command tx timeout [ 186.964978][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.972637][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.980541][ T5829] bridge_slave_0: entered allmulticast mode [ 186.989633][ T5829] bridge_slave_0: entered promiscuous mode [ 187.003275][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.013116][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.022519][ T5822] bridge_slave_0: entered allmulticast mode [ 187.032071][ T5822] bridge_slave_0: entered promiscuous mode [ 187.051199][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.058982][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.066974][ T5822] bridge_slave_1: entered allmulticast mode [ 187.076628][ T5822] bridge_slave_1: entered promiscuous mode [ 187.141231][ T5815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.151193][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.158996][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.167964][ T5829] bridge_slave_1: entered allmulticast mode [ 187.176773][ T5829] bridge_slave_1: entered promiscuous mode [ 187.335062][ T5815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.391132][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.412696][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.460179][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.467523][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.493901][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.668634][ T5819] hsr_slave_0: entered promiscuous mode [ 187.680294][ T5819] hsr_slave_1: entered promiscuous mode [ 187.694166][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.702725][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.729458][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.750081][ T5815] team0: Port device team_slave_0 added [ 187.769590][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.822088][ T5822] team0: Port device team_slave_0 added [ 187.863754][ T5815] team0: Port device team_slave_1 added [ 187.921375][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.977158][ T5822] team0: Port device team_slave_1 added [ 188.088125][ T5825] hsr_slave_0: entered promiscuous mode [ 188.097784][ T5825] hsr_slave_1: entered promiscuous mode [ 188.105709][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 188.111730][ T5825] Cannot create hsr debugfs directory [ 188.369751][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.378468][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.406009][ T5815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.427664][ T5829] team0: Port device team_slave_0 added [ 188.437509][ T5815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.444646][ T5815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.471266][ T5815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.483852][ T5816] Bluetooth: hci0: command tx timeout [ 188.484860][ T49] Bluetooth: hci1: command tx timeout [ 188.510704][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.517994][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.544621][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.598007][ T5829] team0: Port device team_slave_1 added [ 188.616772][ T49] Bluetooth: hci3: command tx timeout [ 188.677898][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.685066][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.711642][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.724096][ T49] Bluetooth: hci4: command tx timeout [ 189.016910][ T49] Bluetooth: hci2: command tx timeout [ 189.086981][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.094116][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.121901][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.140106][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.147731][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.174197][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.200934][ T5815] hsr_slave_0: entered promiscuous mode [ 189.211047][ T5815] hsr_slave_1: entered promiscuous mode [ 189.219879][ T5815] debugfs: 'hsr0' already exists in 'hsr' [ 189.225813][ T5815] Cannot create hsr debugfs directory [ 189.382711][ T5822] hsr_slave_0: entered promiscuous mode [ 189.392978][ T5822] hsr_slave_1: entered promiscuous mode [ 189.401927][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 189.407943][ T5822] Cannot create hsr debugfs directory [ 189.839511][ T5829] hsr_slave_0: entered promiscuous mode [ 189.848832][ T5829] hsr_slave_1: entered promiscuous mode [ 189.857063][ T5829] debugfs: 'hsr0' already exists in 'hsr' [ 189.863003][ T5829] Cannot create hsr debugfs directory [ 190.259852][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 190.281457][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 190.420269][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 190.511261][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 190.540771][ T49] Bluetooth: hci1: command tx timeout [ 190.553734][ T49] Bluetooth: hci0: command tx timeout [ 190.697107][ T5816] Bluetooth: hci3: command tx timeout [ 190.783113][ T5816] Bluetooth: hci4: command tx timeout [ 190.833129][ T5819] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 190.923675][ T5819] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 191.029795][ T5819] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 191.101967][ T5819] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 191.102457][ T5816] Bluetooth: hci2: command tx timeout [ 191.315424][ T5822] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 191.340296][ T5822] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 191.398735][ T5822] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 191.434300][ T5822] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 191.597328][ T5815] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 191.661196][ T5815] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 191.711895][ T5829] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 191.748570][ T5829] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 191.800111][ T5815] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 191.825010][ T5829] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 191.876913][ T5815] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 191.906062][ T5829] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 192.497793][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.679581][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.705738][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.798338][ T3541] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.805903][ T3541] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.929096][ T3541] bridge0: port 2(bridge_slave_1) entered blocking state [ 192.936821][ T3541] bridge0: port 2(bridge_slave_1) entered forwarding state [ 192.978207][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.132888][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.220829][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.253150][ T4038] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.260925][ T4038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.352434][ T4038] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.360084][ T4038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.376220][ T4038] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.383851][ T4038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.399898][ T4038] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.407504][ T4038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.662273][ T5815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.836278][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.061246][ T5815] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.083458][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.146131][ T4087] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.153776][ T4087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.309153][ T4087] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.316864][ T4087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.333754][ T4087] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.341494][ T4087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.357913][ T4087] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.365456][ T4087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.601346][ T5815] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 194.613629][ T5815] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 194.881081][ T5829] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 194.892015][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 196.010470][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.153811][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.414186][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.677026][ T5819] veth0_vlan: entered promiscuous mode [ 196.762069][ T5822] veth0_vlan: entered promiscuous mode [ 196.834902][ T5819] veth1_vlan: entered promiscuous mode [ 196.879957][ T5822] veth1_vlan: entered promiscuous mode [ 196.955754][ T5815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.987848][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.303491][ T5825] veth0_vlan: entered promiscuous mode [ 197.333471][ T5822] veth0_macvtap: entered promiscuous mode [ 197.395002][ T5822] veth1_macvtap: entered promiscuous mode [ 197.435368][ T5819] veth0_macvtap: entered promiscuous mode [ 197.473009][ T5819] veth1_macvtap: entered promiscuous mode [ 197.578077][ T5825] veth1_vlan: entered promiscuous mode [ 197.592466][ T5829] veth0_vlan: entered promiscuous mode [ 197.691628][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.747202][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.770596][ T5829] veth1_vlan: entered promiscuous mode [ 197.827800][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.872043][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.945925][ T4087] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.008136][ T4087] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.067327][ T4087] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.108837][ T4087] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.139159][ T4087] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.188712][ T4087] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.199906][ T5825] veth0_macvtap: entered promiscuous mode [ 198.231023][ T4087] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.275022][ T5825] veth1_macvtap: entered promiscuous mode [ 198.291962][ T4038] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.333891][ T5829] veth0_macvtap: entered promiscuous mode [ 198.414804][ T5829] veth1_macvtap: entered promiscuous mode [ 198.490738][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 198.612187][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 198.641840][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 198.719772][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 198.741459][ T3606] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.808691][ T3606] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.840696][ T3606] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.877445][ T3606] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.976273][ T3606] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.989309][ T1134] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.058889][ T1134] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.099293][ T1134] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.153095][ T5815] veth0_vlan: entered promiscuous mode [ 200.265621][ T5815] veth1_vlan: entered promiscuous mode [ 200.691312][ T5815] veth0_macvtap: entered promiscuous mode [ 200.785927][ T5815] veth1_macvtap: entered promiscuous mode [ 200.959645][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.071230][ T5815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.174616][ T1314] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.256882][ T1314] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.265931][ T1314] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.359616][ T1314] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.691844][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.700106][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.765167][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.773377][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.030519][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.039368][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.072626][ T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.081592][ T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.135992][ T1314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.147064][ T1314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.390814][ T1314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.400065][ T1314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.653724][ T5819] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 206.795775][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.803924][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.104973][ T4087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.113276][ T4087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.106227][ T6001] loop0: detected capacity change from 0 to 32768 [ 208.402291][ T6001] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow [ 208.402457][ T6001] allowing incompatible features above 0.0: (unknown version) [ 208.402551][ T6001] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 208.449362][ T6001] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0 [ 208.463461][ T6001] bcachefs (loop0): initializing new filesystem [ 208.488346][ T6001] bcachefs (loop0): going read-write [ 208.505788][ T6001] bcachefs (loop0): marking superblocks [ 208.562969][ T6001] bcachefs (loop0): initializing freespace [ 208.594597][ T6001] bcachefs (loop0): done initializing freespace [ 208.615054][ T6001] bcachefs (loop0): reading snapshots table [ 208.621631][ T6001] bcachefs (loop0): reading snapshots done [ 208.795588][ T6005] loop3: detected capacity change from 0 to 32768 [ 208.901481][ T6005] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 208.910129][ T6005] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 208.915847][ T6001] bcachefs (loop0): done starting filesystem [ 208.983851][ T6005] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 209.362761][ T6005] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 209.483252][ T6001] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 209.656184][ T6028] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 210.242012][ T6026] loop1: detected capacity change from 0 to 2048 [ 210.456318][ T30] audit: type=1800 audit(1755862004.326:2): pid=6028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1" name="kfree" dev="loop0" ino=4098 res=0 errno=0 [ 210.637749][ T6001] syz.0.1 (6001) used greatest stack depth: 1200 bytes left [ 210.778631][ T6024] loop2: detected capacity change from 0 to 32768 [ 210.808574][ T1306] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.816966][ T1306] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.129687][ T6024] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 211.129851][ T6024] allowing incompatible features above 0.0: (unknown version) [ 211.130082][ T6024] features: [ 211.165438][ T6024] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 211.174050][ T6024] bcachefs (loop2): initializing new filesystem [ 211.195503][ T6024] bcachefs (loop2): going read-write [ 211.220796][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 211.228949][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 211.322679][ T5819] bcachefs (loop0): shutting down [ 211.328756][ T5819] bcachefs (loop0): going read-only [ 211.345713][ T5819] bcachefs (loop0): finished waiting for writes to stop [ 211.356574][ T6024] bcachefs (loop2): marking superblocks [ 211.412705][ T6024] bcachefs (loop2): initializing freespace [ 211.444925][ T6024] bcachefs (loop2): done initializing freespace [ 211.466989][ T6024] bcachefs (loop2): reading snapshots table [ 211.473348][ T6024] bcachefs (loop2): reading snapshots done [ 211.717795][ T5819] bcachefs (loop0): flushing journal and stopping allocators, journal seq 7 [ 211.809216][ T6024] bcachefs (loop2): done starting filesystem [ 212.149613][ T6044] netlink: 324 bytes leftover after parsing attributes in process `syz.3.6'. [ 212.488361][ T5819] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 212.531716][ T6024] sctp: failed to load transform for md5: -2 [ 212.577701][ T5819] bcachefs (loop0): clean shutdown complete, journal seq 13 [ 212.687603][ T6050] loop1: detected capacity change from 0 to 512 [ 212.719078][ T5819] bcachefs (loop0): marking filesystem clean [ 212.737828][ T6050] EXT4-fs: Ignoring removed orlov option [ 212.839120][ T6050] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 213.037179][ T5819] bcachefs (loop0): shutdown complete [ 213.095553][ T5169] udevd[5169]: worker [5989] terminated by signal 33 (Unknown signal 33) [ 213.110642][ T6050] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 213.159946][ T5169] udevd[5169]: worker [5989] failed while handling '/devices/virtual/block/loop0' [ 213.196909][ T5169] udevd[5169]: worker [6021] terminated by signal 33 (Unknown signal 33) [ 213.218274][ T5169] udevd[5169]: worker [6021] failed while handling '/devices/virtual/block/loop1' [ 213.252997][ T5169] udevd[5169]: worker [6030] terminated by signal 33 (Unknown signal 33) [ 213.301868][ T5825] bcachefs (loop2): shutting down [ 213.307323][ T5825] bcachefs (loop2): going read-only [ 213.312911][ T5825] bcachefs (loop2): finished waiting for writes to stop [ 213.318001][ T5169] udevd[5169]: worker [6030] failed while handling '/devices/virtual/block/loop2' [ 213.408148][ T6050] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.8: corrupted in-inode xattr: e_value size too large [ 213.591741][ T5825] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4 [ 213.630578][ T6050] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.8: couldn't read orphan inode 15 (err -117) [ 213.771379][ T6050] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.557889][ T5825] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4 [ 214.635694][ T6057] loop4: detected capacity change from 0 to 32768 [ 214.659260][ T5825] bcachefs (loop2): clean shutdown complete, journal seq 5 [ 214.683740][ T5825] bcachefs (loop2): marking filesystem clean [ 214.704506][ T6057] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 214.720469][ T6057] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 214.743665][ T6057] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 214.946216][ T6057] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 215.004444][ T5825] bcachefs (loop2): shutdown complete [ 215.907264][ T6065] loop3: detected capacity change from 0 to 4096 [ 216.163104][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.429584][ T6068] netlink: 68 bytes leftover after parsing attributes in process `syz.4.11'. [ 217.268058][ T6071] loop1: detected capacity change from 0 to 2048 [ 217.441221][ T6071] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=3932051, location=3932051 [ 217.622429][ T6069] loop4: detected capacity change from 0 to 32768 [ 217.657917][ T5900] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 217.698737][ T6069] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 217.707454][ T6069] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 217.780378][ T6069] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 217.870268][ T6071] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 217.946236][ T5900] usb 4-1: unable to get BOS descriptor or descriptor too short [ 218.006784][ T5900] usb 4-1: not running at top speed; connect to a high speed hub [ 218.047115][ T6071] UDF-fs: error (device loop1): udf_fiiter_advance_blk: extent after position 40 not allocated in directory (ino 1376) [ 218.052120][ T5900] usb 4-1: unable to read config index 0 descriptor/start: -61 [ 218.070069][ T5900] usb 4-1: can't read configurations, error -61 [ 218.135466][ T6069] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 218.287436][ T5900] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 218.862167][ T5900] usb 4-1: device descriptor read/all, error -71 [ 218.897700][ T5900] usb usb4-port1: attempt power cycle [ 219.174059][ T6076] loop1: detected capacity change from 0 to 256 [ 219.184399][ T6076] ======================================================= [ 219.184399][ T6076] WARNING: The mand mount option has been deprecated and [ 219.184399][ T6076] and is ignored by this kernel. Remove the mand [ 219.184399][ T6076] option from the mount to silence this warning. [ 219.184399][ T6076] ======================================================= [ 219.285504][ T6078] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 219.296561][ T6078] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 219.368215][ T6076] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d) [ 219.607205][ T30] audit: type=1800 audit(1755862013.506:3): pid=6076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13" name="file2" dev="loop1" ino=1048600 res=0 errno=0 [ 219.763694][ T6078] loop0: detected capacity change from 0 to 256 [ 219.828347][ T6078] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 219.846851][ T6078] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 220.001928][ T6085] loop3: detected capacity change from 0 to 256 [ 220.212996][ T6078] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 220.231082][ T6085] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 220.288308][ T30] audit: type=1800 audit(1755862014.176:4): pid=6078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7" name="file1" dev="loop0" ino=1048603 res=0 errno=0 [ 220.993625][ T6078] exFAT-fs (loop0): error, invalid access to FAT (entry 0xffffffff) [ 221.002009][ T6078] exFAT-fs (loop0): Filesystem has been set read-only [ 221.243143][ T6089] loop1: detected capacity change from 0 to 1764 [ 221.873081][ T6094] netlink: 68 bytes leftover after parsing attributes in process `syz.3.17'. [ 223.039162][ T6089] loop1: detected capacity change from 0 to 32768 [ 223.121483][ T6094] loop3: detected capacity change from 0 to 32768 [ 223.168300][ T6094] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 223.182044][ T6094] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 223.267748][ T6094] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 223.361365][ T6102] overlayfs: missing 'lowerdir' [ 223.398806][ T6089] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 223.467307][ T6096] loop4: detected capacity change from 0 to 1024 [ 223.499967][ T6096] EXT4-fs: Ignoring removed orlov option [ 223.523342][ T6094] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 223.563625][ T6096] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869) [ 223.574594][ T6096] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 223.708354][ T6102] loop2: detected capacity change from 0 to 256 [ 223.745325][ T6096] EXT4-fs (loop4): invalid journal inode [ 223.751568][ T6096] EXT4-fs (loop4): can't get journal size [ 223.798862][ T6102] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 223.810779][ T6102] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 223.892423][ T6096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 223.908514][ T5829] ocfs2: Unmounting device (7,1) on (node local) [ 223.980945][ T6096] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.292827][ T6102] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 224.556708][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.563384][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 224.706248][ T30] audit: type=1800 audit(1755862018.606:5): pid=6112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.9" name="file1" dev="loop2" ino=1048607 res=0 errno=0 [ 225.152567][ T6108] loop0: detected capacity change from 0 to 32768 [ 225.233267][ T6108] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 225.242209][ T6108] CPU: 1 UID: 0 PID: 6108 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT(none) [ 225.242361][ T6108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 225.242459][ T6108] Call Trace: [ 225.242519][ T6108] [ 225.242566][ T6108] __dump_stack+0x26/0x30 [ 225.242748][ T6108] dump_stack_lvl+0x1df/0x270 [ 225.242942][ T6108] dump_stack+0x1e/0x25 [ 225.243117][ T6108] sysfs_create_dir_ns+0x46c/0x540 [ 225.243371][ T6108] kobject_add_internal+0xeed/0x1840 [ 225.243622][ T6108] kobject_init_and_add+0x371/0x4e0 [ 225.243874][ T6108] ? kmsan_get_metadata+0xfb/0x160 [ 225.244053][ T6108] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.244250][ T6108] gfs2_sys_fs_add+0x23d/0x620 [ 225.244445][ T6108] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.244633][ T6108] gfs2_fill_super+0x287b/0x3f50 [ 225.244845][ T6108] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 225.245089][ T6108] get_tree_bdev_flags+0x6e6/0x920 [ 225.245293][ T6108] ? __pfx_gfs2_fill_super+0x10/0x10 [ 225.245509][ T6108] ? __pfx_gfs2_fill_super+0x10/0x10 [ 225.245714][ T6108] ? __pfx_gfs2_get_tree+0x10/0x10 [ 225.245907][ T6108] get_tree_bdev+0x38/0x50 [ 225.246087][ T6108] gfs2_get_tree+0x57/0x350 [ 225.246332][ T6108] ? __pfx_gfs2_get_tree+0x10/0x10 [ 225.246544][ T6108] vfs_get_tree+0xb3/0x5c0 [ 225.246728][ T6108] ? mount_capable+0x99/0x100 [ 225.246898][ T6108] do_new_mount+0x733/0x1420 [ 225.247076][ T6108] ? apparmor_capable+0x32d/0x410 [ 225.247285][ T6108] ? kmsan_get_metadata+0xfb/0x160 [ 225.247492][ T6108] path_mount+0x6db/0x1e90 [ 225.247679][ T6108] ? user_path_at+0x32d/0x3d0 [ 225.247857][ T6108] __se_sys_mount+0x6eb/0x7d0 [ 225.248077][ T6108] __x64_sys_mount+0xe4/0x150 [ 225.248291][ T6108] x64_sys_call+0x3604/0x3e20 [ 225.248500][ T6108] do_syscall_64+0xd9/0x210 [ 225.248687][ T6108] ? irqentry_exit+0x16/0x60 [ 225.248854][ T6108] ? clear_bhb_loop+0x40/0x90 [ 225.249027][ T6108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.249195][ T6108] RIP: 0033:0x7f4eb2f9038a [ 225.249319][ T6108] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.249443][ T6108] RSP: 002b:00007f4eb3d17e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 225.249595][ T6108] RAX: ffffffffffffffda RBX: 00007f4eb3d17ef0 RCX: 00007f4eb2f9038a [ 225.249698][ T6108] RDX: 0000200000000100 RSI: 0000200000012500 RDI: 00007f4eb3d17eb0 [ 225.249799][ T6108] RBP: 0000200000000100 R08: 00007f4eb3d17ef0 R09: 0000000000004004 [ 225.249893][ T6108] R10: 0000000000004004 R11: 0000000000000246 R12: 0000200000012500 [ 225.249986][ T6108] R13: 00007f4eb3d17eb0 R14: 00000000000125bb R15: 0000200000000600 [ 225.250116][ T6108] [ 225.522020][ T6108] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 225.536509][ T6108] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 225.885850][ T6114] netlink: 68 bytes leftover after parsing attributes in process `syz.1.20'. [ 227.171307][ T6114] loop1: detected capacity change from 0 to 32768 [ 227.316195][ T6114] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 227.328286][ T6114] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 227.395223][ T6114] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 227.599610][ T6114] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 228.250790][ T5865] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 228.506866][ T5865] usb 1-1: Using ep0 maxpacket: 8 [ 228.549652][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.562115][ T5865] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 228.572496][ T5865] usb 1-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00 [ 228.581961][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.758792][ T6131] loop2: detected capacity change from 0 to 512 [ 228.825698][ T6131] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 228.839823][ T6131] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 228.850020][ T5865] usb 1-1: config 0 descriptor?? [ 228.869968][ T5865] usbhid 1-1:0.0: can't add hid device: -22 [ 228.876810][ T5865] usbhid 1-1:0.0: probe with driver usbhid failed with error -22 [ 229.128938][ T6131] EXT4-fs (loop2): 1 truncate cleaned up [ 229.137144][ T6131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.753066][ T6135] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 230.150290][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.310925][ T6138] loop3: detected capacity change from 0 to 1024 [ 230.604566][ T6138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 230.617844][ T6138] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 230.976180][ T6142] loop2: detected capacity change from 0 to 256 [ 231.018007][ T6144] loop1: detected capacity change from 0 to 512 [ 231.029111][ T6142] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 231.040229][ T6142] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 231.073425][ T6144] EXT4-fs: quotafile must be on filesystem root [ 231.327839][ T6142] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 231.557087][ T30] audit: type=1800 audit(1755862025.456:6): pid=6142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.27" name="file1" dev="loop2" ino=1048610 res=0 errno=0 [ 231.565341][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.931609][ T6142] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff) [ 231.941582][ T6142] exFAT-fs (loop2): Filesystem has been set read-only [ 232.628696][ T5900] usb 1-1: USB disconnect, device number 2 [ 233.132214][ T6157] loop0: detected capacity change from 0 to 1024 [ 233.828231][ T5865] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 234.054048][ T5865] usb 2-1: config 1 interface 0 altsetting 93 endpoint 0x82 has invalid maxpacket 96, setting to 64 [ 234.072963][ T5865] usb 2-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [ 234.089092][ T5865] usb 2-1: config 1 interface 0 has no altsetting 0 [ 234.159310][ T54] hfsplus: b-tree write err: -5, ino 4 [ 234.217534][ T5865] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 234.227814][ T5865] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 234.236058][ T5865] usb 2-1: SerialNumber: syz [ 234.488453][ T6164] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 234.828567][ T5865] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71 [ 234.875600][ T6176] loop0: detected capacity change from 0 to 8 [ 234.938094][ T5865] usb 2-1: USB disconnect, device number 2 [ 234.980513][ T6176] unable to read xattr id index table [ 235.057570][ T6174] loop3: detected capacity change from 0 to 1024 [ 235.676967][ T12] hfsplus: b-tree write err: -5, ino 8 [ 236.590593][ T6195] Bluetooth: MGMT ver 1.23 [ 236.963787][ T6197] netlink: 28 bytes leftover after parsing attributes in process `syz.4.49'. [ 237.249487][ T6201] Bluetooth: hci0: Opcode 0x0401 failed: -112 [ 237.777195][ T6208] loop4: detected capacity change from 0 to 1024 [ 238.278091][ T6218] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 238.668789][ T1134] hfsplus: b-tree write err: -5, ino 3 [ 239.212870][ T49] Bluetooth: hci0: command 0x0401 tx timeout [ 239.270473][ T5816] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 239.439179][ T6231] loop2: detected capacity change from 0 to 256 [ 239.655579][ T6234] loop1: detected capacity change from 0 to 256 [ 239.793351][ T6231] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 239.804615][ T6231] FAT-fs (loop2): Filesystem has been set read-only [ 240.062759][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.1.64'. [ 240.989968][ T6240] loop4: detected capacity change from 0 to 2048 [ 241.167429][ T6240] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 241.257842][ T5816] Bluetooth: hci0: command 0x0401 tx timeout [ 241.584997][ T6247] loop1: detected capacity change from 0 to 512 [ 241.737243][ T6247] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 241.752838][ T6248] UDF-fs: warning (device loop4): udf_truncate_tail_extent: Too long extent after EOF in inode 1346: i_size: 17247272960 lbcount: 17247275008 extent 65+4608 [ 241.769920][ T6248] UDF-fs: error (device loop4): udf_truncate_tail_extent: Extent after EOF in inode 1346 [ 242.043356][ T6247] EXT4-fs (loop1): 1 truncate cleaned up [ 242.051697][ T6247] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 242.353817][ T6252] loop3: detected capacity change from 0 to 1024 [ 242.514760][ T6252] EXT4-fs: Ignoring removed orlov option [ 242.521244][ T6252] EXT4-fs: Ignoring removed nomblk_io_submit option [ 242.789859][ T6252] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 242.920066][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.426877][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.950480][ T3541] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.106983][ T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 246.338024][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 246.348903][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 246.364169][ T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 246.374318][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.415939][ T6296] syz.0.86 uses obsolete (PF_INET,SOCK_PACKET) [ 246.475487][ T6299] loop2: detected capacity change from 0 to 128 [ 246.608452][ T24] usb 5-1: config 0 descriptor?? [ 246.681485][ T6299] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 246.806611][ T6300] sit1: entered promiscuous mode [ 246.897033][ T6299] ext4 filesystem being mounted at /16/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 246.954652][ T6305] loop1: detected capacity change from 0 to 512 [ 247.132778][ T6305] EXT4-fs: Ignoring removed nobh option [ 247.228904][ T24] logitech 0003:046D:C29C.0001: hidraw0: USB HID v10.00 Device [HID 046d:c29c] on usb-dummy_hcd.4-1/input0 [ 247.362659][ T6305] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.88: iget: bad i_size value: 38620345925642 [ 247.392112][ T6305] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.88: couldn't read orphan inode 15 (err -117) [ 247.578060][ T6305] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.613226][ T24] logitech 0003:046D:C29C.0001: no inputs found [ 247.633857][ T24] usb 5-1: USB disconnect, device number 2 [ 247.819174][ T6305] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.88: iget: bad i_size value: 38620345925642 [ 248.574269][ T6308] fido_id[6308]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 248.987467][ T5825] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 249.664648][ T6321] netlink: 12 bytes leftover after parsing attributes in process `syz.3.92'. [ 249.674301][ T6321] netlink: 'syz.3.92': attribute type 2 has an invalid length. [ 249.682483][ T6321] netlink: 'syz.3.92': attribute type 1 has an invalid length. [ 249.690764][ T6321] netlink: 52 bytes leftover after parsing attributes in process `syz.3.92'. [ 250.229447][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.116308][ T6343] loop3: detected capacity change from 0 to 1024 [ 255.163712][ T6343] hfsplus: Unknown parameter '0xffffffffffffffff184467440737095516150xffffffffffffffff ̅6дs[i0Ke%D((ߗh?a:ub1!+Ey.Bf#{!sL͜( e f6~3uZō/I/$h?v y' [ 255.568099][ T5865] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 255.767685][ T5900] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 255.787346][ T5865] usb 4-1: Using ep0 maxpacket: 16 [ 255.798908][ T5865] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.811094][ T5865] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.826942][ T5865] usb 4-1: config 0 interface 0 has no altsetting 0 [ 255.833861][ T5865] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 255.844599][ T5865] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.008261][ T5865] usb 4-1: config 0 descriptor?? [ 256.058660][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 256.070278][ T5900] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 256.090833][ T5900] usb 2-1: New USB device found, idVendor=046d, idProduct=ca04, bcdDevice= 0.00 [ 256.102809][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.335886][ T5900] usb 2-1: config 0 descriptor?? [ 256.344250][ T6348] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 256.785818][ T5865] usb 4-1: USB disconnect, device number 5 [ 256.872682][ T5900] logitech 0003:046D:CA04.0003: unbalanced delimiter at end of report description [ 256.944087][ T5900] logitech 0003:046D:CA04.0003: parse failed [ 256.952046][ T5900] logitech 0003:046D:CA04.0003: probe with driver logitech failed with error -22 [ 257.067486][ T5900] usb 2-1: USB disconnect, device number 3 [ 258.017860][ T5900] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 258.159805][ T5865] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0 [ 258.168266][ T5865] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0 [ 258.175958][ T5865] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0 [ 258.247693][ T5900] usb 4-1: Using ep0 maxpacket: 16 [ 258.284165][ T5900] usb 4-1: config 0 has an invalid interface number: 105 but max is 0 [ 258.285563][ T6366] loop1: detected capacity change from 0 to 512 [ 258.292770][ T5900] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 258.292897][ T5900] usb 4-1: config 0 has no interface number 0 [ 258.308346][ T5865] hid-generic 0000:0004:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz1 [ 258.462728][ T5900] usb 4-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28 [ 258.472723][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.481333][ T5900] usb 4-1: Product: syz [ 258.485836][ T5900] usb 4-1: Manufacturer: syz [ 258.491318][ T5900] usb 4-1: SerialNumber: syz [ 258.569311][ T5900] usb 4-1: config 0 descriptor?? [ 258.611868][ T5900] usb 4-1: Found UVC 0.00 device syz (046c:14e8) [ 258.618252][ T6366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 258.618663][ T6366] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.631464][ T5900] usb 4-1: No valid video chain found. [ 258.828680][ T5865] usb 4-1: USB disconnect, device number 6 [ 259.014623][ T6369] fido_id[6369]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 259.224012][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 260.579521][ T6387] 9pnet_fd: Insufficient options for proto=fd [ 260.852581][ T6390] loop1: detected capacity change from 0 to 16 [ 260.910351][ T6390] erofs (device loop1): mounted with root inode @ nid 36. [ 260.988631][ T6390] erofs (device loop1): readahead error at folio 2 @ nid 89 [ 260.999447][ T6390] syz.1.118: attempt to access beyond end of device [ 260.999447][ T6390] loop1: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 261.137616][ T6390] erofs (device loop1): failed to decompress -5 in[4096, 0] out[4096] [ 261.146092][ T6390] erofs (device loop1): read error -117 @ 0 of nid 89 [ 261.157947][ T30] audit: type=1800 audit(1755862055.066:7): pid=6390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.118" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 261.803872][ T5865] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 262.043560][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 262.054997][ T5865] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 262.065363][ T5865] usb 4-1: New USB device found, idVendor=1532, idProduct=011d, bcdDevice= 0.00 [ 262.074891][ T5865] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.144045][ T6400] loop1: detected capacity change from 0 to 1024 [ 262.235815][ T5865] usb 4-1: config 0 descriptor?? [ 262.373270][ T6400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 262.747458][ T49] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 262.758828][ T49] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 262.769827][ T5865] hid-rmi 0003:1532:011D.0005: item fetching failed at offset 2/5 [ 262.813482][ T49] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 262.829210][ T49] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 262.851678][ T49] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 262.890485][ T5865] hid-rmi 0003:1532:011D.0005: parse failed [ 262.897307][ T5865] hid-rmi 0003:1532:011D.0005: probe with driver hid-rmi failed with error -22 [ 262.933873][ T6395] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 263.001432][ T6400] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.123: Allocating blocks 497-513 which overlap fs metadata [ 263.169373][ T5865] usb 4-1: USB disconnect, device number 7 [ 263.514854][ T6400] EXT4-fs (loop1): pa ffff888123a450e0: logic 1073741872, phys. 177, len 21 [ 263.524277][ T6400] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1 [ 263.925913][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.959494][ T49] Bluetooth: hci5: command tx timeout [ 265.291149][ T6418] loop3: detected capacity change from 0 to 164 [ 265.305619][ T5865] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 265.633840][ T6418] rock: directory entry would overflow storage [ 265.640372][ T6418] rock: sig=0x5252, size=5, remaining=3 [ 266.029263][ T5865] usb 3-1: config index 0 descriptor too short (expected 45, got 36) [ 266.037961][ T5865] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 266.049723][ T5865] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 266.062492][ T5865] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 266.076716][ T5865] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 266.086006][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.634987][ T5865] usb 3-1: config 0 descriptor?? [ 266.644091][ T6412] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 267.017323][ T49] Bluetooth: hci5: command tx timeout [ 267.122736][ T6423] Illegal XDP return value 4294967274 on prog (id 13) dev syz_tun, expect packet loss! [ 267.510548][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.518379][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.526149][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.534334][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.542127][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.552686][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.561277][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.569168][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.577043][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.584704][ T5865] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 267.629837][ T6405] chnl_net:caif_netlink_parms(): no params data found [ 268.436706][ T5865] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 268.623018][ T5865] usb 3-1: USB disconnect, device number 2 [ 269.062635][ T6440] loop1: detected capacity change from 0 to 256 [ 269.096968][ T49] Bluetooth: hci5: command tx timeout [ 269.214592][ T6441] loop2: detected capacity change from 0 to 764 [ 269.218846][ T6440] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 269.231949][ T6440] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 269.289209][ T6441] iso9660: Unknown parameter '/dev/kvm' [ 269.428392][ T6434] fido_id[6434]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 269.512161][ T6440] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 270.471115][ T6405] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.478997][ T6405] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.487219][ T6405] bridge_slave_0: entered allmulticast mode [ 270.497164][ T6405] bridge_slave_0: entered promiscuous mode [ 270.720098][ T6405] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.739277][ T6405] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.747569][ T6405] bridge_slave_1: entered allmulticast mode [ 270.757752][ T6405] bridge_slave_1: entered promiscuous mode [ 271.042021][ T6457] loop2: detected capacity change from 0 to 256 [ 271.176897][ T49] Bluetooth: hci5: command tx timeout [ 271.186092][ T6457] exFAT-fs (loop2): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 271.212309][ T6405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 271.281782][ T6457] exFAT-fs (loop2): valid_size(10) is greater than size(0) [ 271.319321][ T6405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 271.496711][ T6459] loop1: detected capacity change from 0 to 128 [ 271.566893][ T6459] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 271.733956][ T6405] team0: Port device team_slave_0 added [ 271.769396][ T6459] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 271.800397][ T6405] team0: Port device team_slave_1 added [ 272.269932][ T5865] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 272.301531][ T6405] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 272.309264][ T6405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 272.337535][ T6405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 272.361397][ T6465] input: syz0 as /devices/virtual/input/input7 [ 272.520635][ T6405] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 272.528258][ T6405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 272.540440][ T5865] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 272.555431][ T6405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 272.570210][ T5865] usb 4-1: New USB device found, idVendor=056a, idProduct=00b5, bcdDevice= 0.00 [ 272.570367][ T5865] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 272.795185][ T5865] usb 4-1: config 0 descriptor?? [ 273.494294][ T5865] usb 4-1: USB disconnect, device number 8 [ 273.620562][ T6405] hsr_slave_0: entered promiscuous mode [ 273.631290][ T6405] hsr_slave_1: entered promiscuous mode [ 273.640378][ T6405] debugfs: 'hsr0' already exists in 'hsr' [ 273.646314][ T6405] Cannot create hsr debugfs directory [ 273.658000][ T6472] loop2: detected capacity change from 0 to 1024 [ 273.831979][ T6472] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.199277][ T6480] loop1: detected capacity change from 0 to 512 [ 274.244468][ T6481] fuse: Bad value for 'fd' [ 274.359624][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.538819][ T6480] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 548) [ 274.547530][ T6480] FAT-fs (loop1): Filesystem has been set read-only [ 274.649773][ T6480] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 548) [ 274.709300][ T6480] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 548) [ 274.769536][ T6480] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 548) [ 274.848979][ T6480] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 548) [ 274.889858][ T6480] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 548) [ 275.616912][ T5869] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 275.825630][ T5869] usb 4-1: Using ep0 maxpacket: 32 [ 275.837326][ T6405] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 275.879928][ T5869] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 275.888437][ T5869] usb 4-1: config 0 has no interface number 0 [ 275.943074][ T6494] loop2: detected capacity change from 0 to 256 [ 276.005865][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.036240][ T5869] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 276.046008][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.052832][ T6494] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 276.062320][ T5869] usb 4-1: Product: syz [ 276.065295][ T6494] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 276.071690][ T5869] usb 4-1: Manufacturer: syz [ 276.082526][ T5869] usb 4-1: SerialNumber: syz [ 276.112255][ T6405] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 276.112921][ T5869] usb 4-1: config 0 descriptor?? [ 276.150887][ T5869] smsc95xx v2.0.0 [ 276.239996][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.275158][ T6496] netlink: 4 bytes leftover after parsing attributes in process `syz.4.154'. [ 276.279069][ T6494] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 276.299040][ T6405] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 276.448274][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.557650][ T6405] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 276.697124][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.714939][ T5869] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 276.726222][ T5869] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 277.497768][ T12] bridge_slave_1: left allmulticast mode [ 277.503908][ T12] bridge_slave_1: left promiscuous mode [ 277.511544][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.637431][ T5869] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 277.650110][ T5869] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71 [ 277.703355][ T6506] loop1: detected capacity change from 0 to 512 [ 277.729977][ T12] bridge_slave_0: left allmulticast mode [ 277.736011][ T12] bridge_slave_0: left promiscuous mode [ 277.743256][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.755883][ T6506] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 277.808922][ T6506] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 277.881092][ T5869] usb 4-1: USB disconnect, device number 9 [ 277.917663][ T6506] EXT4-fs (loop1): 1 truncate cleaned up [ 277.925761][ T6506] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.760460][ T5829] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 279.131041][ T5865] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 279.238845][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 279.575864][ T6523] input: syz0 as /devices/virtual/input/input8 [ 279.983268][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 280.000656][ T12] bond0 (unregistering): Released all slaves [ 280.044864][ T5865] usb 4-1: config 9 has an invalid interface number: 88 but max is 1 [ 280.053418][ T5865] usb 4-1: config 9 contains an unexpected descriptor of type 0x2, skipping [ 280.063829][ T5865] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 280.075820][ T5865] usb 4-1: config 9 has no interface number 1 [ 280.083428][ T5865] usb 4-1: config 9 interface 88 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 280.095922][ T5865] usb 4-1: config 9 interface 88 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 280.108292][ T5865] usb 4-1: config 9 interface 88 altsetting 9 has an endpoint descriptor with address 0xA4, changing to 0x84 [ 280.121729][ T5865] usb 4-1: config 9 interface 88 has no altsetting 0 [ 280.165645][ T6526] loop1: detected capacity change from 0 to 1024 [ 280.175552][ T6526] hfsplus: Unknown parameter '' [ 280.748396][ T5865] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=50.80 [ 280.757984][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.768137][ T5865] usb 4-1: Product: syz [ 280.773044][ T5865] usb 4-1: Manufacturer: syz [ 280.778030][ T5865] usb 4-1: SerialNumber: syz [ 281.079415][ T5865] qmi_wwan 4-1:9.88: skipping garbage [ 281.086063][ T5865] qmi_wwan 4-1:9.88: probe with driver qmi_wwan failed with error -22 [ 281.357380][ T5865] usb 4-1: Could not set interface, error -71 [ 281.462277][ T5865] usb 4-1: USB disconnect, device number 10 [ 281.706089][ T12] hsr_slave_0: left promiscuous mode [ 281.737611][ T12] hsr_slave_1: left promiscuous mode [ 281.745619][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 281.754729][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 281.860422][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 281.868177][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 282.032271][ T12] veth1_macvtap: left promiscuous mode [ 282.038421][ T12] veth0_macvtap: left promiscuous mode [ 282.044661][ T12] veth1_vlan: left promiscuous mode [ 282.053481][ T12] veth0_vlan: left promiscuous mode [ 282.379667][ T5869] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 282.718423][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 282.758909][ T5869] usb 2-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 282.768799][ T5869] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.777802][ T5869] usb 2-1: Product: syz [ 282.782163][ T5869] usb 2-1: Manufacturer: syz [ 282.787087][ T5869] usb 2-1: SerialNumber: syz [ 282.792443][ T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 282.884254][ T5869] usb 2-1: config 0 descriptor?? [ 282.986646][ T5869] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 282.995378][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 283.069344][ T9] usb 4-1: config 0 has an invalid interface number: 150 but max is 0 [ 283.078227][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 283.088908][ T9] usb 4-1: config 0 has no interface number 0 [ 283.095428][ T9] usb 4-1: config 0 interface 150 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 283.109063][ T9] usb 4-1: config 0 interface 150 has no altsetting 0 [ 283.121234][ T9] usb 4-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75 [ 283.132705][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.279969][ T5869] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 283.352307][ T9] usb 4-1: config 0 descriptor?? [ 283.392839][ T5865] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 283.397892][ T5869] usb 2-1: USB disconnect, device number 4 [ 283.521922][ T6118] udevd[6118]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 283.686616][ T5865] usb 3-1: config 220 has an invalid interface number: 76 but max is 2 [ 283.695290][ T5865] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 283.704655][ T5865] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 283.715291][ T5865] usb 3-1: config 220 has no interface number 2 [ 283.722638][ T5865] usb 3-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 283.737975][ T5865] usb 3-1: config 220 interface 0 has no altsetting 0 [ 283.745006][ T5865] usb 3-1: config 220 interface 76 has no altsetting 0 [ 283.753200][ T5865] usb 3-1: config 220 interface 1 has no altsetting 0 [ 283.873071][ T5865] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 283.882831][ T5865] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.891379][ T5865] usb 3-1: Product: syz [ 283.895765][ T5865] usb 3-1: Manufacturer: syz [ 283.900904][ T5865] usb 3-1: SerialNumber: syz [ 284.028651][ T9] usb 4-1: USB disconnect, device number 11 [ 284.069100][ T12] team0 (unregistering): Port device team_slave_1 removed [ 284.180766][ T6509] udevd[6509]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.150/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 284.212240][ T12] team0 (unregistering): Port device team_slave_0 removed [ 284.289049][ T5865] usb 3-1: Found UVC 7.01 device syz (8086:0b07) [ 284.295730][ T5865] usb 3-1: No valid video chain found. [ 284.302132][ T5865] usb 3-1: selecting invalid altsetting 0 [ 284.423306][ T5865] usb 3-1: selecting invalid altsetting 0 [ 284.429564][ T5865] usbtest 3-1:220.1: probe with driver usbtest failed with error -22 [ 284.628679][ T5865] usb 3-1: USB disconnect, device number 3 [ 285.182125][ T6561] loop3: detected capacity change from 0 to 512 [ 285.234963][ T6561] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent [ 285.609957][ T6405] 8021q: adding VLAN 0 to HW filter on device bond0 [ 285.764927][ T6405] 8021q: adding VLAN 0 to HW filter on device team0 [ 285.849409][ T4087] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.857058][ T4087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 285.949564][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 285.956230][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 286.065730][ T4087] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.073427][ T4087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 286.268580][ T6571] loop1: detected capacity change from 0 to 1024 [ 286.568933][ T6571] ===================================================== [ 286.577666][ T6571] BUG: KMSAN: uninit-value in hfs_find_1st_rec_by_cnid+0x212/0x3d0 [ 286.587018][ T6571] hfs_find_1st_rec_by_cnid+0x212/0x3d0 [ 286.594145][ T6571] __hfsplus_brec_find+0x274/0x840 [ 286.602914][ T6571] hfsplus_brec_find+0x4df/0x9f0 [ 286.609783][ T6571] hfsplus_find_attr+0x1eb/0x260 [ 286.614924][ T6571] hfsplus_listxattr+0x61b/0x1bc0 [ 286.620376][ T6571] listxattr+0x1e5/0x730 [ 286.624783][ T6571] path_listxattrat+0x21e/0x6e0 [ 286.630277][ T6571] __x64_sys_listxattr+0x9e/0x100 [ 286.635540][ T6571] x64_sys_call+0x3aa0/0x3e20 [ 286.640638][ T6571] do_syscall_64+0xd9/0x210 [ 286.645358][ T6571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.651692][ T6571] [ 286.654135][ T6571] Uninit was created at: [ 286.658804][ T6571] __kmalloc_noprof+0x95f/0x1310 [ 286.663961][ T6571] hfsplus_find_init+0x90/0x1d0 [ 286.669300][ T6571] hfsplus_listxattr+0x4d4/0x1bc0 [ 286.674531][ T6571] listxattr+0x1e5/0x730 [ 286.679117][ T6571] path_listxattrat+0x21e/0x6e0 [ 286.684163][ T6571] __x64_sys_listxattr+0x9e/0x100 [ 286.689818][ T6571] x64_sys_call+0x3aa0/0x3e20 [ 286.694725][ T6571] do_syscall_64+0xd9/0x210 [ 286.701581][ T6571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.708476][ T6571] [ 286.710947][ T6571] CPU: 1 UID: 0 PID: 6571 Comm: syz.1.179 Not tainted syzkaller #0 PREEMPT(none) [ 286.720546][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 286.731038][ T6571] ===================================================== [ 286.738226][ T6571] Disabling lock debugging due to kernel taint [ 286.744507][ T6571] Kernel panic - not syncing: kmsan.panic set ... [ 286.751087][ T6571] CPU: 1 UID: 0 PID: 6571 Comm: syz.1.179 Tainted: G B syzkaller #0 PREEMPT(none) [ 286.762128][ T6571] Tainted: [B]=BAD_PAGE [ 286.766387][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 286.776580][ T6571] Call Trace: [ 286.779977][ T6571] [ 286.783027][ T6571] __dump_stack+0x26/0x30 [ 286.787579][ T6571] dump_stack_lvl+0x53/0x270 [ 286.792398][ T6571] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 286.798434][ T6571] dump_stack+0x1e/0x25 [ 286.802824][ T6571] vpanic+0x361/0xc50 [ 286.807067][ T6571] panic+0x15d/0x160 [ 286.811244][ T6571] kmsan_report+0x31c/0x320 [ 286.815965][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 286.821297][ T6571] ? __msan_warning+0x1b/0x30 [ 286.826161][ T6571] ? hfs_find_1st_rec_by_cnid+0x212/0x3d0 [ 286.832138][ T6571] ? __hfsplus_brec_find+0x274/0x840 [ 286.837684][ T6571] ? hfsplus_brec_find+0x4df/0x9f0 [ 286.843062][ T6571] ? hfsplus_find_attr+0x1eb/0x260 [ 286.848392][ T6571] ? hfsplus_listxattr+0x61b/0x1bc0 [ 286.853794][ T6571] ? listxattr+0x1e5/0x730 [ 286.858388][ T6571] ? path_listxattrat+0x21e/0x6e0 [ 286.863600][ T6571] ? __x64_sys_listxattr+0x9e/0x100 [ 286.869047][ T6571] ? x64_sys_call+0x3aa0/0x3e20 [ 286.874156][ T6571] ? do_syscall_64+0xd9/0x210 [ 286.879082][ T6571] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.885368][ T6571] ? filter_irq_stacks+0x49/0x190 [ 286.890669][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 286.896057][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 286.901396][ T6571] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 286.907867][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 286.913202][ T6571] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 286.919672][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 286.925065][ T6571] __msan_warning+0x1b/0x30 [ 286.929846][ T6571] hfs_find_1st_rec_by_cnid+0x212/0x3d0 [ 286.935661][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 286.941011][ T6571] __hfsplus_brec_find+0x274/0x840 [ 286.946393][ T6571] ? __pfx_hfs_find_1st_rec_by_cnid+0x10/0x10 [ 286.952770][ T6571] hfsplus_brec_find+0x4df/0x9f0 [ 286.957995][ T6571] ? __pfx_hfs_find_1st_rec_by_cnid+0x10/0x10 [ 286.964387][ T6571] hfsplus_find_attr+0x1eb/0x260 [ 286.969531][ T6571] hfsplus_listxattr+0x61b/0x1bc0 [ 286.974807][ T6571] ? terminate_walk+0x541/0x5b0 [ 286.979933][ T6571] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 286.985976][ T6571] ? filename_lookup+0x6ab/0x800 [ 286.991115][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 286.996457][ T6571] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 287.002468][ T6571] ? kmsan_get_metadata+0xfb/0x160 [ 287.007795][ T6571] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 287.013825][ T6571] ? __pfx_hfsplus_listxattr+0x10/0x10 [ 287.019497][ T6571] ? __pfx_hfsplus_listxattr+0x10/0x10 [ 287.025171][ T6571] listxattr+0x1e5/0x730 [ 287.029614][ T6571] path_listxattrat+0x21e/0x6e0 [ 287.034677][ T6571] __x64_sys_listxattr+0x9e/0x100 [ 287.039962][ T6571] x64_sys_call+0x3aa0/0x3e20 [ 287.044900][ T6571] do_syscall_64+0xd9/0x210 [ 287.049631][ T6571] ? irqentry_exit+0x16/0x60 [ 287.054422][ T6571] ? clear_bhb_loop+0x40/0x90 [ 287.059306][ T6571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.065398][ T6571] RIP: 0033:0x7f1b52f8ebe9 [ 287.069977][ T6571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.089804][ T6571] RSP: 002b:00007f1b53e0b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c2 [ 287.098421][ T6571] RAX: ffffffffffffffda RBX: 00007f1b531b5fa0 RCX: 00007f1b52f8ebe9 [ 287.106551][ T6571] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000300 [ 287.114673][ T6571] RBP: 00007f1b53011e19 R08: 0000000000000000 R09: 0000000000000000 [ 287.123089][ T6571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.131219][ T6571] R13: 00007f1b531b6038 R14: 00007f1b531b5fa0 R15: 00007ffca667b8c8 [ 287.139395][ T6571] [ 287.142726][ T6571] Kernel Offset: disabled [ 287.147130][ T6571] Rebooting in 86400 seconds..