last executing test programs: 7m38.423529892s ago: executing program 3 (id=379): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff8e8}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x490, 0x360, 0xa, 0x148, 0x360, 0x60, 0x3f8, 0x2a8, 0x2a8, 0x3f8, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x360, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x4, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x20, 0x8601, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x1, 0x6, 0x3, 0x81, 'snmp_trap\x00', 'syz0\x00', {0x30f6a663}}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f0) 7m37.672998333s ago: executing program 3 (id=382): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sched_setscheduler(r0, 0x1, &(0x7f0000000000)=0x7) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x3, 0x9, 0xd, 0x138, 0xfb6}, &(0x7f0000000100)=0x14) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={r4, @in={{0x2, 0x0, @multicast2}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) unlink(0x0) bind$inet6(r3, 0x0, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x2b680f01, &(0x7f0000000300)) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(0xffffffffffffffff, 0x40045402, &(0x7f0000000140)=0x1) syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0) syz_io_uring_setup(0x318b, &(0x7f00000003c0)={0x0, 0xfec9, 0x8, 0x3}, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) 7m31.309391649s ago: executing program 3 (id=391): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = dup2(r0, r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0xff58) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x58, [{}, {0x0, 0x100000000000000}]}, 0x68) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, 0x0, 0x0) 7m30.992813074s ago: executing program 3 (id=392): getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) r1 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r2, 0x0, 0x2, 0x0, 0x0) mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0585609, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/tty/ldiscs\x00', 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000150081054e81f782db44b9040a1d3b020a000000040000a11800020000e9400084150e1208000f0100810401a80016ea1f0006400303000803600cfab94dcf5c0461c1d67f6e94007134cf6ee08002a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad9561b4a29c828f6a3aa2fcf72baa7ea67e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a753916647f616b762439deec51", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x4000) bind$inet(r4, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10) sendfile(r4, r3, 0x0, 0x20000023893) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={0x0, 0xffffff2c}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000300)={r5, @in={{0x2, 0x4e22, @multicast1}}, 0xfffffff7, 0x0, 0x316, 0x1, 0x0, 0x9}, 0x9c) 7m27.95477666s ago: executing program 3 (id=398): bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x40000000015, 0x5, 0x0) fchown(r3, 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0xc000, 0x0) 7m26.655993598s ago: executing program 3 (id=401): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0x144, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x0, 0x2}, 0x70bd29, 0x0, 0x2, 0x1, 0x0, 0x28}, [@algo_aead={0x4c, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0x0, 0x80}}, @tfcpad={0x8, 0x16, 0x4}]}, 0x144}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 7m11.311272744s ago: executing program 32 (id=401): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV") sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0x144, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x0, 0x2}, 0x70bd29, 0x0, 0x2, 0x1, 0x0, 0x28}, [@algo_aead={0x4c, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0x0, 0x80}}, @tfcpad={0x8, 0x16, 0x4}]}, 0x144}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 6.350108049s ago: executing program 0 (id=1129): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001440)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) sendmsg$inet(r3, &(0x7f00000002c0)={0x0, 0x11, 0x0}, 0x20000000) 5.991046665s ago: executing program 0 (id=1133): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r5, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) 4.434982509s ago: executing program 4 (id=1146): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x40000) r2 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='name', 0x0, 0x0) 4.026499596s ago: executing program 2 (id=1147): r0 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@hci={0x1f, 0x8, 0xd}, 0x80, &(0x7f0000000300)=[{&(0x7f00000001c0)="2704677f01f6ff7f2310000092671f2265503380de586deed580487dbf9fa92af28f", 0x22}], 0x1}, 0x54) 3.793170779s ago: executing program 2 (id=1148): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000047c0)=""/4057, 0xfd9}, {&(0x7f00000037c0)=""/4069, 0xfe5}, {&(0x7f00000010c0)=""/118, 0x76}, {&(0x7f0000000e40)=""/6, 0x6}, {&(0x7f0000000340)=""/194, 0xc2}], 0x5}, 0x40000002) sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000900)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e513aeac9bf2bee150d5fe86", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000) 3.606150962s ago: executing program 2 (id=1149): r0 = socket$kcm(0x2, 0x5, 0x84) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x90) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socket$kcm(0x11, 0x200000000000002, 0x300) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0x10, &(0x7f0000000000)=r3, 0x8) 3.236187768s ago: executing program 2 (id=1151): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = socket$kcm(0x2, 0x200000000000001, 0x106) setsockopt$sock_attach_bpf(r0, 0x0, 0x13, 0x0, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f00000001c0), 0x12) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_clone(0x43001000, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f0000000380), 0x12) 3.13817566s ago: executing program 0 (id=1152): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28) 2.873408253s ago: executing program 1 (id=1153): socket$kcm(0x1e, 0x2, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000042c0)="86", 0x1}, {&(0x7f00000002c0)="794ab6f05259d1b3bd29a47757ca01b92304ad7ac7dece9d204c4b1eea2feb32c12013dc3fdf2ae40958dc", 0x2b}, {&(0x7f0000000340)="d94469a91874fde3d54cf0261ed019a1743de9ea6aeb3a48c84fe243355bc50d49c475f6d7a83e162ee4ce52ba34872f5e0b62e54f0a669d25e869930f3f5858fc7ac5b45884996460645187518e98e83d588712c97a64a4806cdc8053118fbd297dd87bfb7675df60e9c6bb3ad691f5e2448ab0f83f31ebcbffcefdc4a23f8d01de480e6fccdb9923918a967f67c55799ecf0f6aaccbbeba00809f8977a0a5b", 0xa0}], 0x3}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f00000000c0), 0x4) close(r1) recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) close(0x4) 2.780509565s ago: executing program 0 (id=1154): syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 2.662762347s ago: executing program 4 (id=1155): openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket(0x28, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(r0) socket$nl_generic(0x10, 0x3, 0x10) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) socket$igmp(0x2, 0x3, 0x2) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r3}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 2.662141087s ago: executing program 0 (id=1156): openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0) socket$tipc(0x1e, 0x5, 0x0) close(r3) r4 = socket$unix(0x1, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c040}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56f41, 0x1070b923, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0xe}, {0x8, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4008000) ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 2.541024709s ago: executing program 1 (id=1157): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x18) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) sendmsg$sock(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@timestamping={{0x14, 0x1, 0x25, 0x2}}], 0x18}, 0x0) r3 = socket$kcm(0xa, 0x5, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a80)={0x6, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x80, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x890b, &(0x7f0000000000)={r2}) 2.418325141s ago: executing program 4 (id=1158): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r0}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000300)=""/8, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) 2.324325052s ago: executing program 1 (id=1159): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0) 2.225118754s ago: executing program 2 (id=1160): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020022003505d25a806f8c6394f95e24fc60040068000a7403004800000037153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 1.364157578s ago: executing program 2 (id=1161): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r5, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) 1.359314918s ago: executing program 0 (id=1162): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(0x0, r0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYRES16=r0], 0x30}}, 0x0) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e) connect$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0) ioctl$PPPIOCATTCHAN(r2, 0x40047438, &(0x7f0000000040)=0x1) close(r1) 1.307791519s ago: executing program 1 (id=1163): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28) 1.22928834s ago: executing program 4 (id=1164): r0 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="27030200590200000000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3332be2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0) 941.795274ms ago: executing program 1 (id=1165): syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 557.45977ms ago: executing program 4 (id=1166): openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket(0x28, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) dup(r0) socket$nl_generic(0x10, 0x3, 0x10) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r3}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 110.735558ms ago: executing program 1 (id=1167): r0 = socket$kcm(0x1e, 0x1, 0x0) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43) r1 = socket$kcm(0x1e, 0x4, 0x0) setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43) write$cgroup_subtree(r1, 0x0, 0xfdef) 0s ago: executing program 4 (id=1168): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000006c0), 0x0, 0x3}, 0x38) kernel console output (not intermixed with test programs): ow disconnected from ttyUSB1 [ 207.144839][ T788] quatech2 2-1:0.51: device disconnected [ 207.229943][ T6680] loop3: detected capacity change from 0 to 4096 [ 207.718710][ T6680] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 207.970277][ T6686] loop1: detected capacity change from 0 to 256 [ 207.978192][ T6686] exfat: Unknown parameter 'zero_size_dir' [ 209.853992][ T6698] loop1: detected capacity change from 0 to 4096 [ 210.320664][ T28] audit: type=1800 audit(1753277994.324:12): pid=6698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.213" name="file1" dev="loop1" ino=33 res=0 errno=0 [ 210.410297][ T28] audit: type=1800 audit(1753277994.364:13): pid=6698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.213" name="file1" dev="loop1" ino=33 res=0 errno=0 [ 210.756120][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.966038][ T5800] Bluetooth: hci2: command 0x0406 tx timeout [ 211.972350][ T5794] Bluetooth: hci3: command 0x0406 tx timeout [ 211.972897][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 211.981681][ T5794] Bluetooth: hci1: command 0x0406 tx timeout [ 212.027647][ T6717] vivid-001: ================= START STATUS ================= [ 212.035537][ T6717] vivid-001: Radio HW Seek Mode: Bounded [ 212.041605][ T6717] vivid-001: Radio Programmable HW Seek: false [ 212.048165][ T6717] vivid-001: RDS Rx I/O Mode: Block I/O [ 212.053907][ T6717] vivid-001: Generate RBDS Instead of RDS: false [ 212.060760][ T6717] vivid-001: RDS Reception: true [ 212.065969][ T6717] vivid-001: RDS Program Type: 0 inactive [ 212.072187][ T6717] vivid-001: RDS PS Name: inactive [ 212.088692][ T6717] vivid-001: RDS Radio Text: inactive [ 212.094672][ T6717] vivid-001: RDS Traffic Announcement: false inactive [ 212.101789][ T6717] vivid-001: RDS Traffic Program: false inactive [ 212.108611][ T6717] vivid-001: RDS Music: false inactive [ 212.114443][ T6717] vivid-001: ================== END STATUS ================== [ 212.521568][ T6708] loop1: detected capacity change from 0 to 40427 [ 212.541498][ T6708] F2FS-fs (loop1): Fix alignment : done, start(4096) end(16896) block(12288) [ 212.552747][ T6708] F2FS-fs (loop1): invalid crc value [ 212.569426][ T6708] F2FS-fs (loop1): Found nat_bits in checkpoint [ 212.687644][ T27] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 212.705840][ T6708] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 213.048599][ T27] usb 1-1: Using ep0 maxpacket: 32 [ 213.065143][ T27] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 213.074228][ T27] usb 1-1: config 0 has no interface number 0 [ 213.088355][ T27] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 213.123046][ T6734] loop3: detected capacity change from 0 to 256 [ 213.132621][ T6734] exfat: Unknown parameter 'zero_size_dir' [ 213.203631][ T6735] syz.1.215: attempt to access beyond end of device [ 213.203631][ T6735] loop1: rw=2049, sector=77824, nr_sectors = 2048 limit=40427 [ 213.232870][ T6735] syz.1.215: attempt to access beyond end of device [ 213.232870][ T6735] loop1: rw=2049, sector=79872, nr_sectors = 520 limit=40427 [ 214.817188][ T28] audit: type=1800 audit(1753277997.164:14): pid=6735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.215" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 215.194425][ T5786] syz-executor: attempt to access beyond end of device [ 215.194425][ T5786] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 215.201855][ T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.216703][ T27] usb 1-1: Product: syz [ 215.221910][ T27] usb 1-1: Manufacturer: syz [ 215.226905][ T27] usb 1-1: SerialNumber: syz [ 215.233070][ T5786] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 215.242837][ T27] usb 1-1: config 0 descriptor?? [ 215.251153][ T27] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 215.289307][ T6740] loop3: detected capacity change from 0 to 4096 [ 215.480207][ T27] usb 1-1: qt2_attach - failed to power on unit: -71 [ 215.509159][ T28] audit: type=1800 audit(1753277999.514:15): pid=6740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.224" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 215.511265][ T27] quatech2: probe of 1-1:0.51 failed with error -71 [ 216.283294][ T28] audit: type=1800 audit(1753278000.284:16): pid=6747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.224" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 216.305555][ T27] usb 1-1: USB disconnect, device number 5 [ 216.790145][ T6756] vivid-001: ================= START STATUS ================= [ 216.798052][ T6756] vivid-001: Radio HW Seek Mode: Bounded [ 216.803847][ T6756] vivid-001: Radio Programmable HW Seek: false [ 216.810178][ T6756] vivid-001: RDS Rx I/O Mode: Block I/O [ 216.815879][ T6756] vivid-001: Generate RBDS Instead of RDS: false [ 216.822538][ T6756] vivid-001: RDS Reception: true [ 216.827709][ T6756] vivid-001: RDS Program Type: 0 inactive [ 216.833664][ T6756] vivid-001: RDS PS Name: inactive [ 216.839820][ T6756] vivid-001: RDS Radio Text: inactive [ 216.850859][ T6756] vivid-001: RDS Traffic Announcement: false inactive [ 216.857934][ T6756] vivid-001: RDS Traffic Program: false inactive [ 216.864485][ T6756] vivid-001: RDS Music: false inactive [ 216.870137][ T6756] vivid-001: ================== END STATUS ================== [ 217.630893][ T6759] loop2: detected capacity change from 0 to 2048 [ 217.918566][ T6759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.000959][ T6770] overlayfs: overlapping lowerdir path [ 218.118127][ T6759] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 218.841228][ T6773] loop0: detected capacity change from 0 to 256 [ 218.858203][ T6773] exfat: Unknown parameter 'zero_size_dir' [ 220.054189][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.384949][ T6765] loop3: detected capacity change from 0 to 40427 [ 220.452380][ T6765] F2FS-fs (loop3): Unrecognized mount option "0x0000000000000000" or missing value [ 220.637657][ T5790] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 221.727348][ T55] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 221.824932][ T6797] netlink: 24 bytes leftover after parsing attributes in process `syz.3.239'. [ 221.947115][ T55] usb 3-1: Using ep0 maxpacket: 32 [ 221.958626][ T55] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 221.977170][ T55] usb 3-1: config 0 has no interface number 0 [ 221.995928][ T55] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 222.007010][ T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.015047][ T55] usb 3-1: Product: syz [ 222.044395][ T55] usb 3-1: Manufacturer: syz [ 222.060165][ T55] usb 3-1: SerialNumber: syz [ 222.105255][ T55] usb 3-1: config 0 descriptor?? [ 222.145680][ T55] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 222.268245][ T6799] netlink: 4 bytes leftover after parsing attributes in process `syz.3.239'. [ 222.451279][ T55] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 222.494326][ T55] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 222.573937][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 222.574374][ T27] usb 3-1: USB disconnect, device number 3 [ 222.638009][ T27] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 222.682216][ T27] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 222.717724][ T27] quatech2 3-1:0.51: device disconnected [ 224.228912][ T6813] loop1: detected capacity change from 0 to 256 [ 224.236345][ T6813] exfat: Unknown parameter 'zero_size_dir' [ 225.552622][ T6819] loop3: detected capacity change from 0 to 256 [ 225.580821][ T6819] exfat: Unknown parameter 'zero_size_dir' [ 225.598741][ T6820] pim6reg1: entered promiscuous mode [ 225.623658][ T6820] pim6reg1: entered allmulticast mode [ 225.674693][ T5790] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 225.775037][ T6822] loop2: detected capacity change from 0 to 256 [ 225.792983][ T6822] exfat: Deprecated parameter 'namecase' [ 225.837238][ T6822] exfat: Bad value for 'allow_utime' [ 225.936710][ T5799] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 227.685832][ T6835] vivid-001: ================= START STATUS ================= [ 227.694410][ T6835] vivid-001: Radio HW Seek Mode: Bounded [ 227.700657][ T6835] vivid-001: Radio Programmable HW Seek: false [ 227.706888][ T6835] vivid-001: RDS Rx I/O Mode: Block I/O [ 227.712768][ T6835] vivid-001: Generate RBDS Instead of RDS: false [ 227.719947][ T6835] vivid-001: RDS Reception: true [ 227.725055][ T6835] vivid-001: RDS Program Type: 0 inactive [ 227.731101][ T6835] vivid-001: RDS PS Name: inactive [ 227.736539][ T6835] vivid-001: RDS Radio Text: inactive [ 227.742376][ T6835] vivid-001: RDS Traffic Announcement: false inactive [ 227.749664][ T6835] vivid-001: RDS Traffic Program: false inactive [ 227.756148][ T6835] vivid-001: RDS Music: false inactive [ 227.761970][ T6835] vivid-001: ================== END STATUS ================== [ 229.464750][ T6842] syz.2.247 (6842) used greatest stack depth: 20696 bytes left [ 229.514128][ T6847] loop0: detected capacity change from 0 to 256 [ 229.599146][ T6849] overlayfs: overlapping lowerdir path [ 229.738061][ T6847] exfat: Unknown parameter 'zero_size_dir' [ 230.455011][ T6839] loop1: detected capacity change from 0 to 4096 [ 232.426569][ T6867] syz.1.257[6867] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 232.426722][ T6867] syz.1.257[6867] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 239.107732][ T6899] loop3: detected capacity change from 0 to 256 [ 239.128351][ T6899] exfat: Unknown parameter 'zero_size_dir' [ 241.657351][ T6923] fuse: Bad value for 'fd' [ 242.377085][ T6935] Zero length message leads to an empty skb [ 243.351895][ T6936] loop1: detected capacity change from 0 to 512 [ 243.964533][ T6936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 243.979736][ T6936] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 244.336906][ T6936] syz.1.275 (6936) used greatest stack depth: 20392 bytes left [ 246.160319][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 246.324568][ T6957] loop1: detected capacity change from 0 to 256 [ 246.338337][ T6957] exfat: Unknown parameter 'zero_size_dir' [ 249.178240][ T6979] overlayfs: overlapping lowerdir path [ 250.069546][ T6983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.282'. [ 251.618476][ T6994] overlayfs: overlapping lowerdir path [ 253.818553][ T7006] loop3: detected capacity change from 0 to 512 [ 253.886385][ T7006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.494771][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.594927][ T7019] vivid-004: ================= START STATUS ================= [ 255.603916][ T7019] vivid-004: Radio HW Seek Mode: Bounded [ 255.612026][ T7019] vivid-004: Radio Programmable HW Seek: false [ 255.619556][ T7019] vivid-004: RDS Rx I/O Mode: Block I/O [ 255.625314][ T7019] vivid-004: Generate RBDS Instead of RDS: false [ 255.631919][ T7019] vivid-004: RDS Reception: true [ 255.637218][ T7019] vivid-004: RDS Program Type: 0 inactive [ 255.643262][ T7019] vivid-004: RDS PS Name: inactive [ 255.657397][ T7019] vivid-004: RDS Radio Text: inactive [ 255.663318][ T7019] vivid-004: RDS Traffic Announcement: false inactive [ 255.670564][ T7019] vivid-004: RDS Traffic Program: false inactive [ 255.677134][ T7019] vivid-004: RDS Music: false inactive [ 255.682994][ T7019] vivid-004: ================== END STATUS ================== [ 255.910450][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.410856][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.609780][ T7026] loop3: detected capacity change from 0 to 4096 [ 259.572331][ T28] audit: type=1800 audit(1753278043.564:17): pid=7026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.291" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 259.675792][ T28] audit: type=1800 audit(1753278043.604:18): pid=7026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.291" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 260.607810][ T7049] input: syz1 as /devices/virtual/input/input8 [ 261.711710][ T7055] loop3: detected capacity change from 0 to 256 [ 261.815472][ T7057] loop0: detected capacity change from 0 to 256 [ 261.822942][ T7057] exfat: Unknown parameter 'Ϙ' [ 262.068598][ T7057] loop0: detected capacity change from 0 to 2048 [ 262.477402][ T7055] FAT-fs (loop3): Directory bread(block 64) failed [ 262.637293][ T7055] FAT-fs (loop3): Directory bread(block 65) failed [ 262.684640][ T7055] FAT-fs (loop3): Directory bread(block 66) failed [ 262.735974][ T7055] FAT-fs (loop3): Directory bread(block 67) failed [ 262.782164][ T7055] FAT-fs (loop3): Directory bread(block 68) failed [ 262.822926][ T7055] FAT-fs (loop3): Directory bread(block 69) failed [ 262.884710][ T7055] FAT-fs (loop3): Directory bread(block 70) failed [ 262.935429][ T7055] FAT-fs (loop3): Directory bread(block 71) failed [ 262.974410][ T7055] FAT-fs (loop3): Directory bread(block 72) failed [ 263.127417][ T7055] FAT-fs (loop3): Directory bread(block 73) failed [ 266.208810][ T7076] loop0: detected capacity change from 0 to 4096 [ 267.019606][ T28] audit: type=1800 audit(1753278051.004:19): pid=7076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.307" name="file1" dev="loop0" ino=33 res=0 errno=0 [ 267.109352][ T28] audit: type=1800 audit(1753278051.094:20): pid=7076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.307" name="file1" dev="loop0" ino=33 res=0 errno=0 [ 267.307102][ T2195] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 267.507042][ T2195] usb 3-1: Using ep0 maxpacket: 16 [ 267.519213][ T2195] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 267.557071][ T2195] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 267.597695][ T2195] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 267.637448][ T2195] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.704406][ T2195] usb 3-1: config 0 descriptor?? [ 268.049572][ T7099] loop0: detected capacity change from 0 to 512 [ 268.167236][ T7099] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.313: bad orphan inode 11862016 [ 268.198851][ T7099] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 268.212170][ T7099] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.159699][ T7106] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 270.170941][ T7106] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 270.806158][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 271.004877][ T2195] usbhid 3-1:0.0: can't add hid device: -71 [ 271.017153][ T2195] usbhid: probe of 3-1:0.0 failed with error -71 [ 271.057682][ T2195] usb 3-1: USB disconnect, device number 4 [ 272.858466][ T7113] loop2: detected capacity change from 0 to 32768 [ 274.447224][ T7128] overlayfs: failed to resolve './file1': -2 [ 275.365611][ T7142] loop0: detected capacity change from 0 to 512 [ 276.038950][ T7142] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.148341][ T7142] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 278.159568][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.879572][ T7155] 9pnet_fd: Insufficient options for proto=fd [ 279.191950][ T7222] loop2: detected capacity change from 0 to 256 [ 279.245127][ T7222] exfat: Unknown parameter 'zero_size_dir' [ 283.482296][ T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 283.536281][ T7254] overlayfs: overlapping lowerdir path [ 283.675058][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 283.696565][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 283.740593][ T9] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 283.767083][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.807753][ T9] usb 2-1: config 0 descriptor?? [ 283.938494][ T7258] overlayfs: overlapping lowerdir path [ 284.733887][ T7261] loop0: detected capacity change from 0 to 512 [ 284.741383][ T7261] EXT4-fs: Ignoring removed nomblk_io_submit option [ 284.826255][ T7261] EXT4-fs (loop0): Test dummy encryption mode enabled [ 284.834028][ T7261] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 285.044973][ T7261] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 285.074052][ T7261] EXT4-fs (loop0): 1 truncate cleaned up [ 285.096662][ T7261] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 285.961520][ T7264] fscrypt (loop0): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))") [ 286.147037][ T7272] fuse: Unknown parameter '0x0000000000000003' [ 286.990105][ T9] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0 [ 287.121990][ T9] cp2112 0003:10C4:EA90.0001: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0 [ 287.159348][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.212939][ T9] cp2112 0003:10C4:EA90.0001: error requesting version [ 287.378614][ T9] cp2112: probe of 0003:10C4:EA90.0001 failed with error -71 [ 287.456225][ T7279] overlayfs: overlapping lowerdir path [ 287.484742][ T9] usb 2-1: USB disconnect, device number 5 [ 289.061389][ T7298] netlink: 4 bytes leftover after parsing attributes in process `syz.1.347'. [ 290.625551][ T7310] fuse: Unknown parameter '0x0000000000000003' [ 291.006884][ T7314] loop0: detected capacity change from 0 to 256 [ 291.046428][ T7314] exfat: Unknown parameter 'zero_size_dir' [ 293.743643][ T7335] vivid-000: ================= START STATUS ================= [ 293.751562][ T7335] vivid-000: Radio HW Seek Mode: Bounded [ 293.757404][ T7335] vivid-000: Radio Programmable HW Seek: false [ 293.763736][ T7335] vivid-000: RDS Rx I/O Mode: Block I/O [ 293.769535][ T7335] vivid-000: Generate RBDS Instead of RDS: false [ 293.775981][ T7335] vivid-000: RDS Reception: true [ 293.781297][ T7335] vivid-000: RDS Program Type: 0 inactive [ 293.787254][ T7335] vivid-000: RDS PS Name: inactive [ 293.792623][ T7335] vivid-000: RDS Radio Text: inactive [ 293.798300][ T7335] vivid-000: RDS Traffic Announcement: false inactive [ 293.805208][ T7335] vivid-000: RDS Traffic Program: false inactive [ 293.811762][ T7335] vivid-000: RDS Music: false inactive [ 293.817455][ T7335] vivid-000: ================== END STATUS ================== [ 294.523984][ T7344] fuse: Unknown parameter '0x0000000000000003' [ 295.003755][ T7356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.362'. [ 295.950389][ T7361] loop0: detected capacity change from 0 to 4096 [ 295.960563][ T7363] loop2: detected capacity change from 0 to 256 [ 295.978160][ T7363] exfat: Unknown parameter 'zero_size_dir' [ 296.004366][ T7361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.909862][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.127828][ T7377] vivid-002: ================= START STATUS ================= [ 299.135662][ T7377] vivid-002: Radio HW Seek Mode: Bounded [ 299.142096][ T7377] vivid-002: Radio Programmable HW Seek: false [ 299.148591][ T7377] vivid-002: RDS Rx I/O Mode: Block I/O [ 299.154322][ T7377] vivid-002: Generate RBDS Instead of RDS: false [ 299.160899][ T7377] vivid-002: RDS Reception: true [ 299.166831][ T7377] vivid-002: RDS Program Type: 0 inactive [ 299.173016][ T7377] vivid-002: RDS PS Name: inactive [ 299.188405][ T7377] vivid-002: RDS Radio Text: inactive [ 299.194170][ T7377] vivid-002: RDS Traffic Announcement: false inactive [ 299.201344][ T7377] vivid-002: RDS Traffic Program: false inactive [ 299.207988][ T7377] vivid-002: RDS Music: false inactive [ 299.213735][ T7377] vivid-002: ================== END STATUS ================== [ 300.720027][ T7392] IPv6: NLM_F_CREATE should be specified when creating new route [ 300.915274][ T7402] loop0: detected capacity change from 0 to 256 [ 300.930290][ T7402] exfat: Unknown parameter 'zero_size_dir' [ 302.275455][ T7411] xt_bpf: check failed: parse error [ 303.601847][ T7425] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 303.976561][ T7431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.383'. [ 304.158257][ T7435] loop0: detected capacity change from 0 to 256 [ 306.050387][ T7437] loop1: detected capacity change from 0 to 256 [ 306.062899][ T7437] exfat: Unknown parameter 'zero_size_dir' [ 306.349432][ T5799] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 309.406332][ T7452] x_tables: duplicate underflow at hook 4 [ 310.512562][ T7466] overlayfs: overlapping lowerdir path [ 313.754911][ T7490] xt_hashlimit: max too large, truncated to 1048576 [ 313.762244][ T7490] No such timeout policy "syz1" [ 314.835680][ T7499] loop3: detected capacity change from 0 to 512 [ 314.938271][ T7499] EXT4-fs: Ignoring removed bh option [ 314.995101][ T7499] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 315.188314][ T7499] EXT4-fs (loop3): orphan cleanup on readonly fs [ 315.295798][ T7499] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.401: bg 0: block 248: padding at end of block bitmap is not set [ 315.476123][ T7499] Quota error (device loop3): write_blk: dquota write failed [ 315.565289][ T7502] overlayfs: overlapping lowerdir path [ 315.581139][ T7499] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 315.712384][ T7499] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.401: Failed to acquire dquot type 1 [ 315.883930][ T7499] EXT4-fs (loop3): 1 truncate cleaned up [ 315.963879][ T7499] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 316.338596][ T7507] loop0: detected capacity change from 0 to 256 [ 316.355101][ T7507] FAT-fs (loop0): Unrecognized mount option "18446744073709551615ÿÿÿ" or missing value [ 316.544748][ T7507] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 316.553848][ T7507] overlayfs: missing 'lowerdir' [ 317.373865][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.380413][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.491624][ T7519] overlayfs: overlapping lowerdir path [ 319.364270][ T7524] loop0: detected capacity change from 0 to 512 [ 319.545324][ T5790] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 319.643831][ T7524] kernel profiling enabled (shift: 9) [ 322.414285][ T7545] netlink: 8 bytes leftover after parsing attributes in process `syz.0.411'. [ 323.040026][ T7545] syz.0.411 (7545) used greatest stack depth: 16624 bytes left [ 325.112575][ T7549] overlayfs: overlapping lowerdir path [ 325.311858][ T7561] loop2: detected capacity change from 0 to 256 [ 325.338147][ T7561] exfat: Unknown parameter 'zero_size_dir' [ 325.397329][ T5790] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 325.694886][ T7565] loop0: detected capacity change from 0 to 4096 [ 325.837186][ T9] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 326.071277][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 326.106453][ T7565] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.192856][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.234394][ T9] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 326.527367][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.558970][ T9] usb 2-1: config 0 descriptor?? [ 326.907873][ T9] hub 2-1:0.0: USB hub found [ 326.946649][ T9] hub 2-1:0.0: 1 port detected [ 327.152325][ T9] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 327.805841][ T9] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 327.827196][ T9] usbhid 2-1:0.0: can't add hid device: -71 [ 327.833298][ T9] usbhid: probe of 2-1:0.0 failed with error -71 [ 327.896909][ T9] usb 2-1: USB disconnect, device number 6 [ 327.921164][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.119799][ T7498] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.463570][ T5798] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 330.473354][ T5798] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 330.485661][ T5798] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 330.510923][ T5798] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 330.527315][ T5798] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 330.534815][ T5798] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 331.319803][ T7625] netlink: 4 bytes leftover after parsing attributes in process `syz.1.425'. [ 331.389195][ T7614] chnl_net:caif_netlink_parms(): no params data found [ 331.591252][ T6047] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.772706][ T6047] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.091196][ T6047] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 332.862815][ T5793] Bluetooth: hci4: command tx timeout [ 333.199643][ T6047] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.244359][ T7614] bridge0: port 1(bridge_slave_0) entered blocking state [ 333.277425][ T7614] bridge0: port 1(bridge_slave_0) entered disabled state [ 333.284763][ T7614] bridge_slave_0: entered allmulticast mode [ 333.298880][ T7614] bridge_slave_0: entered promiscuous mode [ 333.317476][ T7614] bridge0: port 2(bridge_slave_1) entered blocking state [ 333.332816][ T7614] bridge0: port 2(bridge_slave_1) entered disabled state [ 333.350622][ T7614] bridge_slave_1: entered allmulticast mode [ 333.378580][ T7614] bridge_slave_1: entered promiscuous mode [ 333.491056][ T7614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 333.517405][ T7614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 333.707623][ T7614] team0: Port device team_slave_0 added [ 333.809717][ T7614] team0: Port device team_slave_1 added [ 334.703006][ T7614] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 334.730382][ T7614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 334.847527][ T7614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 334.956362][ T5793] Bluetooth: hci4: command tx timeout [ 335.062151][ T7653] loop1: detected capacity change from 0 to 256 [ 335.112486][ T7653] exfat: Unknown parameter 'zero_size_dir' [ 336.688058][ T7614] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 336.739901][ T7614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 336.812976][ T7614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 337.043543][ T5793] Bluetooth: hci4: command tx timeout [ 338.276055][ T7614] hsr_slave_0: entered promiscuous mode [ 338.314897][ T7614] hsr_slave_1: entered promiscuous mode [ 338.337593][ T7614] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 338.345222][ T7614] Cannot create hsr debugfs directory [ 338.383113][ T7672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.436'. [ 338.620597][ T7679] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 338.632368][ T7679] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 339.107275][ T5793] Bluetooth: hci4: command tx timeout [ 339.778316][ T6047] hsr_slave_0: left promiscuous mode [ 339.795614][ T6047] hsr_slave_1: left promiscuous mode [ 339.867432][ T6047] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 339.874991][ T6047] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 339.913915][ T6047] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 339.950476][ T6047] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 339.984044][ T6047] bridge_slave_1: left allmulticast mode [ 340.003585][ T6047] bridge_slave_1: left promiscuous mode [ 340.019055][ T6047] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.063017][ T6047] bridge_slave_0: left allmulticast mode [ 340.092749][ T6047] bridge_slave_0: left promiscuous mode [ 340.127933][ T6047] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.274063][ T6047] veth1_macvtap: left promiscuous mode [ 340.308505][ T6047] veth0_macvtap: left promiscuous mode [ 340.335937][ T6047] veth1_vlan: left promiscuous mode [ 340.364818][ T6047] veth0_vlan: left promiscuous mode [ 341.010843][ T7708] overlayfs: overlapping lowerdir path [ 341.833220][ T7711] loop2: detected capacity change from 0 to 1024 [ 341.954093][ T7711] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.028429][ T7711] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 342.152990][ T7699] loop1: detected capacity change from 0 to 32768 [ 342.213648][ T7711] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.441: bg 0: block 393: padding at end of block bitmap is not set [ 342.337363][ T7721] overlay: ./file1 is not a directory [ 342.372522][ T28] audit: type=1800 audit(1753278126.364:21): pid=7721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.439" name="bus" dev="loop1" ino=65 res=0 errno=0 [ 342.398537][ T7711] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28 [ 342.512770][ T7711] EXT4-fs (loop2): This should not happen!! Data will be lost [ 342.512770][ T7711] [ 342.522697][ T7711] EXT4-fs (loop2): Total free blocks count 0 [ 342.528773][ T7711] EXT4-fs (loop2): Free/Dirty block details [ 342.535284][ T7711] EXT4-fs (loop2): free_blocks=0 [ 342.541757][ T7711] EXT4-fs (loop2): dirty_blocks=16 [ 342.547113][ T7711] EXT4-fs (loop2): Block reservation details [ 342.553146][ T7711] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 342.759144][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.496802][ T7725] xt_CT: No such helper "netbios-ns" [ 344.560979][ T6047] team0 (unregistering): Port device team_slave_1 removed [ 344.679182][ T6047] team0 (unregistering): Port device team_slave_0 removed [ 344.749940][ T6047] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 344.770671][ T7740] overlayfs: failed to resolve './file0': -2 [ 344.856602][ T6047] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 345.813937][ T6047] bond0 (unregistering): Released all slaves [ 346.109783][ T7614] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 346.140782][ T7614] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 346.206592][ T7614] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 346.471458][ T7614] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 346.605043][ T7761] overlayfs: overlapping lowerdir path [ 347.330534][ T7614] 8021q: adding VLAN 0 to HW filter on device bond0 [ 347.388877][ T7614] 8021q: adding VLAN 0 to HW filter on device team0 [ 347.439379][ T6938] bridge0: port 1(bridge_slave_0) entered blocking state [ 347.446657][ T6938] bridge0: port 1(bridge_slave_0) entered forwarding state [ 347.472337][ T6938] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.479610][ T6938] bridge0: port 2(bridge_slave_1) entered forwarding state [ 347.890425][ T7756] loop0: detected capacity change from 0 to 32768 [ 348.100079][ T7776] overlay: ./file1 is not a directory [ 348.143556][ T28] audit: type=1800 audit(1753278132.134:22): pid=7776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.451" name="bus" dev="loop0" ino=65 res=0 errno=0 [ 348.781736][ T7784] syz.2.454[7784] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 348.781906][ T7784] syz.2.454[7784] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 348.997793][ T7614] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 352.495566][ T7818] loop0: detected capacity change from 0 to 512 [ 352.505564][ T7614] veth0_vlan: entered promiscuous mode [ 352.526590][ T7614] veth1_vlan: entered promiscuous mode [ 352.602466][ T7614] veth0_macvtap: entered promiscuous mode [ 352.613434][ T7614] veth1_macvtap: entered promiscuous mode [ 352.632193][ T7818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 352.707172][ T7818] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 352.746083][ T7614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.770303][ T7614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.781728][ T7614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.884034][ T7614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.894497][ T7614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 352.905437][ T7614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.928747][ T7614] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 352.954884][ T7614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 352.965690][ T7614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 352.985107][ T7614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 353.002264][ T7614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.012530][ T7614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 353.024486][ T7614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 353.072529][ T7614] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 353.114379][ T7614] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.125253][ T7614] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.135841][ T7614] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.144897][ T7614] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.357136][ T7193] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.385975][ T7193] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 353.492628][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 353.522968][ T7606] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 353.572796][ T7606] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 354.173996][ T7844] overlayfs: overlapping lowerdir path [ 354.451861][ T7833] loop1: detected capacity change from 0 to 32768 [ 354.715745][ T7852] overlay: ./file1 is not a directory [ 354.881288][ T28] audit: type=1800 audit(1753278138.784:23): pid=7853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.461" name="bus" dev="loop1" ino=65 res=0 errno=0 [ 355.407842][ T7864] loop1: detected capacity change from 0 to 128 [ 359.748657][ T7884] overlayfs: overlapping lowerdir path [ 360.550341][ T7891] tipc: Started in network mode [ 360.555314][ T7891] tipc: Node identity 32e65d357929, cluster identity 4711 [ 360.580185][ T7891] tipc: Enabled bearer , priority 0 [ 360.597683][ T7891] syzkaller0: entered promiscuous mode [ 360.603265][ T7891] syzkaller0: entered allmulticast mode [ 361.116769][ T7905] loop2: detected capacity change from 0 to 128 [ 361.129347][ T7905] EXT4-fs: Ignoring removed nomblk_io_submit option [ 361.136078][ T7905] EXT4-fs: Ignoring removed nomblk_io_submit option [ 361.197467][ T7905] EXT4-fs (loop2): Test dummy encryption mode enabled [ 361.267818][ T7905] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 361.285181][ T7905] ext4 filesystem being mounted at /120/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 362.090030][ T788] tipc: Node number set to 1271881013 [ 362.159718][ T7891] tipc: Resetting bearer [ 362.280579][ T7889] tipc: Resetting bearer [ 363.495947][ T7889] tipc: Disabling bearer [ 363.504304][ T5784] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 365.528273][ T7926] loop1: detected capacity change from 0 to 256 [ 365.642879][ T7926] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 367.574226][ T7922] loop2: detected capacity change from 0 to 32768 [ 367.718946][ T7947] overlayfs: overlapping lowerdir path [ 368.198902][ T7922] read_mapping_page failed! [ 368.227304][ T7922] diRead: diIAGRead returned -5 [ 370.114660][ T7963] 8021q: adding VLAN 0 to HW filter on device team0 [ 370.979362][ T7963] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 371.480906][ T7973] loop1: detected capacity change from 0 to 512 [ 371.503162][ T7973] EXT4-fs: inline encryption not supported [ 371.520985][ T7973] EXT4-fs: Ignoring removed mblk_io_submit option [ 371.531380][ T7973] EXT4-fs (loop1): Test dummy encryption mode enabled [ 371.561766][ T7973] EXT4-fs (loop1): orphan cleanup on readonly fs [ 371.634346][ T7973] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.481: inode #13: comm syz.1.481: iget: illegal inode # [ 372.413876][ T7973] EXT4-fs (loop1): Remounting filesystem read-only [ 372.470865][ T7973] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 372.615296][ T7980] overlayfs: failed to resolve './file0': -2 [ 372.997438][ T7987] loop4: detected capacity change from 0 to 256 [ 373.035197][ T7987] exfat: Unknown parameter 'zero_size_dir' [ 373.373294][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.277406][ T8006] loop2: detected capacity change from 0 to 256 [ 375.437273][ T8007] loop1: detected capacity change from 0 to 128 [ 375.454389][ T8007] EXT4-fs: Ignoring removed nomblk_io_submit option [ 375.461556][ T8007] EXT4-fs: Ignoring removed nomblk_io_submit option [ 376.564418][ T8007] EXT4-fs (loop1): Test dummy encryption mode enabled [ 377.817817][ T8007] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 377.818204][ T8007] EXT4-fs: failed to create workqueue [ 377.833490][ T8007] EXT4-fs (loop1): mount failed [ 378.794744][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.801471][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.858728][ T8018] tipc: Enabled bearer , priority 0 [ 378.870208][ T8018] syzkaller0: entered promiscuous mode [ 378.875734][ T8018] syzkaller0: entered allmulticast mode [ 379.118489][ T8018] tipc: Resetting bearer [ 379.172506][ T8017] tipc: Resetting bearer [ 379.251705][ T8017] tipc: Disabling bearer [ 379.712959][ T8038] overlayfs: overlapping lowerdir path [ 381.937038][ T8057] loop1: detected capacity change from 0 to 2048 [ 382.730184][ T8056] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 383.634588][ T8068] syz.4.498[8068] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 383.634724][ T8068] syz.4.498[8068] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 385.121016][ T8096] loop2: detected capacity change from 0 to 128 [ 386.604522][ T8103] loop0: detected capacity change from 0 to 512 [ 386.747669][ T8103] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.796751][ T8103] ext4 filesystem being mounted at /128/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 386.997289][ T28] audit: type=1800 audit(1753278170.994:24): pid=8103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.505" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 387.858574][ T8125] syz.4.509[8125] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 387.858719][ T8125] syz.4.509[8125] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 387.934417][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.502319][ T8142] loop4: detected capacity change from 0 to 128 [ 389.539573][ T8142] EXT4-fs: Ignoring removed nomblk_io_submit option [ 389.589649][ T8142] EXT4-fs: Ignoring removed nomblk_io_submit option [ 389.636366][ T8142] EXT4-fs (loop4): Test dummy encryption mode enabled [ 389.731907][ T8142] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 389.793343][ T8142] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 390.007407][ T7614] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 390.373430][ T8158] overlayfs: overlapping lowerdir path [ 391.175844][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 392.191556][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 392.208401][ T9] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 392.216780][ T9] usb 2-1: config 0 has no interface number 0 [ 392.228249][ T9] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 392.250484][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 392.266223][ T9] usb 2-1: Product: syz [ 392.276602][ T9] usb 2-1: Manufacturer: syz [ 392.295568][ T9] usb 2-1: SerialNumber: syz [ 392.314521][ T9] usb 2-1: config 0 descriptor?? [ 392.333625][ T9] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 393.312979][ T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 393.322351][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 393.347974][ T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 393.378187][ T9] usb 2-1: USB disconnect, device number 7 [ 393.425443][ T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 393.480383][ T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 393.522675][ T9] quatech2 2-1:0.51: device disconnected [ 394.278454][ T8199] syz.2.521[8199] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 394.278605][ T8199] syz.2.521[8199] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 394.813439][ T8207] netlink: 40 bytes leftover after parsing attributes in process `syz.0.522'. [ 395.530761][ T8217] netlink: 4 bytes leftover after parsing attributes in process `syz.0.522'. [ 396.340897][ T8215] overlayfs: overlapping lowerdir path [ 396.754054][ T8227] pim6reg1: entered promiscuous mode [ 396.763315][ T8227] pim6reg1: entered allmulticast mode [ 400.072019][ T8266] syz.0.532[8266] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 400.072165][ T8266] syz.0.532[8266] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 403.609129][ T8292] loop0: detected capacity change from 0 to 512 [ 403.839068][ T8292] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 403.894231][ T8292] EXT4-fs (loop0): orphan cleanup on readonly fs [ 403.921209][ T8292] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.536: bg 0: block 248: padding at end of block bitmap is not set [ 403.966165][ T8292] Quota error (device loop0): write_blk: dquota write failed [ 403.974321][ T8292] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 403.984530][ T8292] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.536: Failed to acquire dquot type 1 [ 404.042693][ T8292] EXT4-fs (loop0): 1 truncate cleaned up [ 404.362418][ T8292] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 406.638729][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.622447][ T8312] netlink: 40 bytes leftover after parsing attributes in process `syz.4.540'. [ 408.165078][ T8318] netlink: 4 bytes leftover after parsing attributes in process `syz.4.540'. [ 408.700786][ T8329] syz.0.542[8329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 408.700933][ T8329] syz.0.542[8329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 410.163059][ T8339] loop1: detected capacity change from 0 to 2048 [ 410.263734][ T8339] ext4: Unknown parameter 'audit' [ 410.768078][ T8347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.544'. [ 411.611016][ T8359] loop4: detected capacity change from 0 to 512 [ 411.723153][ T8361] overlayfs: overlapping lowerdir path [ 413.167042][ T8359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 413.180258][ T8359] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 413.279527][ T8359] netlink: 28 bytes leftover after parsing attributes in process `syz.4.546'. [ 415.741458][ T8375] loop1: detected capacity change from 0 to 128 [ 415.754832][ T8375] EXT4-fs: Ignoring removed nomblk_io_submit option [ 415.761650][ T8375] EXT4-fs: Ignoring removed nomblk_io_submit option [ 416.817879][ T8375] EXT4-fs (loop1): Test dummy encryption mode enabled [ 417.488579][ T8375] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 417.488942][ T8375] EXT4-fs: failed to create workqueue [ 417.504063][ T8375] EXT4-fs (loop1): mount failed [ 417.931432][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 418.813970][ T8403] syz.2.553[8403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 418.814152][ T8403] syz.2.553[8403] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 419.481340][ T8408] netlink: 40 bytes leftover after parsing attributes in process `syz.0.554'. [ 420.397680][ T8410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.554'. [ 420.998910][ T8418] overlayfs: missing 'lowerdir' [ 422.429002][ T8439] loop1: detected capacity change from 0 to 512 [ 422.481428][ T8439] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 422.574315][ T8439] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 422.679056][ T8439] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 422.846603][ T8439] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 423.772802][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.470806][ T8473] overlayfs: missing 'lowerdir' [ 425.181574][ T8466] netlink: 40 bytes leftover after parsing attributes in process `syz.4.564'. [ 425.235467][ T8478] netlink: 4 bytes leftover after parsing attributes in process `syz.4.564'. [ 425.247122][ T8] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 425.428840][ T8] usb 3-1: Using ep0 maxpacket: 16 [ 425.437328][ T8] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 425.457491][ T8] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 425.482816][ T8] usb 3-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 425.543415][ T8] usb 3-1: config 0 interface 0 has no altsetting 0 [ 425.562915][ T8] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 425.585055][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.640309][ T8] usb 3-1: config 0 descriptor?? [ 426.355684][ T8493] tipc: Started in network mode [ 426.362152][ T8493] tipc: Node identity 9ed4444957e8, cluster identity 4711 [ 426.375614][ T8493] tipc: Enabled bearer , priority 0 [ 426.384582][ T8493] syzkaller0: entered promiscuous mode [ 426.402109][ T8493] syzkaller0: entered allmulticast mode [ 426.493883][ T8493] tipc: Resetting bearer [ 426.525741][ T8492] tipc: Resetting bearer [ 426.576268][ T8492] tipc: Disabling bearer [ 426.743849][ T8497] loop4: detected capacity change from 0 to 128 [ 429.887299][ T8] usbhid 3-1:0.0: can't add hid device: -71 [ 429.893382][ T8] usbhid: probe of 3-1:0.0 failed with error -71 [ 429.944931][ T8] usb 3-1: USB disconnect, device number 5 [ 430.855906][ T8521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.577'. [ 431.270708][ T8523] loop2: detected capacity change from 0 to 256 [ 431.297925][ T8523] exfat: Unknown parameter 'zero_size_dir' [ 431.347601][ T5790] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 431.425445][ T8527] tipc: Started in network mode [ 431.430633][ T8527] tipc: Node identity aef32257a93b, cluster identity 4711 [ 431.444689][ T8527] tipc: Enabled bearer , priority 0 [ 431.458446][ T8527] syzkaller0: entered promiscuous mode [ 431.481304][ T8527] syzkaller0: entered allmulticast mode [ 431.547755][ T8527] tipc: Resetting bearer [ 431.575337][ T8526] tipc: Resetting bearer [ 431.628974][ T8526] tipc: Disabling bearer [ 432.305506][ T8535] loop4: detected capacity change from 0 to 512 [ 432.480692][ T8535] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 432.522736][ T8535] EXT4-fs (loop4): orphan cleanup on readonly fs [ 432.548892][ T8535] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.581: bg 0: block 248: padding at end of block bitmap is not set [ 432.567517][ T8535] Quota error (device loop4): write_blk: dquota write failed [ 432.575421][ T8535] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 432.585744][ T8535] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.581: Failed to acquire dquot type 1 [ 432.629772][ T8535] EXT4-fs (loop4): 1 truncate cleaned up [ 432.879973][ T8535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 434.624563][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.627823][ T8549] loop2: detected capacity change from 0 to 2048 [ 437.892736][ T8549] EXT4-fs: error -4 creating inode table initialization thread [ 437.937858][ T8549] EXT4-fs (loop2): mount failed [ 439.422759][ T8576] loop0: detected capacity change from 0 to 512 [ 439.442641][ T8576] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 439.471473][ T8576] EXT4-fs (loop0): orphan cleanup on readonly fs [ 439.484094][ T8576] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.591: bg 0: block 248: padding at end of block bitmap is not set [ 439.508150][ T8576] Quota error (device loop0): write_blk: dquota write failed [ 439.515639][ T8576] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 439.530632][ T8576] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.591: Failed to acquire dquot type 1 [ 439.543364][ T8576] EXT4-fs (loop0): 1 truncate cleaned up [ 439.559701][ T8576] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 439.642217][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.948256][ T8588] loop0: detected capacity change from 0 to 2048 [ 440.992245][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 441.001133][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.280198][ T8588] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 441.545872][ T28] audit: type=1804 audit(1753278225.474:25): pid=8588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.593" name="/newroot/152/file0/bus" dev="loop0" ino=18 res=1 errno=0 [ 443.736696][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.829218][ T8606] loop1: detected capacity change from 0 to 4096 [ 443.953747][ T8606] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 444.133773][ T8612] overlayfs: overlapping lowerdir path [ 445.599684][ T8620] loop2: detected capacity change from 0 to 2048 [ 445.607476][ T8620] ext4: Unknown parameter 'audit' [ 446.013407][ T8622] netlink: 4 bytes leftover after parsing attributes in process `syz.2.601'. [ 446.058595][ T8622] bridge0: port 3(macsec1) entered blocking state [ 446.065691][ T8622] bridge0: port 3(macsec1) entered disabled state [ 446.073449][ T8622] macsec1: entered allmulticast mode [ 446.768143][ T8622] macsec1: left allmulticast mode [ 449.273169][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.406793][ T8647] loop0: detected capacity change from 0 to 8192 [ 449.446398][ T8647] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 449.722063][ T8652] overlayfs: overlapping lowerdir path [ 450.503416][ T8660] syz.4.611[8660] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 450.510183][ T8660] syz.4.611[8660] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 451.141077][ T8667] loop1: detected capacity change from 0 to 512 [ 451.191669][ T8667] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 451.215971][ T8667] EXT4-fs (loop1): orphan cleanup on readonly fs [ 451.247822][ T8667] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.612: bg 0: block 248: padding at end of block bitmap is not set [ 451.267925][ T8667] Quota error (device loop1): write_blk: dquota write failed [ 451.275954][ T8667] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 451.286715][ T8667] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.612: Failed to acquire dquot type 1 [ 451.316567][ T8667] EXT4-fs (loop1): 1 truncate cleaned up [ 451.344424][ T8667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 453.916056][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.551635][ T8686] loop2: detected capacity change from 0 to 4096 [ 455.630255][ T8686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.643432][ T8688] loop1: detected capacity change from 0 to 512 [ 455.687081][ T8688] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 455.760266][ T8688] EXT4-fs (loop1): orphan cleanup on readonly fs [ 455.823788][ T8688] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.619: bg 0: block 248: padding at end of block bitmap is not set [ 455.937580][ T8688] Quota error (device loop1): write_blk: dquota write failed [ 455.958153][ T8688] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 455.987023][ T8688] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.619: Failed to acquire dquot type 1 [ 456.029638][ T8688] EXT4-fs (loop1): 1 truncate cleaned up [ 456.055805][ T8688] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 456.466766][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.517052][ T8696] overlayfs: overlapping lowerdir path [ 457.670619][ T5798] Bluetooth: hci4: command 0x0406 tx timeout [ 457.932853][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 458.255759][ T8716] netlink: 8 bytes leftover after parsing attributes in process `syz.4.624'. [ 462.625987][ T8750] syz.4.633[8750] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 462.626127][ T8750] syz.4.633[8750] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 465.374822][ T27] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 465.529341][ T8766] tipc: Enabled bearer , priority 0 [ 465.540579][ T8766] syzkaller0: entered promiscuous mode [ 465.546551][ T8766] syzkaller0: entered allmulticast mode [ 465.583822][ T8766] tipc: Resetting bearer [ 465.597198][ T27] usb 3-1: Using ep0 maxpacket: 32 [ 465.612600][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 465.631696][ T27] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 465.631934][ T8765] tipc: Resetting bearer [ 465.651622][ T27] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 465.661191][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 465.674208][ T8765] tipc: Disabling bearer [ 465.689131][ T27] usb 3-1: config 0 descriptor?? [ 465.702998][ T27] hub 3-1:0.0: USB hub found [ 465.913422][ T27] hub 3-1:0.0: 1 port detected [ 466.244639][ T8772] loop1: detected capacity change from 0 to 32768 [ 466.432955][ T8773] overlay: ./file1 is not a directory [ 466.501684][ T28] audit: type=1800 audit(1753278250.504:26): pid=8774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.641" name="bus" dev="loop1" ino=65 res=0 errno=0 [ 466.818534][ T5885] hub 3-1:0.0: activate --> -90 [ 466.834407][ T8776] loop0: detected capacity change from 0 to 256 [ 466.853955][ T8776] exfat: Unknown parameter 'zero_size_dir' [ 467.280832][ T5885] hub 3-1:0.0: hub_ext_port_status failed (err = -71) [ 467.613233][ T5885] usb 3-1-port1: connect-debounce failed [ 467.622735][ T5848] usb 3-1: USB disconnect, device number 6 [ 467.855663][ T8781] netlink: 24 bytes leftover after parsing attributes in process `syz.4.643'. [ 468.427691][ T8781] netlink: 4 bytes leftover after parsing attributes in process `syz.4.643'. [ 470.026283][ T8795] tipc: Enabled bearer , priority 0 [ 470.226485][ T8800] syzkaller0: entered promiscuous mode [ 470.407095][ T8800] syzkaller0: entered allmulticast mode [ 470.449705][ T8803] overlayfs: overlapping lowerdir path [ 470.469444][ T8805] tipc: Enabled bearer , priority 0 [ 470.477534][ T8805] syzkaller0: entered promiscuous mode [ 470.484253][ T8805] syzkaller0: entered allmulticast mode [ 470.496291][ T8795] tipc: Resetting bearer [ 470.512683][ T8794] tipc: Resetting bearer [ 470.535896][ T8794] tipc: Disabling bearer [ 470.552918][ T8805] tipc: Resetting bearer [ 470.564693][ T8804] tipc: Resetting bearer [ 470.624126][ T8804] tipc: Disabling bearer [ 470.750225][ T8809] loop0: detected capacity change from 0 to 256 [ 470.758407][ T8809] exfat: Unknown parameter 'zero_size_dir' [ 471.847723][ T8817] syz.1.653[8817] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 471.847878][ T8817] syz.1.653[8817] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 474.605743][ T8839] loop2: detected capacity change from 0 to 512 [ 474.695547][ T8839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 474.748773][ T8839] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 476.428521][ T8848] xt_hashlimit: max too large, truncated to 1048576 [ 476.438556][ T8848] No such timeout policy "syz1" [ 478.082905][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 478.283825][ T8854] loop0: detected capacity change from 0 to 256 [ 478.299060][ T8854] exfat: Unknown parameter 'zero_size_dir' [ 482.495400][ T8881] serio: Serial port ptm0 [ 486.364323][ T8916] syz.4.678[8916] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 486.364470][ T8916] syz.4.678[8916] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 488.497984][ T8928] netlink: 24 bytes leftover after parsing attributes in process `syz.0.681'. [ 488.898708][ T8933] netlink: 4 bytes leftover after parsing attributes in process `syz.0.681'. [ 489.722236][ T55] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 489.764202][ T55] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 490.204463][ T8943] loop2: detected capacity change from 0 to 2048 [ 490.278336][ T8943] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 490.306506][ T28] audit: type=1804 audit(1753278274.304:27): pid=8943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.685" name="/newroot/175/file0/bus" dev="loop2" ino=18 res=1 errno=0 [ 490.407622][ T8943] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.685: bg 0: block 234: padding at end of block bitmap is not set [ 490.427629][ T8943] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 490.440196][ T8943] EXT4-fs (loop2): This should not happen!! Data will be lost [ 490.440196][ T8943] [ 490.450623][ T8943] EXT4-fs (loop2): Total free blocks count 0 [ 490.456655][ T8943] EXT4-fs (loop2): Free/Dirty block details [ 490.462761][ T8943] EXT4-fs (loop2): free_blocks=0 [ 490.467845][ T8943] EXT4-fs (loop2): dirty_blocks=16 [ 490.473029][ T8943] EXT4-fs (loop2): Block reservation details [ 490.479116][ T8943] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 490.875666][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.940965][ T8950] vlan2: entered allmulticast mode [ 492.492804][ T8965] loop0: detected capacity change from 0 to 256 [ 492.532607][ T8965] exfat: Unknown parameter 'zero_size_dir' [ 492.603139][ T8968] overlayfs: overlapping lowerdir path [ 492.610711][ T8849] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 493.825178][ T8977] loop0: detected capacity change from 0 to 256 [ 493.877964][ T8977] exfat: Unknown parameter 'zero_size_dir' [ 494.805715][ T8981] netlink: 48 bytes leftover after parsing attributes in process `syz.2.695'. [ 495.227148][ T55] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 495.437054][ T55] usb 3-1: Using ep0 maxpacket: 32 [ 495.444742][ T55] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 495.461677][ T55] usb 3-1: config 0 has no interface number 0 [ 495.494794][ T55] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 495.518927][ T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 495.540682][ T55] usb 3-1: Product: syz [ 495.556921][ T55] usb 3-1: Manufacturer: syz [ 495.571397][ T55] usb 3-1: SerialNumber: syz [ 495.599863][ T55] usb 3-1: config 0 descriptor?? [ 495.629236][ T55] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 495.837713][ T55] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 495.871141][ T55] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 496.055110][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 496.055525][ T5848] usb 3-1: USB disconnect, device number 7 [ 496.083941][ T8985] loop1: detected capacity change from 0 to 40427 [ 496.115871][ T5848] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 496.168851][ T8985] F2FS-fs (loop1): invalid crc value [ 496.195589][ T5848] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 496.214963][ T8985] F2FS-fs (loop1): Found nat_bits in checkpoint [ 496.247766][ T5848] quatech2 3-1:0.51: device disconnected [ 496.397467][ T8985] F2FS-fs (loop1): Start checkpoint disabled! [ 496.436634][ T8985] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 497.764854][ T6938] kworker/u4:11: attempt to access beyond end of device [ 497.764854][ T6938] loop1: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 497.814145][ T6938] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 497.835719][ T6938] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 498.030304][ T9017] loop2: detected capacity change from 0 to 128 [ 498.042851][ T9017] EXT4-fs: Ignoring removed nomblk_io_submit option [ 498.049781][ T9017] EXT4-fs: Ignoring removed nomblk_io_submit option [ 498.082489][ T9017] EXT4-fs (loop2): Test dummy encryption mode enabled [ 498.161975][ T9017] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 498.177656][ T9017] ext4 filesystem being mounted at /180/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 498.363978][ T6938] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 499.805839][ T9026] syz.4.702[9026] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 499.805941][ T9026] syz.4.702[9026] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 499.977344][ T5784] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 500.508079][ T9033] loop0: detected capacity change from 0 to 256 [ 500.526646][ T9034] overlayfs: overlapping lowerdir path [ 500.545831][ T9033] exfat: Unknown parameter 'zero_size_dir' [ 500.841215][ T9036] loop1: detected capacity change from 0 to 256 [ 500.903715][ T9036] exfat: Unknown parameter 'zero_size_dir' [ 501.727576][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.733945][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.577039][ T28] audit: type=1326 audit(1753278286.574:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9048 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabba98e9a9 code=0x7ffc0000 [ 502.651335][ T28] audit: type=1326 audit(1753278286.584:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9048 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabba98e9a9 code=0x7ffc0000 [ 502.721327][ T28] audit: type=1326 audit(1753278286.594:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9048 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fabba98e9a9 code=0x7ffc0000 [ 502.790345][ T28] audit: type=1326 audit(1753278286.594:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9048 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabba98e9a9 code=0x7ffc0000 [ 502.871668][ T28] audit: type=1326 audit(1753278286.594:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9048 comm="syz.1.709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabba98e9a9 code=0x7ffc0000 [ 505.232186][ T9066] syz.1.712[9066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 505.232418][ T9066] syz.1.712[9066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 507.367733][ T9074] loop2: detected capacity change from 0 to 256 [ 512.758686][ T9108] loop4: detected capacity change from 0 to 256 [ 512.765984][ T9108] exfat: Unknown parameter 'zero_size_dir' [ 513.567392][ T9109] overlayfs: failed to resolve './file0': -2 [ 514.398331][ T9116] loop0: detected capacity change from 0 to 256 [ 517.816397][ T9125] netlink: 24 bytes leftover after parsing attributes in process `syz.0.728'. [ 520.725919][ T9135] tipc: Enabling of bearer rejected, failed to enable media [ 521.744859][ T9155] syz.2.732[9155] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 521.745003][ T9155] syz.2.732[9155] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 522.948111][ T9162] overlayfs: failed to resolve './file0': -2 [ 523.613935][ T9165] loop2: detected capacity change from 0 to 256 [ 523.648520][ T9165] exfat: Unknown parameter 'zero_size_dir' [ 529.956083][ T9196] tipc: Enabling of bearer rejected, failed to enable media [ 529.975986][ T9199] loop1: detected capacity change from 0 to 256 [ 529.983762][ T9199] exfat: Unknown parameter 'zero_size_dir' [ 530.729422][ T9209] loop0: detected capacity change from 0 to 512 [ 530.756324][ T9209] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 531.108808][ T9209] EXT4-fs (loop0): orphan cleanup on readonly fs [ 531.118434][ T9209] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.743: bg 0: block 248: padding at end of block bitmap is not set [ 531.133517][ T9209] Quota error (device loop0): write_blk: dquota write failed [ 531.141118][ T9209] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 531.151131][ T9209] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.743: Failed to acquire dquot type 1 [ 531.164242][ T9209] EXT4-fs (loop0): 1 truncate cleaned up [ 532.761084][ T9220] overlayfs: failed to resolve './file0': -2 [ 532.831010][ T9209] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 533.839466][ T9228] loop1: detected capacity change from 0 to 4096 [ 533.904193][ T9228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 533.985311][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.286893][ T9246] loop0: detected capacity change from 0 to 128 [ 536.299886][ T9246] EXT4-fs: Ignoring removed nomblk_io_submit option [ 536.306612][ T9246] EXT4-fs: Ignoring removed nomblk_io_submit option [ 536.384419][ T9246] EXT4-fs (loop0): Test dummy encryption mode enabled [ 536.449542][ T9246] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 536.463953][ T9246] ext4 filesystem being mounted at /198/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 538.016977][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 538.495222][ T5787] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 538.557376][ T9256] loop2: detected capacity change from 0 to 256 [ 538.570663][ T9256] exfat: Unknown parameter 'zero_size_dir' [ 538.634582][ T9258] tipc: Enabled bearer , priority 0 [ 538.843516][ T9258] syzkaller0: entered promiscuous mode [ 538.851802][ T9258] syzkaller0: entered allmulticast mode [ 538.880269][ T9257] tipc: Resetting bearer [ 539.318030][ T9257] tipc: Disabling bearer [ 540.117311][ T8498] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 540.323440][ T8498] usb 3-1: Using ep0 maxpacket: 32 [ 540.331227][ T8498] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 540.339964][ T8498] usb 3-1: config 0 has no interface number 0 [ 540.349332][ T8498] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 540.358572][ T8498] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 540.366661][ T8498] usb 3-1: Product: syz [ 540.371048][ T8498] usb 3-1: Manufacturer: syz [ 541.195213][ T9282] overlayfs: overlapping lowerdir path [ 541.277315][ T9283] overlayfs: failed to resolve './file1': -2 [ 541.747690][ T8498] usb 3-1: SerialNumber: syz [ 541.776027][ T8498] usb 3-1: config 0 descriptor?? [ 541.797706][ T8498] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 541.911057][ T9290] loop1: detected capacity change from 0 to 1024 [ 541.918683][ T9290] EXT4-fs: Ignoring removed nomblk_io_submit option [ 542.218422][ T9290] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 542.719836][ T8498] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 542.779002][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 542.817356][ T8498] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 542.917924][ T8498] usb 3-1: USB disconnect, device number 8 [ 542.980008][ T8498] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 543.008014][ T9296] tipc: Enabled bearer , priority 0 [ 543.049191][ T9296] syzkaller0: entered promiscuous mode [ 543.061950][ T8498] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 543.083801][ T9296] syzkaller0: entered allmulticast mode [ 543.104462][ T8498] quatech2 3-1:0.51: device disconnected [ 543.126069][ T9297] tipc: Resetting bearer [ 543.827059][ T9295] tipc: Resetting bearer [ 544.827151][ T788] tipc: Node number set to 3376170057 [ 544.849420][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 544.914372][ T9295] tipc: Disabling bearer [ 544.956380][ T9303] loop1: detected capacity change from 0 to 256 [ 544.974226][ T9303] exfat: Unknown parameter 'zero_size_dir' [ 545.097216][ T9229] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 547.660626][ T9324] loop0: detected capacity change from 0 to 128 [ 547.673152][ T9324] EXT4-fs: Ignoring removed nomblk_io_submit option [ 547.679917][ T9324] EXT4-fs: Ignoring removed nomblk_io_submit option [ 547.744868][ T9324] EXT4-fs (loop0): Test dummy encryption mode enabled [ 547.828381][ T9324] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 547.853531][ T9324] ext4 filesystem being mounted at /202/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 549.558036][ T9336] overlayfs: overlapping lowerdir path [ 549.615817][ T9337] overlayfs: failed to resolve './file1': -2 [ 549.880565][ T5787] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 550.171771][ T9340] loop0: detected capacity change from 0 to 256 [ 550.199836][ T9340] exfat: Unknown parameter 'zero_size_dir' [ 550.973429][ T9353] loop2: detected capacity change from 0 to 256 [ 550.984829][ T9353] exfat: Unknown parameter 'zero_size_dir' [ 552.303073][ T9366] loop0: detected capacity change from 0 to 256 [ 552.568175][ T9368] netlink: 4 bytes leftover after parsing attributes in process `syz.2.780'. [ 553.619220][ T9378] loop1: detected capacity change from 0 to 256 [ 553.667323][ T9378] exfat: Deprecated parameter 'namecase' [ 553.673192][ T9378] exfat: Bad value for 'allow_utime' [ 554.965394][ T9387] loop1: detected capacity change from 0 to 512 [ 555.875290][ T9387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 555.921294][ T9387] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 555.953214][ T9394] loop0: detected capacity change from 0 to 256 [ 555.960903][ T9394] exfat: Unknown parameter 'zero_size_dir' [ 555.978313][ T9387] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 556.057623][ T9387] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 556.080965][ T9387] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.787: Failed to acquire dquot type 1 [ 556.323146][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 557.221123][ T9406] loop4: detected capacity change from 0 to 256 [ 557.303055][ T9409] loop1: detected capacity change from 0 to 1024 [ 557.370261][ T9409] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 557.537329][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.713832][ T9424] tipc: Enabled bearer , priority 0 [ 559.724815][ T9424] syzkaller0: entered promiscuous mode [ 559.735359][ T9424] syzkaller0: entered allmulticast mode [ 559.760055][ T9424] tipc: Resetting bearer [ 559.792642][ T9422] tipc: Resetting bearer [ 559.849999][ T9430] loop2: detected capacity change from 0 to 512 [ 559.892129][ T9430] EXT4-fs: inline encryption not supported [ 559.906679][ T9432] loop4: detected capacity change from 0 to 256 [ 559.917832][ T9422] tipc: Disabling bearer [ 559.927886][ T9430] EXT4-fs: Ignoring removed mblk_io_submit option [ 559.940617][ T9432] exfat: Deprecated parameter 'namecase' [ 559.973153][ T9430] EXT4-fs (loop2): Test dummy encryption mode enabled [ 560.030537][ T9430] EXT4-fs (loop2): orphan cleanup on readonly fs [ 560.042544][ T9432] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 560.107905][ T9430] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.800: inode #13: comm syz.2.800: iget: illegal inode # [ 560.141524][ T9430] EXT4-fs (loop2): Remounting filesystem read-only [ 560.151827][ T9430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 560.461433][ T9441] loop0: detected capacity change from 0 to 256 [ 560.479100][ T9441] exfat: Unknown parameter 'zero_size_dir' [ 560.993683][ T9445] netlink: 4 bytes leftover after parsing attributes in process `syz.4.803'. [ 561.712878][ T9447] loop0: detected capacity change from 0 to 2048 [ 561.744362][ T9447] ext4: Unknown parameter 'audit' [ 562.107583][ T9451] netlink: 8 bytes leftover after parsing attributes in process `syz.0.805'. [ 562.116588][ T9451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.805'. [ 563.114148][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.120585][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.581158][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.677586][ T5885] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 563.753405][ T9453] loop0: detected capacity change from 0 to 32768 [ 563.997859][ T5885] usb 2-1: Using ep0 maxpacket: 32 [ 565.209277][ T5885] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 566.302858][ T5885] usb 2-1: config 0 has no interface number 0 [ 566.339179][ T5885] usb 2-1: string descriptor 0 read error: -71 [ 566.403388][ T5885] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 566.413607][ T9472] tipc: Enabled bearer , priority 0 [ 566.435150][ T9472] syzkaller0: entered promiscuous mode [ 566.453868][ T5885] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 566.464870][ T9472] syzkaller0: entered allmulticast mode [ 566.496342][ T5885] usb 2-1: config 0 descriptor?? [ 566.518560][ T5885] usb 2-1: can't set config #0, error -71 [ 566.582989][ T9472] tipc: Resetting bearer [ 566.588913][ T5885] usb 2-1: USB disconnect, device number 8 [ 566.680811][ T9479] wg2: entered promiscuous mode [ 566.713843][ T9479] wg2: entered allmulticast mode [ 566.747327][ T9471] tipc: Resetting bearer [ 567.036977][ T9471] tipc: Disabling bearer [ 568.237194][ T7193] Bluetooth: hci3: Frame reassembly failed (-84) [ 568.986488][ T9501] netlink: 4 bytes leftover after parsing attributes in process `syz.2.817'. [ 569.098360][ T9493] loop1: detected capacity change from 0 to 2048 [ 569.173803][ T9493] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 569.502349][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 570.157224][ T5793] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 571.955816][ T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 573.617277][ T9528] loop4: detected capacity change from 0 to 256 [ 574.917058][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 575.057665][ T8] usb 2-1: device descriptor read/all, error -71 [ 575.096420][ T9533] loop2: detected capacity change from 0 to 256 [ 575.185885][ T9533] exfat: Unknown parameter 'zero_size_dir' [ 575.468906][ T9535] loop0: detected capacity change from 0 to 4096 [ 575.549191][ T9535] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 577.186511][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.324749][ T9548] loop4: detected capacity change from 0 to 128 [ 577.337413][ T9548] EXT4-fs: Ignoring removed nomblk_io_submit option [ 577.344125][ T9548] EXT4-fs: Ignoring removed nomblk_io_submit option [ 577.429038][ T9548] EXT4-fs (loop4): Test dummy encryption mode enabled [ 577.582593][ T9548] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 577.654818][ T9548] ext4 filesystem being mounted at /82/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 578.796455][ T9565] loop1: detected capacity change from 0 to 512 [ 578.804089][ T9565] EXT4-fs: Ignoring removed nobh option [ 579.624516][ T9565] EXT4-fs (loop1): Test dummy encryption mode enabled [ 579.839170][ T9565] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 579.856187][ T9565] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.829: invalid indirect mapped block 2683928664 (level 1) [ 579.880118][ T9565] EXT4-fs (loop1): 1 truncate cleaned up [ 579.888509][ T9565] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 580.220481][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.231704][ T7614] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 580.497686][ T9572] loop1: detected capacity change from 0 to 256 [ 580.670811][ T9572] exfat: Unknown parameter 'zero_size_dir' [ 582.228985][ T9585] netlink: 4 bytes leftover after parsing attributes in process `syz.4.830'. [ 582.851997][ T5848] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 582.949086][ T9597] loop0: detected capacity change from 0 to 256 [ 584.967658][ T5848] usb 2-1: Using ep0 maxpacket: 32 [ 585.910189][ T5848] usb 2-1: unable to read config index 0 descriptor/all [ 585.947774][ T5848] usb 2-1: can't read configurations, error -71 [ 586.397082][ T5848] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 586.436247][ T9613] loop2: detected capacity change from 0 to 256 [ 586.457924][ T9613] exfat: Unknown parameter 'zero_size_dir' [ 586.795783][ T5848] usb 2-1: Using ep0 maxpacket: 16 [ 587.479892][ T5848] usb 2-1: config index 0 descriptor too short (expected 16456, got 72) [ 587.520477][ T5848] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 587.558056][ T5848] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 587.597147][ T5848] usb 2-1: config 0 has an invalid interface number: 125 but max is 1 [ 587.660092][ T5848] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 587.710789][ T5848] usb 2-1: config 0 has no interface number 0 [ 587.731531][ T5848] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64 [ 587.747944][ T5848] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0 [ 587.762893][ T5848] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0 [ 587.773801][ T5848] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 587.791923][ T5848] usb 2-1: config 0 interface 125 has no altsetting 0 [ 587.800274][ T5848] usb 2-1: config 0 interface 125 has no altsetting 2 [ 587.815927][ T5848] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27 [ 587.827839][ T5848] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.836583][ T5848] usb 2-1: Product: syz [ 587.844167][ T5848] usb 2-1: Manufacturer: syz [ 587.849131][ T5848] usb 2-1: SerialNumber: syz [ 587.858309][ T5848] usb 2-1: config 0 descriptor?? [ 587.897257][ T5848] usb 2-1: selecting invalid altsetting 2 [ 588.043770][ T9626] loop0: detected capacity change from 0 to 256 [ 588.054749][ T9626] exfat: Unknown parameter 'zero_size_dir' [ 588.331220][ T9607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 588.392030][ T9607] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 589.236649][ C1] usb 2-1: async_complete: urb error -71 [ 589.242635][ C1] usb 2-1: async_complete: urb error -71 [ 589.275433][ T5848] get_1284_register: usb error -71 [ 589.281386][ T5848] uss720: probe of 2-1:0.125 failed with error -71 [ 589.308786][ T5848] usb 2-1: USB disconnect, device number 12 [ 590.273100][ T9644] loop2: detected capacity change from 0 to 256 [ 591.197069][ T5829] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 591.416999][ T5829] usb 2-1: Using ep0 maxpacket: 32 [ 591.444616][ T5829] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 591.463319][ T5829] usb 2-1: config 0 has no interface number 0 [ 591.489981][ T5829] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 591.516405][ T5829] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 591.555209][ T5829] usb 2-1: Product: syz [ 591.565327][ T5829] usb 2-1: Manufacturer: syz [ 591.585604][ T5829] usb 2-1: SerialNumber: syz [ 591.635116][ T5829] usb 2-1: config 0 descriptor?? [ 591.672331][ T5829] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 591.903733][ T5829] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 591.961046][ T5829] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 592.145056][ C1] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 592.157135][ T5829] usb 2-1: USB disconnect, device number 13 [ 592.228514][ T5829] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 592.328648][ T5829] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 592.369246][ T5829] quatech2 2-1:0.51: device disconnected [ 592.613067][ T9646] loop0: detected capacity change from 0 to 1024 [ 592.708566][ T9646] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 592.971619][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.057180][ T9671] loop4: detected capacity change from 0 to 256 [ 595.064542][ T9671] exfat: Unknown parameter 'zero_size_dir' [ 595.245187][ T9229] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 597.019204][ T9686] loop4: detected capacity change from 0 to 1024 [ 597.143922][ T9686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 597.534163][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 597.734275][ T9698] fuse: Bad value for 'fd' [ 600.961131][ T9718] loop4: detected capacity change from 0 to 128 [ 602.970266][ T9723] loop1: detected capacity change from 0 to 4096 [ 603.380138][ T9729] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 604.237392][ T9723] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 604.803845][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.156033][ T9735] fuse: Bad value for 'fd' [ 606.288901][ T9746] loop0: detected capacity change from 0 to 128 [ 606.390218][ T9746] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 606.406369][ T9746] FAT-fs (loop0): Filesystem has been set read-only [ 606.407659][ T28] audit: type=1800 audit(1753278390.384:33): pid=9746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.875" name="file2" dev="loop0" ino=1048620 res=0 errno=0 [ 606.413706][ T9746] syz.0.875: attempt to access beyond end of device [ 606.413706][ T9746] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 606.449117][ T9746] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 606.457033][ T9746] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 606.472971][ T9746] syz.0.875: attempt to access beyond end of device [ 606.472971][ T9746] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 606.486583][ T9746] syz.0.875: attempt to access beyond end of device [ 606.486583][ T9746] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 607.241688][ T9753] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 607.249711][ T9753] syz.0.875: attempt to access beyond end of device [ 607.249711][ T9753] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 607.313182][ T9753] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 607.347078][ T9746] syz.0.875: attempt to access beyond end of device [ 607.347078][ T9746] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 607.381432][ T9753] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 607.404150][ T9746] syz.0.875: attempt to access beyond end of device [ 607.404150][ T9746] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 607.431779][ T9746] syz.0.875: attempt to access beyond end of device [ 607.431779][ T9746] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 607.445754][ T9746] syz.0.875: attempt to access beyond end of device [ 607.445754][ T9746] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 607.495012][ T9757] loop4: detected capacity change from 0 to 256 [ 607.520822][ T9757] exfat: Unknown parameter 'zero_size_dir' [ 608.922751][ T9765] loop0: detected capacity change from 0 to 128 [ 612.842146][ T9787] tipc: Enabled bearer , priority 0 [ 612.911149][ T9787] tipc: Resetting bearer [ 612.978687][ T9785] tipc: Disabling bearer [ 614.002384][ T9799] loop1: detected capacity change from 0 to 256 [ 614.034875][ T9801] loop0: detected capacity change from 0 to 512 [ 614.042966][ T9801] EXT4-fs: Ignoring removed mblk_io_submit option [ 614.051797][ T9801] EXT4-fs: Ignoring removed bh option [ 614.059818][ T9799] exfat: Unknown parameter 'zero_size_dir' [ 614.067807][ T9801] EXT4-fs (loop0): Test dummy encryption mode enabled [ 614.087654][ T9801] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 614.131539][ T9804] netlink: 40 bytes leftover after parsing attributes in process `syz.2.890'. [ 614.180304][ T9801] EXT4-fs (loop0): 1 truncate cleaned up [ 614.229020][ T9801] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 615.030738][ T9801] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 615.126313][ T9811] netlink: 4 bytes leftover after parsing attributes in process `syz.2.890'. [ 615.161867][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.212473][ T9817] tipc: Enabled bearer , priority 0 [ 615.213452][ T9817] syzkaller0: entered promiscuous mode [ 615.225741][ T9817] syzkaller0: entered allmulticast mode [ 615.323665][ T9818] tipc: Resetting bearer [ 615.373610][ T9816] tipc: Resetting bearer [ 615.407327][ T9816] tipc: Disabling bearer [ 615.514388][ T9822] loop0: detected capacity change from 0 to 128 [ 615.556155][ T9822] EXT4-fs (loop0): Test dummy encryption mode enabled [ 615.668224][ T9822] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 615.683820][ T9822] ext4 filesystem being mounted at /242/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 618.611148][ T5787] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 619.157173][ T788] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 619.314092][ T9843] syz.1.894[9843] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 619.314237][ T9843] syz.1.894[9843] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 619.506930][ T788] usb 1-1: Using ep0 maxpacket: 32 [ 619.542817][ T9845] overlayfs: overlapping lowerdir path [ 619.892779][ T788] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 620.289964][ T788] usb 1-1: config 0 has no interface number 0 [ 620.309945][ T788] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 620.321385][ T788] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 620.330073][ T788] usb 1-1: Product: syz [ 620.334291][ T788] usb 1-1: Manufacturer: syz [ 620.340127][ T788] usb 1-1: SerialNumber: syz [ 620.356652][ T788] usb 1-1: config 0 descriptor?? [ 620.378251][ T788] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 620.415278][ T9850] loop2: detected capacity change from 0 to 256 [ 620.434064][ T9850] exfat: Unknown parameter 'zero_size_dir' [ 620.637466][ T788] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 620.712706][ T788] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 621.273850][ C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 621.282247][ T788] usb 1-1: USB disconnect, device number 6 [ 621.344235][ T788] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 621.448168][ T788] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 621.519768][ T788] quatech2 1-1:0.51: device disconnected [ 621.757263][ T27] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 621.788156][ T27] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 622.399011][ T9863] loop4: detected capacity change from 0 to 512 [ 622.813932][ T9863] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 622.827720][ T9863] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 623.078054][ T9863] netlink: 28 bytes leftover after parsing attributes in process `syz.4.903'. [ 624.565615][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.572151][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.926689][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 626.008498][ T9876] xt_CT: No such helper "netbios-ns" [ 626.385584][ T9881] loop4: detected capacity change from 0 to 1024 [ 626.454224][ T9881] EXT4-fs: Ignoring removed nomblk_io_submit option [ 626.572765][ T9886] overlayfs: overlapping lowerdir path [ 627.133988][ T9881] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 627.415951][ T9893] syzkaller0: entered promiscuous mode [ 627.425972][ T9893] syzkaller0: entered allmulticast mode [ 627.476293][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 627.857361][ T5885] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 628.021290][ T9904] loop0: detected capacity change from 0 to 512 [ 628.066939][ T5885] usb 3-1: Using ep0 maxpacket: 32 [ 628.079335][ T9904] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 628.087178][ T5885] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 628.112888][ T9904] ext4 filesystem being mounted at /250/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 628.122447][ T5885] usb 3-1: config 0 has no interface number 0 [ 628.144465][ T5885] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 628.167014][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 628.175698][ T5885] usb 3-1: Product: syz [ 628.180139][ T5885] usb 3-1: Manufacturer: syz [ 628.184778][ T5885] usb 3-1: SerialNumber: syz [ 628.201695][ T5885] usb 3-1: config 0 descriptor?? [ 628.449155][ T5885] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 628.616044][ T9911] xt_time: unknown flags 0xc [ 628.685161][ T5885] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 628.695663][ T28] audit: type=1326 audit(1753278412.694:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabba98e9a9 code=0x7fc00000 [ 628.732894][ T5885] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 628.889477][ C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 628.889914][ T55] usb 3-1: USB disconnect, device number 9 [ 628.945842][ T55] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 628.981737][ T55] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 629.014953][ T55] quatech2 3-1:0.51: device disconnected [ 629.348721][ T9914] loop4: detected capacity change from 0 to 512 [ 629.381008][ T9914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 629.393257][ T28] audit: type=1326 audit(1753278413.384:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9909 comm="syz.1.915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fabba98e9a9 code=0x7fc00000 [ 629.659743][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 630.575175][ T9929] overlayfs: overlapping lowerdir path [ 632.375391][ T9946] xt_hashlimit: max too large, truncated to 1048576 [ 632.386057][ T9946] No such timeout policy "syz1" [ 633.261667][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 633.360033][ T9948] syz.2.923[9948] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 633.360180][ T9948] syz.2.923[9948] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 635.284165][ T9961] loop0: detected capacity change from 0 to 256 [ 637.127311][ T9957] loop1: detected capacity change from 0 to 40427 [ 637.189047][ T9957] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 637.239388][ T9957] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 637.440579][ T9957] F2FS-fs (loop1): Found nat_bits in checkpoint [ 639.193397][ T9980] loop0: detected capacity change from 0 to 512 [ 639.318349][ T9980] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 639.797535][ T9987] overlayfs: missing 'lowerdir' [ 641.237171][ T9993] netlink: 12 bytes leftover after parsing attributes in process `syz.1.933'. [ 642.077141][ T9995] loop1: detected capacity change from 0 to 128 [ 642.469900][ T9995] syz.1.934: attempt to access beyond end of device [ 642.469900][ T9995] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128 [ 642.616317][ T9995] syz.1.934: attempt to access beyond end of device [ 642.616317][ T9995] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128 [ 642.664570][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 642.677655][ T9995] syz.1.934: attempt to access beyond end of device [ 642.677655][ T9995] loop1: rw=0, sector=145, nr_sectors = 8 limit=128 [ 642.704290][ T9995] syz.1.934: attempt to access beyond end of device [ 642.704290][ T9995] loop1: rw=0, sector=145, nr_sectors = 8 limit=128 [ 642.736612][ T9995] syz.1.934: attempt to access beyond end of device [ 642.736612][ T9995] loop1: rw=0, sector=145, nr_sectors = 8 limit=128 [ 642.767455][ T9995] syz.1.934: attempt to access beyond end of device [ 642.767455][ T9995] loop1: rw=0, sector=145, nr_sectors = 8 limit=128 [ 642.831119][ T9995] syz.1.934: attempt to access beyond end of device [ 642.831119][ T9995] loop1: rw=0, sector=145, nr_sectors = 8 limit=128 [ 642.988593][T10005] pim6reg1: entered promiscuous mode [ 643.007568][T10005] pim6reg1: entered allmulticast mode [ 643.137970][T10007] overlayfs: overlapping lowerdir path [ 643.228650][T10008] overlayfs: missing 'lowerdir' [ 644.270308][T10018] tipc: Enabled bearer , priority 0 [ 644.281762][T10018] syzkaller0: entered promiscuous mode [ 644.295313][T10018] syzkaller0: entered allmulticast mode [ 644.317744][T10018] tipc: Resetting bearer [ 644.334857][T10016] tipc: Resetting bearer [ 644.397932][T10016] tipc: Disabling bearer [ 644.940838][T10031] loop2: detected capacity change from 0 to 256 [ 645.036324][T10033] loop4: detected capacity change from 0 to 512 [ 645.126135][T10031] exfat: Unknown parameter 'zero_size_dir' [ 645.265833][T10033] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #3: comm syz.4.945: corrupted inode contents [ 645.288764][T10033] EXT4-fs error (device loop4): ext4_dirty_inode:6106: inode #3: comm syz.4.945: mark_inode_dirty error [ 645.307294][T10033] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #3: comm syz.4.945: corrupted inode contents [ 645.325713][T10033] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.945: mark_inode_dirty error [ 645.345334][T10033] Quota error (device loop4): write_blk: dquota write failed [ 645.353651][T10033] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 645.364025][T10033] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.945: Failed to acquire dquot type 0 [ 645.400262][T10033] EXT4-fs (loop4): 1 orphan inode deleted [ 645.411964][T10033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 645.435770][T10033] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 648.205885][T10043] loop0: detected capacity change from 0 to 256 [ 648.248506][T10043] exfat: Unknown parameter 'zero_size_dir' [ 648.343496][ T9229] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 648.622476][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.535307][T10050] overlayfs: overlapping lowerdir path [ 649.628404][T10051] overlayfs: missing 'lowerdir' [ 650.127624][T10052] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 650.527514][T10059] tipc: Enabled bearer , priority 0 [ 650.544787][T10059] syzkaller0: entered promiscuous mode [ 650.554855][T10059] syzkaller0: entered allmulticast mode [ 650.647404][T10058] tipc: Resetting bearer [ 650.756088][T10058] tipc: Disabling bearer [ 650.884469][T10062] overlayfs: overlapping lowerdir path [ 650.914448][T10062] overlayfs: missing 'lowerdir' [ 651.674287][T10067] loop4: detected capacity change from 0 to 512 [ 651.692771][T10067] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 651.761803][T10067] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 651.784700][T10067] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 652.045538][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 652.924885][T10080] loop4: detected capacity change from 0 to 512 [ 653.135768][T10080] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #3: comm syz.4.957: corrupted inode contents [ 653.164675][T10080] EXT4-fs error (device loop4): ext4_dirty_inode:6106: inode #3: comm syz.4.957: mark_inode_dirty error [ 653.183841][T10084] loop0: detected capacity change from 0 to 512 [ 653.199810][T10080] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #3: comm syz.4.957: corrupted inode contents [ 653.210718][T10084] EXT4-fs: inline encryption not supported [ 653.224346][T10084] EXT4-fs: Ignoring removed mblk_io_submit option [ 653.232469][T10084] EXT4-fs (loop0): Test dummy encryption mode enabled [ 653.247428][T10084] EXT4-fs (loop0): orphan cleanup on readonly fs [ 653.254176][T10084] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.958: inode #13: comm syz.0.958: iget: illegal inode # [ 653.478709][T10084] EXT4-fs (loop0): Remounting filesystem read-only [ 653.491390][T10080] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.957: mark_inode_dirty error [ 653.522066][T10084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 653.562593][T10080] Quota error (device loop4): write_blk: dquota write failed [ 653.570914][T10080] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 653.581517][T10080] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.957: Failed to acquire dquot type 0 [ 653.673500][T10093] overlayfs: overlapping lowerdir path [ 653.691431][T10093] overlayfs: missing 'lowerdir' [ 653.986989][T10080] EXT4-fs (loop4): 1 orphan inode deleted [ 654.258975][ T7193] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 654.281412][ T7193] EXT4-fs error (device loop4): ext4_release_dquot:6974: comm kworker/u4:17: Failed to release dquot type 1 [ 654.305217][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.314854][T10080] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 654.380107][T10080] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 654.560696][T10096] tipc: Enabled bearer , priority 0 [ 654.576591][T10096] syzkaller0: entered promiscuous mode [ 654.592993][T10096] syzkaller0: entered allmulticast mode [ 654.624749][T10095] tipc: Resetting bearer [ 654.698986][T10095] tipc: Disabling bearer [ 655.120931][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.303035][T10104] overlayfs: overlapping lowerdir path [ 655.320816][T10104] overlayfs: missing 'lowerdir' [ 656.139382][T10107] loop2: detected capacity change from 0 to 256 [ 656.146686][T10107] exfat: Unknown parameter 'zero_size_dir' [ 656.200861][T10108] loop4: detected capacity change from 0 to 1024 [ 656.236931][ T9229] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 656.257886][T10108] ext2: Unknown parameter 'measure' [ 656.476768][ T9478] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 656.754366][T10117] loop2: detected capacity change from 0 to 512 [ 656.761884][T10117] EXT4-fs: inline encryption not supported [ 656.767845][T10117] EXT4-fs: Ignoring removed mblk_io_submit option [ 656.775166][T10117] EXT4-fs (loop2): Test dummy encryption mode enabled [ 657.168922][T10117] EXT4-fs (loop2): orphan cleanup on readonly fs [ 657.221230][T10117] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.968: inode #13: comm syz.2.968: iget: illegal inode # [ 657.356660][T10117] EXT4-fs (loop2): Remounting filesystem read-only [ 657.388293][T10117] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 658.451943][T10124] overlayfs: overlapping lowerdir path [ 658.500623][T10124] overlayfs: missing 'lowerdir' [ 658.547302][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 658.598530][T10110] loop1: detected capacity change from 0 to 32768 [ 658.970371][T10135] overlay: ./file1 is not a directory [ 659.731329][ T28] audit: type=1800 audit(1753278443.264:36): pid=10135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.966" name="bus" dev="loop1" ino=65 res=0 errno=0 [ 662.095719][T10149] overlayfs: overlapping lowerdir path [ 662.181323][T10150] overlayfs: missing 'lowerdir' [ 663.358986][T10158] loop1: detected capacity change from 0 to 512 [ 663.371052][T10158] ext4: Bad value for 'debug_want_extra_isize' [ 664.595869][T10163] loop4: detected capacity change from 0 to 256 [ 664.627930][T10163] exfat: Unknown parameter 'zero_size_dir' [ 667.245602][T10173] overlayfs: overlapping lowerdir path [ 667.262031][T10173] overlayfs: missing 'lowerdir' [ 667.270464][T10178] loop1: detected capacity change from 0 to 512 [ 667.386639][T10183] loop2: detected capacity change from 0 to 256 [ 667.468689][T10183] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 667.479527][T10183] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 667.560964][T10183] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 669.289797][T10178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 670.920505][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 671.327875][T10194] loop4: detected capacity change from 0 to 4096 [ 671.366236][T10194] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 671.771554][T10199] overlayfs: missing 'lowerdir' [ 672.676147][T10209] overlayfs: overlapping lowerdir path [ 672.773779][T10210] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 672.782883][T10210] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 673.468379][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 673.564397][T10215] syz.0.990[10215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 673.565066][T10215] syz.0.990[10215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 673.659257][T10215] loop0: detected capacity change from 0 to 1024 [ 673.683332][T10215] EXT4-fs: Ignoring removed orlov option [ 673.819118][T10215] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 673.881705][T10215] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 674.247135][T10218] loop1: detected capacity change from 0 to 256 [ 674.285474][T10218] exfat: Unknown parameter 'zero_size_dir' [ 676.024273][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 676.493614][T10229] loop1: detected capacity change from 0 to 128 [ 678.710749][T10236] loop0: detected capacity change from 0 to 512 [ 680.862950][T10236] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 680.863376][T10236] EXT4-fs: failed to create workqueue [ 680.879541][T10236] EXT4-fs (loop0): mount failed [ 682.159687][T10247] loop2: detected capacity change from 0 to 256 [ 682.184615][T10247] exfat: Unknown parameter 'zero_size_dir' [ 682.866498][T10251] overlay: Unknown parameter '/' [ 682.873860][T10248] overlayfs: overlapping lowerdir path [ 682.934711][T10252] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 682.943811][T10252] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 683.386206][T10255] loop4: detected capacity change from 0 to 4096 [ 683.442515][T10255] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 684.101595][T10261] overlayfs: missing 'lowerdir' [ 684.849058][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 685.115311][T10268] loop0: detected capacity change from 0 to 8192 [ 685.994045][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.588581][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.029323][T10287] loop2: detected capacity change from 0 to 256 [ 687.826656][T10293] overlayfs: overlapping lowerdir path [ 689.503077][T10301] overlayfs: overlapping lowerdir path [ 689.599719][T10302] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 689.608840][T10302] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 690.583144][T10309] loop2: detected capacity change from 0 to 4096 [ 690.687149][T10309] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 692.460216][T10321] overlayfs: missing 'lowerdir' [ 694.341715][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 694.951024][T10337] loop0: detected capacity change from 0 to 256 [ 696.001690][T10349] overlayfs: overlapping lowerdir path [ 696.607816][T10351] overlayfs: overlapping lowerdir path [ 696.679068][T10346] overlayfs: missing 'lowerdir' [ 697.952569][T10359] loop0: detected capacity change from 0 to 4096 [ 698.057547][T10359] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 698.070088][T10345] loop4: detected capacity change from 0 to 32768 [ 700.139916][T10365] read_mapping_page failed! [ 700.468797][T10359] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 700.478915][T10359] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 700.681123][T10365] diRead: read_metapage failed [ 700.686053][T10365] jfs_lookup: iget failed on inum 32 [ 700.809588][T10366] read_mapping_page failed! [ 700.814524][T10366] ialloc: diAlloc returned -5! [ 700.834302][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 700.957259][ T28] audit: type=1800 audit(1753278484.954:37): pid=10370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1023" name="bus" dev="loop4" ino=7 res=0 errno=0 [ 701.216205][T10380] loop0: detected capacity change from 0 to 512 [ 701.313773][T10380] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 701.347472][T10380] ext4 filesystem being mounted at /283/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 701.456647][T10384] loop2: detected capacity change from 0 to 256 [ 701.657401][T10386] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1029'. [ 702.703680][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 703.947469][T10386] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1029'. [ 705.868572][T10410] overlayfs: overlapping lowerdir path [ 706.052972][T10411] overlayfs: missing 'lowerdir' [ 706.828239][T10412] overlayfs: overlapping lowerdir path [ 707.514907][T10418] xt_bpf: check failed: parse error [ 707.610861][T10420] loop2: detected capacity change from 0 to 128 [ 708.806243][T10421] loop0: detected capacity change from 0 to 256 [ 708.835453][T10421] exfat: Deprecated parameter 'namecase' [ 708.953547][T10426] loop4: detected capacity change from 0 to 256 [ 709.157132][T10421] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 711.246643][T10444] syz.4.1044[10444] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 711.246908][T10444] syz.4.1044[10444] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 711.273234][T10444] loop4: detected capacity change from 0 to 1024 [ 711.292265][T10444] EXT4-fs: Ignoring removed orlov option [ 716.571896][T10444] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 716.582531][T10444] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4. [ 717.950676][T10456] overlayfs: overlapping lowerdir path [ 718.045107][T10457] overlayfs: missing 'lowerdir' [ 718.728336][T10460] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1047'. [ 719.479754][T10465] syz.0.1049: attempt to access beyond end of device [ 719.479754][T10465] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 719.492667][T10465] FAT-fs (loop1): unable to read boot sector [ 719.643871][T10471] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1047'. [ 720.116059][T10475] loop0: detected capacity change from 0 to 512 [ 720.329025][T10475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 720.375020][T10475] ext4 filesystem being mounted at /290/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 721.399633][ T28] audit: type=1800 audit(1753278504.914:38): pid=10475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1052" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 721.572103][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 724.027667][T10501] overlayfs: overlapping lowerdir path [ 724.034148][T10503] overlayfs: missing 'workdir' [ 725.115930][T10510] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1059'. [ 726.278487][T10518] loop2: detected capacity change from 0 to 256 [ 726.285695][T10506] loop4: detected capacity change from 0 to 32768 [ 726.295470][T10518] exfat: Unknown parameter 'zero_size_dir' [ 726.425933][T10520] loop1: detected capacity change from 0 to 512 [ 726.437015][T10520] EXT4-fs: Ignoring removed bh option [ 731.528669][T10520] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 731.547654][T10520] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 731.548096][T10520] EXT4-fs: failed to create workqueue [ 731.563242][T10520] EXT4-fs (loop1): mount failed [ 731.778379][T10532] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1064'. [ 732.354486][T10536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1064'. [ 733.203532][T10543] loop0: detected capacity change from 0 to 512 [ 733.391544][T10543] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 733.491433][T10550] overlayfs: overlapping lowerdir path [ 733.507889][T10550] overlayfs: missing 'workdir' [ 734.664005][T10554] loop4: detected capacity change from 0 to 4096 [ 735.435423][T10554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 735.531553][T10559] loop1: detected capacity change from 0 to 256 [ 735.608046][T10559] exfat: Unknown parameter 'zero_size_dir' [ 735.751639][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 736.040878][T10561] overlayfs: missing 'lowerdir' [ 737.672414][ T7614] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 738.952194][T10568] loop0: detected capacity change from 0 to 32768 [ 740.800444][T10590] overlayfs: overlapping lowerdir path [ 740.895715][T10591] overlayfs: missing 'workdir' [ 741.235233][T10589] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 741.884652][T10598] tipc: Enabled bearer , priority 0 [ 741.921256][T10598] tipc: Resetting bearer [ 741.978594][T10597] tipc: Disabling bearer [ 741.994836][T10600] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1084'. [ 742.137090][T10605] sctp: [Deprecated]: syz.1.1086 (pid 10605) Use of struct sctp_assoc_value in delayed_ack socket option. [ 742.137090][T10605] Use struct sctp_sack_info instead [ 742.379895][ T5829] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 742.420014][ T5829] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 742.657192][T10600] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1084'. [ 743.443951][T10622] overlayfs: overlapping lowerdir path [ 744.593303][T10635] overlayfs: overlapping lowerdir path [ 744.640248][T10635] overlayfs: missing 'lowerdir' [ 745.509329][T10638] tipc: Enabled bearer , priority 0 [ 745.531434][T10638] tipc: Resetting bearer [ 745.607783][T10636] tipc: Disabling bearer [ 745.695928][T10643] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1098'. [ 745.726040][T10643] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1098'. [ 745.787001][T10641] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1098'. [ 745.806571][T10643] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1098'. [ 746.319844][T10651] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1101'. [ 746.856455][T10661] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1101'. [ 746.907781][T10658] overlayfs: overlapping lowerdir path [ 746.957028][ T5840] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 746.996430][ T5840] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 747.431397][ T1290] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.437957][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.505234][T10668] overlayfs: overlapping lowerdir path [ 747.648826][T10669] overlayfs: missing 'lowerdir' [ 748.815492][T10676] tipc: Enabled bearer , priority 0 [ 748.845589][T10676] tipc: Resetting bearer [ 748.907083][T10675] tipc: Disabling bearer [ 750.950605][ T5840] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 751.132647][ T5840] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 751.976126][T10707] netlink: 'syz.0.1119': attribute type 10 has an invalid length. [ 752.387111][ T9496] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 753.802195][T10716] overlayfs: overlapping lowerdir path [ 754.145012][T10730] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 754.327836][T10737] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1131'. [ 754.369215][T10737] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1131'. [ 754.427684][T10734] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1131'. [ 755.044106][T10749] netlink: 'syz.2.1136': attribute type 39 has an invalid length. [ 755.087918][T10749] veth0_macvtap: left promiscuous mode [ 755.263307][T10751] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1137'. [ 755.291786][T10751] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1137'. [ 755.757102][T10758] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 756.013750][T10768] tipc: Enabling of bearer rejected, failed to enable media [ 756.736685][T10786] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1148'. [ 756.756941][T10786] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1148'. [ 756.769061][T10785] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1148'. [ 756.933073][T10788] sctp: [Deprecated]: syz.2.1149 (pid 10788) Use of struct sctp_assoc_value in delayed_ack socket option. [ 756.933073][T10788] Use struct sctp_sack_info instead [ 757.186907][ T9496] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 757.923520][T10804] tipc: Enabling of bearer rejected, failed to enable media [ 866.066706][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 866.073724][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5156/1:b..l [ 866.082198][ C1] rcu: (detected by 1, t=10503 jiffies, g=55017, q=115 ncpus=2) [ 866.089961][ C1] task:udevd state:R running task stack:23144 pid:5156 ppid:1 flags:0x00004002 [ 866.102218][ C1] Call Trace: [ 866.105550][ C1] [ 866.108546][ C1] __schedule+0x14e2/0x4580 [ 866.113152][ C1] ? asan.module_dtor+0x20/0x20 [ 866.118188][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 866.124242][ C1] ? preempt_schedule_irq+0xaa/0x140 [ 866.129596][ C1] preempt_schedule_irq+0xb5/0x140 [ 866.134806][ C1] ? preempt_schedule_notrace+0x110/0x110 [ 866.140573][ C1] ? step_into+0x42b/0xf10 [ 866.145038][ C1] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 866.150894][ C1] irqentry_exit+0x67/0x70 [ 866.155392][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 866.161436][ C1] RIP: 0010:legitimize_links+0x65/0x430 [ 866.167027][ C1] Code: de 81 e6 00 00 20 00 31 ff e8 57 7d 95 ff 81 e3 00 00 20 00 0f 85 21 03 00 00 4d 8d 6f 54 4c 89 e8 48 c1 e8 03 48 89 44 24 10 <48> b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 0f 85 50 03 00 00 [ 866.186679][ C1] RSP: 0018:ffffc90003247af8 EFLAGS: 00000a07 [ 866.192787][ C1] RAX: 1ffff92000648f96 RBX: 0000000000000000 RCX: 0000000000000000 [ 866.200793][ C1] RDX: ffff88807d610000 RSI: 0000000000000000 RDI: 0000000000000000 [ 866.208799][ C1] RBP: ffffc90003247c68 R08: ffff888141670aa0 R09: ffff88801fd54d38 [ 866.216810][ C1] R10: ffff888141670aa0 R11: ffff88801fd54d38 R12: 1ffff92000648f8d [ 866.224815][ C1] R13: ffffc90003247cb4 R14: dffffc0000000000 R15: ffffc90003247c60 [ 866.232847][ C1] ? legitimize_links+0x49/0x430 [ 866.237845][ C1] try_to_unlazy+0x7b/0x5a0 [ 866.242394][ C1] ? handle_lookup_down+0x130/0x130 [ 866.247637][ C1] complete_walk+0x113/0x350 [ 866.252276][ C1] __filename_parentat+0x225/0x610 [ 866.257453][ C1] ? vfs_path_parent_lookup+0x50/0x50 [ 866.262909][ C1] ? __might_fault+0xaa/0x120 [ 866.267625][ C1] do_unlinkat+0xe9/0x570 [ 866.271995][ C1] ? fsnotify_link_count+0xf0/0xf0 [ 866.277151][ C1] ? getname_flags+0x20a/0x500 [ 866.281966][ C1] __x64_sys_unlink+0x49/0x50 [ 866.286674][ C1] do_syscall_64+0x55/0xb0 [ 866.291232][ C1] ? clear_bhb_loop+0x40/0x90 [ 866.295941][ C1] ? clear_bhb_loop+0x40/0x90 [ 866.300655][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 866.306592][ C1] RIP: 0033:0x7f8be2315937 [ 866.311044][ C1] RSP: 002b:00007ffc08b3a828 EFLAGS: 00000202 ORIG_RAX: 0000000000000057 [ 866.319507][ C1] RAX: ffffffffffffffda RBX: 0000000000000bb8 RCX: 00007f8be2315937 [ 866.327523][ C1] RDX: 0000000000000000 RSI: 00007ffc08b3a910 RDI: 0000563cce3a402e [ 866.335530][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 866.343540][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001 [ 866.351547][ C1] R13: 0000563cce3bf100 R14: 0000563cce3a4008 R15: 0000000000000000 [ 866.359576][ C1] [ 866.362624][ C1] rcu: rcu_preempt kthread starved for 10531 jiffies! g55017 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 866.373872][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 866.383869][ C1] rcu: RCU grace-period kthread stack dump: [ 866.389787][ C1] task:rcu_preempt state:R running task stack:27024 pid:17 ppid:2 flags:0x00004000 [ 866.400610][ C1] Call Trace: [ 866.403921][ C1] [ 866.406895][ C1] __schedule+0x14e2/0x4580 [ 866.411468][ C1] ? asan.module_dtor+0x20/0x20 [ 866.416369][ C1] ? enqueue_timer+0x225/0x530 [ 866.421187][ C1] ? __mod_timer+0x984/0xdb0 [ 866.425837][ C1] schedule+0xbd/0x170 [ 866.429948][ C1] schedule_timeout+0x160/0x280 [ 866.434845][ C1] ? console_conditional_schedule+0x40/0x40 [ 866.440786][ C1] ? update_process_times+0x1b0/0x1b0 [ 866.446215][ C1] ? prepare_to_swait_event+0x339/0x360 [ 866.451805][ C1] rcu_gp_fqs_loop+0x302/0x1560 [ 866.456699][ C1] ? rcu_gp_init+0x110e/0x1510 [ 866.461522][ C1] ? rcu_gp_kthread+0x380/0x380 [ 866.466426][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 866.472377][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 866.477625][ C1] ? rcu_gp_init+0x1510/0x1510 [ 866.482440][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 866.488399][ C1] ? finish_swait+0xc7/0x1d0 [ 866.493120][ C1] rcu_gp_kthread+0x99/0x380 [ 866.497758][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 866.502925][ C1] ? __kthread_parkme+0x7a/0x1c0 [ 866.507916][ C1] ? __kthread_parkme+0x162/0x1c0 [ 866.512992][ C1] kthread+0x2fa/0x390 [ 866.517092][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 866.522269][ C1] ? kthread_blkcg+0xd0/0xd0 [ 866.526896][ C1] ret_from_fork+0x48/0x80 [ 866.531351][ C1] ? kthread_blkcg+0xd0/0xd0 [ 866.535975][ C1] ret_from_fork_asm+0x11/0x20 [ 866.540798][ C1] [ 866.543844][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 866.550204][ C1] Sending NMI from CPU 1 to CPUs 0: [ 866.555455][ C0] NMI backtrace for cpu 0 [ 866.555476][ C0] CPU: 0 PID: 10844 Comm: syz.0.1162 Not tainted 6.6.99-syzkaller #0 [ 866.555493][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 866.555503][ C0] RIP: 0010:____kasan_slab_free+0xfa/0x1e0 [ 866.555528][ C0] Code: 89 c6 4c 89 f7 e8 76 45 ff ff 48 39 d8 75 75 41 f6 46 0a 08 0f 85 42 ff ff ff 48 89 df e8 1e 18 00 00 84 c0 74 43 41 8b 76 1c ce 83 ce 07 ff c6 41 0f b6 cc 48 89 df ba fb 00 00 00 e8 de 2b [ 866.555541][ C0] RSP: 0018:ffffc9000b9dfb28 EFLAGS: 00000002 [ 866.555556][ C0] RAX: 0000000000000001 RBX: ffff888042823150 RCX: ffffea00010a08c0 [ 866.555567][ C0] RDX: 0000000000000000 RSI: 0000000000000050 RDI: 1ffff1100850462a [ 866.555578][ C0] RBP: 0000000000000001 R08: 0000000000000070 R09: 1ffffffff2e1bc99 [ 866.555588][ C0] R10: dffffc0000000000 R11: fffffbfff2e1bc9a R12: 0000000000000000 [ 866.555600][ C0] R13: ffffc9000b9dfbb8 R14: ffff8881412673c0 R15: ffffffff81dc0c18 [ 866.555612][ C0] FS: 00007f943aa0c6c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 866.555626][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 866.555637][ C0] CR2: 00007f9439db6248 CR3: 0000000062361000 CR4: 00000000003506f0 [ 866.555652][ C0] Call Trace: [ 866.555657][ C0] [ 866.555665][ C0] slab_free_freelist_hook+0x130/0x1b0 [ 866.555684][ C0] ? __dequeue_signal+0x52b/0x680 [ 866.555709][ C0] kmem_cache_free+0xf8/0x280 [ 866.555735][ C0] __dequeue_signal+0x52b/0x680 [ 866.555762][ C0] dequeue_signal+0xe9/0x4b0 [ 866.555790][ C0] get_signal+0x551/0x1400 [ 866.555827][ C0] arch_do_signal_or_restart+0x96/0x780 [ 866.555855][ C0] ? get_sigframe_size+0x20/0x20 [ 866.555888][ C0] ? exit_to_user_mode_loop+0x3b/0x110 [ 866.555914][ C0] exit_to_user_mode_loop+0x70/0x110 [ 866.555937][ C0] exit_to_user_mode_prepare+0xb1/0x140 [ 866.555961][ C0] syscall_exit_to_user_mode+0x1a/0x50 [ 866.555986][ C0] do_syscall_64+0x61/0xb0 [ 866.556003][ C0] ? clear_bhb_loop+0x40/0x90 [ 866.556017][ C0] ? clear_bhb_loop+0x40/0x90 [ 866.556033][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 866.556058][ C0] RIP: 0033:0x7f9439b8e9a9 [ 866.556072][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 866.556092][ C0] RSP: 002b:00007f943aa0c0e8 EFLAGS: 00000246 [ 866.556104][ C0] RAX: fffffffffffffffc RBX: 00007f9439db6248 RCX: 00007f9439b8e9a9 [ 866.556116][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9439db6248 [ 866.556126][ C0] RBP: 00007f9439db6240 R08: 0000000000000000 R09: 0000000000000000 [ 866.556136][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9439db624c [ 866.556146][ C0] R13: 0000000000000001 R14: 00007ffe3dc95b30 R15: 00007ffe3dc95c18 [ 866.556166][ C0]