last executing test programs: 1m36.710975744s ago: executing program 2 (id=219): openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x400080, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB='c 75:*\tm\n'], 0xa) 1m35.763105706s ago: executing program 2 (id=223): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='coredump_filter\x00') writev(r0, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x1) 1m34.992988274s ago: executing program 2 (id=225): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='Q', 0x1, 0x200980) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x52142, 0x0) io_setup(0x20fe, &(0x7f0000000540)=0x0) io_submit(r2, 0x3, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000200)='p', 0x8200, 0x600}]) 1m33.485510944s ago: executing program 2 (id=231): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000000c0)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@dioread_nolock}, {@grpquota}]}, 0x5, 0x4dd, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nSRN+vU6r6+v77VWTa1isJi0abVdCFJRcKEgVlCXIR8ldtpIk4ItVaYgdSkF9+LSrQu36qaIK8FtXQpSKNJNW0EcuTN3PjuTNMkkY8zvB5M5536dc+655+bcc2YmgE1rOP2TVMI3I2JXRORaNxiuvN27c2Xy/p0rk1EslU7/lpR3u5vGM9lhYnsWGclF5D5O6isazF+6fHaiUJi+kMXHFs69PzZ/6fKzs0PZkpMnjx87euL58eeWX6g26aXlurv/o7kD+1599/rrk/3V5dXUGsvRLcMx3C4rZU91O7Ee29kQTvp7mBGWJb3+0+oaKLf/XdEXi1VecR1zBqy1UqlUGuy8ulhqdfWBJcCGlUSvcwD0RvUfffr8W3216whsWZvuR8/dPlV5AErLfS97RTxeXlgdBxloeb7tpuGIeKf4++fpK9ZoHAIAoNG3p2rDP839v3xlZuSPizdeTN//lc2h5CPi3xGxOyL+ExF7IuK/EbE3Iv4XEf9vOX5fRJQWSX+4JV5LvzYJlbvVhWJ2lPb/Xsjmtur9v6YM5Puy2M6Iaod5+kh2TkZiYHBmtjB9dJE0vnv5p087rWvs/6WvNP1qXzDLx63+lgG6qYmFiRUXuMXtqxH7+1vLn/RHJLWZgCQi9kXE/mUcN98Qnn3mywO1yEDzdkuXv6zUdh6tC/NMpS8inq7UfzGa6r+eYtI0P3lu4sz0menz47X5ybGhKEwfGZvpmJsffrz2Rqd1S5b/619ad3nlxDens5a1emn9b2u4/qM6f1svfz6JSGrztfPLT+Paz590fKZZ6fW/JXmrHK4+l34wsbBw4WjEluS1B5eP1/etxtP3KFbKP3Koffvfne2TnolHIiK9iB+NiMei8oSY5v1gRDwREYcWKf/3Lz353srLv7bS8k+13P8qNd9U//X5+k6BJJsbbLOq7+zBm/c73Dwerv6Pl0Mj2ZL297+k6RbRKafVcY90yZ+rPnsAAACwMeQiYkfDWNKOyOVGRytjQHtiW64wN79weGbu4vmpdF1EPgZyM7OF8vhnZTx4IKmOf+Yb4uMt8WPZuPFnfVvL8dHJucJUT0sObC+3+SQ3GvF2X0P7T/3anSFm4O/M97Vg81qs/aed+L3X1zEzwLp6+P//Nz5c04wA666h/Xf6hn9xBZ/7AjYAz/9A3dI/9OOeARtfSVuGTW1Z7f+wHwGEf5L+eLMWzvU0J8B60/+HTWnJ7/WvKlAabL9qKB7cOIYWP2BfrCwbW9uk1ZNA2rPqSepbV7JX9dcUOm4TueUdcDC6U6czqzwbxQvzZ/Z2/eIvZZ+V73YNfrUu7bRdoCe3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK77KwAA//8KhtfB") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8}) umount2(&(0x7f0000000000)='./file0\x00', 0x3) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 1m31.935957475s ago: executing program 2 (id=236): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="660a00000000df0069114c0000000000850000003400000095ca"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) 1m30.983823386s ago: executing program 2 (id=241): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0) fcntl$notify(r0, 0x402, 0x1a) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000440)=ANY=[], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) io_setup(0x7fff, &(0x7f00000005c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xc, r1, &(0x7f00000000c0)='\v', 0x1, 0x10001, 0x0, 0x0, r1}]) 1m28.199683957s ago: executing program 32 (id=241): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0) fcntl$notify(r0, 0x402, 0x1a) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000440)=ANY=[], 0x1, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) io_setup(0x7fff, &(0x7f00000005c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xc, r1, &(0x7f00000000c0)='\v', 0x1, 0x10001, 0x0, 0x0, r1}]) 15.275231252s ago: executing program 4 (id=521): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x8000, &(0x7f0000000740)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b28c52096d13d6b9aac338f27ca2d2108c51ad7bbbc6ec9d577b00c703c4ef2ee9f16febbb7afdafc59e817dc8edb56d445c74fa48cdccf79223640f685b92b26c62d7d65dd4fdd6f73c1d9c70f1bca7a7150f62de63f2f579f1fb2d10f3a770f2b9ce8cd8be9414e0444fd357b3fad5b16d91c91c0f1aa3e11d39426af77180bdb588060a2546b369655c02eb52709e0e03785f8010bfd1a72a817dad46c854ebb0a8aa5d59cae56089e2aac882b33018aa4006a44968a267cde827c86aa1abccb51cb152459f91a39a5cbbd8d218d37f4cf35d339694a379", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77908347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1f3c041a6377723b83e57fcac059ad433974df43b0efc268cbd67279c5e0f19f5b89100cc35aafb9e96dae3d8afe28e887e01475b9ec063d40d1080f70254a3f65a1c6261571866a21a54d762495480"], 0xf, 0x2a4, &(0x7f0000000480)="$eJzs3T9rc2UUAPBzkzSNOqSIiyJ4QQen0rq6NEoFsZMSQR002BYkCYUWAlYwduoncPR7+BFcXPwGgqvg1g6VKzf33ia16R/65k3h7e83nd7nnvOc3KckU06+eXPY3z1I4uTsz2i1kqhtxVacJ7EWtaj8FI0AAF4c51kW/2QPyWzUFt8NALAMxed/4bF7AQCW47Mvvvyks7Oz/WmatuL19umom0TE8HTULdY7+/FdDGIvNqIdFxHZpSL+6OOd7WikubV4ZzgedfPM4de/l/U7f0dM8jejHWvz8zfTwmX+y1V3aXT2V6o/2vHa/Pz3/p8fw3F0m/Hu2zP9r0c7/vg2DmIQu5HnTvN/3EzTD7Ofz374Kt8mz09q0V2d3DeV1Zd0JAAAAAAAAAAAAAAAAAAAAAAAPAHraZoU43sm83vyS5P5OaNu/WKyvp5WZuf7jKv5QElVqJgPlEU5omecxS/VfJ2NNE2z8sZpfiPeaPhhAQAAAAAAAAAAAAAAAAAAAMgdfX/c7w0Ge4cLCappANXX+h9aZ2vmyltx3O/Vby64ev+9ZqcN5L3eenM0GrGgx3JX8FLez8Irr04P9/MogupgFrrXqx8URY/7vbRcqh5yv5fctVerOrhfZ5ea8ayNZZN/iYvs6pm2Llu9mtVc0NNovjJ36d8sy+5X5/2/ijMqrySTERv3232lDOa+wDxoXT+L324ueONbRn0hbzwAAAAAAAAAAAAAAAAAAMA10y/9zlk8uTW19tyaAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAlm/7+fxW0IuLqlWvBuEy+7Z4yaMbh0SO/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ6A/wIAAP//4ipOSw==") setxattr$security_evm(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000000)=ANY=[], 0xfe43, 0x1) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, 0x0, 0x0, 0x84822, 0x0) 12.54494097s ago: executing program 4 (id=531): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[]) 10.385944237s ago: executing program 4 (id=540): r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0xc, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc, r1}) ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r0, 0x3b71, &(0x7f0000000240)={0x20, 0x2, 0x0, 0x8000, 0x4}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000000)={0x28, 0x4, r1, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x6}) ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0x1) 8.517824298s ago: executing program 4 (id=549): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x60000000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xb, 0x0, 0x0, 0x41100, 0x53, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000b00)='percpu_alloc_percpu\x00', r1, 0x0, 0x1f}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) 7.968949483s ago: executing program 1 (id=552): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="540000001000010400400000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="08910400000000002000128009000100766c616e00000000100002800c000200160000001700400014000300766c616e30"], 0x54}}, 0x0) 6.922526263s ago: executing program 1 (id=556): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000400, &(0x7f0000000400)={[{@resgid}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH") r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) pwritev2(r0, &(0x7f0000000100)=[{0x0}], 0x1, 0x5405, 0x800, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000140)={0x3, 0x3, 0x1, 0x5}) 5.589984695s ago: executing program 4 (id=560): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x555, &(0x7f0000000640)="$eJzs3U9oHNUfAPDvzDb59U9+JhURWxQDHipIt9lYrHpqezGHggU9iHhoaDY1ZNOEJAUTemjBi1BB1KuHXgTP3iV3byKoN48iVJGIJyEyu7NJTHaTELJOmvl8YHbfn03e++7wMu/t7CMBlNZw9pBGnImIG0nE4Ka6Y5FXDrdet/rH3ZvZkcTa2lu/J5HkZe3XJ/nzqTxzPCK+uxrxZGV7uwtLy9PjjUZ9Ps9fWJyZu7CwtHx+amb8Vv1W/XZt9NWLl0Zeq12sHVisD7767Jexa28++/GH778y+X3jfBKXYyCv2xzHQRmO4fX3ZLPsfb100I0VpJLH0ylODr/2+euLiKdjMCr5qM8MxtSDQjsH9NRaJWINKKnE+IeSas8D2mv7XqyDD7NHV1oLoO3xH2t9NhLHm2ujk6vJppVRa707dADtZ238fffsF9kRPfocYif37kfEM53iT5p9G2p+ipPFn/4r/jQiRvL+Z+Wj+2x/eEv+cYr/cv6clV/dZ/tFxw9AOa1caV3It1//0vX5T3SY/wx0uHbtR9HXv+7zv434K13mf9f32MbPH4192q1u8/wvO7L223PB/8Kj+xFnO8afrMefdIg/m/fc2GMbb/zw21i3uqLjX3sYca7j+mfjjlay8/3JC5NTjfpI67FjG998+96X3dovOv7s/J/sEv9O5z8rm9tjG19ffzjTrW73+NNf+5O3m6n+vOSD8cXF+VpEf3Jte/kuC5H2a9q/I4v/xRd2Hv+d4j+RrR32GP/cO9Or+4+/t7L4J/Z5/j/ZYxt/vXvnuW51RccPAAAAAAAAR0na/C5HklbX02larbb28D4VJ9PG7MLiS5Ozd25PtL7zMRR9aftO92Arn2T5Wv592HZ+dEv+5Yg4HRGfV04089Wbs42JooMHAAAAAAAAAAAAAAAAAACAQ+LUlv3/f1Za+/+BkjhWdAeAwhj/UF7GP5SX8Q/lZfxDeRn/UF7GP5SX8Q/lZfxDeRn/UF7GPwAAAAAcSaefX/kpiYh7r59oHpn+vK6v0J4BvZYW3QGgMJWiOwAUxq1/KC9rfCDZpf54t4qV3X4SAAAAAAAAAAAAADgo587Y/w9lZf8/lJf9/1Be9v9DeVnjA/b/AwAAAAAAAAAAAMDhN9A8krSa7wUeiDStViP+HxFD0ZdMTjXqIxHxRET8WOn7X5avFd1pAAAAAAAAAAAAAAAAAAAAOGIWlpanxxuN+ryEhITEeqLov0wAAAAAAAAAAAAAAAAAAFA+G5t+i+4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABRn4///9y5RdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOPpnwAAAP//bKsggw==") statx(0xffffffffffffffff, 0x0, 0x4000, 0x1, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x20040800) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) fallocate(r0, 0x10, 0x17e, 0x1000f) lseek(r0, 0x1, 0x4) 5.372119493s ago: executing program 5 (id=561): wait4(0x0, 0x0, 0x1000000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007240)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x6, @mcast2, 0x7}, 0x1c, 0x0}}], 0x1, 0x1c000) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000140)={"1fb18f59ea850d0f97ecef9f3ac650b2fa293778535d45aebccf0d26cbd6a7e1d89defe6796caf18308722be06e3cafa38f8dbdf7a5bd024db56c672fce92f9138dca0a49f02bdb6a04f052e00d98b82c0bb82f9c4eed019fb6ed8525717a27be3a588a6c85dfbcfee42198a906a3064735a856d318ef9cad710ba86f159db841a78ac645ed3d89462e7cbe5f85dd06854d44aa199f21d77c33d0c0657b8c7bd4dfa488d793fc1d4a63e00722911ab4af6544abdfc5a24cf0dbe7dba76afc12df6df2d250b34629fb724621125c87318bb4e828cc353952a4042adf7b995e2e055067fea7d730e6d4df31ee809a6bfb88259e80e94870a0621f61404494186743608cf9e1406cc49abf91622f6b7ac601e7a15385a41da145d290a4840f9b95463ff865b7d777c22325a09ec8653247a58242f13afd2b63fcf8af362ac264df858fcc5724848255338a2725b53ef9eeda152d7784320729094768bb9e4c7878e8da8e515f68376ca2a6fc55586d1c0e6076f0cce745ba3db43cb4e57768d24953805865dc705e1d0193f5e5fc83e1ed82742ca9e2925e5de2ae582032cbdc662733863bf9e3ef018d48dfae43c9a243f14c2e77725b838bafd25ec3e0436a2553839a158b1627d8165c216483a4897a73d9fc102b669db8fb1abe78ba9ce63bd314e332f988c16c22ec96469615217194cedce0b0323f99bfff76da2b36e92a51c44bdbd761eec611df14e3eb83d5062135069707565f454293e5b0a9c29bc4f42d1425b3fd825a2aaba360050cef7cb68132fb9929a49162baa8aeb5418a44450ff2795bce24e7306ca75c10fff57f47f44a33ee6af0bce9f6ccf5e8e0a10be9e30abc2fd51300a7c8416c57f357a82b8c42139723c32339a3795902c2eb29984f756863a2474d4636689553b40875c8e14e401b89729bd27e0b25a49f7cf56b4c7e66aa1e7dc862d301482dcb73f871ef53127ae6e57ec87addf51fcde1507e59d69b0d5218826fc17af7ca9349b16afbea7d2e7ab2c5592204808a216ccb11fea0320d68ffe3d777d91e0e97937b8927befcc21b604d9ff3ad0bc22280f6414957a474bc5f7a0d9ff6a97b35eb988fa6602ba179aeefa1f9bacc5ed7a6b4641407574a4d704ab788c4f80d20f41779ec55d06aed50366e457b2f09632ae4cd2e8feac2ca107960a4992949114d1269e390ebc1dc7e970691bcebf0296738dfc4fe3b744b3f9b6c8b58ec5163b6b2f39b4680503d8668d3486cc57be388ade823f209eb0ef5f648da3241ce450a90bbdb30a0559f163435e57c8367b8938e05853872d49deeb625f993b054ae7e570a98c3f2a8a137771fdb9e9f94a6446cd2f030a28ab2439825c4d036623bcc51d77f26bde0c79fcccf14b6f2609cec9d31b361b6ed8c87b4695f07f1146c0eef3f4ea882d45bc6d2823f981bd9db0dcaa"}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000100)={0x33338000, 0xf000, 0x3, 0x1, 0xff}) 5.241993654s ago: executing program 1 (id=562): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}], 0x10) sendto$inet6(r0, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x7, 0x80, 0xfe, 0x5, 0x5, 0x0, 0x0, 0x0, 0xfd, 0x2, 0x0, 0x0, 0xcc}, 0xe) recvmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f00000000c0), 0x1, &(0x7f00000003c0)=""/21, 0x21}, 0x1ff}], 0x73d, 0x40000040, 0x0) 5.103663203s ago: executing program 3 (id=563): mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000002080)={0x28, 0x0, 0x2711, @my=0x0}, 0x10) mbind(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x10000000000000c, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps_rollup\x00') read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020) 4.475028169s ago: executing program 5 (id=565): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000000c0)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@dioread_nolock}, {@grpquota}]}, 0x5, 0x4dd, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nSRN+vU6r6+v77VWTa1isJi0abVdCFJRcKEgVlCXIR8ldtpIk4ItVaYgdSkF9+LSrQu36qaIK8FtXQpSKNJNW0EcuTN3PjuTNMkkY8zvB5M5536dc+655+bcc2YmgE1rOP2TVMI3I2JXRORaNxiuvN27c2Xy/p0rk1EslU7/lpR3u5vGM9lhYnsWGclF5D5O6isazF+6fHaiUJi+kMXHFs69PzZ/6fKzs0PZkpMnjx87euL58eeWX6g26aXlurv/o7kD+1599/rrk/3V5dXUGsvRLcMx3C4rZU91O7Ee29kQTvp7mBGWJb3+0+oaKLf/XdEXi1VecR1zBqy1UqlUGuy8ulhqdfWBJcCGlUSvcwD0RvUfffr8W3216whsWZvuR8/dPlV5AErLfS97RTxeXlgdBxloeb7tpuGIeKf4++fpK9ZoHAIAoNG3p2rDP839v3xlZuSPizdeTN//lc2h5CPi3xGxOyL+ExF7IuK/EbE3Iv4XEf9vOX5fRJQWSX+4JV5LvzYJlbvVhWJ2lPb/Xsjmtur9v6YM5Puy2M6Iaod5+kh2TkZiYHBmtjB9dJE0vnv5p087rWvs/6WvNP1qXzDLx63+lgG6qYmFiRUXuMXtqxH7+1vLn/RHJLWZgCQi9kXE/mUcN98Qnn3mywO1yEDzdkuXv6zUdh6tC/NMpS8inq7UfzGa6r+eYtI0P3lu4sz0menz47X5ybGhKEwfGZvpmJsffrz2Rqd1S5b/619ad3nlxDens5a1emn9b2u4/qM6f1svfz6JSGrztfPLT+Paz590fKZZ6fW/JXmrHK4+l34wsbBw4WjEluS1B5eP1/etxtP3KFbKP3Koffvfne2TnolHIiK9iB+NiMei8oSY5v1gRDwREYcWKf/3Lz353srLv7bS8k+13P8qNd9U//X5+k6BJJsbbLOq7+zBm/c73Dwerv6Pl0Mj2ZL297+k6RbRKafVcY90yZ+rPnsAAACwMeQiYkfDWNKOyOVGRytjQHtiW64wN79weGbu4vmpdF1EPgZyM7OF8vhnZTx4IKmOf+Yb4uMt8WPZuPFnfVvL8dHJucJUT0sObC+3+SQ3GvF2X0P7T/3anSFm4O/M97Vg81qs/aed+L3X1zEzwLp6+P//Nz5c04wA666h/Xf6hn9xBZ/7AjYAz/9A3dI/9OOeARtfSVuGTW1Z7f+wHwGEf5L+eLMWzvU0J8B60/+HTWnJ7/WvKlAabL9qKB7cOIYWP2BfrCwbW9uk1ZNA2rPqSepbV7JX9dcUOm4TueUdcDC6U6czqzwbxQvzZ/Z2/eIvZZ+V73YNfrUu7bRdoCe3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK77KwAA//8KhtfB") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8}) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 4.20582867s ago: executing program 0 (id=566): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x800004) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000140)={0xfffffdfffffffff8, 0x0, 0x2, r2}) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000240)={0x27800000000, 0x0, 0x1, r2}) 4.125227596s ago: executing program 3 (id=567): add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', '\xa9\x06\x00\x00\x00\x00\x00\x00'}, 0x20, 0xfffffffffffffffd) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 3.414787436s ago: executing program 0 (id=568): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') mremap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002) 3.41419478s ago: executing program 1 (id=569): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x810000, &(0x7f0000000040)={[{@hide}]}, 0x1, 0x550, &(0x7f0000000800)="$eJzs3d9u01YcwPGf+2dUYWPTNiFUFTiUTSpSCU4CQRFXnnOSGhw7sh3UXqGKpqgihYkyae3VuEGbtD0Et3uIPcLeBO0RmGwnbdrmD4Um6dj3E23nxD4+53dM5J/cxLYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx7LJp5gxxHa+xqvqzy4FfG7C+09+NQ8WAcUWM+D+Zm5NL6aJL3x6svhj/b1EW0ncLMhcXc7J3/uJX976ZmepsPyCgsdjZ3Xu63mo1X5xko+nRxTNuVe05oe/UrKpWTuirUrFo3lqphKriuDpcCyNdU3agrcgP1JJ9Q+VKpYLS2TW/4VXLlqs7C+/ezJtmUd3P1rUVhL536342tFcc13W8atImXh23uRt/EB84kYq0VVNqc6vVLCilzg8KMm6UGzaTuFF+WKO8mc/ncvl8rnindOeuac4cW2AeIe0W74z0k2zOTP5Di8k6zcM38FGm2vlfXHHEk4asiur5sqUsgfhS67O+rZP/v7+l98f4rMe43fm/k+UvHayelyT/X0nfXemX//vEMr7XjuzKnjyVdWlJS5ryYuIRjfdVFS2eOBKKL47UxEqWqPYSJSUpSlFMeSQrUpFQlFTEEVe0hLImoUSik0+ULYFosSQSXwJRsiS23BAlOSlJSQqiREtW1sSXhnhSlbJYSS+bspXs90LP6PaljXIDJrLfU35Ao5Pk/3NxtjePb0L+/7875SM48OHedfJ/f7PjiwYAAAAAAIyCkfz13UhO8y8ntYrjanPSYQEAAAAAgFOUfPO/EBfJ1/yXxeD8HwAAAACAT42RXGNniEhGrqa1zpVQ/BEAAAAAAIBPRPL9/5W4yMS1q2Jw/g8AAAAAwKfm16H32A/r54y//pEgmDVe1Ve/M7atuJ21PZ1uN320x6gyb1xod5IUxZn2O1svGO27X+7fBPNtu9jsF8fnyVLDME4hAPldrqVtrm2k5UZnTTrbTMVxddb23Xs5sawLU5FejX56tvWzJNP/zatdMGRzq9XMPn7e2khieRX38mq7fQPFY/dRHBDLy+R+C8k1Fz33/GxyIUY6rvFLOq7ZPf+pdPOpE4z5WhbTNouZtMwcnv9cPGYu22/2mTSK3JGZ97x75MAorqdtri9dT4seUeT7RhEPt9Vq5ruj+KB98R5RFIbti0InitmD4U8SBQBMyuaQLGQcT/wfcJTrm907o5xKdn8tS2mbpfnkwDoz3+OIbg47opsfmdf/nD36DKR+OTYe948jWfVNvMGbvuOGbt6Id+H0y+0f5eLO7t7Nre31J80nzWf5fKFo3jbNO3mZTabRLsg9AIAehj9jZ2gL4/aQs+qv939SkJXH8lxasiHLydUGyS8OunutftnuNdP1M4TlIWetB21zsjzkrC7T9aCX929bGMO/BAAA47PYOw+fKP8vDznvPpzLB58dd+dyAAAwGjp4e69drT/KlUo5K1rRKvDtBypwylWtHC/Sgb1ieVWt6oEf+bbvxpWHTlmHKmzU634QqYofqLofOqvJk99V+9Hvoa5ZXuTYYd3VVqiV7XuRZUeq7IS2qjd+cJ1wRQfxxp1nDNpW5PieCv1GYOusUqHWXQ2dsvYip+LEVU/VA6dmBWvqoe82alqVdWgHTj3ykw73x3K8ih/UrMj5QrIT3M8AAJwlO7t7T9dbreaLEVYmPUcAAHAYWRoAAAAAAAAAAAAAAAAAAAAAgLNvHNf/Tb7yd/oUATkr8fwHK3NnI4wTVqZE5AyEMcKKMaqeJ31kAjBq/wYAAP//YbxJJw==") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) unshare(0x62040200) faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x3, 0x300) umount2(&(0x7f0000000040)='.\x00', 0x2) syz_fuse_handle_req(r0, &(0x7f0000006140)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c8cfe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d93a3d7cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b8098dfbffffffffffffeadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc169d48d39e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c17ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034612aa0c151345546b876b53e9f2c06e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2d852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f0a3f37ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9ceebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79f8f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f7b976e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb47716201a9d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0ceb6216fc081e8d84d8b0a503196dc50599b22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e112f4f046d87feec3be04461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83e4cb29fb954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afa92fd0291fa96b05daa6beb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ff2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdff8fffffffb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802140800000000000000322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462dc19182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf319e37199e98486a8d145ce2d996c1909402744cce63664a75e480b197c345360321e830e5912d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fd0874dfa502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89dcb8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a8037368653400", 0x2000, &(0x7f0000000700)={&(0x7f00000002c0)={0x50, 0xffffffffffffff8c}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.411373482s ago: executing program 3 (id=570): open(0x0, 0x50080, 0x104) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f0000000240)={0xa, 0x4e22, 0x80000, @dev={0xfe, 0x80, '\x00', 0x3d}, 0xfffffffd}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x9}}], 0x18}, 0xc4) 3.251124546s ago: executing program 5 (id=571): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008ffffffdb0110"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2.962278384s ago: executing program 4 (id=572): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000400, &(0x7f0000000400)={[{@resgid}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH") r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)}], 0x1, 0x5405, 0x800, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000140)={0x3, 0x3, 0x1, 0x5}) 2.883878955s ago: executing program 0 (id=573): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000007b40)=[{{&(0x7f0000000740)={0xa, 0x4e21, 0x9, @local, 0x3}, 0x1c, 0x0}}, {{&(0x7f0000000d40)={0xa, 0x4e21, 0x7, @loopback, 0xffffffaa}, 0x1c, 0x0, 0x0, &(0x7f00000064c0)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast1}}}], 0x28}}], 0x2, 0x20000000) 2.678425401s ago: executing program 3 (id=574): r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0) write$binfmt_aout(r0, 0x0, 0xff2e) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='smaps_rollup\x00') fchdir(r1) inotify_init() close(0x3) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 2.005559228s ago: executing program 5 (id=575): wait4(0x0, 0x0, 0x1000000, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007240)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x6, @mcast2, 0x7}, 0x1c, 0x0}}], 0x1, 0x1c000) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000140)={"1fb18f59ea850d0f97ecef9f3ac650b2fa293778535d45aebccf0d26cbd6a7e1d89defe6796caf18308722be06e3cafa38f8dbdf7a5bd024db56c672fce92f9138dca0a49f02bdb6a04f052e00d98b82c0bb82f9c4eed019fb6ed8525717a27be3a588a6c85dfbcfee42198a906a3064735a856d318ef9cad710ba86f159db841a78ac645ed3d89462e7cbe5f85dd06854d44aa199f21d77c33d0c0657b8c7bd4dfa488d793fc1d4a63e00722911ab4af6544abdfc5a24cf0dbe7dba76afc12df6df2d250b34629fb724621125c87318bb4e828cc353952a4042adf7b995e2e055067fea7d730e6d4df31ee809a6bfb88259e80e94870a0621f61404494186743608cf9e1406cc49abf91622f6b7ac601e7a15385a41da145d290a4840f9b95463ff865b7d777c22325a09ec8653247a58242f13afd2b63fcf8af362ac264df858fcc5724848255338a2725b53ef9eeda152d7784320729094768bb9e4c7878e8da8e515f68376ca2a6fc55586d1c0e6076f0cce745ba3db43cb4e57768d24953805865dc705e1d0193f5e5fc83e1ed82742ca9e2925e5de2ae582032cbdc662733863bf9e3ef018d48dfae43c9a243f14c2e77725b838bafd25ec3e0436a2553839a158b1627d8165c216483a4897a73d9fc102b669db8fb1abe78ba9ce63bd314e332f988c16c22ec96469615217194cedce0b0323f99bfff76da2b36e92a51c44bdbd761eec611df14e3eb83d5062135069707565f454293e5b0a9c29bc4f42d1425b3fd825a2aaba360050cef7cb68132fb9929a49162baa8aeb5418a44450ff2795bce24e7306ca75c10fff57f47f44a33ee6af0bce9f6ccf5e8e0a10be9e30abc2fd51300a7c8416c57f357a82b8c42139723c32339a3795902c2eb29984f756863a2474d4636689553b40875c8e14e401b89729bd27e0b25a49f7cf56b4c7e66aa1e7dc862d301482dcb73f871ef53127ae6e57ec87addf51fcde1507e59d69b0d5218826fc17af7ca9349b16afbea7d2e7ab2c5592204808a216ccb11fea0320d68ffe3d777d91e0e97937b8927befcc21b604d9ff3ad0bc22280f6414957a474bc5f7a0d9ff6a97b35eb988fa6602ba179aeefa1f9bacc5ed7a6b4641407574a4d704ab788c4f80d20f41779ec55d06aed50366e457b2f09632ae4cd2e8feac2ca107960a4992949114d1269e390ebc1dc7e970691bcebf0296738dfc4fe3b744b3f9b6c8b58ec5163b6b2f39b4680503d8668d3486cc57be388ade823f209eb0ef5f648da3241ce450a90bbdb30a0559f163435e57c8367b8938e05853872d49deeb625f993b054ae7e570a98c3f2a8a137771fdb9e9f94a6446cd2f030a28ab2439825c4d036623bcc51d77f26bde0c79fcccf14b6f2609cec9d31b361b6ed8c87b4695f07f1146c0eef3f4ea882d45bc6d2823f981bd9db0dcaa"}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000100)={0x33338000, 0xf000, 0x3, 0x1, 0xff}) 1.846793874s ago: executing program 0 (id=576): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x12, 0x4, 0x4, 0x12}, 0x50) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB="05"], 0x10) close(r0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r1}, &(0x7f0000000500), &(0x7f0000000540)=r0}, 0x20) 1.667826205s ago: executing program 1 (id=577): mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000) madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15) mbind(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x10000000000000c, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps_rollup\x00') read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020) 1.583922131s ago: executing program 3 (id=578): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0x100, 0x11, 0x7, 0xffffffff, 0x21, "01000000000e65300000ab0800000200", 0x2, 0x3}) write(r0, &(0x7f0000000d80)="8b5c316e6ac39dcd65d550183c964e00b4bf079af0b1524cc2392a862af9ca3b946cb392347fc1cba5532d8a3714ddd16b62a36b7245b3aae08f9e91a7ac368be5e6e1e1f8c189870c141556e277c3c13f54df985c83781cb27eeac6bb84f63eb6e8c0aea328f57b6428e807de39589bd71e6696b6cd0c79002059246e5104e56bb6005dad99bf92dbcdb3ad0bebeabeb4a15e333f2734724251fb7b61f265c9c2fe5afbd9bae234ccd7741850929e74343a53fa181d6e96fcdfa1de4711e0d893d8de685b1fe080b690592aa128dd911e20d54031f0250289d78225cfa3a0d82cb8edd132712f103856bfc4ed7af8cb1ca6ab7b9027fc02072be9023e69e2f8afd5a2794ffd3c61ad260b135a0f2baa4062b8f6d4b16ce9f43c1d578a9eab86b0cde69a8c119e987a65375b78d24d5b0ca59db0c94cafd5ccdacdd29cf0efbaa9c37500e5ed43f9ca80a1fdfe095b96d900b381dd6bd71470af30e0300217a7dc5dc45720c7267fe6c743472f7631676912cfeb5e5f4c19e7727cc5f28f15794a3585b56ee378ee87c7767db9880e79134d49a0d3f62db161944d05cc8a9f2662ffd8c5440443cbb37e87368c0734ea536f5b75ea555be5f76cac491e9abce87eb15498cef9b89244a217cb6461db8726c3b1c8efae08bf8977927afbd6656b5bb45e191846f4094be76d6ac24bb504ffab29d8b57e7a723604ff315eb8e20f06592aaee042718130874f8fd572f246e17bfd27117e327d9ab9a3c96c2b934968f62b660327596d41d1ca3fa4728484124ae877ea9d0048a34979eda1537f437e3d34abf3f66b49812e9aa6ff6b1a76f53f4fd10eab098b07cc361494cbdee6f20b6e1e457a383deac0c76d777e03cb66e4f8b4097313e8b8114d6d40fab2c6d31ca5036b1f2af16c14fcb3dad06081dceda1f7fb228d597d25581d29f013f460f52f42615c7e3ac677ea307d904cdf7a42983548bc20f6499d4543ba8246ebd3131eff9de0d0c00d", 0x2c9) 1.098972003s ago: executing program 5 (id=579): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000007040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)={0x20}, 0x0}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) ioctl$KVM_RUN(r2, 0xae80, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x7, 0x7fffffff}]}) setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) 993.750518ms ago: executing program 0 (id=580): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x1c) sendto$inet6(r0, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x7, 0x80, 0xfe, 0x5, 0x5, 0x0, 0x0, 0x0, 0xfd, 0x2, 0x0, 0x0, 0xcc}, 0xe) recvmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f00000000c0), 0x1, &(0x7f00000003c0)=""/21, 0x21}, 0x1ff}], 0x73d, 0x40000040, 0x0) 651.96271ms ago: executing program 3 (id=581): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f00000000c0)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@dioread_nolock}, {@grpquota}]}, 0x5, 0x4dd, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nSRN+vU6r6+v77VWTa1isJi0abVdCFJRcKEgVlCXIR8ldtpIk4ItVaYgdSkF9+LSrQu36qaIK8FtXQpSKNJNW0EcuTN3PjuTNMkkY8zvB5M5536dc+655+bcc2YmgE1rOP2TVMI3I2JXRORaNxiuvN27c2Xy/p0rk1EslU7/lpR3u5vGM9lhYnsWGclF5D5O6isazF+6fHaiUJi+kMXHFs69PzZ/6fKzs0PZkpMnjx87euL58eeWX6g26aXlurv/o7kD+1599/rrk/3V5dXUGsvRLcMx3C4rZU91O7Ee29kQTvp7mBGWJb3+0+oaKLf/XdEXi1VecR1zBqy1UqlUGuy8ulhqdfWBJcCGlUSvcwD0RvUfffr8W3216whsWZvuR8/dPlV5AErLfS97RTxeXlgdBxloeb7tpuGIeKf4++fpK9ZoHAIAoNG3p2rDP839v3xlZuSPizdeTN//lc2h5CPi3xGxOyL+ExF7IuK/EbE3Iv4XEf9vOX5fRJQWSX+4JV5LvzYJlbvVhWJ2lPb/Xsjmtur9v6YM5Puy2M6Iaod5+kh2TkZiYHBmtjB9dJE0vnv5p087rWvs/6WvNP1qXzDLx63+lgG6qYmFiRUXuMXtqxH7+1vLn/RHJLWZgCQi9kXE/mUcN98Qnn3mywO1yEDzdkuXv6zUdh6tC/NMpS8inq7UfzGa6r+eYtI0P3lu4sz0menz47X5ybGhKEwfGZvpmJsffrz2Rqd1S5b/619ad3nlxDens5a1emn9b2u4/qM6f1svfz6JSGrztfPLT+Paz590fKZZ6fW/JXmrHK4+l34wsbBw4WjEluS1B5eP1/etxtP3KFbKP3Koffvfne2TnolHIiK9iB+NiMei8oSY5v1gRDwREYcWKf/3Lz353srLv7bS8k+13P8qNd9U//X5+k6BJJsbbLOq7+zBm/c73Dwerv6Pl0Mj2ZL297+k6RbRKafVcY90yZ+rPnsAAACwMeQiYkfDWNKOyOVGRytjQHtiW64wN79weGbu4vmpdF1EPgZyM7OF8vhnZTx4IKmOf+Yb4uMt8WPZuPFnfVvL8dHJucJUT0sObC+3+SQ3GvF2X0P7T/3anSFm4O/M97Vg81qs/aed+L3X1zEzwLp6+P//Nz5c04wA666h/Xf6hn9xBZ/7AjYAz/9A3dI/9OOeARtfSVuGTW1Z7f+wHwGEf5L+eLMWzvU0J8B60/+HTWnJ7/WvKlAabL9qKB7cOIYWP2BfrCwbW9uk1ZNA2rPqSepbV7JX9dcUOm4TueUdcDC6U6czqzwbxQvzZ/Z2/eIvZZ+V73YNfrUu7bRdoCe3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK77KwAA//8KhtfB") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8}) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 648.149804ms ago: executing program 1 (id=582): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) read$alg(r1, &(0x7f00000006c0)=""/154, 0x9a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delchain={0x2c, 0x66, 0x221, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {}, {0xb, 0xfff3}}, [@TCA_CHAIN={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, 0x0, 0x0) chdir(0x0) socket$nl_route(0x10, 0x3, 0x0) 149.602474ms ago: executing program 0 (id=583): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') mremap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002) 0s ago: executing program 5 (id=584): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) wait4(r0, 0x0, 0x40000000, 0x0) ptrace$setregs(0x11, r0, 0x4, &(0x7f0000000700)) kernel console output (not intermixed with test programs): mode [ 215.238704][ T5813] Bluetooth: hci0: command tx timeout [ 215.244860][ T5813] Bluetooth: hci2: command tx timeout [ 215.250495][ T5813] Bluetooth: hci1: command tx timeout [ 215.313089][ T5810] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.320679][ T5810] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.330735][ T5810] bridge_slave_1: entered allmulticast mode [ 215.340181][ T5810] bridge_slave_1: entered promiscuous mode [ 215.396079][ T5813] Bluetooth: hci4: command tx timeout [ 215.469090][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 215.620269][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 215.627624][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.654353][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 215.677171][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 215.690504][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 215.698082][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.724647][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 215.783412][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.791067][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.799094][ T5823] bridge_slave_0: entered allmulticast mode [ 215.799257][ T5813] Bluetooth: hci3: command tx timeout [ 215.809210][ T5823] bridge_slave_0: entered promiscuous mode [ 215.861635][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.869647][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.879265][ T5822] bridge_slave_0: entered allmulticast mode [ 215.889126][ T5822] bridge_slave_0: entered promiscuous mode [ 215.964512][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.972447][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.980137][ T5823] bridge_slave_1: entered allmulticast mode [ 215.989945][ T5823] bridge_slave_1: entered promiscuous mode [ 216.010028][ T5810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.021870][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.029983][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.037987][ T5822] bridge_slave_1: entered allmulticast mode [ 216.046729][ T5822] bridge_slave_1: entered promiscuous mode [ 216.148024][ T5810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.204685][ T5817] team0: Port device team_slave_0 added [ 216.228237][ T5817] team0: Port device team_slave_1 added [ 216.423579][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.482950][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.577402][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.643129][ T5810] team0: Port device team_slave_0 added [ 216.660419][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.680305][ T5810] team0: Port device team_slave_1 added [ 216.690352][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 216.697814][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.724501][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 216.755412][ T5811] hsr_slave_0: entered promiscuous mode [ 216.765737][ T5811] hsr_slave_1: entered promiscuous mode [ 216.903563][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 216.910803][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.937705][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.961665][ T5823] team0: Port device team_slave_0 added [ 217.076494][ T5822] team0: Port device team_slave_0 added [ 217.137274][ T5823] team0: Port device team_slave_1 added [ 217.147059][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.154494][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.182017][ T5810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.199797][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.207403][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.233889][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.257479][ T5822] team0: Port device team_slave_1 added [ 217.318695][ T5813] Bluetooth: hci2: command tx timeout [ 217.319824][ T5109] Bluetooth: hci1: command tx timeout [ 217.324611][ T5813] Bluetooth: hci0: command tx timeout [ 217.472389][ T5109] Bluetooth: hci4: command tx timeout [ 217.563344][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.570608][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.597272][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.617314][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.624706][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.651559][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.670716][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.678675][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.705355][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.813713][ T5817] hsr_slave_0: entered promiscuous mode [ 217.824898][ T5817] hsr_slave_1: entered promiscuous mode [ 217.833938][ T5817] debugfs: 'hsr0' already exists in 'hsr' [ 217.839883][ T5817] Cannot create hsr debugfs directory [ 217.856087][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.863527][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.890189][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.890204][ T5109] Bluetooth: hci3: command tx timeout [ 218.205492][ T5810] hsr_slave_0: entered promiscuous mode [ 218.215985][ T5810] hsr_slave_1: entered promiscuous mode [ 218.224471][ T5810] debugfs: 'hsr0' already exists in 'hsr' [ 218.230489][ T5810] Cannot create hsr debugfs directory [ 218.427111][ T5822] hsr_slave_0: entered promiscuous mode [ 218.437374][ T5822] hsr_slave_1: entered promiscuous mode [ 218.446298][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 218.452365][ T5822] Cannot create hsr debugfs directory [ 218.496725][ T5823] hsr_slave_0: entered promiscuous mode [ 218.506007][ T5823] hsr_slave_1: entered promiscuous mode [ 218.515450][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 218.521380][ T5823] Cannot create hsr debugfs directory [ 219.403147][ T5109] Bluetooth: hci0: command tx timeout [ 219.406768][ T49] Bluetooth: hci1: command tx timeout [ 219.408757][ T5109] Bluetooth: hci2: command tx timeout [ 219.552390][ T5109] Bluetooth: hci4: command tx timeout [ 219.797441][ T5811] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 219.921837][ T5811] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 219.953900][ T5109] Bluetooth: hci3: command tx timeout [ 219.982216][ T5811] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 220.066391][ T5811] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 220.258805][ T5817] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 220.359719][ T5817] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 220.458632][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 220.506263][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 220.530445][ T5817] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 220.605607][ T5817] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 220.631592][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 220.721764][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 220.950176][ T5823] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 221.009731][ T5823] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 221.123716][ T5823] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 221.158469][ T5810] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 221.199702][ T5823] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 221.237440][ T5810] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 221.290528][ T5810] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 221.436833][ T5810] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 221.646288][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.892351][ T5811] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.033083][ T4374] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.040734][ T4374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.129909][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.180608][ T4374] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.188490][ T4374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.275006][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.429697][ T5817] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.631310][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.669818][ T5099] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.677553][ T5099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.800416][ T5099] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.808124][ T5099] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.825190][ T5099] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.832970][ T5099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.924014][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.969309][ T5099] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.977025][ T5099] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.237924][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.429694][ T1328] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.437434][ T1328] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.455571][ T1328] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.463276][ T1328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.533486][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.675237][ T5822] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 223.687903][ T5822] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.857998][ T5810] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.138223][ T1328] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.145976][ T1328] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.263400][ T1328] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.270988][ T1328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.306753][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.417581][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.884391][ T5811] veth0_vlan: entered promiscuous mode [ 225.959693][ T5817] veth0_vlan: entered promiscuous mode [ 226.034564][ T5811] veth1_vlan: entered promiscuous mode [ 226.098671][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.154358][ T5817] veth1_vlan: entered promiscuous mode [ 226.496864][ T5811] veth0_macvtap: entered promiscuous mode [ 226.540202][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.591104][ T5811] veth1_macvtap: entered promiscuous mode [ 226.684482][ T5817] veth0_macvtap: entered promiscuous mode [ 226.789947][ T5817] veth1_macvtap: entered promiscuous mode [ 226.855332][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.895665][ T5822] veth0_vlan: entered promiscuous mode [ 226.980729][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 227.030855][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 227.054350][ T5822] veth1_vlan: entered promiscuous mode [ 227.175395][ T57] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.204091][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 227.223431][ T57] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.256641][ T57] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.318212][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 227.327113][ T57] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.436647][ T3671] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.510571][ T3671] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.549813][ T5822] veth0_macvtap: entered promiscuous mode [ 227.593261][ T3671] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.620912][ T5822] veth1_macvtap: entered promiscuous mode [ 227.693124][ T3671] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.750791][ T5810] veth0_vlan: entered promiscuous mode [ 227.907576][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 227.922752][ T5810] veth1_vlan: entered promiscuous mode [ 228.036766][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.159655][ T3754] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.245781][ T3754] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.285177][ T4374] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.351245][ T4374] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.493846][ T5810] veth0_macvtap: entered promiscuous mode [ 228.568026][ T5810] veth1_macvtap: entered promiscuous mode [ 228.761364][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.839870][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.973128][ T1328] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.015914][ T1328] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.099048][ T1328] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.156544][ T1328] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.015767][ T5823] veth0_vlan: entered promiscuous mode [ 230.107985][ T5823] veth1_vlan: entered promiscuous mode [ 230.556010][ T5823] veth0_macvtap: entered promiscuous mode [ 230.675914][ T5823] veth1_macvtap: entered promiscuous mode [ 230.911801][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 230.998511][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 231.087573][ T58] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.149263][ T5099] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.226517][ T3574] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.258239][ T3574] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.115559][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.123127][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.649635][ T3754] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.657908][ T3754] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.839533][ T3574] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.847830][ T3574] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.900247][ T3574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.909219][ T3574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.164466][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.172821][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.280906][ T3574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.289396][ T3574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.475144][ T5811] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 236.621333][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.631263][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.036304][ T5995] loop3: detected capacity change from 0 to 32768 [ 238.046572][ T5995] XFS: ikeep mount option is deprecated. [ 238.062358][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.075092][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.243289][ T5995] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 238.262476][ T5875] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 238.349614][ T1328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.359179][ T1328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.499905][ T5875] usb 3-1: config 0 has an invalid interface number: 193 but max is 0 [ 238.510149][ T5875] usb 3-1: config 0 has no interface number 0 [ 238.517014][ T5875] usb 3-1: config 0 interface 193 altsetting 0 endpoint 0x9 has an invalid bInterval 195, changing to 4 [ 238.618692][ T5875] usb 3-1: New USB device found, idVendor=413c, idProduct=819b, bcdDevice=c2.da [ 238.628422][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.636995][ T5875] usb 3-1: Product: syz [ 238.641404][ T5875] usb 3-1: Manufacturer: syz [ 238.646500][ T5875] usb 3-1: SerialNumber: syz [ 238.765589][ T5875] usb 3-1: config 0 descriptor?? [ 239.088187][ T5995] XFS (loop3): Ending clean mount [ 239.129273][ T5995] XFS (loop3): Quotacheck needed: Please wait. [ 239.172497][ T5996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 239.183453][ T5996] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 239.276128][ T5995] XFS (loop3): Quotacheck: Done. [ 239.431636][ T5875] option 3-1:0.193: GSM modem (1-port) converter detected [ 240.458346][ T6013] loop0: detected capacity change from 0 to 40427 [ 240.555847][ T6015] loop1: detected capacity change from 0 to 32768 [ 240.574723][ T5875] usb 3-1: USB disconnect, device number 2 [ 240.591302][ T6015] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2 (6015) [ 240.593142][ T6013] F2FS-fs (loop0): build fault injection rate: 14 [ 240.612385][ T6013] F2FS-fs (loop0): build fault injection type: 0x3bfe8c [ 240.644948][ T5817] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 240.672726][ T6015] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 240.683774][ T6015] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 240.693159][ T6015] BTRFS info (device loop1): using free-space-tree [ 240.705059][ T6013] F2FS-fs (loop0): invalid crc value [ 240.728954][ C1] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0xe27/0xf80 [ 240.794298][ T5875] option 3-1:0.193: device disconnected [ 240.804257][ C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of bio_endio+0xe27/0xf80 [ 241.165485][ T6013] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 241.174871][ T6013] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50 [ 241.204625][ T6013] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 241.239342][ T6013] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x831/0x19b0 [ 241.367831][ T6037] F2FS-fs (loop0): inject dquot initialize in f2fs_dquot_initialize of f2fs_create+0x169/0xa10 [ 241.749101][ T5810] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 241.922686][ T5822] syz-executor: attempt to access beyond end of device [ 241.922686][ T5822] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 241.937618][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(none) [ 241.937787][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 241.937887][ T5822] Call Trace: [ 241.937951][ T5822] [ 241.938005][ T5822] __dump_stack+0x26/0x30 [ 241.938202][ T5822] dump_stack_lvl+0x1df/0x270 [ 241.938411][ T5822] dump_stack+0x1e/0x25 [ 241.938593][ T5822] f2fs_handle_critical_error+0xa6f/0xc20 [ 241.938861][ T5822] f2fs_stop_checkpoint+0x65/0x80 [ 241.939084][ T5822] f2fs_write_end_io+0x101c/0x1bc0 [ 241.939357][ T5822] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 241.939579][ T5822] bio_endio+0xe27/0xf80 [ 241.939827][ T5822] submit_bio_noacct+0x214/0x2710 [ 241.940055][ T5822] submit_bio+0x57c/0x630 [ 241.940231][ T5822] f2fs_submit_write_bio+0x92/0x250 [ 241.940441][ T5822] __submit_merged_bio+0x16f/0x6a0 [ 241.940644][ T5822] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 241.940858][ T5822] __submit_merged_write_cond+0x458/0x9a0 [ 241.941091][ T5822] f2fs_write_data_pages+0x4bb2/0x5480 [ 241.941401][ T5822] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 241.941637][ T5822] ? kmsan_get_metadata+0xfb/0x160 [ 241.941828][ T5822] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 241.942026][ T5822] ? free_unref_folios+0x29ad/0x2a20 [ 241.942250][ T5822] ? kmsan_get_metadata+0xfb/0x160 [ 241.942467][ T5822] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 241.942642][ T5822] ? kmsan_get_metadata+0xfb/0x160 [ 241.942832][ T5822] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 241.943020][ T5822] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 241.943243][ T5822] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 241.943462][ T5822] do_writepages+0x3f2/0x860 [ 241.943640][ T5822] ? _raw_spin_unlock+0x30/0x50 [ 241.943805][ T5822] ? wbc_attach_and_unlock_inode+0x131/0x680 [ 241.944054][ T5822] filemap_fdatawrite+0x207/0x260 [ 241.944330][ T5822] f2fs_sync_dirty_inodes+0x2ab/0x9e0 [ 241.944534][ T5822] f2fs_write_checkpoint+0xfe2/0x2b00 [ 241.944870][ T5822] kill_f2fs_super+0x2ff/0x970 [ 241.945059][ T5822] ? __pfx_kill_f2fs_super+0x10/0x10 [ 241.945227][ T5822] deactivate_locked_super+0xc8/0x3c0 [ 241.945425][ T5822] deactivate_super+0x12f/0x140 [ 241.945602][ T5822] cleanup_mnt+0x6fb/0x780 [ 241.945815][ T5822] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 241.946007][ T5822] ? __pfx___cleanup_mnt+0x10/0x10 [ 241.946225][ T5822] __cleanup_mnt+0x22/0x30 [ 241.946436][ T5822] task_work_run+0x209/0x2b0 [ 241.946637][ T5822] exit_to_user_mode_loop+0x2a6/0x330 [ 241.946845][ T5822] do_syscall_64+0x1e3/0x210 [ 241.947038][ T5822] ? irqentry_exit+0x16/0x60 [ 241.947307][ T5822] ? clear_bhb_loop+0x40/0x90 [ 241.947492][ T5822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.947669][ T5822] RIP: 0033:0x7fcbf8f8ff17 [ 241.947839][ T5822] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 241.947971][ T5822] RSP: 002b:00007ffd0ea9b628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 241.948134][ T5822] RAX: 0000000000000000 RBX: 00007fcbf9011c05 RCX: 00007fcbf8f8ff17 [ 241.948235][ T5822] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0ea9b6e0 [ 241.948330][ T5822] RBP: 00007ffd0ea9b6e0 R08: 0000000000000000 R09: 0000000000000000 [ 241.948426][ T5822] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0ea9c770 [ 241.948526][ T5822] R13: 00007fcbf9011c05 R14: 000000000003afce R15: 00007ffd0ea9c7b0 [ 241.948667][ T5822] [ 242.309104][ T5822] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 242.401321][ T1004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.409781][ T1004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.802944][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.811072][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.822777][ T5875] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 244.023210][ T5875] usb 2-1: device descriptor read/64, error -71 [ 244.108382][ T6055] netlink: 32 bytes leftover after parsing attributes in process `syz.2.11'. [ 244.458501][ T6055] loop2: detected capacity change from 0 to 512 [ 244.513449][ T5935] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 244.641221][ T6055] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: comm syz.2.11: inode #16777216: comm syz.2.11: iget: illegal inode # [ 244.761331][ T6055] EXT4-fs (loop2): Remounting filesystem read-only [ 244.770826][ T6055] EXT4-fs (loop2): no journal found [ 244.777711][ T6055] EXT4-fs (loop2): can't get journal size [ 244.812648][ T5935] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.824611][ T5935] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.844902][ T5935] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 244.855192][ T5935] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.915075][ T5935] usb 5-1: config 0 descriptor?? [ 244.977710][ T6055] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 245.037019][ T6055] EXT4-fs (loop2): failed to initialize system zone (-22) [ 245.083022][ T6055] EXT4-fs (loop2): mount failed [ 245.376705][ T6061] loop0: detected capacity change from 0 to 2048 [ 245.504499][ T5935] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 245.756526][ T6061] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 245.814024][ T6068] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7'. [ 246.024914][ T5935] hid-thrustmaster 0003:044F:B65D.0001: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.4-1/input0 [ 246.038413][ T5935] hid-thrustmaster 0003:044F:B65D.0001: Wrong number of endpoints? [ 246.047854][ C0] hid-thrustmaster 0003:044F:B65D.0001: URB to get model id failed with error -71 [ 246.155229][ T5935] usb 5-1: USB disconnect, device number 2 [ 247.206380][ T6078] overlay: Bad value for 'workdir' [ 248.080468][ T6079] loop4: detected capacity change from 0 to 32768 [ 248.091141][ T6079] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value [ 248.266097][ T6072] fido_id[6072]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 248.427063][ T6081] loop2: detected capacity change from 0 to 32768 [ 248.548831][ T6081] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.16 (6081) [ 248.600910][ T6081] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 248.612023][ T6081] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 248.629817][ T6081] BTRFS info (device loop2): using free-space-tree [ 249.088723][ T6096] loop3: detected capacity change from 0 to 1024 [ 249.193654][ T5811] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 249.327712][ T6101] netlink: 156 bytes leftover after parsing attributes in process `syz.4.19'. [ 249.338626][ T6096] warning: `syz.3.18' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 250.193043][ T6107] capability: warning: `syz.0.22' uses deprecated v2 capabilities in a way that may be insecure [ 250.469092][ T6112] loop4: detected capacity change from 0 to 8 [ 250.532204][ T3083] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 250.831225][ T3083] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 251.073108][ T3083] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=9c.25 [ 251.084937][ T3083] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 251.094109][ T3083] usb 2-1: Product: syz [ 251.098586][ T3083] usb 2-1: Manufacturer: syz [ 251.103539][ T3083] usb 2-1: SerialNumber: syz [ 251.435519][ T3083] usb 2-1: config 0 descriptor?? [ 251.544371][ T3083] gspca_main: spca501-2.14.0 probing 0000:0000 [ 251.727607][ T3083] gspca_spca501: reg write: error -71 [ 251.733559][ T3083] spca501 2-1:0.0: Reg write failed for 0x02,0x0f,0x05 [ 251.741166][ T3083] spca501 2-1:0.0: probe with driver spca501 failed with error -22 [ 251.751283][ T3083] uvcvideo 2-1:0.0: probe with driver uvcvideo failed with error -22 [ 252.030344][ T6121] loop0: detected capacity change from 0 to 256 [ 252.484870][ T6121] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 252.496217][ T6121] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 252.803721][ T3083] usb 2-1: USB disconnect, device number 4 [ 253.098703][ T6119] loop4: detected capacity change from 0 to 32768 [ 253.353385][ T6121] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 253.420284][ T30] audit: type=1326 audit(1754913176.954:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6126 comm="syz.2.20" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fba31b8ebe9 code=0x0 [ 253.448402][ T6125] loop3: detected capacity change from 0 to 512 [ 253.549214][ T6125] EXT4-fs: quotafile must be on filesystem root [ 253.775768][ T6135] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 253.940937][ T6121] netlink: 'syz.0.25': attribute type 21 has an invalid length. [ 253.951515][ T6121] netlink: 128 bytes leftover after parsing attributes in process `syz.0.25'. [ 253.962370][ T5935] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 253.970337][ T6121] netlink: 'syz.0.25': attribute type 4 has an invalid length. [ 253.978931][ T6121] netlink: 'syz.0.25': attribute type 5 has an invalid length. [ 253.986951][ T6121] netlink: 3 bytes leftover after parsing attributes in process `syz.0.25'. [ 254.029536][ T6130] netlink: 'syz.0.25': attribute type 21 has an invalid length. [ 254.037895][ T6130] netlink: 128 bytes leftover after parsing attributes in process `syz.0.25'. [ 254.055841][ T6130] netlink: 'syz.0.25': attribute type 4 has an invalid length. [ 254.066504][ T6130] netlink: 'syz.0.25': attribute type 5 has an invalid length. [ 254.074427][ T6130] netlink: 3 bytes leftover after parsing attributes in process `syz.0.25'. [ 254.179152][ T6123] loop3: detected capacity change from 0 to 512 [ 254.227276][ T6123] ext2: Unknown parameter 'permit_directio' [ 254.235368][ T5935] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 254.243873][ T5935] usb 3-1: can't read configurations, error -61 [ 254.434605][ T5935] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 254.772975][ T5935] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 254.780864][ T5935] usb 3-1: can't read configurations, error -61 [ 254.882780][ T5935] usb usb3-port1: attempt power cycle [ 255.314502][ T5935] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 255.431216][ T5935] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 255.439447][ T5935] usb 3-1: can't read configurations, error -61 [ 255.702562][ T5935] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 255.819979][ T5935] usb 3-1: unable to read config index 0 descriptor/start: -61 [ 255.828215][ T5935] usb 3-1: can't read configurations, error -61 [ 255.941103][ T5935] usb usb3-port1: unable to enumerate USB device [ 256.486613][ T5875] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 256.786896][ T5875] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 256.798504][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.807085][ T5875] usb 1-1: Product: syz [ 256.813677][ T5875] usb 1-1: Manufacturer: syz [ 256.818523][ T5875] usb 1-1: SerialNumber: syz [ 257.654450][ T6157] loop3: detected capacity change from 0 to 32768 [ 257.670131][ T5875] usb 1-1: config 0 descriptor?? [ 257.676878][ T6157] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.35 (6157) [ 257.720369][ T6157] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 257.733620][ T6157] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 257.744540][ T6157] BTRFS info (device loop3): using free-space-tree [ 257.844212][ T5935] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 258.082846][ T5875] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 259.003459][ T5935] usb 5-1: Using ep0 maxpacket: 8 [ 259.107686][ T5875] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 259.349302][ T5875] usb 1-1: USB disconnect, device number 2 [ 259.983809][ T30] audit: type=1326 audit(1754913183.494:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 260.009579][ T30] audit: type=1326 audit(1754913183.524:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 260.288005][ T6174] loop2: detected capacity change from 0 to 65536 [ 260.314244][ T5875] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 260.516043][ T30] audit: type=1326 audit(1754913183.934:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6193 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcbf8fc14a5 code=0x7ffc0000 [ 260.516482][ T6174] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 260.552961][ T5935] usb 5-1: unable to read config index 0 descriptor/all [ 260.560339][ T5935] usb 5-1: can't read configurations, error -71 [ 260.563255][ T5875] usb 2-1: device descriptor read/64, error -71 [ 260.633180][ T5817] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 260.662760][ T30] audit: type=1326 audit(1754913184.174:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 260.686458][ T30] audit: type=1326 audit(1754913184.174:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 260.711491][ T30] audit: type=1326 audit(1754913184.194:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6193 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 260.735308][ T30] audit: type=1326 audit(1754913184.254:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcbf8f8d550 code=0x7ffc0000 [ 260.759079][ T30] audit: type=1326 audit(1754913184.254:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 260.782488][ T30] audit: type=1326 audit(1754913184.254:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 260.806897][ T30] audit: type=1326 audit(1754913184.254:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6184 comm="syz.0.38" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcbf8f8ebe9 code=0x7ffc0000 [ 261.043307][ T5875] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 261.186901][ T6174] XFS (loop2): Ending clean mount [ 261.268561][ T5811] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 262.209967][ T6212] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 262.217512][ T6212] macvlan2: entered allmulticast mode [ 262.223371][ T6212] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 262.243344][ T6212] mac80211_hwsim hwsim6 wlan0: left allmulticast mode [ 262.250408][ T6212] mac80211_hwsim hwsim6 wlan0: left promiscuous mode [ 262.275114][ T6203] loop4: detected capacity change from 0 to 4096 [ 262.343941][ T5875] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 262.419111][ T6203] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 262.637283][ T5875] usb 2-1: Using ep0 maxpacket: 16 [ 262.789000][ T5875] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 262.799362][ T5875] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 263.128243][ T5875] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 263.139033][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.148345][ T5875] usb 2-1: Product: syz [ 263.155592][ T5875] usb 2-1: Manufacturer: syz [ 263.163540][ T5875] usb 2-1: SerialNumber: syz [ 263.802765][ T5875] usb 2-1: USB disconnect, device number 7 [ 263.976004][ T6050] udevd[6050]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 264.864375][ T6227] loop0: detected capacity change from 0 to 1024 [ 265.129319][ T6227] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 265.282791][ T6232] netlink: 12 bytes leftover after parsing attributes in process `syz.0.47'. [ 265.583923][ T6231] tipc: Started in network mode [ 265.589305][ T6231] tipc: Node identity 866c63fc13bc, cluster identity 4711 [ 265.600005][ T6231] tipc: Enabled bearer , priority 0 [ 265.630379][ T6236] netlink: 'syz.3.49': attribute type 10 has an invalid length. [ 265.666506][ T6236] team0: Port device dummy0 added [ 266.064396][ T6225] loop2: detected capacity change from 0 to 2048 [ 266.183125][ T6233] loop1: detected capacity change from 0 to 1024 [ 266.270141][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.306134][ T6225] hpfs: filesystem error: improperly stopped; already mounted read-only [ 266.316131][ T6225] hpfs: filesystem error: sector(s) 'dir_band' badly placed at 7b318cc2 [ 266.704224][ T6241] syz_tun: entered allmulticast mode [ 266.713491][ T5875] tipc: Node number set to 2513462268 [ 266.764050][ T5935] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 266.807136][ T6228] hfsplus: invalid extended attribute record [ 266.928528][ T6228] tipc: Disabling bearer [ 267.039019][ T5935] usb 4-1: Using ep0 maxpacket: 32 [ 267.075467][ T5935] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 267.093333][ T5875] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 267.140993][ T5935] usb 4-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 267.150581][ T5935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.167059][ T5935] usb 4-1: Product: syz [ 267.171473][ T5935] usb 4-1: Manufacturer: syz [ 267.178736][ T5935] usb 4-1: SerialNumber: syz [ 267.224614][ T6240] syz_tun: left allmulticast mode [ 267.325876][ T5875] usb 1-1: Using ep0 maxpacket: 32 [ 267.347049][ T5935] usb 4-1: config 0 descriptor?? [ 267.412095][ T5935] usb 4-1: bad CDC descriptors [ 267.418956][ T5935] usb 4-1: unsupported MDLM descriptors [ 267.448756][ T5875] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 267.453556][ T6246] netlink: 32 bytes leftover after parsing attributes in process `syz.2.45'. [ 267.457436][ T5875] usb 1-1: config 0 has no interface number 0 [ 267.618756][ T5935] usb 4-1: USB disconnect, device number 2 [ 267.682569][ T5875] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 267.692331][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.700673][ T5875] usb 1-1: Product: syz [ 267.705971][ T5875] usb 1-1: Manufacturer: syz [ 267.710914][ T5875] usb 1-1: SerialNumber: syz [ 267.954251][ T57] hfsplus: b-tree write err: -5, ino 8 [ 267.964719][ T5875] usb 1-1: config 0 descriptor?? [ 268.028927][ T5875] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 268.270175][ T5875] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 268.418620][ T5875] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 268.744738][ T6250] pimreg: entered allmulticast mode [ 268.898833][ T6250] pimreg: left allmulticast mode [ 268.974333][ T6249] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 269.077412][ T6251] netlink: 'syz.1.53': attribute type 1 has an invalid length. [ 269.138149][ T6252] netlink: 8 bytes leftover after parsing attributes in process `syz.4.54'. [ 269.593432][ T6250] netlink: 8 bytes leftover after parsing attributes in process `syz.4.54'. [ 269.673461][ T6250] Zero length message leads to an empty skb [ 269.716189][ T6252] hsr0: entered promiscuous mode [ 269.779267][ C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 269.793716][ T5875] usb 1-1: USB disconnect, device number 3 [ 269.823093][ T5875] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 269.876903][ T6251] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 270.034719][ T5875] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 270.058468][ T5875] quatech2 1-1:0.51: device disconnected [ 270.273111][ T5109] Bluetooth: hci3: command tx timeout [ 270.740364][ T6264] loop3: detected capacity change from 0 to 512 [ 270.779806][ T6264] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.57: inode #16777216: comm syz.3.57: iget: illegal inode # [ 270.822760][ T6268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 270.834735][ T6268] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 270.883801][ T6264] EXT4-fs (loop3): Remounting filesystem read-only [ 270.890823][ T6264] EXT4-fs (loop3): no journal found [ 270.896778][ T6264] EXT4-fs (loop3): can't get journal size [ 270.931544][ T6264] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 270.968983][ T5935] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 271.008577][ T6264] EXT4-fs (loop3): failed to initialize system zone (-22) [ 271.017597][ T6264] EXT4-fs (loop3): mount failed [ 271.085238][ T5875] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 271.188103][ T5935] usb 1-1: Using ep0 maxpacket: 32 [ 271.225068][ T5935] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 271.237147][ T5935] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 271.256029][ T5935] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 271.270111][ T5935] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 271.279637][ T5935] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.385949][ T5875] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 271.395698][ T5875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.404275][ T5875] usb 5-1: Product: syz [ 271.408651][ T5875] usb 5-1: Manufacturer: syz [ 271.413640][ T5875] usb 5-1: SerialNumber: syz [ 271.483565][ T5875] usb 5-1: config 0 descriptor?? [ 271.624583][ T5935] usb 1-1: config 0 descriptor?? [ 271.644515][ T6262] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 271.737474][ T5935] hub 1-1:0.0: USB hub found [ 271.959859][ T6262] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 271.973331][ T6262] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 272.081758][ T5935] hub 1-1:0.0: config failed, can't read hub descriptor (err -22) [ 272.256460][ T5875] usb-storage 5-1:0.0: USB Mass Storage device detected [ 272.357008][ T5935] usbhid 1-1:0.0: can't add hid device: -71 [ 272.365785][ T5935] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 272.544087][ T5875] usb 5-1: USB disconnect, device number 5 [ 272.556079][ T5935] usb 1-1: USB disconnect, device number 4 [ 273.334883][ T6291] syz.3.65: attempt to access beyond end of device [ 273.334883][ T6291] loop3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 273.349277][ T6291] syz.3.65: attempt to access beyond end of device [ 273.349277][ T6291] loop3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 273.786023][ T6296] loop0: detected capacity change from 0 to 1024 [ 274.212235][ T5935] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 274.492778][ T5935] usb 3-1: Using ep0 maxpacket: 32 [ 274.543704][ T5935] usb 3-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config [ 274.555086][ T5935] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 274.564566][ T5935] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 274.658796][ T5935] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 274.668618][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.677295][ T5935] usb 3-1: Product: syz [ 274.681764][ T5935] usb 3-1: Manufacturer: syz [ 274.686773][ T5935] usb 3-1: SerialNumber: syz [ 274.865178][ T6307] loop4: detected capacity change from 0 to 164 [ 275.664912][ T6304] loop3: detected capacity change from 0 to 32768 [ 275.746823][ T5935] cdc_ncm 3-1:1.0: skipping garbage [ 275.752913][ T5935] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found [ 275.770981][ T5935] cdc_ncm 3-1:1.0: bind() failure [ 275.872664][ T6304] (syz.3.71,6304,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 275.887852][ T6307] rock: corrupted directory entry. extent=32, offset=131072, size=237 [ 275.900976][ T6304] (syz.3.71,6304,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 275.986631][ T5935] usb 3-1: USB disconnect, device number 7 [ 276.073601][ T6304] (syz.3.71,6304,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 276.102534][ T6304] JBD2: Ignoring recovery information on journal [ 276.243308][ T6304] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 276.278124][ T5875] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 276.358573][ T6304] (syz.3.71,6304,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC. [ 276.435013][ T6304] (syz.3.71,6304,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC. [ 276.448987][ T6304] (syz.3.71,6304,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae [ 276.462094][ T6304] (syz.3.71,6304,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 276.480236][ T6304] (syz.3.71,6304,0):ocfs2_quota_read:201 ERROR: status = -5 [ 276.490575][ T6304] __quota_error: 4 callbacks suppressed [ 276.490661][ T6304] Quota error (device loop3): find_tree_dqentry: Can't read quota tree block 5 [ 276.506361][ T6304] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 276.516135][ T6304] (syz.3.71,6304,0):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 276.524378][ T6304] (syz.3.71,6304,0):ocfs2_symlink:1894 ERROR: status = -5 [ 276.531679][ T5875] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 276.531821][ T6304] (syz.3.71,6304,0):ocfs2_symlink:2080 ERROR: status = -5 [ 276.550961][ T5875] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 276.561268][ T5875] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 276.576793][ T5875] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 276.586958][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.633761][ T6305] (syz.3.71,6305,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC. [ 276.647593][ T6305] (syz.3.71,6305,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae [ 276.660526][ T6305] (syz.3.71,6305,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5 [ 276.670115][ T6305] (syz.3.71,6305,0):ocfs2_quota_read:201 ERROR: status = -5 [ 276.687094][ T6305] Quota error (device loop3): find_tree_dqentry: Can't read quota tree block 5 [ 276.699731][ T6305] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 276.709585][ T6305] (syz.3.71,6305,0):ocfs2_acquire_dquot:890 ERROR: status = -5 [ 276.717703][ T6305] (syz.3.71,6305,0):ocfs2_mknod:317 ERROR: status = -5 [ 276.725043][ T6305] (syz.3.71,6305,0):ocfs2_mknod:505 ERROR: status = -5 [ 276.732346][ T6305] (syz.3.71,6305,0):ocfs2_create:678 ERROR: status = -5 [ 276.888232][ T5875] usb 2-1: config 0 descriptor?? [ 277.258234][ T5817] ocfs2: Unmounting device (7,3) on (node local) [ 277.508660][ T5875] usbhid 2-1:0.0: can't add hid device: -71 [ 277.515581][ T5875] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 277.623495][ T5875] usb 2-1: USB disconnect, device number 8 [ 277.812489][ T5935] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 278.002801][ T5935] usb 1-1: Using ep0 maxpacket: 16 [ 278.164780][ T5935] usb 1-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba [ 278.174605][ T5935] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 278.183112][ T5935] usb 1-1: Product: syz [ 278.187488][ T5935] usb 1-1: Manufacturer: syz [ 278.192854][ T5935] usb 1-1: SerialNumber: syz [ 278.322733][ T5935] usb 1-1: config 0 descriptor?? [ 278.591466][ T5935] snd-usb-hiface 1-1:0.0: probe with driver snd-usb-hiface failed with error -22 [ 278.718083][ T6336] loop1: detected capacity change from 0 to 1024 [ 279.462672][ T5875] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 279.477097][ T6341] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 279.611111][ T6342] batadv_slave_0: entered allmulticast mode [ 279.683226][ T5875] usb 3-1: Using ep0 maxpacket: 16 [ 279.742370][ T5875] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 279.755272][ T5875] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 279.898562][ T5875] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 279.908678][ T5875] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 279.917238][ T5875] usb 3-1: Product: syz [ 279.921632][ T5875] usb 3-1: Manufacturer: syz [ 279.926646][ T5875] usb 3-1: SerialNumber: syz [ 280.191658][ T6344] loop3: detected capacity change from 0 to 16 [ 280.321174][ T6344] erofs (device loop3): mounted with root inode @ nid 36. [ 280.468657][ T5875] usb 3-1: 0:2 : does not exist [ 280.647820][ T5875] usb 3-1: USB disconnect, device number 8 [ 280.702397][ T3083] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 280.922481][ T3083] usb 2-1: Using ep0 maxpacket: 32 [ 280.972250][ T5998] udevd[5998]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 281.108787][ T3083] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 281.117715][ T3083] usb 2-1: config 0 has no interface number 0 [ 281.124395][ T3083] usb 2-1: config 0 interface 12 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 281.134616][ T3083] usb 2-1: config 0 interface 12 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 281.145047][ T3083] usb 2-1: config 0 interface 12 has no altsetting 0 [ 281.268192][ T5935] usb 1-1: USB disconnect, device number 5 [ 281.291186][ T42] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 281.383367][ T3083] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 281.395767][ T3083] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.408689][ T3083] usb 2-1: Product: syz [ 281.413302][ T3083] usb 2-1: Manufacturer: syz [ 281.418136][ T3083] usb 2-1: SerialNumber: syz [ 281.446572][ T3083] usb 2-1: config 0 descriptor?? [ 281.463549][ T3083] f81534 2-1:0.12: unsupported endpoint max packet size [ 281.808610][ T6353] netlink: 'syz.3.86': attribute type 1 has an invalid length. [ 281.816572][ T6353] netlink: 'syz.3.86': attribute type 1 has an invalid length. [ 281.824642][ T6353] netlink: 116376 bytes leftover after parsing attributes in process `syz.3.86'. [ 281.955918][ T6353] syz_tun: entered promiscuous mode [ 281.961611][ T6353] macvtap1: entered promiscuous mode [ 282.158585][ T6353] syz_tun: left promiscuous mode [ 282.457185][ T42] usb 2-1: USB disconnect, device number 9 [ 282.753697][ T6363] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 283.037175][ T6360] loop4: detected capacity change from 0 to 32768 [ 283.047228][ T6360] xfs: Unknown parameter 'mtpt' [ 283.594584][ T6363] netlink: 12 bytes leftover after parsing attributes in process `syz.0.90'. [ 283.622733][ T6366] loop2: detected capacity change from 0 to 32768 [ 284.510922][ T6366] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io [ 284.511058][ T6366] allowing incompatible features above 0.0: (unknown version) [ 284.511137][ T6366] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 284.554898][ T6366] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 284.567181][ T6366] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 284.577218][ T6366] bcachefs (loop2): Version upgrade required: [ 284.577218][ T6366] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 284.577218][ T6366] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 284.577218][ T6366] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 284.706249][ T6366] bcachefs (loop2): dropping and reconstructing all alloc info [ 284.844610][ T6366] bcachefs (loop2): accounting_read... done [ 284.925913][ T6366] bcachefs (loop2): alloc_read... done [ 284.951091][ T6366] bcachefs (loop2): snapshots_read... done [ 284.969053][ T6366] bcachefs (loop2): check_allocations... done [ 285.163158][ T6366] bcachefs (loop2): going read-write [ 285.206231][ T6366] bcachefs (loop2): done starting filesystem [ 285.322269][ T6388] loop0: detected capacity change from 0 to 1024 [ 285.367841][ T5811] bcachefs (loop2): shutting down [ 285.373448][ T5811] bcachefs (loop2): going read-only [ 285.378991][ T5811] bcachefs (loop2): finished waiting for writes to stop [ 285.504536][ T5811] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 285.578571][ T5811] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 285.652607][ T5811] bcachefs (loop2): unclean shutdown complete, journal seq 11 [ 285.711350][ T6385] loop3: detected capacity change from 0 to 2048 [ 285.737096][ T5811] bcachefs (loop2): done going read-only, filesystem not clean [ 285.781082][ T6385] udf: Unknown parameter '' [ 285.886542][ T5811] bcachefs (loop2): shutdown complete [ 286.016853][ T6383] mmap: syz.3.92 (6383) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 286.072569][ T5935] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 286.340438][ T5935] usb 5-1: config 32 has 1 interface, different from the descriptor's value: 2 [ 286.349863][ T5935] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 286.360323][ T5935] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 286.369795][ T5935] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.454487][ T6402] netlink: 12 bytes leftover after parsing attributes in process `syz.0.98'. [ 286.704724][ T6397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 286.725549][ T6397] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 288.417100][ T6412] FAULT_INJECTION: forcing a failure. [ 288.417100][ T6412] name failslab, interval 1, probability 0, space 0, times 1 [ 288.431067][ T6412] CPU: 0 UID: 0 PID: 6412 Comm: syz.3.101 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(none) [ 288.431218][ T6412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 288.431311][ T6412] Call Trace: [ 288.431365][ T6412] [ 288.431420][ T6412] __dump_stack+0x26/0x30 [ 288.431621][ T6412] dump_stack_lvl+0x1df/0x270 [ 288.431836][ T6412] dump_stack+0x1e/0x25 [ 288.432017][ T6412] should_fail_ex+0x7dc/0x8a0 [ 288.432256][ T6412] should_failslab+0x15b/0x200 [ 288.432456][ T6412] kmem_cache_alloc_noprof+0xf0/0xec0 [ 288.432651][ T6412] ? security_inode_alloc+0x85/0x6f0 [ 288.432840][ T6412] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 288.433029][ T6412] ? kmsan_get_metadata+0xfb/0x160 [ 288.433230][ T6412] security_inode_alloc+0x85/0x6f0 [ 288.433418][ T6412] inode_init_always_gfp+0x754/0x8a0 [ 288.433626][ T6412] alloc_inode+0x129/0x4a0 [ 288.433828][ T6412] new_inode+0x39/0x460 [ 288.434027][ T6412] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 288.434276][ T6412] shmem_get_inode+0x663/0x1c20 [ 288.434515][ T6412] __shmem_file_setup+0x210/0x590 [ 288.434724][ T6412] shmem_file_setup+0x61/0x80 [ 288.434932][ T6412] __se_sys_memfd_create+0x844/0x11f0 [ 288.435132][ T6412] __x64_sys_memfd_create+0x78/0xb0 [ 288.435310][ T6412] x64_sys_call+0x3500/0x3e20 [ 288.435521][ T6412] do_syscall_64+0xd9/0x210 [ 288.435726][ T6412] ? irqentry_exit+0x16/0x60 [ 288.435906][ T6412] ? clear_bhb_loop+0x40/0x90 [ 288.436086][ T6412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.436259][ T6412] RIP: 0033:0x7f5538b8ebe9 [ 288.436387][ T6412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.436514][ T6412] RSP: 002b:00007f553996de18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 288.436658][ T6412] RAX: ffffffffffffffda RBX: 000000000000045d RCX: 00007f5538b8ebe9 [ 288.436762][ T6412] RDX: 00007f553996def0 RSI: 0000000000000000 RDI: 00007f5538c127e8 [ 288.436868][ T6412] RBP: 00002000000004c0 R08: 00007f553996dbb7 R09: 00007f553996de40 [ 288.436973][ T6412] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480 [ 288.437067][ T6412] R13: 00007f553996def0 R14: 00007f553996deb0 R15: 0000200000000000 [ 288.437207][ T6412] [ 288.853571][ T5935] usb 5-1: string descriptor 0 read error: -71 [ 288.961566][ T5935] usb 5-1: USB disconnect, device number 7 [ 289.331066][ T6418] loop4: detected capacity change from 0 to 64 [ 289.424495][ T6418] minix: Unknown parameter '' [ 289.546937][ T6050] udevd[6050]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 290.957467][ T6433] loop3: detected capacity change from 0 to 128 [ 291.241550][ T6433] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002] [ 291.289787][ T6433] System zones: 1-3, 19-19, 35-36 [ 291.376154][ T6433] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 291.490100][ T6433] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 291.603506][ T6430] loop4: detected capacity change from 0 to 32768 [ 291.613529][ T6430] ======================================================= [ 291.613529][ T6430] WARNING: The mand mount option has been deprecated and [ 291.613529][ T6430] and is ignored by this kernel. Remove the mand [ 291.613529][ T6430] option from the mount to silence this warning. [ 291.613529][ T6430] ======================================================= [ 291.867249][ T6441] loop0: detected capacity change from 0 to 1024 [ 291.887132][ T6430] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode. [ 292.163307][ T42] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 292.302529][ T3083] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 292.324649][ T42] usb 4-1: device descriptor read/64, error -71 [ 292.501314][ T6445] loop2: detected capacity change from 0 to 1764 [ 292.524385][ T3083] usb 5-1: Using ep0 maxpacket: 8 [ 292.573481][ T42] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 292.616350][ T3083] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 292.627169][ T3083] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 292.637709][ T3083] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 292.648220][ T3083] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 292.664057][ T3083] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 292.674307][ T3083] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.829378][ T6445] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 292.859817][ T42] usb 4-1: device descriptor read/64, error -71 [ 292.986326][ T42] usb usb4-port1: attempt power cycle [ 293.132833][ T3083] usb 5-1: GET_CAPABILITIES returned 2f [ 293.138777][ T3083] usbtmc 5-1:16.0: can't read capabilities [ 293.335035][ T5872] usb 5-1: USB disconnect, device number 8 [ 293.396122][ T42] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 293.478128][ T42] usb 4-1: device descriptor read/8, error -71 [ 293.514352][ T6449] syz.1.113 uses obsolete (PF_INET,SOCK_PACKET) [ 293.772438][ T42] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 294.093785][ T5877] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 294.117162][ T6457] FAULT_INJECTION: forcing a failure. [ 294.117162][ T6457] name failslab, interval 1, probability 0, space 0, times 0 [ 294.130797][ T6457] CPU: 1 UID: 0 PID: 6457 Comm: syz.2.114 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(none) [ 294.130957][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 294.131052][ T6457] Call Trace: [ 294.131108][ T6457] [ 294.131163][ T6457] __dump_stack+0x26/0x30 [ 294.131368][ T6457] dump_stack_lvl+0x1df/0x270 [ 294.131563][ T6457] dump_stack+0x1e/0x25 [ 294.131729][ T6457] should_fail_ex+0x7dc/0x8a0 [ 294.131950][ T6457] should_failslab+0x15b/0x200 [ 294.132128][ T6457] kmem_cache_alloc_lru_noprof+0xf7/0xed0 [ 294.132334][ T6457] ? __d_alloc+0x66/0xa60 [ 294.132469][ T6457] ? alloc_empty_backing_file+0x221/0x260 [ 294.132626][ T6457] ? kmsan_get_metadata+0xfb/0x160 [ 294.132819][ T6457] __d_alloc+0x66/0xa60 [ 294.132949][ T6457] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 294.133116][ T6457] ? kmsan_get_metadata+0xfb/0x160 [ 294.133306][ T6457] d_alloc_pseudo+0x3b/0x1b0 [ 294.133453][ T6457] alloc_file_pseudo+0x111/0x400 [ 294.133629][ T6457] __shmem_file_setup+0x46c/0x590 [ 294.133841][ T6457] shmem_file_setup+0x61/0x80 [ 294.134037][ T6457] __se_sys_memfd_create+0x844/0x11f0 [ 294.134238][ T6457] __x64_sys_memfd_create+0x78/0xb0 [ 294.134404][ T6457] x64_sys_call+0x3500/0x3e20 [ 294.134602][ T6457] do_syscall_64+0xd9/0x210 [ 294.134775][ T6457] ? irqentry_exit+0x16/0x60 [ 294.134924][ T6457] ? clear_bhb_loop+0x40/0x90 [ 294.135083][ T6457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.135246][ T6457] RIP: 0033:0x7fba31b8ebe9 [ 294.135366][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.135489][ T6457] RSP: 002b:00007fba32a5be18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 294.135637][ T6457] RAX: ffffffffffffffda RBX: 000000000000045d RCX: 00007fba31b8ebe9 [ 294.135739][ T6457] RDX: 00007fba32a5bef0 RSI: 0000000000000000 RDI: 00007fba31c127e8 [ 294.135837][ T6457] RBP: 00002000000004c0 R08: 00007fba32a5bbb7 R09: 00007fba32a5be40 [ 294.135941][ T6457] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480 [ 294.136036][ T6457] R13: 00007fba32a5bef0 R14: 00007fba32a5beb0 R15: 0000200000000000 [ 294.136178][ T6457] [ 294.479995][ T42] usb 4-1: device descriptor read/8, error -71 [ 294.553408][ T5877] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 294.563989][ T5877] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 294.575518][ T5877] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 294.591677][ T5877] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 294.593664][ T42] usb usb4-port1: unable to enumerate USB device [ 294.612800][ T5877] usb 2-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00 [ 294.625970][ T5877] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.682722][ T5823] ocfs2: Unmounting device (7,4) on (node local) [ 294.695595][ T5877] usb 2-1: config 0 descriptor?? [ 294.738107][ T5817] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 294.924901][ T6449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 294.935518][ T6449] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 296.077428][ T6449] loop1: detected capacity change from 0 to 40427 [ 296.092955][ T6449] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 296.100160][ T6449] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 296.109942][ T6449] F2FS-fs (loop1): build fault injection rate: 17008 [ 296.118828][ T6449] F2FS-fs (loop1): build fault injection type: 0x6 [ 296.129460][ T6449] F2FS-fs (loop1): invalid crc value [ 296.469183][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.476283][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 296.561740][ T6449] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 296.975562][ T6472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.118'. [ 297.033158][ T5872] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 297.191337][ T5877] usbhid 2-1:0.0: can't add hid device: -71 [ 297.198556][ T5877] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 297.355209][ T5872] usb 4-1: config 0 has an invalid interface number: 101 but max is 0 [ 297.372141][ T5872] usb 4-1: config 0 has no interface number 0 [ 297.378470][ T5872] usb 4-1: config 0 interface 101 has no altsetting 0 [ 297.401140][ T5877] usb 2-1: USB disconnect, device number 10 [ 297.455306][ T5872] usb 4-1: New USB device found, idVendor=12d1, idProduct=1c1f, bcdDevice=ef.18 [ 297.473963][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.485865][ T5872] usb 4-1: Product: syz [ 297.490262][ T5872] usb 4-1: Manufacturer: syz [ 297.496180][ T5872] usb 4-1: SerialNumber: syz [ 297.633221][ T5872] usb 4-1: config 0 descriptor?? [ 297.721186][ T5872] usb 4-1: bad CDC descriptors [ 297.730405][ T5872] option 4-1:0.101: GSM modem (1-port) converter detected [ 297.919647][ T5872] usb 4-1: USB disconnect, device number 7 [ 297.933149][ T5872] option 4-1:0.101: device disconnected [ 298.172982][ T42] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 298.389784][ T6482] loop2: detected capacity change from 0 to 1024 [ 298.412692][ T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 52, changing to 4 [ 298.424240][ T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 13368, setting to 1023 [ 298.436014][ T42] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 298.445823][ T42] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.676158][ T42] usb 5-1: config 0 descriptor?? [ 298.944268][ T42] ath6kl: Failed to submit usb control message: -71 [ 298.951325][ T42] ath6kl: unable to send the bmi data to the device: -71 [ 298.958924][ T42] ath6kl: Unable to send get target info: -71 [ 299.016554][ T42] ath6kl: Failed to init ath6kl core: -71 [ 299.036149][ T42] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 299.182747][ T42] usb 5-1: USB disconnect, device number 9 [ 299.368299][ T6488] loop0: detected capacity change from 0 to 164 [ 299.422771][ T6488] iso9660: Unknown parameter '' [ 300.164540][ T6497] FAULT_INJECTION: forcing a failure. [ 300.164540][ T6497] name failslab, interval 1, probability 0, space 0, times 0 [ 300.177812][ T6497] CPU: 1 UID: 0 PID: 6497 Comm: syz.4.128 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(none) [ 300.177967][ T6497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 300.178055][ T6497] Call Trace: [ 300.178109][ T6497] [ 300.178162][ T6497] __dump_stack+0x26/0x30 [ 300.178367][ T6497] dump_stack_lvl+0x1df/0x270 [ 300.178564][ T6497] dump_stack+0x1e/0x25 [ 300.178739][ T6497] should_fail_ex+0x7dc/0x8a0 [ 300.178968][ T6497] should_failslab+0x15b/0x200 [ 300.179151][ T6497] kmem_cache_alloc_noprof+0xf0/0xec0 [ 300.179341][ T6497] ? alloc_empty_file+0x10d/0x5b0 [ 300.179491][ T6497] ? kmsan_get_metadata+0xfb/0x160 [ 300.179664][ T6497] ? kmsan_get_metadata+0xfb/0x160 [ 300.179850][ T6497] alloc_empty_file+0x10d/0x5b0 [ 300.179996][ T6497] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 300.180182][ T6497] alloc_file_pseudo+0x1de/0x400 [ 300.180351][ T6497] __shmem_file_setup+0x46c/0x590 [ 300.180567][ T6497] shmem_file_setup+0x61/0x80 [ 300.180770][ T6497] __se_sys_memfd_create+0x844/0x11f0 [ 300.180962][ T6497] __x64_sys_memfd_create+0x78/0xb0 [ 300.181129][ T6497] x64_sys_call+0x3500/0x3e20 [ 300.181327][ T6497] do_syscall_64+0xd9/0x210 [ 300.181505][ T6497] ? irqentry_exit+0x16/0x60 [ 300.181672][ T6497] ? clear_bhb_loop+0x40/0x90 [ 300.181835][ T6497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.181992][ T6497] RIP: 0033:0x7f3022b8ebe9 [ 300.182100][ T6497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.182223][ T6497] RSP: 002b:00007f3023a0de18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 300.182359][ T6497] RAX: ffffffffffffffda RBX: 000000000000045d RCX: 00007f3022b8ebe9 [ 300.182456][ T6497] RDX: 00007f3023a0def0 RSI: 0000000000000000 RDI: 00007f3022c127e8 [ 300.182549][ T6497] RBP: 00002000000004c0 R08: 00007f3023a0dbb7 R09: 00007f3023a0de40 [ 300.182661][ T6497] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480 [ 300.182753][ T6497] R13: 00007f3023a0def0 R14: 00007f3023a0deb0 R15: 0000200000000000 [ 300.182889][ T6497] [ 300.257239][ T5872] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 300.556358][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.584351][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.593546][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.623124][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.652380][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.668830][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.701527][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.720817][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.734048][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.803041][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.825859][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.859492][ T6503] netlink: 132 bytes leftover after parsing attributes in process `syz.1.120'. [ 300.904856][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.913664][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.968421][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 300.992226][ T5872] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 301.003196][ T5872] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 301.012536][ T5872] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 301.041318][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 301.112205][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 301.145364][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 301.176544][ T5872] usb 3-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 301.186080][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.194471][ T5872] usb 3-1: Product: syz [ 301.198831][ T5872] usb 3-1: Manufacturer: syz [ 301.204459][ T5872] usb 3-1: SerialNumber: syz [ 301.295029][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 301.326094][ T6500] 9pnet_fd: Insufficient options for proto=fd [ 301.349710][ T5872] usb 3-1: config 0 descriptor?? [ 301.370050][ T6507] loop4: detected capacity change from 0 to 8192 [ 301.435778][ T6507] caif0: entered allmulticast mode [ 301.467519][ T5872] uvcvideo 3-1:0.0: probe with driver uvcvideo failed with error -22 [ 301.697549][ T5872] usb 3-1: USB disconnect, device number 9 [ 302.553868][ T5872] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 302.834444][ T5872] usb 1-1: Using ep0 maxpacket: 16 [ 302.883342][ T6512] loop3: detected capacity change from 0 to 512 [ 302.962297][ T5872] usb 1-1: unable to get BOS descriptor or descriptor too short [ 302.997582][ T6512] EXT4-fs error (device loop3): ext4_get_journal_inode:5796: comm syz.3.133: inode #33554432: comm syz.3.133: iget: illegal inode # [ 303.037867][ T6512] EXT4-fs (loop3): Remounting filesystem read-only [ 303.044790][ T6512] EXT4-fs (loop3): no journal found [ 303.050435][ T6512] EXT4-fs (loop3): can't get journal size [ 303.101389][ T5872] usb 1-1: config 11 has an invalid interface number: 165 but max is 0 [ 303.112687][ T5872] usb 1-1: config 11 has no interface number 0 [ 303.232221][ T5872] usb 1-1: New USB device found, idVendor=05ac, idProduct=021d, bcdDevice=18.91 [ 303.241766][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.250206][ T5872] usb 1-1: Product: syz [ 303.254836][ T5872] usb 1-1: Manufacturer: syz [ 303.259627][ T5872] usb 1-1: SerialNumber: syz [ 303.290978][ T6512] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 303.368206][ T6512] EXT4-fs (loop3): failed to initialize system zone (-22) [ 303.376835][ T6512] EXT4-fs (loop3): mount failed [ 303.641748][ T5872] hub 1-1:11.165: bad descriptor, ignoring hub [ 303.648711][ T5872] hub 1-1:11.165: probe with driver hub failed with error -5 [ 303.867270][ T5872] usb 1-1: USB disconnect, device number 6 [ 304.253012][ T5877] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 304.436028][ T5877] usb 5-1: Using ep0 maxpacket: 32 [ 304.551699][ T5877] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 304.561833][ T5877] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 304.597656][ T5877] usb 5-1: config 0 descriptor?? [ 304.844922][ T5877] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 304.907640][ T5877] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 304.985318][ T5877] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 304.992987][ T5877] usb 5-1: media controller created [ 305.195178][ T42] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 305.422274][ T42] usb 1-1: device descriptor read/64, error -71 [ 305.703398][ T42] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 305.922315][ T42] usb 1-1: device descriptor read/64, error -71 [ 306.020493][ T6529] loop1: detected capacity change from 0 to 4096 [ 306.058617][ T42] usb usb1-port1: attempt power cycle [ 306.059621][ T5877] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 306.163009][ T6517] loop4: detected capacity change from 0 to 32768 [ 306.192632][ T3083] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 306.201439][ T6529] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 306.363281][ T6517] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 306.453043][ T3083] usb 4-1: Using ep0 maxpacket: 8 [ 306.481499][ T3083] usb 4-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00 [ 306.491496][ T3083] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.510124][ T42] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 306.559022][ T42] usb 1-1: device descriptor read/8, error -71 [ 306.596213][ T3083] usb 4-1: config 0 descriptor?? [ 306.646989][ T6529] ntfs3(loop1): Failed to load $Extend (-22). [ 306.653940][ T6529] ntfs3(loop1): Failed to initialize $Extend. [ 306.824075][ T42] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 306.911690][ T42] usb 1-1: device descriptor read/8, error -71 [ 307.032465][ T3083] microsoft 0003:045E:009D.0002: unknown main item tag 0x0 [ 307.040209][ T3083] microsoft 0003:045E:009D.0002: unknown main item tag 0x0 [ 307.048093][ T3083] microsoft 0003:045E:009D.0002: unknown main item tag 0x0 [ 307.055949][ T3083] microsoft 0003:045E:009D.0002: unknown main item tag 0x0 [ 307.063745][ T3083] microsoft 0003:045E:009D.0002: unknown main item tag 0x0 [ 307.082722][ T42] usb usb1-port1: unable to enumerate USB device [ 307.218785][ T5872] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 307.249859][ T6549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 307.261571][ T6549] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 307.265821][ T6517] XFS (loop4): Ending clean mount [ 307.394848][ T3083] microsoft 0003:045E:009D.0002: hidraw0: USB HID v0.03 Device [HID 045e:009d] on usb-dummy_hcd.3-1/input0 [ 307.411021][ T3083] microsoft 0003:045E:009D.0002: no inputs found [ 307.417881][ T3083] microsoft 0003:045E:009D.0002: could not initialize ff, continuing anyway [ 307.419767][ T5877] az6027: usb out operation failed. (-71) [ 307.445562][ T5823] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 307.452667][ T5877] az6027: usb out operation failed. (-71) [ 307.460182][ T5877] stb0899_attach: Driver disabled by Kconfig [ 307.475826][ T5877] az6027: no front-end attached [ 307.475826][ T5877] [ 307.543062][ T5877] az6027: usb out operation failed. (-71) [ 307.549120][ T5877] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 307.562895][ T5877] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input5 [ 307.595289][ T5872] usb 2-1: Using ep0 maxpacket: 32 [ 307.644428][ T5872] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 307.655387][ T5872] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 307.667177][ T5872] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 307.679260][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 307.689403][ T5872] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 307.755450][ T5877] dvb-usb: schedule remote query interval to 400 msecs. [ 307.764798][ T5877] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 307.858094][ T5877] usb 5-1: USB disconnect, device number 10 [ 307.992587][ T5872] usb 2-1: New USB device found, idVendor=072f, idProduct=2200, bcdDevice=3f.bf [ 308.002203][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.018039][ T5872] usb 2-1: Product: syz [ 308.025033][ T5872] usb 2-1: Manufacturer: syz [ 308.029884][ T5872] usb 2-1: SerialNumber: syz [ 308.080101][ T5872] usb 2-1: config 0 descriptor?? [ 308.279519][ T5877] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 308.603682][ T5872] usb 2-1: can't set config #0, error -71 [ 308.617378][ T6552] loop2: detected capacity change from 0 to 512 [ 308.683571][ T5872] usb 2-1: USB disconnect, device number 11 [ 308.798952][ T6552] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal [ 309.252756][ T3083] usb 4-1: USB disconnect, device number 8 [ 310.353277][ T6560] fido_id[6560]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 310.429977][ T6558] loop1: detected capacity change from 0 to 4096 [ 311.884761][ T6575] loop3: detected capacity change from 0 to 4096 [ 312.329296][ T6572] loop2: detected capacity change from 0 to 8192 [ 312.430356][ T6572] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 312.664929][ T30] audit: type=1800 audit(1754913236.204:17): pid=6572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.152" name="file1" dev="loop2" ino=1048611 res=0 errno=0 [ 313.403102][ T4374] ntfs3(loop3): ino=5, mi_enum_attr [ 314.144251][ T42] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 314.355247][ T42] usb 3-1: Using ep0 maxpacket: 16 [ 314.435955][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 78, changing to 10 [ 314.452151][ T42] usb 3-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 314.463487][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 314.580444][ T42] usb 3-1: config 0 descriptor?? [ 315.037906][ T6590] process 'syz.2.159' launched '/dev/fd/5' with NULL argv: empty string added [ 316.119368][ T42] mcp2200 0003:04D8:00DF.0003: USB HID v0.04 Device [HID 04d8:00df] on usb-dummy_hcd.2-1/input0 [ 316.860238][ T6602] loop3: detected capacity change from 0 to 65536 [ 316.932312][ T42] usb 3-1: USB disconnect, device number 10 [ 316.980865][ T6614] binder: Bad value for 'max' [ 317.006560][ T6602] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 317.165588][ T6614] binder: Bad value for 'max' [ 317.188499][ T6602] XFS (loop3): Ending clean mount [ 317.334038][ T6602] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x1b9/0x300, xfs_agf block 0x1 [ 317.345353][ T6602] XFS (loop3): Unmount and run xfs_repair [ 317.351295][ T6602] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 317.359114][ T6602] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00 XAGF..........@. [ 317.368872][ T6602] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01 ................ [ 317.378313][ T6602] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 317.387660][ T6602] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00 ......?...?..... [ 317.396906][ T6602] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3 .sH./.A..&.:g... [ 317.406399][ T6602] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 ................ [ 317.415704][ T6602] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 317.424956][ T6602] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 317.437822][ T6602] XFS (loop3): metadata I/O error in "xfs_read_agf+0x23d/0x550" at daddr 0x1 len 1 error 74 [ 317.470224][ T6602] XFS (loop3): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x740/0xe70 (fs/xfs/xfs_trans_buf.c:311). Shutting down filesystem. [ 317.485947][ T6602] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 317.597752][ T5817] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 318.325495][ T6634] loop2: detected capacity change from 0 to 8 [ 318.416290][ T6633] FAULT_INJECTION: forcing a failure. [ 318.416290][ T6633] name failslab, interval 1, probability 0, space 0, times 0 [ 318.429914][ T6633] CPU: 1 UID: 0 PID: 6633 Comm: syz.0.174 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(none) [ 318.430069][ T6633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 318.430165][ T6633] Call Trace: [ 318.430229][ T6633] [ 318.430288][ T6633] __dump_stack+0x26/0x30 [ 318.430492][ T6633] dump_stack_lvl+0x1df/0x270 [ 318.430699][ T6633] dump_stack+0x1e/0x25 [ 318.430869][ T6633] should_fail_ex+0x7dc/0x8a0 [ 318.431108][ T6633] should_failslab+0x15b/0x200 [ 318.431285][ T6633] kmem_cache_alloc_noprof+0xf0/0xec0 [ 318.431476][ T6633] ? getname_flags+0x102/0xac0 [ 318.431691][ T6633] ? kmsan_get_metadata+0xfb/0x160 [ 318.431858][ T6633] ? kmsan_get_metadata+0xfb/0x160 [ 318.432055][ T6633] getname_flags+0x102/0xac0 [ 318.432274][ T6633] do_sys_openat2+0xaa/0x2f0 [ 318.432443][ T6633] __x64_sys_openat+0x240/0x300 [ 318.432634][ T6633] x64_sys_call+0x3bcc/0x3e20 [ 318.432832][ T6633] do_syscall_64+0xd9/0x210 [ 318.433007][ T6633] ? irqentry_exit+0x16/0x60 [ 318.433162][ T6633] ? clear_bhb_loop+0x40/0x90 [ 318.433326][ T6633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.433491][ T6633] RIP: 0033:0x7fcbf8f8d550 [ 318.433609][ T6633] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 318.433735][ T6633] RSP: 002b:00007fcbf9e3ab70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 318.433876][ T6633] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fcbf8f8d550 [ 318.433977][ T6633] RDX: 0000000000000002 RSI: 00007fcbf9e3ac10 RDI: 00000000ffffff9c [ 318.434074][ T6633] RBP: 00007fcbf9e3ac10 R08: 0000000000000000 R09: 00007fcbf9e3a986 [ 318.434172][ T6633] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 318.434259][ T6633] R13: 00007fcbf91b6038 R14: 00007fcbf91b5fa0 R15: 00007ffd0ea9c398 [ 318.434399][ T6633] [ 318.787611][ T6634] SQUASHFS error: lzo decompression failed, data probably corrupt [ 318.796061][ T6634] SQUASHFS error: Failed to read block 0x91: -5 [ 318.802787][ T6634] SQUASHFS error: Unable to read metadata cache entry [8f] [ 318.810203][ T6634] SQUASHFS error: Unable to read inode 0x11f [ 319.899450][ T5872] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 320.143405][ T5872] usb 1-1: Using ep0 maxpacket: 32 [ 320.253752][ T5872] usb 1-1: config 0 has an invalid interface number: 48 but max is 0 [ 320.257179][ T6646] loop2: detected capacity change from 0 to 32768 [ 320.263332][ T5872] usb 1-1: config 0 has no interface number 0 [ 320.414425][ T5872] usb 1-1: New USB device found, idVendor=046d, idProduct=0960, bcdDevice=4b.cc [ 320.424075][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 320.433254][ T5872] usb 1-1: Product: syz [ 320.437644][ T5872] usb 1-1: Manufacturer: syz [ 320.442662][ T5872] usb 1-1: SerialNumber: syz [ 320.455471][ T5872] usb 1-1: config 0 descriptor?? [ 320.476913][ T5872] gspca_main: sunplus-2.14.0 probing 046d:0960 [ 320.666703][ T6646] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 320.666878][ T6646] allowing incompatible features above 0.0: (unknown version) [ 320.666975][ T6646] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 320.715160][ T6646] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 320.723799][ T6646] bcachefs (loop2): initializing new filesystem [ 320.750396][ T6646] bcachefs (loop2): going read-write [ 320.792801][ T5872] gspca_sunplus: reg_w_riv err -71 [ 320.798586][ T5872] sunplus 1-1:0.48: probe with driver sunplus failed with error -71 [ 320.834560][ T5872] usb 1-1: USB disconnect, device number 11 [ 320.856786][ T6646] bcachefs (loop2): marking superblocks [ 320.926794][ T6646] bcachefs (loop2): initializing freespace [ 320.957584][ T6646] bcachefs (loop2): done initializing freespace [ 320.980371][ T6646] bcachefs (loop2): reading snapshots table [ 320.987313][ T6646] bcachefs (loop2): reading snapshots done [ 321.165333][ T6646] bcachefs (loop2): done starting filesystem [ 321.572270][ T3083] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 321.876217][ T3083] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 321.887778][ T3083] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 321.898070][ T3083] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 321.911452][ T3083] usb 3-1: New USB device found, idVendor=056a, idProduct=005d, bcdDevice= 0.00 [ 321.921027][ T3083] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 322.082408][ T3083] usb 3-1: config 0 descriptor?? [ 322.228534][ T6671] netlink: 76 bytes leftover after parsing attributes in process `syz.0.184'. [ 322.240161][ T5872] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 322.704907][ T5872] usb 5-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55 [ 322.714657][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 322.723362][ T5872] usb 5-1: Product: syz [ 322.727748][ T5872] usb 5-1: Manufacturer: syz [ 322.732811][ T5872] usb 5-1: SerialNumber: syz [ 322.745096][ T5877] usb 1-1: new full-speed USB device number 12 using dummy_hcd [ 323.102668][ T3083] usbhid 3-1:0.0: can't add hid device: -71 [ 323.109376][ T3083] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 323.138996][ T5877] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 323.254224][ T6668] loop1: detected capacity change from 0 to 40427 [ 323.276279][ T6668] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 323.280956][ T5872] usb 5-1: config 0 descriptor?? [ 323.284313][ T6668] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 323.295419][ T6668] F2FS-fs (loop1): invalid crc value [ 323.317071][ T6668] F2FS-fs (loop1): Mismatch valid blocks 2 vs. 4 [ 323.324796][ T5877] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 323.328825][ T3083] usb 3-1: USB disconnect, device number 11 [ 323.334600][ T5877] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 323.334750][ T5877] usb 1-1: Manufacturer: syz [ 323.389777][ T5877] usb 1-1: config 0 descriptor?? [ 323.408912][ T5872] gspca_main: sonixb-2.14.0 probing 0c45:608f [ 323.458241][ T6668] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117) [ 323.635742][ T6671] sg_write: data in/out 196608/32 bytes for SCSI command 0x2c-- guessing data in; [ 323.635742][ T6671] program syz.0.184 not setting count and/or reply_len properly [ 323.743265][ T6669] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 323.774719][ T6646] syz.2.177 (6646) used greatest stack depth: 1200 bytes left [ 323.941756][ T5872] sonixb 5-1:0.0: Error reading register 00: -110 [ 324.255440][ T5811] bcachefs (loop2): shutting down [ 324.260706][ T5811] bcachefs (loop2): going read-only [ 324.290285][ T6668] netlink: 16 bytes leftover after parsing attributes in process `syz.1.183'. [ 324.319770][ T5811] bcachefs (loop2): finished waiting for writes to stop [ 324.387760][ T5811] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4 [ 324.580250][ T5811] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 6 [ 324.635354][ T5811] bcachefs (loop2): clean shutdown complete, journal seq 7 [ 324.693034][ T5811] bcachefs (loop2): marking filesystem clean [ 324.883777][ T6671] netlink: 16 bytes leftover after parsing attributes in process `syz.0.184'. [ 324.901786][ T5811] bcachefs (loop2): shutdown complete [ 325.268232][ T5872] usb 1-1: USB disconnect, device number 12 [ 326.493521][ T3083] usb 5-1: USB disconnect, device number 11 [ 327.663572][ T6707] [U] [ 327.666643][ T6707] [U] [ 327.669496][ T6707] [U] [ 327.672365][ T6707] [U] [ 327.675421][ T6707] [U] BÒ [ 327.678703][ T6707] [U] [ 327.681710][ T6707] [U] [ 327.684723][ T6707] [U] [ 327.687733][ T6707] [U] [ 327.690836][ T6707] [U] [ 327.782762][ T6698] netlink: 'syz.1.190': attribute type 10 has an invalid length. [ 328.053050][ T6707] [U] [ 328.053295][ T6707] [U] [ 328.053546][ T6707] [U] [ 328.392911][ T6705] [U] [ 329.065037][ T6719] loop4: detected capacity change from 0 to 128 [ 329.359931][ T6725] debugfs: Bad value for 'uid' [ 329.366610][ T6725] debugfs: Bad value for 'uid' [ 329.908743][ T6728] loop0: detected capacity change from 0 to 1024 [ 329.955422][ T6728] EXT4-fs: inline encryption not supported [ 329.961603][ T6728] EXT4-fs: Ignoring removed i_version option [ 330.114680][ T6728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.179997][ T6732] loop3: detected capacity change from 0 to 512 [ 330.305154][ T6732] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e042c118, mo2=0002] [ 330.427833][ T6732] System zones: 1-12 [ 330.506592][ T6732] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.204: corrupted in-inode xattr: e_value size too large [ 330.642803][ T6732] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.204: couldn't read orphan inode 15 (err -117) [ 330.715681][ T6740] loop2: detected capacity change from 0 to 764 [ 330.755347][ T6732] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.277543][ T6731] loop1: detected capacity change from 0 to 8192 [ 331.355561][ T5817] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.397323][ T6742] loop4: detected capacity change from 0 to 2048 [ 331.420483][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.661231][ T6742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.676114][ T6742] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 331.789853][ T6748] loop2: detected capacity change from 0 to 512 [ 332.220786][ T6752] loop0: detected capacity change from 0 to 512 [ 332.445151][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.645314][ T6752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.658701][ T6752] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 333.400674][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.422709][ T6763] loop4: detected capacity change from 0 to 1024 [ 333.609101][ T6763] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.088247][ T6771] loop0: detected capacity change from 0 to 512 [ 334.278569][ T6771] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.292640][ T6771] ext4 filesystem being mounted at /51/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.361771][ T5820] Bluetooth: hci1: command 0x0406 tx timeout [ 334.370875][ T5820] Bluetooth: hci3: command 0x0406 tx timeout [ 334.378428][ T5820] Bluetooth: hci0: command 0x0406 tx timeout [ 334.385793][ T5820] Bluetooth: hci2: command 0x0406 tx timeout [ 334.393047][ T5820] Bluetooth: hci4: command 0x0406 tx timeout [ 334.452801][ T6777] loop1: detected capacity change from 0 to 512 [ 334.521392][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.228558][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.445726][ T6786] loop4: detected capacity change from 0 to 2048 [ 335.616388][ T6786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 335.630122][ T6786] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 336.140682][ T6799] overlayfs: failed to get index nlink (file0/file2, err=-61) [ 336.490512][ T6801] loop2: detected capacity change from 0 to 128 [ 336.497153][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.656764][ T6803] loop1: detected capacity change from 0 to 512 [ 336.756047][ T6803] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 336.851361][ T6803] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.226: Unimplemented hash flags: 0x0001 [ 336.863899][ T6803] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.226: Corrupt directory, running e2fsck is recommended [ 337.325782][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.411714][ T6811] loop3: detected capacity change from 0 to 512 [ 337.455232][ T6811] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 337.469079][ T6811] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 337.627238][ T6811] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.229: Invalid block bitmap block 0 in block_group 0 [ 337.762644][ T6811] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 337.794768][ T6811] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.229: attempt to clear invalid blocks 983261 len 1 [ 337.877426][ T6811] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.229: Invalid inode table block 0 in block_group 0 [ 337.953316][ T6811] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 338.038119][ T6811] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 338.058086][ T6811] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.229: Invalid inode table block 0 in block_group 0 [ 338.109094][ T6816] loop2: detected capacity change from 0 to 512 [ 338.112942][ T6811] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 338.189100][ T6811] EXT4-fs error (device loop3): ext4_truncate:4666: inode #11: comm syz.3.229: mark_inode_dirty error [ 338.262449][ T6811] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 338.287959][ T6816] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.231: bg 0: block 5: invalid block bitmap [ 338.310695][ T6816] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 338.378255][ T6811] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.229: Invalid inode table block 0 in block_group 0 [ 338.409934][ T6816] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.231: invalid indirect mapped block 3 (level 2) [ 338.455369][ T6811] EXT4-fs (loop3): 1 truncate cleaned up [ 338.474757][ T6816] EXT4-fs (loop2): 2 truncates cleaned up [ 338.487307][ T6816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 338.650776][ T6811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.710962][ T6816] overlayfs: failed to verify upper root origin [ 338.754753][ T6816] overlayfs: failed to create directory ./bus/work (errno: 17); mounting read-only [ 338.764884][ T6816] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 339.065096][ T6825] netlink: 'syz.1.235': attribute type 28 has an invalid length. [ 339.076806][ T5811] EXT4-fs error (device loop2): ext4_lookup:1787: inode #17: comm syz-executor: iget: bad extended attribute block 6904 [ 339.160395][ T5811] EXT4-fs error (device loop2): ext4_lookup:1787: inode #17: comm syz-executor: iget: bad extended attribute block 6904 [ 339.272253][ T5817] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.848647][ T5811] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.868864][ T1328] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.114512][ T1328] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.379676][ T1328] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.609475][ T1328] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.832442][ T6841] loop1: detected capacity change from 0 to 128 [ 341.027579][ T6841] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 341.333789][ T1328] bridge_slave_1: left allmulticast mode [ 341.339695][ T1328] bridge_slave_1: left promiscuous mode [ 341.348619][ T1328] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.467746][ T1328] bridge_slave_0: left allmulticast mode [ 341.474920][ T1328] bridge_slave_0: left promiscuous mode [ 341.481656][ T1328] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.694841][ T3710] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 342.247263][ T1328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 342.330750][ T1328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 342.366306][ T1328] bond0 (unregistering): Released all slaves [ 343.102442][ T1328] hsr_slave_0: left promiscuous mode [ 343.143296][ T1328] hsr_slave_1: left promiscuous mode [ 343.151751][ T1328] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 343.161443][ T1328] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 343.239593][ T1328] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 343.247459][ T1328] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 343.423247][ T1328] veth1_macvtap: left promiscuous mode [ 343.429252][ T1328] veth0_macvtap: left promiscuous mode [ 343.436634][ T1328] veth1_vlan: left promiscuous mode [ 343.444791][ T1328] veth0_vlan: left promiscuous mode [ 344.223382][ T6861] loop3: detected capacity change from 0 to 1024 [ 344.344489][ T6861] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 344.398160][ T6863] loop4: detected capacity change from 0 to 164 [ 344.504533][ T1328] team0 (unregistering): Port device team_slave_1 removed [ 344.744325][ T1328] team0 (unregistering): Port device team_slave_0 removed [ 345.197827][ T5817] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.503900][ T49] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 345.522913][ T49] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 345.533128][ T49] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 345.550078][ T49] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 345.564457][ T49] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 346.255347][ T6878] loop0: detected capacity change from 0 to 4096 [ 346.430446][ T6878] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 346.484980][ T5872] kernel write not supported for file /input/event0 (pid: 5872 comm: kworker/0:3) [ 346.797466][ T6889] 9pnet_fd: Insufficient options for proto=fd [ 347.667776][ T49] Bluetooth: hci1: command tx timeout [ 347.675275][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 347.838699][ T6870] chnl_net:caif_netlink_parms(): no params data found [ 348.220167][ T6900] loop1: detected capacity change from 0 to 512 [ 348.402844][ T6900] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.258: bad orphan inode 13 [ 348.433790][ T6900] ext4_test_bit(bit=12, block=4) = 1 [ 348.439485][ T6900] is_bad_inode(inode)=0 [ 348.444107][ T6900] NEXT_ORPHAN(inode)=0 [ 348.448347][ T6900] max_ino=32 [ 348.451707][ T6900] i_nlink=1 [ 348.460593][ T6900] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 348.681405][ T6900] EXT4-fs warning (device loop1): dx_probe:801: inode #2: comm syz.1.258: Unrecognised inode hash code 20 [ 348.693530][ T6900] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.258: Corrupt directory, running e2fsck is recommended [ 348.813535][ T6900] EXT4-fs warning (device loop1): dx_probe:801: inode #2: comm syz.1.258: Unrecognised inode hash code 20 [ 348.825696][ T6900] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.258: Corrupt directory, running e2fsck is recommended [ 349.310368][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 349.730722][ T49] Bluetooth: hci1: command tx timeout [ 350.002110][ T6926] netlink: 4 bytes leftover after parsing attributes in process `syz.3.263'. [ 350.078882][ T6870] bridge0: port 1(bridge_slave_0) entered blocking state [ 350.087021][ T6870] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.095143][ T6870] bridge_slave_0: entered allmulticast mode [ 350.108022][ T6870] bridge_slave_0: entered promiscuous mode [ 350.172882][ T6870] bridge0: port 2(bridge_slave_1) entered blocking state [ 350.180682][ T6870] bridge0: port 2(bridge_slave_1) entered disabled state [ 350.188666][ T6870] bridge_slave_1: entered allmulticast mode [ 350.200480][ T6870] bridge_slave_1: entered promiscuous mode [ 350.740803][ T6870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 350.849140][ T6870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 351.263766][ T6870] team0: Port device team_slave_0 added [ 351.373799][ T6870] team0: Port device team_slave_1 added [ 351.607477][ T6870] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 351.615707][ T6870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 351.644700][ T6870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 351.800697][ T49] Bluetooth: hci1: command tx timeout [ 351.817085][ T6870] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 351.826757][ T6870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 351.856052][ T6870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 352.200032][ T6870] hsr_slave_0: entered promiscuous mode [ 352.210711][ T6870] hsr_slave_1: entered promiscuous mode [ 352.542520][ T6956] loop0: detected capacity change from 0 to 512 [ 353.876561][ T49] Bluetooth: hci1: command tx timeout [ 354.260209][ T6870] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 354.361798][ T6870] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 354.508186][ T6870] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 354.623744][ T6870] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 355.076239][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.088119][ T6987] bridge_slave_1: left allmulticast mode [ 355.094480][ T6987] bridge_slave_1: left promiscuous mode [ 355.101289][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.194825][ T6987] team0: Port device bridge_slave_1 added [ 355.204256][ T6987] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 356.217866][ T6870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 356.502828][ T6870] 8021q: adding VLAN 0 to HW filter on device team0 [ 356.577944][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state [ 356.585764][ T3710] bridge0: port 1(bridge_slave_0) entered forwarding state [ 356.729687][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state [ 356.737363][ T3710] bridge0: port 2(bridge_slave_1) entered forwarding state [ 357.927840][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 357.937511][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 359.579668][ T6870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 362.117653][ T7075] 9pnet_fd: Insufficient options for proto=fd [ 362.859757][ T6870] veth0_vlan: entered promiscuous mode [ 362.987679][ T6870] veth1_vlan: entered promiscuous mode [ 363.350804][ T6870] veth0_macvtap: entered promiscuous mode [ 363.432890][ T6870] veth1_macvtap: entered promiscuous mode [ 363.720049][ T6870] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 363.820079][ T6870] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 363.973001][ T1004] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.026403][ T1004] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.068827][ T1004] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.137670][ T3710] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 366.537328][ T7129] 9pnet_fd: Insufficient options for proto=fd [ 367.185987][ T7141] overlayfs: failed to clone lowerpath [ 372.741596][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.750119][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 373.118743][ T7226] IPv6: addrconf: prefix option has invalid lifetime [ 373.168946][ T5099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 373.177194][ T5099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 373.765805][ T7230] fuse: Bad value for 'fd' [ 376.993997][ T7275] fuse: Bad value for 'fd' [ 377.275979][ T7274] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 379.844300][ T7317] fuse: Bad value for 'fd' [ 384.764293][ T7356] loop4: detected capacity change from 0 to 512 [ 385.354767][ T7373] loop1: detected capacity change from 0 to 1024 [ 385.531079][ T7373] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 385.660956][ T7373] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 385.727657][ T7373] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.392: bg 0: block 88: padding at end of block bitmap is not set [ 386.363169][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.429229][ T7388] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 386.802932][ T7393] loop1: detected capacity change from 0 to 512 [ 386.963498][ T7396] loop3: detected capacity change from 0 to 256 [ 389.298092][ T7423] loop5: detected capacity change from 0 to 1024 [ 389.410353][ T7423] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 389.478967][ T7423] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.407: bg 0: block 88: padding at end of block bitmap is not set [ 389.912867][ T6870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.337222][ T7438] loop5: detected capacity change from 0 to 512 [ 390.375466][ T7440] loop3: detected capacity change from 0 to 256 [ 390.398975][ T7438] EXT4-fs: Ignoring removed nomblk_io_submit option [ 390.492899][ T7438] EXT4-fs (loop5): filesystem is read-only [ 390.533628][ T7438] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 390.657355][ T7438] EXT4-fs (loop5): filesystem is read-only [ 390.663902][ T7438] EXT4-fs (loop5): orphan cleanup on readonly fs [ 390.688602][ T7438] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #16: comm syz.5.411: iget: bad i_size value: 648518346341360424 [ 390.732856][ T7438] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.411: couldn't read orphan inode 16 (err -117) [ 390.824792][ T7438] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 391.206034][ T7449] netlink: 32 bytes leftover after parsing attributes in process `syz.0.415'. [ 391.615423][ T6870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.386075][ T7468] loop1: detected capacity change from 0 to 512 [ 392.543855][ T7468] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.420: bg 0: block 5: invalid block bitmap [ 392.626267][ T7468] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 392.644815][ T7470] loop3: detected capacity change from 0 to 1024 [ 392.654169][ T7468] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.420: invalid indirect mapped block 3 (level 2) [ 392.702629][ T7468] EXT4-fs (loop1): 2 truncates cleaned up [ 392.710697][ T7468] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.945556][ T7470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.993624][ T7468] overlayfs: failed to verify upper root origin [ 393.544957][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.584883][ T5817] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.778990][ T7488] loop5: detected capacity change from 0 to 256 [ 396.462604][ T7525] loop5: detected capacity change from 0 to 256 [ 396.579255][ T7523] loop3: detected capacity change from 0 to 1024 [ 396.741183][ T7523] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 397.379891][ T5817] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 398.111303][ T7545] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 399.503247][ T7567] loop5: detected capacity change from 0 to 256 [ 399.528311][ T7564] netlink: 'syz.4.448': attribute type 11 has an invalid length. [ 400.986213][ T7583] loop1: detected capacity change from 0 to 128 [ 401.395965][ T7583] FAT-fs (loop1): Directory bread(block 32) failed [ 401.412707][ T7583] FAT-fs (loop1): Directory bread(block 33) failed [ 401.419647][ T7583] FAT-fs (loop1): Directory bread(block 34) failed [ 401.430140][ T7583] FAT-fs (loop1): Directory bread(block 35) failed [ 401.437543][ T7583] FAT-fs (loop1): Directory bread(block 36) failed [ 401.444503][ T7583] FAT-fs (loop1): Directory bread(block 37) failed [ 401.451429][ T7583] FAT-fs (loop1): Directory bread(block 38) failed [ 401.458354][ T7583] FAT-fs (loop1): Directory bread(block 39) failed [ 401.465674][ T7583] FAT-fs (loop1): Directory bread(block 40) failed [ 401.472643][ T7583] FAT-fs (loop1): Directory bread(block 41) failed [ 403.949063][ T7624] netlink: 'syz.5.472': attribute type 28 has an invalid length. [ 404.701147][ T7638] loop1: detected capacity change from 0 to 128 [ 405.055662][ T7638] FAT-fs (loop1): Directory bread(block 32) failed [ 405.068504][ T7638] FAT-fs (loop1): Directory bread(block 33) failed [ 405.077714][ T7638] FAT-fs (loop1): Directory bread(block 34) failed [ 405.088137][ T7638] FAT-fs (loop1): Directory bread(block 35) failed [ 405.096585][ T7638] FAT-fs (loop1): Directory bread(block 36) failed [ 405.103610][ T7638] FAT-fs (loop1): Directory bread(block 37) failed [ 405.110546][ T7638] FAT-fs (loop1): Directory bread(block 38) failed [ 405.117640][ T7638] FAT-fs (loop1): Directory bread(block 39) failed [ 405.124758][ T7638] FAT-fs (loop1): Directory bread(block 40) failed [ 405.131523][ T7638] FAT-fs (loop1): Directory bread(block 41) failed [ 408.939805][ T7682] loop1: detected capacity change from 0 to 128 [ 409.167384][ T7682] FAT-fs (loop1): Directory bread(block 32) failed [ 409.175540][ T7682] FAT-fs (loop1): Directory bread(block 33) failed [ 409.185082][ T7682] FAT-fs (loop1): Directory bread(block 34) failed [ 409.192745][ T7682] FAT-fs (loop1): Directory bread(block 35) failed [ 409.200074][ T7682] FAT-fs (loop1): Directory bread(block 36) failed [ 409.207340][ T7682] FAT-fs (loop1): Directory bread(block 37) failed [ 409.214527][ T7682] FAT-fs (loop1): Directory bread(block 38) failed [ 409.221275][ T7682] FAT-fs (loop1): Directory bread(block 39) failed [ 409.228544][ T7682] FAT-fs (loop1): Directory bread(block 40) failed [ 409.236138][ T7682] FAT-fs (loop1): Directory bread(block 41) failed [ 412.375119][ T7727] loop5: detected capacity change from 0 to 128 [ 412.676782][ T7727] FAT-fs (loop5): Directory bread(block 32) failed [ 412.683905][ T7727] FAT-fs (loop5): Directory bread(block 33) failed [ 412.690986][ T7727] FAT-fs (loop5): Directory bread(block 34) failed [ 412.698082][ T7727] FAT-fs (loop5): Directory bread(block 35) failed [ 412.705287][ T7727] FAT-fs (loop5): Directory bread(block 36) failed [ 412.712284][ T7727] FAT-fs (loop5): Directory bread(block 37) failed [ 412.719205][ T7727] FAT-fs (loop5): Directory bread(block 38) failed [ 412.726255][ T7727] FAT-fs (loop5): Directory bread(block 39) failed [ 412.734089][ T7727] FAT-fs (loop5): Directory bread(block 40) failed [ 412.740855][ T7727] FAT-fs (loop5): Directory bread(block 41) failed [ 413.224062][ T7727] syz.5.506: attempt to access beyond end of device [ 413.224062][ T7727] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 413.238585][ T7727] FAT-fs (loop5): Filesystem has been set read-only [ 413.312541][ T7727] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF [ 413.827494][ T7740] Illegal XDP return value 1468828490 on prog (id 55) dev syz_tun, expect packet loss! [ 415.901376][ T7771] loop5: detected capacity change from 0 to 128 [ 416.134686][ T7771] syz.5.519: attempt to access beyond end of device [ 416.134686][ T7771] loop5: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 416.230617][ T7775] syz.5.519: attempt to access beyond end of device [ 416.230617][ T7775] loop5: rw=2049, sector=140, nr_sectors = 2 limit=128 [ 416.244656][ T7775] Buffer I/O error on dev loop5, logical block 70, lost async page write [ 416.256422][ T7775] syz.5.519: attempt to access beyond end of device [ 416.256422][ T7775] loop5: rw=2049, sector=142, nr_sectors = 2 limit=128 [ 416.271172][ T7775] Buffer I/O error on dev loop5, logical block 71, lost async page write [ 416.280334][ T7775] syz.5.519: attempt to access beyond end of device [ 416.280334][ T7775] loop5: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 416.294207][ T7775] Buffer I/O error on dev loop5, logical block 72, lost async page write [ 416.304166][ T7775] syz.5.519: attempt to access beyond end of device [ 416.304166][ T7775] loop5: rw=2049, sector=146, nr_sectors = 104 limit=128 [ 416.633927][ T7771] syz.5.519: attempt to access beyond end of device [ 416.633927][ T7771] loop5: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 416.647867][ T7771] Buffer I/O error on dev loop5, logical block 72, lost async page write [ 416.731538][ T7781] loop3: detected capacity change from 0 to 512 [ 416.878069][ T7781] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 417.286906][ T7781] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 417.300267][ T7781] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 419.351892][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 419.358675][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.669009][ T5817] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.192920][ T7872] loop5: detected capacity change from 0 to 512 [ 423.343504][ T7872] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.358432][ T7872] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 423.389730][ T7878] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 64: padding at end of block bitmap is not set [ 423.503883][ T7880] EXT4-fs (loop5): shut down requested (1) [ 423.567795][ T30] audit: type=1800 audit(1754913347.094:18): pid=7872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.551" name="file2" dev="loop5" ino=16 res=0 errno=0 [ 423.858630][ T6870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.346026][ T7892] loop5: detected capacity change from 0 to 164 [ 424.466738][ T7892] Unable to read rock-ridge attributes [ 424.976716][ T7896] loop1: detected capacity change from 0 to 2048 [ 425.205512][ T7896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 425.693755][ T7906] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 425.888319][ T5810] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900. [ 426.938792][ T7928] loop5: detected capacity change from 0 to 512 [ 427.083747][ T7928] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.565: bg 0: block 5: invalid block bitmap [ 427.113418][ T7934] trusted_key: encrypted_key: insufficient parameters specified [ 427.117546][ T7928] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 427.180034][ T7928] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.565: invalid indirect mapped block 3 (level 2) [ 427.233060][ T7928] EXT4-fs (loop5): 2 truncates cleaned up [ 427.241359][ T7928] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 427.255955][ T7934] trusted_key: encrypted_key: keylen parameter is missing [ 427.427194][ T7928] overlayfs: upper fs does not support tmpfile. [ 427.887026][ T6870] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 427.977578][ T7942] loop1: detected capacity change from 0 to 164 [ 430.793776][ T7978] loop3: detected capacity change from 0 to 512 [ 431.026727][ T7978] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.581: bg 0: block 5: invalid block bitmap [ 431.118711][ T7978] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 431.207882][ T7978] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.581: invalid indirect mapped block 3 (level 2) [ 431.230428][ T7981] ===================================================== [ 431.237494][ T7978] EXT4-fs (loop3): 2 truncates cleaned up [ 431.240002][ T7978] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 431.245491][ T7981] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0xf0e/0x33f0 [ 431.265560][ T7981] _copy_to_iter+0xf0e/0x33f0 [ 431.270511][ T7981] __skb_datagram_iter+0x196/0x12c0 [ 431.276248][ T7981] skb_copy_datagram_iter+0x5b/0x1e0 [ 431.282017][ T7981] netlink_recvmsg+0x4bb/0xfe0 [ 431.287018][ T7981] sock_recvmsg+0x2df/0x390 [ 431.291766][ T7981] sock_read_iter+0x2c8/0x360 [ 431.297996][ T7981] vfs_read+0x8ed/0xf90 [ 431.305595][ T7981] __x64_sys_read+0x1fb/0x4d0 [ 431.310492][ T7981] x64_sys_call+0x2f9c/0x3e20 [ 431.316266][ T7981] do_syscall_64+0xd9/0x210 [ 431.320997][ T7981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.327272][ T7981] [ 431.329701][ T7981] Uninit was created at: [ 431.334561][ T7981] __kmalloc_node_track_caller_noprof+0x96d/0x12f0 [ 431.341319][ T7981] kmalloc_reserve+0x22f/0x4b0 [ 431.346438][ T7981] __alloc_skb+0x347/0x7d0 [ 431.351029][ T7981] netlink_dump+0x24f/0x17d0 [ 431.355995][ T7981] __netlink_dump_start+0x716/0xd60 [ 431.361390][ T7981] rtnetlink_rcv_msg+0x1262/0x14b0 [ 431.366981][ T7981] netlink_rcv_skb+0x54a/0x680 [ 431.372134][ T7981] rtnetlink_rcv+0x35/0x40 [ 431.376943][ T7981] netlink_unicast+0xf04/0x12b0 [ 431.382160][ T7981] netlink_sendmsg+0x10b3/0x1250 [ 431.387309][ T7981] __sock_sendmsg+0x333/0x3d0 [ 431.392562][ T7981] ____sys_sendmsg+0x7e0/0xd80 [ 431.397548][ T7981] ___sys_sendmsg+0x271/0x3b0 [ 431.404932][ T7981] __x64_sys_sendmsg+0x211/0x3e0 [ 431.410104][ T7981] x64_sys_call+0x1dfd/0x3e20 [ 431.415985][ T7981] do_syscall_64+0xd9/0x210 [ 431.420725][ T7981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.427048][ T7981] [ 431.429484][ T7981] Bytes 32-35 of 44 are uninitialized [ 431.435150][ T7981] Memory access of size 44 starts at ffff888020cb2000 [ 431.442225][ T7981] Data copied to user address 00002000000006c0 [ 431.448518][ T7981] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 431.450973][ T7981] CPU: 1 UID: 0 PID: 7981 Comm: syz.1.582 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(none) [ 431.461649][ T7981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 431.472941][ T7981] ===================================================== [ 431.480036][ T7981] Disabling lock debugging due to kernel taint [ 431.487131][ T7981] Kernel panic - not syncing: kmsan.panic set ... [ 431.493766][ T7981] CPU: 1 UID: 0 PID: 7981 Comm: syz.1.582 Tainted: G B 6.17.0-rc1-syzkaller #0 PREEMPT(none) [ 431.505741][ T7981] Tainted: [B]=BAD_PAGE [ 431.510026][ T7981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 431.520271][ T7981] Call Trace: [ 431.523694][ T7981] [ 431.526759][ T7981] __dump_stack+0x26/0x30 [ 431.531320][ T7981] dump_stack_lvl+0x53/0x270 [ 431.536143][ T7981] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 431.542200][ T7981] dump_stack+0x1e/0x25 [ 431.546582][ T7981] vpanic+0x361/0xc50 [ 431.550794][ T7981] panic+0x15d/0x160 [ 431.554975][ T7981] kmsan_report+0x31c/0x320 [ 431.559704][ T7981] ? kmsan_internal_check_memory+0x16c/0x230 [ 431.565910][ T7981] ? kmsan_copy_to_user+0xf1/0x190 [ 431.571274][ T7981] ? _copy_to_iter+0xf0e/0x33f0 [ 431.576443][ T7981] ? __skb_datagram_iter+0x196/0x12c0 [ 431.582080][ T7981] ? skb_copy_datagram_iter+0x5b/0x1e0 [ 431.587772][ T7981] ? netlink_recvmsg+0x4bb/0xfe0 [ 431.592924][ T7981] ? sock_recvmsg+0x2df/0x390 [ 431.597822][ T7981] ? sock_read_iter+0x2c8/0x360 [ 431.602895][ T7981] ? vfs_read+0x8ed/0xf90 [ 431.607416][ T7981] ? __x64_sys_read+0x1fb/0x4d0 [ 431.612484][ T7981] ? x64_sys_call+0x2f9c/0x3e20 [ 431.617565][ T7981] ? do_syscall_64+0xd9/0x210 [ 431.622446][ T7981] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.628719][ T7981] ? kmsan_get_metadata+0xfb/0x160 [ 431.634026][ T7981] ? kmsan_get_metadata+0xfb/0x160 [ 431.639323][ T7981] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 431.645857][ T7981] ? kmsan_get_metadata+0xfb/0x160 [ 431.651180][ T7981] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 431.657191][ T7981] ? finish_task_switch+0x1a7/0x920 [ 431.662858][ T7981] ? kmsan_get_metadata+0xfb/0x160 [ 431.668157][ T7981] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 431.674180][ T7981] kmsan_internal_check_memory+0x16c/0x230 [ 431.680174][ T7981] kmsan_copy_to_user+0xf1/0x190 [ 431.685289][ T7981] _copy_to_iter+0xf0e/0x33f0 [ 431.690346][ T7981] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 431.696895][ T7981] ? kmsan_get_metadata+0xfb/0x160 [ 431.702230][ T7981] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 431.708423][ T7981] ? kmsan_get_metadata+0xfb/0x160 [ 431.713734][ T7981] ? kmsan_save_stack_with_flags+0x51/0x60 [ 431.719835][ T7981] ? kmsan_get_metadata+0xfb/0x160 [ 431.725157][ T7981] __skb_datagram_iter+0x196/0x12c0 [ 431.730552][ T7981] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 431.736405][ T7981] skb_copy_datagram_iter+0x5b/0x1e0 [ 431.741869][ T7981] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 431.747979][ T7981] netlink_recvmsg+0x4bb/0xfe0 [ 431.753108][ T7981] ? aa_sock_msg_perm+0x29c/0x2f0 [ 431.758331][ T7981] ? __pfx_netlink_recvmsg+0x10/0x10 [ 431.763809][ T7981] sock_recvmsg+0x2df/0x390 [ 431.768534][ T7981] sock_read_iter+0x2c8/0x360 [ 431.773447][ T7981] vfs_read+0x8ed/0xf90 [ 431.777801][ T7981] ? __pfx_sock_read_iter+0x10/0x10 [ 431.783216][ T7981] __x64_sys_read+0x1fb/0x4d0 [ 431.788096][ T7981] x64_sys_call+0x2f9c/0x3e20 [ 431.792978][ T7981] do_syscall_64+0xd9/0x210 [ 431.797678][ T7981] ? irqentry_exit+0x16/0x60 [ 431.802439][ T7981] ? clear_bhb_loop+0x40/0x90 [ 431.807288][ T7981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.813373][ T7981] RIP: 0033:0x7efe3158ebe9 [ 431.817940][ T7981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.837749][ T7981] RSP: 002b:00007efe2f7f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 431.846353][ T7981] RAX: ffffffffffffffda RBX: 00007efe317b5fa0 RCX: 00007efe3158ebe9 [ 431.854485][ T7981] RDX: 000000000000009a RSI: 00002000000006c0 RDI: 0000000000000004 [ 431.862595][ T7981] RBP: 00007efe31611e19 R08: 0000000000000000 R09: 0000000000000000 [ 431.870730][ T7981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.878836][ T7981] R13: 00007efe317b6038 R14: 00007efe317b5fa0 R15: 00007ffdd3528c28 [ 431.886989][ T7981] [ 431.890487][ T7981] Kernel Offset: disabled [ 431.894931][ T7981] Rebooting in 86400 seconds..