last executing test programs: 4.033035207s ago: executing program 2 (id=426): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xfff1}, {0x0, 0x8}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x4}, @TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840) 3.571124602s ago: executing program 2 (id=429): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='fdinfo\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) fchdir(r0) 2.533842066s ago: executing program 2 (id=438): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) writev(r0, &(0x7f000000cac0)=[{&(0x7f0000000040)="419591c78b30640ee91c8fc7c6079c0213a13dce386a64f8a51e9b3961", 0xfe8e}], 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x7f) 2.354870325s ago: executing program 3 (id=440): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a09040000000000000000020000002400048020000180080001006c6f670014000280060001400001000006000440012c00000900010073797a30000000000900020073797a32"], 0x78}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 2.281107239s ago: executing program 3 (id=441): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f0000000180)=0x2, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f0000000280)={0x0, 0x0}, 0x10) 2.192648249s ago: executing program 3 (id=442): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$kcm(0x22, 0x2, 0x21) recvmsg$kcm(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) 2.051396026s ago: executing program 1 (id=443): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f00000017c0)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) quotactl_fd$Q_GETQUOTA(r0, 0xffffffff80000700, 0x0, &(0x7f0000000280)) 2.051189196s ago: executing program 2 (id=444): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00'}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000080)=0xfff, 0x4) 1.953352804s ago: executing program 0 (id=445): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96854305", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 1.928936228s ago: executing program 2 (id=446): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000002100)={0x18, {"a2e3ad2119c752f91b5e09091bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838721a0890e0878f0e1ac6e7049b3d63959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70d998ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5af098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000108000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b2fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f794c9eee1198751adaa13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d8872fe174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f980000000203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) 1.738714095s ago: executing program 3 (id=447): mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_int(r0, 0x29, 0x7, 0x0, &(0x7f0000000340)) 1.713369169s ago: executing program 0 (id=448): unshare(0x6020480) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0xa, 0x0, 0x0) 1.650349515s ago: executing program 1 (id=449): mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd', @ANYRESOCT, @ANYBLOB=',rootmode=000000000000000004', @ANYRESDEC=0x0]) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x5, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc058560f, &(0x7f0000000080)={0x218, 0x9, 0x1}) 1.576643589s ago: executing program 3 (id=450): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) syz_read_part_table(0x1062, &(0x7f0000000000)="$eJzsz7FNBDEUBNC503rtDUgIth6agDYgJYJ6KICAapCgCqSVkQ01wAXvBSP90ciSw78qSbYl9/t1r+lr8vg6u9PbyBy997n7vBq5j6hrS2pOs/96LslNknUb51Pej9+Xl6TlfG4lbd41pedhrO7qz+Ijty9//2MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuDzfAQAA//83nRHZ") 1.440787738s ago: executing program 0 (id=451): r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0) write$proc_mixer(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="474149c509"], 0xaf) close(r0) 1.347634856s ago: executing program 1 (id=452): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000bc000000bc00000003000000060000000000000700000000070000000000000e01000000010000f40b00000000000008030000000a00000001cc04"], 0x0, 0xd7, 0x0, 0x0, 0x7, 0x10000}, 0x28) r0 = socket$kcm(0x11, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000001340)=@hci={0x1f, 0xc00, 0xe}, 0x80, &(0x7f0000002540)=[{&(0x7f00000006c0)='b', 0x10}], 0x1}, 0x0) 1.288816383s ago: executing program 2 (id=453): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000207d1e512d00000000000109022400010000000009040000010300020009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000780)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x1, "c2a95508"}]}}, 0x0}, 0x0) 1.220818538s ago: executing program 1 (id=454): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)={{}, {}, [], {}, [], {0x10, 0x6}}, 0x24, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1c0) 1.220200207s ago: executing program 0 (id=455): syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f0000000100), 0xff, 0x1108, &(0x7f0000000140)="$eJzs2T9rFEEYB+Df7J5/upVNvwhaWEhIOL9ACoVrbbURSWWqHBaKfhs/jqayD+m1CNivrNnNBbkokjur54Fl3nnZd3amfGcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg1nyrSQ7VdJOuSpJSbruZHGWpJvy9z7XVUqeHy6WT4/nz5ZJ6l+vlxdJGaqGsrT7D+6283be7rdPdg4eflm+e//m1dHR4fG4TEmX0/PNH6WM+7k6BwAAAJL+xpprVi5/7L8/vt3U9wEAAIC/2cadAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC/6JtV3E5BlaQkXXeyOEvSram79Z/2BwAAANxcSZWXzbr8xTXAyuN8bcplfhh/lCHey6c19QAAAMC1+jtjcPX/erm96scfZXbZlw+5+5lld/diPg75fpDUSfZ+W/z0/MPr6Sl9ve2zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwE924FgAAAAAQJi/dRodGwAAAAAAAAAAAAAAAAAAAADAXgEAAP//xbTXxA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x149442, 0x1a0) open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYRES64=r0], 0x244000) 790.42085ms ago: executing program 3 (id=456): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000000)={0x400000000000030d}) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000970e5b4035121800eef0000000010902120001000000000904"], 0x0) 699.007619ms ago: executing program 1 (id=457): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x27c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x23c, 0x4, 0x0, 0x1, [{0x238, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x228, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x214, 0x3, "d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbaddefdaa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c755ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f"}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_COMPAT={0x14, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8864}, @NFTA_RULE_COMPAT_FLAGS={0x4, 0x2, 0x1, 0x0, 0x2}]}]}], {0x14}}, 0x2a4}}, 0x4048010) 435.809489ms ago: executing program 0 (id=458): unshare(0x28000600) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r0, r0, 0x2f, 0x2004, 0x4}, 0x20) 262.76446ms ago: executing program 1 (id=459): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)=0x9) 0s ago: executing program 0 (id=460): syz_emit_ethernet(0x120, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0xea, 0x0, 0x0, @private2, @empty, {[], "223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209"}}}}}, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new user:syz 000000000000000020'], 0x2a, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.54' (ED25519) to the list of known hosts. [ 79.757203][ T5757] cgroup: Unknown subsys name 'net' [ 79.896133][ T5757] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 81.621419][ T5757] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 83.260723][ T5775] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.268811][ T5775] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.277596][ T5775] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.285706][ T5775] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.293964][ T5775] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.296725][ T5776] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.304116][ T5775] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 83.315938][ T5775] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 83.316963][ T5776] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.323993][ T5775] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.337680][ T5775] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.347251][ T5775] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.355363][ T5775] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.363834][ T5776] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.366622][ T5775] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.378850][ T5775] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.390089][ T5776] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.390254][ T5775] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.399995][ T5776] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 83.406771][ T5775] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 83.412385][ T5776] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.420245][ T5775] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 83.432473][ T5775] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.446323][ T5775] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.945606][ T5768] chnl_net:caif_netlink_parms(): no params data found [ 84.000778][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 84.057574][ T5771] chnl_net:caif_netlink_parms(): no params data found [ 84.161568][ T5770] chnl_net:caif_netlink_parms(): no params data found [ 84.222242][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.232160][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.240449][ T5768] bridge_slave_0: entered allmulticast mode [ 84.247961][ T5768] bridge_slave_0: entered promiscuous mode [ 84.265809][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.273029][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.280495][ T5768] bridge_slave_1: entered allmulticast mode [ 84.287492][ T5768] bridge_slave_1: entered promiscuous mode [ 84.338589][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.345777][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.353197][ T5769] bridge_slave_0: entered allmulticast mode [ 84.360665][ T5769] bridge_slave_0: entered promiscuous mode [ 84.369501][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.376619][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.383941][ T5769] bridge_slave_1: entered allmulticast mode [ 84.391360][ T5769] bridge_slave_1: entered promiscuous mode [ 84.456711][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.476478][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.490385][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.500919][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.508605][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.515752][ T5771] bridge_slave_0: entered allmulticast mode [ 84.523972][ T5771] bridge_slave_0: entered promiscuous mode [ 84.545690][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.589611][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.596795][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.604134][ T5771] bridge_slave_1: entered allmulticast mode [ 84.611715][ T5771] bridge_slave_1: entered promiscuous mode [ 84.653043][ T5768] team0: Port device team_slave_0 added [ 84.672270][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.679738][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.686933][ T5770] bridge_slave_0: entered allmulticast mode [ 84.694253][ T5770] bridge_slave_0: entered promiscuous mode [ 84.704652][ T5769] team0: Port device team_slave_0 added [ 84.714154][ T5769] team0: Port device team_slave_1 added [ 84.721846][ T5768] team0: Port device team_slave_1 added [ 84.739390][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.746579][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.753896][ T5770] bridge_slave_1: entered allmulticast mode [ 84.761455][ T5770] bridge_slave_1: entered promiscuous mode [ 84.812320][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.828211][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.848971][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.855931][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.882178][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.895092][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 84.905026][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 84.936262][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 84.972059][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 84.980327][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.006333][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.033725][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.040772][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.066989][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.111358][ T5771] team0: Port device team_slave_0 added [ 85.120342][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.132061][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.166424][ T5771] team0: Port device team_slave_1 added [ 85.209768][ T5768] hsr_slave_0: entered promiscuous mode [ 85.216138][ T5768] hsr_slave_1: entered promiscuous mode [ 85.248866][ T5770] team0: Port device team_slave_0 added [ 85.255507][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.262840][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.288856][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.306314][ T5769] hsr_slave_0: entered promiscuous mode [ 85.312722][ T5769] hsr_slave_1: entered promiscuous mode [ 85.319366][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.327157][ T5769] Cannot create hsr debugfs directory [ 85.348433][ T5770] team0: Port device team_slave_1 added [ 85.354949][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.362039][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.388095][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.448782][ T51] Bluetooth: hci1: command tx timeout [ 85.488766][ T5771] hsr_slave_0: entered promiscuous mode [ 85.495656][ T5771] hsr_slave_1: entered promiscuous mode [ 85.502064][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.509821][ T5771] Cannot create hsr debugfs directory [ 85.528031][ T5775] Bluetooth: hci2: command tx timeout [ 85.533679][ T5775] Bluetooth: hci0: command tx timeout [ 85.538094][ T51] Bluetooth: hci3: command tx timeout [ 85.573857][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.581018][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.607037][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.644952][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.652734][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.679222][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.863816][ T5770] hsr_slave_0: entered promiscuous mode [ 85.871604][ T5770] hsr_slave_1: entered promiscuous mode [ 85.877953][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.885554][ T5770] Cannot create hsr debugfs directory [ 86.078703][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 86.115767][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 86.145120][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.163331][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 86.231126][ T5768] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 86.249337][ T5768] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 86.261667][ T5768] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 86.287398][ T5768] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 86.349768][ T5771] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.367157][ T5771] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.379267][ T5771] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.410884][ T5771] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.502104][ T5770] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.512091][ T5770] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.523138][ T5770] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.536176][ T5770] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.617365][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.683521][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.717486][ T1080] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.724854][ T1080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.735204][ T1080] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.742395][ T1080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.755727][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.821190][ T5768] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.851733][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.861450][ T1080] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.868742][ T1080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.886532][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.912711][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.919917][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.975555][ T5771] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.003819][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.011021][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.072923][ T5770] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.093944][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.101236][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.172688][ T5768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 87.202634][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.209840][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.252747][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.260112][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.456801][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.529237][ T51] Bluetooth: hci1: command tx timeout [ 87.589641][ T5769] veth0_vlan: entered promiscuous mode [ 87.611170][ T51] Bluetooth: hci0: command tx timeout [ 87.612869][ T5775] Bluetooth: hci2: command tx timeout [ 87.616662][ T51] Bluetooth: hci3: command tx timeout [ 87.637611][ T5769] veth1_vlan: entered promiscuous mode [ 87.791786][ T5769] veth0_macvtap: entered promiscuous mode [ 87.824775][ T5769] veth1_macvtap: entered promiscuous mode [ 87.904615][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.945652][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.992906][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.015201][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.027124][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.036525][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.062232][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.181287][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.244007][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.307460][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.323604][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.392121][ T5768] veth0_vlan: entered promiscuous mode [ 88.422712][ T5768] veth1_vlan: entered promiscuous mode [ 88.432569][ T5771] veth0_vlan: entered promiscuous mode [ 88.451204][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.467402][ T5771] veth1_vlan: entered promiscuous mode [ 88.473070][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.535147][ T5770] veth0_vlan: entered promiscuous mode [ 88.572083][ T5770] veth1_vlan: entered promiscuous mode [ 88.585174][ T5768] veth0_macvtap: entered promiscuous mode [ 88.596226][ T5768] veth1_macvtap: entered promiscuous mode [ 88.626333][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.639696][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.653859][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.702284][ T5770] veth0_macvtap: entered promiscuous mode [ 88.734361][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 88.746703][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.759188][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.777135][ T5771] veth0_macvtap: entered promiscuous mode [ 88.788901][ T5770] veth1_macvtap: entered promiscuous mode [ 88.801132][ T5768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.812495][ T5768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.823317][ T5768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.832488][ T5768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.852307][ T5771] veth1_macvtap: entered promiscuous mode [ 88.887274][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.899698][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.910194][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.920965][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.933608][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.943226][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.954817][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.964925][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.976155][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.986749][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.998543][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.010398][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.038626][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.049624][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.060340][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.071316][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.083059][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.093571][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.104561][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.114919][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.126399][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.138941][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.151035][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.166867][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.183797][ T5770] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.193171][ T5770] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.202382][ T5770] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.212003][ T5770] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.229029][ T5771] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.239222][ T5771] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.249012][ T5771] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.258166][ T5771] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.362726][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.390583][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.432523][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.444916][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.487203][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.502653][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.586747][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.604321][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.613223][ T51] Bluetooth: hci1: command tx timeout [ 89.688523][ T51] Bluetooth: hci3: command tx timeout [ 89.689291][ T5775] Bluetooth: hci2: command tx timeout [ 89.694321][ T51] Bluetooth: hci0: command tx timeout [ 89.736659][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.754805][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.815331][ T5843] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3'. [ 89.833462][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.857350][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.037182][ T5847] syz.2.7[5847]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 90.072282][ T5847] loop2: detected capacity change from 0 to 64 [ 90.508375][ T5863] netlink: 11 bytes leftover after parsing attributes in process `syz.2.10'. [ 91.413594][ T5890] netlink: 8 bytes leftover after parsing attributes in process `syz.3.25'. [ 91.690809][ T51] Bluetooth: hci1: command tx timeout [ 91.768192][ T51] Bluetooth: hci2: command tx timeout [ 91.773716][ T51] Bluetooth: hci3: command tx timeout [ 91.778650][ T5774] Bluetooth: hci0: command tx timeout [ 91.830400][ T5882] loop1: detected capacity change from 0 to 32768 [ 91.889217][ T5904] capability: warning: `syz.0.31' uses deprecated v2 capabilities in a way that may be insecure [ 91.959602][ T5882] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 92.113391][ T9] cfg80211: failed to load regulatory.db [ 92.188497][ T5882] XFS (loop1): Ending clean mount [ 92.251813][ T5882] XFS (loop1): Quotacheck needed: Please wait. [ 92.392815][ T5882] XFS (loop1): Quotacheck: Done. [ 92.476772][ T5922] loop2: detected capacity change from 0 to 1024 [ 92.580484][ T5925] netlink: 209588 bytes leftover after parsing attributes in process `syz.3.38'. [ 92.596212][ T5771] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 92.819800][ T5922] EXT4-fs: Ignoring removed i_version option [ 92.826053][ T5922] EXT4-fs: inline encryption not supported [ 92.840150][ T5922] EXT4-fs (loop2): Test dummy encryption mode enabled [ 92.884223][ T5922] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 93.121652][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.325029][ T5920] loop0: detected capacity change from 0 to 32768 [ 93.650144][ T5945] loop3: detected capacity change from 0 to 1024 [ 93.715212][ T5947] netlink: 132 bytes leftover after parsing attributes in process `syz.1.47'. [ 94.201755][ T5962] loop2: detected capacity change from 0 to 128 [ 94.236135][ T5962] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1) [ 94.311999][ T28] audit: type=1800 audit(1773111840.808:2): pid=5962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.55" name="file1" dev="loop2" ino=1048592 res=0 errno=0 [ 94.518216][ T787] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 94.733192][ T787] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.760196][ T787] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.789781][ T5975] netlink: 256 bytes leftover after parsing attributes in process `syz.3.60'. [ 94.802183][ T787] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 94.815420][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.3.60'. [ 94.868121][ T787] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 94.887537][ T787] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.955996][ T787] usb 2-1: config 0 descriptor?? [ 94.998997][ T28] audit: type=1326 audit(1773111841.508:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5979 comm="syz.3.63" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f07ed59c799 code=0x0 [ 95.163873][ T5985] IPVS: Error connecting to the multicast addr [ 95.402394][ T787] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 95.458188][ T787] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 95.514253][ T5976] loop2: detected capacity change from 0 to 32768 [ 95.556763][ T5976] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 95.666585][ T787] usb 2-1: USB disconnect, device number 2 [ 95.771901][ T5990] fido_id[5990]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 95.824336][ T5976] XFS (loop2): Ending clean mount [ 95.847894][ T5976] XFS (loop2): Quotacheck needed: Please wait. [ 95.956229][ T5976] XFS (loop2): Quotacheck: Done. [ 96.181644][ T5768] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 96.220144][ T6011] loop3: detected capacity change from 0 to 512 [ 96.318214][ T6011] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback. [ 96.363828][ T6011] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.411538][ T6017] loop1: detected capacity change from 0 to 4096 [ 96.504670][ T6017] ntfs: (device loop1): parse_options(): NLS character set cpS not found. Using previous one iso8859-2. [ 96.570774][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0007-000000000000. [ 96.646818][ T6017] ntfs: volume version 3.1. [ 96.828215][ T6024] PKCS8: Unsupported PKCS#8 version [ 96.846456][ T6017] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 96.930847][ T6017] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 96.988691][ T6017] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to map page. [ 97.012078][ T6017] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5). [ 97.068025][ T6017] ntfs: (device loop1): ntfs_truncate(): Cannot truncate inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5. [ 97.214972][ T5771] ntfs: (device loop1): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 97.807093][ T6026] loop2: detected capacity change from 0 to 32768 [ 97.923384][ T6052] loop1: detected capacity change from 0 to 512 [ 97.956566][ T6052] ======================================================= [ 97.956566][ T6052] WARNING: The mand mount option has been deprecated and [ 97.956566][ T6052] and is ignored by this kernel. Remove the mand [ 97.956566][ T6052] option from the mount to silence this warning. [ 97.956566][ T6052] ======================================================= [ 98.038940][ T6052] EXT4-fs: Ignoring removed bh option [ 98.059512][ T6052] EXT4-fs: Ignoring removed mblk_io_submit option [ 98.091845][ T6052] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 98.145980][ T6052] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 98.174819][ T6052] EXT4-fs (loop1): orphan cleanup on readonly fs [ 98.184139][ T6052] Quota error (device loop1): do_insert_tree: Free block already used in tree: block 4 [ 98.196689][ T6052] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.92: Failed to acquire dquot type 1 [ 98.209779][ T6052] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.92: Invalid block bitmap block 0 in block_group 0 [ 98.227190][ T6052] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.92: Invalid block bitmap block 0 in block_group 0 [ 98.245729][ T6052] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:478: comm syz.1.92: Invalid block bitmap block 0 in block_group 0 [ 98.260331][ T6052] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.92: Failed to acquire dquot type 1 [ 98.276474][ T6052] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.92: Failed to acquire dquot type 1 [ 98.301190][ T6052] EXT4-fs (loop1): 1 orphan inode deleted [ 98.320107][ T6052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 98.498174][ T6052] syz.1.92 (6052) used greatest stack depth: 20336 bytes left [ 98.516902][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.625101][ T6062] capability: warning: `syz.0.96' uses 32-bit capabilities (legacy support in use) [ 99.203363][ T6049] loop3: detected capacity change from 0 to 40427 [ 99.260587][ T6049] F2FS-fs (loop3): invalid crc value [ 99.306792][ T6049] F2FS-fs (loop3): Found nat_bits in checkpoint [ 99.575100][ T6049] F2FS-fs (loop3): Start checkpoint disabled! [ 99.632209][ T6087] loop1: detected capacity change from 0 to 16 [ 99.652754][ T6049] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 99.674624][ T6087] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 100.069951][ T6071] loop0: detected capacity change from 0 to 40427 [ 100.117867][ T6071] F2FS-fs (loop0): invalid crc value [ 100.149179][ T6071] F2FS-fs (loop0): Found nat_bits in checkpoint [ 100.346921][ T6071] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 100.614273][ T5770] syz-executor: attempt to access beyond end of device [ 100.614273][ T5770] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 100.652776][ T5770] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 100.738330][ T787] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 100.939684][ T787] usb 4-1: Using ep0 maxpacket: 32 [ 100.947636][ T787] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 100.965798][ T787] usb 4-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39 [ 100.975880][ T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.994680][ T787] usb 4-1: Product: syz [ 101.001714][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 101.001727][ T28] audit: type=1326 audit(1773111847.508:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6111 comm="syz.1.116" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb03c99c799 code=0x0 [ 101.041019][ T787] usb 4-1: Manufacturer: syz [ 101.045666][ T787] usb 4-1: SerialNumber: syz [ 101.084025][ T787] usb 4-1: config 0 descriptor?? [ 101.095634][ T787] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b [ 101.712050][ T787] gspca_pac7302: reg_w() failed i: ff v: 01 error -71 [ 101.732510][ T787] gspca_pac7302: probe of 4-1:0.0 failed with error -71 [ 101.745724][ T787] usb 4-1: USB disconnect, device number 2 [ 102.107498][ T6140] loop0: detected capacity change from 0 to 2048 [ 102.225649][ T6142] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 102.735445][ T6134] loop2: detected capacity change from 0 to 32768 [ 102.842723][ T6134] JBD2: Ignoring recovery information on journal [ 102.971455][ T6134] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 103.058394][ T6155] syz.3.134 (6155) used greatest stack depth: 17864 bytes left [ 103.393040][ T5768] ocfs2: Unmounting device (7,2) on (node local) [ 103.817481][ T6185] loop3: detected capacity change from 0 to 256 [ 103.890563][ T6185] FAT-fs (loop3): Directory bread(block 64) failed [ 103.897194][ T6185] FAT-fs (loop3): Directory bread(block 65) failed [ 103.911665][ T6185] FAT-fs (loop3): Directory bread(block 66) failed [ 103.925815][ T6185] FAT-fs (loop3): Directory bread(block 67) failed [ 103.940373][ T6185] FAT-fs (loop3): Directory bread(block 68) failed [ 103.957450][ T6185] FAT-fs (loop3): Directory bread(block 69) failed [ 103.964801][ T6185] FAT-fs (loop3): Directory bread(block 70) failed [ 103.973120][ T6185] FAT-fs (loop3): Directory bread(block 71) failed [ 103.981385][ T6185] FAT-fs (loop3): Directory bread(block 72) failed [ 103.988395][ T6185] FAT-fs (loop3): Directory bread(block 73) failed [ 104.437437][ T6197] loop3: detected capacity change from 0 to 256 [ 104.561217][ T6197] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d) [ 105.161962][ T6224] loop0: detected capacity change from 0 to 4096 [ 105.192803][ T6224] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 105.259695][ T6224] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 105.277963][ T9] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 105.485184][ T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 105.510102][ T9] usb 2-1: config 0 has no interface number 0 [ 105.521492][ T9] usb 2-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 105.531389][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.549472][ T9] usb 2-1: config 0 descriptor?? [ 105.564586][ T9] usb 2-1: selecting invalid altsetting 1 [ 105.581631][ T9] dvb_ttusb_budget: ttusb_init_controller: error [ 105.600944][ T9] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 105.741694][ T9] DVB: Unable to find symbol cx22700_attach() [ 105.754196][ T6236] loop0: detected capacity change from 0 to 2048 [ 105.838539][ T6236] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 105.885945][ T6236] UDF-fs: Scanning with blocksize 512 failed [ 105.913567][ T9] DVB: Unable to find symbol tda10046_attach() [ 105.933524][ T6236] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 105.952905][ T9] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 105.989893][ T9] usb 2-1: USB disconnect, device number 3 [ 106.080508][ T6236] overlayfs: upper fs needs to support d_type. [ 106.139781][ T6236] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 106.157629][ T6236] overlayfs: failed to set xattr on upper [ 106.178402][ T6236] overlayfs: ...falling back to redirect_dir=nofollow. [ 106.199890][ T6236] overlayfs: ...falling back to index=off. [ 106.212918][ T6236] overlayfs: ...falling back to uuid=null. [ 106.450239][ T6251] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 106.464153][ T6251] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 106.476023][ T6251] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 106.483720][ T6251] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 106.491099][ T6251] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 106.497586][ T6251] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 106.517317][ T6251] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 106.542678][ T6251] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 106.561121][ T6251] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 106.567668][ T6251] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 106.585459][ T6251] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 106.627898][ T6251] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 106.709900][ T6259] loop1: detected capacity change from 0 to 764 [ 106.798058][ T5786] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 107.020511][ T6267] netlink: 12 bytes leftover after parsing attributes in process `syz.0.183'. [ 107.222197][ T6271] loop2: detected capacity change from 0 to 256 [ 107.239304][ T6271] FAT-fs (loop2): Directory bread(block 1285) failed [ 107.239364][ T6271] FAT-fs (loop2): Directory bread(block 1286) failed [ 107.239394][ T6271] FAT-fs (loop2): Directory bread(block 1287) failed [ 107.239659][ T6271] FAT-fs (loop2): Directory bread(block 1288) failed [ 107.264624][ T6271] FAT-fs (loop2): Directory bread(block 1285) failed [ 107.264731][ T6271] FAT-fs (loop2): Directory bread(block 1286) failed [ 107.264761][ T6271] FAT-fs (loop2): Directory bread(block 1287) failed [ 107.264789][ T6271] FAT-fs (loop2): Directory bread(block 1288) failed [ 107.265433][ T6271] FAT-fs (loop2): FAT read failed (blocknr 1281) [ 107.317910][ T6271] FAT-fs (loop2): Directory bread(block 1285) failed [ 107.447680][ T6275] loop3: detected capacity change from 0 to 512 [ 107.465879][ T6275] EXT4-fs: Ignoring removed nobh option [ 107.504073][ T6275] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 107.521317][ T6275] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802e02c, mo2=0002] [ 107.521642][ T6275] EXT4-fs (loop3): orphan cleanup on readonly fs [ 107.577837][ T6275] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.186: attempt to clear invalid blocks 1024 len 1 [ 107.604506][ T6275] EXT4-fs (loop3): Remounting filesystem read-only [ 107.613753][ T6275] EXT4-fs (loop3): 1 truncate cleaned up [ 107.615055][ T6275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 107.800103][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 107.963663][ T6287] warning: `syz.3.192' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 108.116668][ T6293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.194'. [ 109.104437][ T6330] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«= [ 109.134418][ T6330] [U] J"—E:ÀÆ" [ 109.399268][ T6342] loop3: detected capacity change from 0 to 1024 [ 109.516951][ T1106] hfsplus: b-tree write err: -5, ino 25 [ 109.524108][ T1106] hfsplus: b-tree write err: -5, ino 4 [ 109.538161][ T1106] hfsplus: b-tree write err: -5, ino 2 [ 109.548473][ T1106] hfsplus: b-tree write err: -5, ino 20 [ 109.668132][ T5827] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 109.858246][ T5827] usb 2-1: Using ep0 maxpacket: 8 [ 109.872643][ T5827] usb 2-1: config 0 has an invalid interface number: 31 but max is 0 [ 109.890428][ T5827] usb 2-1: config 0 has no interface number 0 [ 109.923155][ T5827] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 109.936691][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.953277][ T6332] loop0: detected capacity change from 0 to 32768 [ 109.959971][ T5827] usb 2-1: Product: syz [ 109.964202][ T5827] usb 2-1: Manufacturer: syz [ 109.968898][ T5827] usb 2-1: SerialNumber: syz [ 109.983685][ T5827] usb 2-1: config 0 descriptor?? [ 110.004417][ T6332] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 110.138097][ T6332] XFS (loop0): Ending clean mount [ 110.185240][ T6332] XFS (loop0): Quotacheck needed: Please wait. [ 110.219353][ T5827] usb 2-1: USB disconnect, device number 4 [ 110.307274][ T6332] XFS (loop0): Quotacheck: Done. [ 110.454991][ T6349] loop2: detected capacity change from 0 to 32768 [ 110.536172][ T6349] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 110.575321][ T6368] syz_tun: entered promiscuous mode [ 110.593710][ T5770] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 110.599363][ T6368] macvtap1: entered promiscuous mode [ 110.610563][ T6368] macvtap1: entered allmulticast mode [ 110.616008][ T6368] syz_tun: entered allmulticast mode [ 110.661173][ T6368] syz_tun: left allmulticast mode [ 110.666564][ T6368] syz_tun: left promiscuous mode [ 110.818763][ T6349] XFS (loop2): Ending clean mount [ 110.867380][ T6349] XFS (loop2): Quotacheck needed: Please wait. [ 110.966682][ T6349] XFS (loop2): Quotacheck: Done. [ 111.137525][ T5768] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 111.952089][ T6383] loop1: detected capacity change from 0 to 32768 [ 111.992479][ T6383] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.229 (6383) [ 112.073282][ T6383] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 112.104245][ T6383] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm [ 112.147933][ T6383] BTRFS info (device loop1): using free space tree [ 112.307345][ T6383] BTRFS info (device loop1): enabling ssd optimizations [ 112.327290][ T6383] BTRFS info (device loop1): auto enabling async discard [ 112.417864][ T5827] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 112.614225][ T5827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 112.631516][ T5771] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 112.635643][ T5827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 112.687973][ T5827] usb 1-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00 [ 112.728004][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.754716][ T5827] usb 1-1: config 0 descriptor?? [ 112.864042][ T6433] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 112.880015][ T6433] macsec1: entered promiscuous mode [ 112.893363][ T6433] macsec1: entered allmulticast mode [ 112.913006][ T6433] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 112.946122][ T6433] netdevsim netdevsim3 netdevsim0: left allmulticast mode [ 112.966975][ T6433] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 113.228909][ T5827] kye 0003:0458:5005.0002: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 113.253639][ T5827] kye 0003:0458:5005.0002: hidraw0: USB HID v10.00 Device [HID 0458:5005] on usb-dummy_hcd.0-1/input0 [ 113.278847][ T5827] kye 0003:0458:5005.0002: tablet-enabling feature report not found [ 113.290272][ T5827] kye 0003:0458:5005.0002: tablet enabling failed [ 113.509987][ T8] usb 1-1: USB disconnect, device number 2 [ 113.626071][ T6448] syz.2.252 uses obsolete (PF_INET,SOCK_PACKET) [ 113.809314][ T5827] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 113.829885][ T6456] loop2: detected capacity change from 0 to 4096 [ 113.867265][ T6456] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.956245][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.021562][ T5827] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 114.031288][ T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 114.050893][ T5827] usb 2-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55 [ 114.071966][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.089660][ T5827] usb 2-1: Product: syz [ 114.093869][ T5827] usb 2-1: Manufacturer: syz [ 114.128159][ T5827] usb 2-1: SerialNumber: syz [ 114.145221][ T5827] usb 2-1: config 0 descriptor?? [ 114.218120][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 114.232432][ T8] usb 4-1: config 0 has an invalid interface number: 132 but max is 0 [ 114.257834][ T8] usb 4-1: config 0 has no interface number 0 [ 114.275016][ T8] usb 4-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 114.285333][ T6463] netlink: 12 bytes leftover after parsing attributes in process `syz.0.257'. [ 114.312320][ T8] usb 4-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 114.333881][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.352158][ T8] usb 4-1: Product: syz [ 114.367387][ T5827] cdc_subset: probe of 2-1:0.0 failed with error -22 [ 114.376024][ T8] usb 4-1: Manufacturer: syz [ 114.388217][ T8] usb 4-1: SerialNumber: syz [ 114.409445][ T8] usb 4-1: config 0 descriptor?? [ 114.451030][ T8] em28xx 4-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 114.481253][ T8] em28xx 4-1:0.132: Video interface 132 found: [ 114.607426][ T9] usb 2-1: USB disconnect, device number 5 [ 114.854204][ T8] em28xx 4-1:0.132: chip ID is em2884 [ 115.111984][ T6489] netlink: 16 bytes leftover after parsing attributes in process `syz.2.264'. [ 115.157864][ T8] em28xx 4-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 115.177913][ T8] em28xx 4-1:0.132: board has no eeprom [ 115.265712][ T8] em28xx 4-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 115.294111][ T8] em28xx 4-1:0.132: analog set to bulk mode. [ 115.320123][ T9] em28xx 4-1:0.132: Registering V4L2 extension [ 115.365187][ T8] usb 4-1: USB disconnect, device number 3 [ 115.411650][ T8] em28xx 4-1:0.132: Disconnecting em28xx [ 115.536720][ T6497] loop2: detected capacity change from 0 to 4096 [ 115.565939][ T6497] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 115.631707][ T6497] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 115.774884][ T9] em28xx 4-1:0.132: Config register raw data: 0xffffffed [ 115.802022][ T9] em28xx 4-1:0.132: AC97 chip type couldn't be determined [ 115.807924][ T6509] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22. [ 115.847778][ T9] em28xx 4-1:0.132: No AC97 audio processor [ 115.891551][ T9] usb 4-1: Decoder not found [ 115.918633][ T9] em28xx 4-1:0.132: failed to create media graph [ 115.936819][ T9] em28xx 4-1:0.132: V4L2 device video103 deregistered [ 115.982677][ T9] em28xx 4-1:0.132: Remote control support is not available for this card. [ 116.018621][ T8] em28xx 4-1:0.132: Closing input extension [ 116.072795][ T8] em28xx 4-1:0.132: Freeing device [ 116.080917][ T5768] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22. [ 116.775544][ T6533] netlink: 'syz.0.274': attribute type 1 has an invalid length. [ 116.794294][ T6533] netlink: 232 bytes leftover after parsing attributes in process `syz.0.274'. [ 116.819119][ T6533] netlink: 5 bytes leftover after parsing attributes in process `syz.0.274'. [ 116.849610][ T6537] comedi comedi3: 8255: I/O port conflict (0x404f26,4) [ 116.856567][ T6537] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 116.881849][ T6537] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 116.892137][ T6507] loop1: detected capacity change from 0 to 32768 [ 116.903521][ T6537] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 116.914106][ T6537] comedi comedi3: 8255: I/O port conflict (0x5c95239c,4) [ 116.926519][ T6507] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.268 (6507) [ 116.939083][ T6537] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 116.961797][ T6537] comedi comedi3: 8255: I/O port conflict (0x3bf,4) [ 116.970471][ T6507] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 117.002569][ T6537] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 117.009421][ T6507] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 117.024518][ T6537] comedi comedi3: 8255: I/O port conflict (0x20000001,4) [ 117.032898][ T6507] BTRFS info (device loop1): allowing degraded mounts [ 117.040573][ T6537] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 117.068729][ T6507] BTRFS info (device loop1): enabling auto defrag [ 117.077129][ T6537] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 117.087116][ T6507] BTRFS info (device loop1): using free space tree [ 117.100739][ T6537] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 117.124591][ T6537] comedi comedi3: 8255: I/O port conflict (0x400,4) [ 117.158314][ T6537] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 117.256362][ T6507] BTRFS info (device loop1): enabling ssd optimizations [ 117.263428][ T6507] BTRFS info (device loop1): auto enabling async discard [ 117.530011][ T5774] Bluetooth: hci3: command tx timeout [ 117.977293][ T6581] loop2: detected capacity change from 0 to 128 [ 117.986437][ T5771] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 118.031249][ T6581] FAT-fs (loop2): Directory bread(block 162) failed [ 118.061766][ T6581] FAT-fs (loop2): Directory bread(block 163) failed [ 118.069208][ T6581] FAT-fs (loop2): Directory bread(block 164) failed [ 118.075918][ T6581] FAT-fs (loop2): Directory bread(block 165) failed [ 118.083681][ T6581] FAT-fs (loop2): Directory bread(block 166) failed [ 118.104771][ T6581] FAT-fs (loop2): Directory bread(block 167) failed [ 118.114202][ T6581] FAT-fs (loop2): Directory bread(block 168) failed [ 118.121549][ T27] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 118.135447][ T6581] FAT-fs (loop2): Directory bread(block 169) failed [ 118.144479][ T6581] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 118.235618][ T6581] FAT-fs (loop2): Directory bread(block 162) failed [ 118.254517][ T6581] FAT-fs (loop2): Directory bread(block 163) failed [ 118.284902][ T6581] syz.2.287: attempt to access beyond end of device [ 118.284902][ T6581] loop2: rw=3, sector=226, nr_sectors = 6 limit=128 [ 118.311950][ T6581] syz.2.287: attempt to access beyond end of device [ 118.311950][ T6581] loop2: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 118.338808][ T27] usb 4-1: Using ep0 maxpacket: 8 [ 118.355385][ T6584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.288'. [ 118.364589][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.383352][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.405677][ T27] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 118.447831][ T27] usb 4-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 118.456976][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.526260][ T27] usb 4-1: config 0 descriptor?? [ 118.958162][ T5827] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 118.995905][ T27] kye 0003:0458:4018.0003: unknown main item tag 0x0 [ 119.023327][ T27] kye 0003:0458:4018.0003: unknown main item tag 0x0 [ 119.045740][ T27] kye 0003:0458:4018.0003: unknown main item tag 0x0 [ 119.066186][ T27] kye 0003:0458:4018.0003: unknown main item tag 0x0 [ 119.076189][ T27] kye 0003:0458:4018.0003: unknown main item tag 0x0 [ 119.096998][ T27] kye 0003:0458:4018.0003: hidraw0: USB HID v0.07 Device [HID 0458:4018] on usb-dummy_hcd.3-1/input0 [ 119.159908][ T5827] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 119.183580][ T5827] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 119.234619][ T5827] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 119.251632][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 119.260253][ T5827] usb 1-1: SerialNumber: syz [ 119.264817][ T787] usb 4-1: USB disconnect, device number 4 [ 119.500287][ T5827] usb 1-1: 0:2 : does not exist [ 119.562576][ T5827] usb 1-1: USB disconnect, device number 3 [ 119.628973][ T5786] udevd[5786]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 119.669640][ T6613] loop2: detected capacity change from 0 to 1024 [ 119.812382][ T49] hfsplus: b-tree write err: -5, ino 25 [ 119.828646][ T49] hfsplus: b-tree write err: -5, ino 4 [ 119.834352][ T49] hfsplus: b-tree write err: -5, ino 2 [ 120.385211][ T6631] loop3: detected capacity change from 0 to 4096 [ 120.419082][ T6631] EXT4-fs: Ignoring removed bh option [ 120.498924][ T6631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.529844][ T6639] netlink: 16 bytes leftover after parsing attributes in process `syz.0.312'. [ 120.606646][ T6631] EXT4-fs error (device loop3): ext4_get_first_dir_block:3604: inode #12: block 80: comm syz.3.309: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 120.649404][ T6631] EXT4-fs (loop3): Remounting filesystem read-only [ 120.785634][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.852256][ T6643] loop1: detected capacity change from 0 to 512 [ 120.863906][ T6643] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 120.881321][ T6643] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 120.914264][ T28] audit: type=1326 audit(1773111867.418:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 120.965089][ T6643] EXT4-fs (loop1): 1 truncate cleaned up [ 120.999143][ T6643] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.057495][ T28] audit: type=1326 audit(1773111867.418:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.080728][ T28] audit: type=1326 audit(1773111867.458:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.102933][ T28] audit: type=1326 audit(1773111867.458:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.137824][ T28] audit: type=1326 audit(1773111867.458:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.160190][ T11] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 121.179051][ T11] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 121.188270][ T787] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 121.233449][ T28] audit: type=1326 audit(1773111867.458:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.239467][ T6643] EXT4-fs error (device loop1): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.1.314: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 121.323823][ T28] audit: type=1326 audit(1773111867.458:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.365969][ T6643] EXT4-fs (loop1): Remounting filesystem read-only [ 121.375815][ T28] audit: type=1326 audit(1773111867.458:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.409007][ T787] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 121.427032][ T6627] loop2: detected capacity change from 0 to 32768 [ 121.462882][ T28] audit: type=1326 audit(1773111867.458:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.0.315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3af2f9c799 code=0x7ffc0000 [ 121.515953][ T6627] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 121.561131][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.715321][ T6627] XFS (loop2): Ending clean mount [ 121.749409][ T6627] XFS (loop2): Quotacheck needed: Please wait. [ 121.881227][ T6665] netlink: 'syz.1.320': attribute type 1 has an invalid length. [ 121.891360][ T6627] XFS (loop2): Quotacheck: Done. [ 121.919890][ T6665] netlink: 244 bytes leftover after parsing attributes in process `syz.1.320'. [ 122.009043][ T787] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 122.182488][ T5768] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 122.184803][ T6673] loop0: detected capacity change from 0 to 2048 [ 122.256424][ T6673] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 122.850806][ T6685] loop2: detected capacity change from 0 to 1024 [ 122.950280][ T6687] loop1: detected capacity change from 0 to 256 [ 122.990188][ T6687] exfat: Deprecated parameter 'utf8' [ 123.044463][ T6687] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d) [ 123.193281][ T1080] hfsplus: b-tree write err: -5, ino 25 [ 123.209991][ T1080] hfsplus: b-tree write err: -5, ino 4 [ 123.237945][ T1080] hfsplus: b-tree write err: -5, ino 2 [ 123.400257][ T6696] loop3: detected capacity change from 0 to 1024 [ 123.416229][ T6699] netlink: 12 bytes leftover after parsing attributes in process `syz.1.336'. [ 123.581250][ T6701] loop0: detected capacity change from 0 to 4096 [ 123.604018][ T6701] EXT4-fs: Ignoring removed bh option [ 123.620230][ T1106] hfsplus: b-tree write err: -5, ino 25 [ 123.626026][ T1106] hfsplus: b-tree write err: -5, ino 4 [ 123.649445][ T6701] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.676641][ T1106] hfsplus: b-tree write err: -5, ino 2 [ 123.682189][ T6701] EXT4-fs error (device loop0): ext4_get_first_dir_block:3604: inode #12: block 80: comm syz.0.337: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 123.721740][ T6701] EXT4-fs (loop0): Remounting filesystem read-only [ 123.847002][ T6711] netlink: 12 bytes leftover after parsing attributes in process `syz.1.342'. [ 123.900894][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.020746][ T6715] loop2: detected capacity change from 0 to 1024 [ 124.258372][ T1106] hfsplus: b-tree write err: -5, ino 25 [ 124.264357][ T1106] hfsplus: b-tree write err: -5, ino 4 [ 124.272315][ T6718] EXT4-fs (loop0): 1 orphan inode deleted [ 124.280272][ T1106] hfsplus: b-tree write err: -5, ino 2 [ 124.299513][ T1106] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 124.336849][ T6718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.351134][ T6718] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.362758][ T1106] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:7: Failed to release dquot type 1 [ 124.671243][ T6733] netlink: 20 bytes leftover after parsing attributes in process `syz.3.351'. [ 124.680740][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.865756][ T6740] netlink: 'syz.3.355': attribute type 10 has an invalid length. [ 124.989860][ T6740] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 125.207968][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 125.375461][ T6738] set_capacity_and_notify: 1 callbacks suppressed [ 125.375476][ T6738] loop1: detected capacity change from 0 to 32768 [ 125.385546][ T6748] loop0: detected capacity change from 0 to 512 [ 125.429048][ T6748] EXT4-fs: inline encryption not supported [ 125.434971][ T6748] EXT4-fs: Ignoring removed mblk_io_submit option [ 125.466564][ T6748] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 125.479756][ T6748] EXT4-fs (loop0): Test dummy encryption mode enabled [ 125.489409][ T6748] EXT4-fs (loop0): orphan cleanup on readonly fs [ 125.495987][ T6738] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 125.505561][ T6748] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.359: inode #13: comm syz.0.359: iget: illegal inode # [ 125.533651][ T6748] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.359: couldn't read orphan inode 13 (err -117) [ 125.561853][ T6748] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 125.600772][ T6763] loop3: detected capacity change from 0 to 512 [ 125.643375][ T6748] EXT4-fs (loop0): shut down requested (0) [ 125.663259][ T6738] XFS (loop1): Ending clean mount [ 125.700357][ T6738] XFS (loop1): Quotacheck needed: Please wait. [ 125.725048][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.742843][ T6763] EXT4-fs (loop3): 1 orphan inode deleted [ 125.763867][ T6763] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.782358][ T6763] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 125.794515][ T59] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:4: Failed to release dquot type 1 [ 125.859033][ T6738] XFS (loop1): Quotacheck: Done. [ 126.020841][ T5771] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 126.056180][ T6771] netlink: 4 bytes leftover after parsing attributes in process `syz.2.365'. [ 126.102810][ T6771] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.225235][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.274144][ T6773] Driver unsupported XDP return value 0 on prog (id 18) dev N/A, expect packet loss! [ 126.439851][ T6771] bridge_slave_0 (unregistering): left allmulticast mode [ 126.455793][ T6771] bridge_slave_0 (unregistering): left promiscuous mode [ 126.476175][ T6771] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.531693][ T6776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.368'. [ 127.136701][ T6797] loop0: detected capacity change from 0 to 512 [ 127.235318][ T6797] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.387414][ T6797] fs-verity: sha512 using implementation "sha512-avx2" [ 127.412884][ T6797] EXT4-fs warning (device loop0): ext4_begin_enable_verity:135: inode #15: comm syz.0.378: verity is only allowed on extent-based files [ 127.539306][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.673249][ T6788] loop2: detected capacity change from 0 to 40427 [ 127.713360][ T6788] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 127.729367][ T6788] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 127.790410][ T6788] F2FS-fs (loop2): Found nat_bits in checkpoint [ 127.858489][ T6820] program syz.0.386 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 127.937429][ T6814] loop1: detected capacity change from 0 to 8192 [ 128.028158][ T6814] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 128.114102][ T6814] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 128.196821][ T6814] REISERFS (device loop1): using ordered data mode [ 128.227510][ T6788] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 128.242801][ T6814] reiserfs: using flush barriers [ 128.270554][ T6788] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 128.290557][ T6814] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 128.389007][ T6814] REISERFS (device loop1): checking transaction log (loop1) [ 128.485764][ T6814] REISERFS (device loop1): Using r5 hash to sort names [ 128.534004][ T6814] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 128.728111][ T5768] syz-executor: attempt to access beyond end of device [ 128.728111][ T5768] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 128.807741][ C0] sched: RT throttling activated [ 128.811911][ T5768] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 128.982771][ T6827] loop0: detected capacity change from 0 to 256 [ 129.059776][ T6819] loop3: detected capacity change from 0 to 131072 [ 129.081496][ T6819] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name [ 129.089430][ T6819] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name [ 129.097068][ T6819] F2FS-fs (loop3): QUOTA feature is enabled, so ignore jquota_fmt [ 129.105050][ T6819] F2FS-fs (loop3): inline_xattr_size option should be set with inline_xattr option [ 129.154088][ T6827] FAT-fs (loop0): Directory bread(block 64) failed [ 129.177029][ T6827] FAT-fs (loop0): Directory bread(block 65) failed [ 129.184237][ T6827] FAT-fs (loop0): Directory bread(block 66) failed [ 129.190950][ T6827] FAT-fs (loop0): Directory bread(block 67) failed [ 129.202039][ T6827] FAT-fs (loop0): Directory bread(block 68) failed [ 129.213524][ T6827] FAT-fs (loop0): Directory bread(block 69) failed [ 129.241031][ T6827] FAT-fs (loop0): Directory bread(block 70) failed [ 129.247605][ T6827] FAT-fs (loop0): Directory bread(block 71) failed [ 129.299602][ T6827] FAT-fs (loop0): Directory bread(block 72) failed [ 129.306183][ T6827] FAT-fs (loop0): Directory bread(block 73) failed [ 129.639984][ T6834] netlink: 'syz.1.394': attribute type 1 has an invalid length. [ 129.670156][ T6834] netlink: 156 bytes leftover after parsing attributes in process `syz.1.394'. [ 129.895564][ T6839] loop3: detected capacity change from 0 to 64 [ 130.051809][ T6839] syz.3.396: attempt to access beyond end of device [ 130.051809][ T6839] loop3: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 130.158617][ T6839] Buffer I/O error on dev loop3, logical block 134217734, lost async page write [ 130.296284][ T6848] loop1: detected capacity change from 0 to 2048 [ 130.390012][ T6848] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 130.457215][ T6851] loop2: detected capacity change from 0 to 4096 [ 130.518992][ T6851] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.709219][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.048704][ T5827] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 131.244455][ T5827] usb 2-1: Using ep0 maxpacket: 16 [ 131.260681][ T5827] usb 2-1: config 0 has an invalid interface number: 13 but max is 0 [ 131.292647][ T5827] usb 2-1: config 0 has no interface number 0 [ 131.317300][ T5827] usb 2-1: config 0 interface 13 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 131.356670][ T5827] usb 2-1: config 0 interface 13 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 131.385953][ T6878] IPVS: Error connecting to the multicast addr [ 131.388700][ T5827] usb 2-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 131.436833][ T5827] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.478315][ T5827] usb 2-1: config 0 descriptor?? [ 131.719257][ T6886] [U] [ 131.722343][ T6886] [U] [ 131.725084][ T6886] [U] [ 131.727818][ T6886] [U] [ 131.730572][ T6886] [U] [ 131.733305][ T6886] [U] [ 131.736032][ T6886] [U] [ 131.738765][ T6886] [U] [ 131.769286][ T6886] [U] [ 131.772061][ T6886] [U] [ 131.774829][ T6886] [U] [ 131.790810][ T6885] [U] [ 131.814039][ T6884] loop3: detected capacity change from 0 to 4096 [ 131.829863][ T6884] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 131.869483][ T6884] ntfs3: loop3: It is recommened to use chkdsk. [ 131.915233][ T5827] uclogic 0003:5543:0781.0004: unknown main item tag 0x0 [ 131.946031][ T5827] uclogic 0003:5543:0781.0004: unknown main item tag 0x0 [ 131.980122][ T5827] uclogic 0003:5543:0781.0004: unknown main item tag 0x0 [ 131.999011][ T5827] uclogic 0003:5543:0781.0004: unknown main item tag 0x0 [ 132.016681][ T5827] uclogic 0003:5543:0781.0004: unknown main item tag 0x0 [ 132.041065][ T5827] uclogic 0003:5543:0781.0004: No inputs registered, leaving [ 132.068298][ T5827] uclogic 0003:5543:0781.0004: hidraw0: USB HID v0.40 Device [HID 5543:0781] on usb-dummy_hcd.1-1/input13 [ 132.086814][ T6875] loop0: detected capacity change from 0 to 32768 [ 132.195957][ T9] usb 2-1: USB disconnect, device number 6 [ 132.212616][ T6875] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 132.244749][ T6884] ntfs3: loop3: failed to convert "076c" to cp857 [ 132.293721][ T6884] ntfs3: loop3: ino=5, "/" directory corrupted [ 132.443982][ T6896] fido_id[6896]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 132.500545][ T6901] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (128) [ 132.617901][ T6875] XFS (loop0): Ending clean mount [ 132.888947][ T5770] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 133.047971][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 133.085615][ T1282] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.097805][ T1282] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.135441][ T6912] loop1: detected capacity change from 0 to 128 [ 133.199000][ T6913] netlink: 8 bytes leftover after parsing attributes in process `syz.2.426'. [ 133.239973][ T6913] netlink: 4 bytes leftover after parsing attributes in process `syz.2.426'. [ 133.280803][ T6913] netlink: 'syz.2.426': attribute type 11 has an invalid length. [ 133.518138][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 133.518153][ T28] audit: type=1326 audit(1773111880.028:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.2.429" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fefc599c799 code=0x0 [ 133.555477][ T6921] loop1: detected capacity change from 0 to 256 [ 133.579002][ T6921] exfat: Deprecated parameter 'utf8' [ 133.584485][ T6921] exfat: Deprecated parameter 'namecase' [ 133.640992][ T6921] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 134.150697][ T5774] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 134.160829][ T5774] CPU: 1 PID: 5774 Comm: kworker/u5:2 Not tainted syzkaller #0 [ 134.168442][ T5774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 134.178544][ T5774] Workqueue: hci1 hci_rx_work [ 134.183304][ T5774] Call Trace: [ 134.186630][ T5774] [ 134.189610][ T5774] dump_stack_lvl+0x18c/0x250 [ 134.194349][ T5774] ? show_regs_print_info+0x20/0x20 [ 134.199609][ T5774] ? load_image+0x400/0x400 [ 134.204189][ T5774] sysfs_create_dir_ns+0x26e/0x2a0 [ 134.209355][ T5774] ? sysfs_warn_dup+0xa0/0xa0 [ 134.214087][ T5774] ? do_raw_spin_unlock+0x121/0x230 [ 134.219355][ T5774] kobject_add_internal+0x61c/0xcc0 [ 134.224618][ T5774] kobject_add+0x164/0x240 [ 134.229085][ T5774] ? __rwlock_init+0x150/0x150 [ 134.233906][ T5774] ? kobject_init+0x1e0/0x1e0 [ 134.238671][ T5774] ? _raw_spin_unlock+0x28/0x40 [ 134.243577][ T5774] ? get_device_parent+0x366/0x390 [ 134.248750][ T5774] device_add+0x408/0xc20 [ 134.253133][ T5774] hci_conn_add_sysfs+0xd5/0x1e0 [ 134.258121][ T5774] le_conn_complete_evt+0xf5d/0x1540 [ 134.263465][ T5774] ? hci_event_packet+0x4cb/0x1270 [ 134.268640][ T5774] ? hci_le_big_info_adv_report_evt+0x910/0x910 [ 134.274945][ T5774] ? __mutex_unlock_slowpath+0x1b4/0x6c0 [ 134.280642][ T5774] ? skb_pull_data+0xfb/0x200 [ 134.285370][ T5774] hci_le_conn_complete_evt+0x187/0x440 [ 134.290993][ T5774] ? hci_remote_host_features_evt+0x150/0x150 [ 134.297111][ T5774] hci_event_packet+0x7ba/0x1270 [ 134.302106][ T5774] ? bis_list+0x290/0x290 [ 134.306486][ T5774] ? lockdep_hardirqs_on+0x98/0x150 [ 134.311739][ T5774] ? hci_send_to_monitor+0xd7/0x4f0 [ 134.316997][ T5774] hci_rx_work+0x43a/0xd60 [ 134.321493][ T5774] ? process_scheduled_works+0x96f/0x15d0 [ 134.327267][ T5774] process_scheduled_works+0xa5d/0x15d0 [ 134.332900][ T5774] ? worker_attach_to_pool+0x380/0x380 [ 134.338419][ T5774] ? assign_work+0x3d2/0x5d0 [ 134.343069][ T5774] worker_thread+0xa55/0xfc0 [ 134.347740][ T5774] kthread+0x2fa/0x390 [ 134.352043][ T5774] ? pr_cont_work+0x560/0x560 [ 134.356770][ T5774] ? kthread_blkcg+0xd0/0xd0 [ 134.361433][ T5774] ret_from_fork+0x48/0x80 [ 134.365901][ T5774] ? kthread_blkcg+0xd0/0xd0 [ 134.370544][ T5774] ret_from_fork_asm+0x11/0x20 [ 134.375375][ T5774] [ 134.385114][ T5774] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 134.400601][ T5774] Bluetooth: hci1: failed to register connection device [ 134.441644][ T6943] loop3: detected capacity change from 0 to 16 [ 134.474050][ T6943] erofs: (device loop3): mounted with root inode @ nid 36. [ 134.498300][ T6943] syz.3.437: attempt to access beyond end of device [ 134.498300][ T6943] loop3: rw=0, sector=48, nr_sectors = 16 limit=16 [ 134.517100][ T6943] syz.3.437: attempt to access beyond end of device [ 134.517100][ T6943] loop3: rw=0, sector=48, nr_sectors = 16 limit=16 [ 135.111234][ T6959] loop1: detected capacity change from 0 to 4096 [ 135.136897][ T6953] delete_channel: no stack [ 135.167901][ T6959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.369719][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.651203][ T6975] ALSA: mixer_oss: invalid OSS volume 'GAIÅ' [ 135.751452][ T6971] loop3: detected capacity change from 0 to 8192 [ 135.827816][ T6981] loop1: detected capacity change from 0 to 128 [ 135.858073][ T6971] loop3: p1 < > p2 p3 < p5 p6 > p4 [ 135.884413][ T6971] loop3: partition table partially beyond EOD, truncated [ 135.902179][ T6981] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 135.938986][ T6971] loop3: p1 start 100663296 is beyond EOD, truncated [ 135.971620][ T6983] loop0: detected capacity change from 0 to 8192 [ 135.978801][ T6971] loop3: p2 size 134217732 extends beyond EOD, truncated [ 135.989874][ T6981] ext4 filesystem being mounted at /96/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 136.004607][ T6983] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 136.041354][ T6983] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 136.042827][ T6971] loop3: p4 size 14876672 extends beyond EOD, truncated [ 136.059703][ T6971] loop3: p5 size 134217732 extends beyond EOD, truncated [ 136.068356][ T6971] loop3: p6 size 14876672 extends beyond EOD, truncated [ 136.078854][ T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 136.103690][ T6983] REISERFS (device loop0): using ordered data mode [ 136.110409][ T6983] reiserfs: using flush barriers [ 136.143730][ T6983] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 136.209323][ T6983] REISERFS (device loop0): checking transaction log (loop0) [ 136.240146][ T6983] REISERFS (device loop0): Using r5 hash to sort names [ 136.260163][ T6983] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 136.282100][ T5771] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 136.292104][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 136.301502][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.315488][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.350658][ T9] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 136.407837][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.459194][ T9] usb 3-1: config 0 descriptor?? [ 136.943909][ T9] koneplus 0003:1E7D:2D51.0005: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.2-1/input0 [ 137.066133][ T6998] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 137.109312][ T9] koneplus 0003:1E7D:2D51.0005: couldn't init struct koneplus_device [ 137.133130][ T9] koneplus 0003:1E7D:2D51.0005: couldn't install mouse [ 137.167091][ T6996] ================================================================== [ 137.167114][ T9] koneplus: probe of 0003:1E7D:2D51.0005 failed with error -71 [ 137.175179][ T6996] BUG: KASAN: slab-use-after-free in read_report_descriptor+0xb2/0xf0 [ 137.175217][ T6996] Read of size 5 at addr ffff8880601dbf50 by task fido_id/6996 [ 137.175231][ T6996] [ 137.175238][ T6996] CPU: 1 PID: 6996 Comm: fido_id Not tainted syzkaller #0 [ 137.175273][ T6996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 137.175283][ T6996] Call Trace: [ 137.175292][ T6996] [ 137.175299][ T6996] dump_stack_lvl+0x18c/0x250 [ 137.175329][ T6996] ? read_lock_is_recursive+0x20/0x20 [ 137.175353][ T6996] ? show_regs_print_info+0x20/0x20 [ 137.175380][ T6996] ? load_image+0x400/0x400 [ 137.175405][ T6996] ? _raw_spin_lock_irqsave+0xc0/0x100 [ 137.175429][ T6996] ? __virt_addr_valid+0x18c/0x540 [ 137.175454][ T6996] ? __virt_addr_valid+0x469/0x540 [ 137.175479][ T6996] print_report+0xa8/0x210 [ 137.175504][ T6996] ? read_report_descriptor+0xb2/0xf0 [ 137.175527][ T6996] kasan_report+0x117/0x150 [ 137.175550][ T6996] ? read_report_descriptor+0xb2/0xf0 [ 137.175577][ T6996] kasan_check_range+0x241/0x290 [ 137.175599][ T6996] ? read_report_descriptor+0xb2/0xf0 [ 137.175623][ T6996] __asan_memcpy+0x29/0x70 [ 137.175650][ T6996] read_report_descriptor+0xb2/0xf0 [ 137.175677][ T6996] ? sysfs_kf_bin_open+0xd0/0xd0 [ 137.175693][ T6996] kernfs_fop_read_iter+0x42d/0x670 [ 137.175726][ T6996] vfs_read+0x46a/0x970 [ 137.175754][ T6996] ? kernel_read+0x1e0/0x1e0 [ 137.175785][ T6996] ? do_sys_openat2+0x170/0x1d0 [ 137.175810][ T6996] ? __fdget_pos+0x2ba/0x330 [ 137.175838][ T6996] ksys_read+0x150/0x260 [ 137.175864][ T6996] ? vfs_write+0x990/0x990 [ 137.175891][ T6996] ? lockdep_hardirqs_on+0x98/0x150 [ 137.175915][ T6996] do_syscall_64+0x55/0xa0 [ 137.175942][ T6996] ? clear_bhb_loop+0x40/0x90 [ 137.175964][ T6996] ? clear_bhb_loop+0x40/0x90 [ 137.175993][ T6996] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 137.176015][ T6996] RIP: 0033:0x7f9393ca7407 [ 137.243864][ T9] usb 3-1: USB disconnect, device number 2 [ 137.245082][ T6996] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 137.392310][ T6996] RSP: 002b:00007fff5c1f71a0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 [ 137.400784][ T6996] RAX: ffffffffffffffda RBX: 00007f939438c880 RCX: 00007f9393ca7407 [ 137.408802][ T6996] RDX: 0000000000001000 RSI: 00007fff5c1f71f0 RDI: 0000000000000004 [ 137.416804][ T6996] RBP: 0000561998232730 R08: 0000000000000000 R09: 0000000000000000 [ 137.424799][ T6996] R10: 0000000000000000 R11: 0000000000000202 R12: 0000561998231930 [ 137.432798][ T6996] R13: 00007fff5c1f71f0 R14: 0000000000000004 R15: 0000561966fd54d8 [ 137.440817][ T6996] [ 137.443870][ T6996] [ 137.446219][ T6996] Allocated by task 9: [ 137.450308][ T6996] kasan_set_track+0x4e/0x70 [ 137.454958][ T6996] __kasan_kmalloc+0x8f/0xa0 [ 137.459604][ T6996] __kmalloc_node_track_caller+0xb2/0x230 [ 137.465455][ T6996] kmemdup+0x2b/0x70 [ 137.469392][ T6996] hid_open_report+0x1cd/0xee0 [ 137.474193][ T6996] koneplus_probe+0x86/0x480 [ 137.478819][ T6996] hid_device_probe+0x293/0x5b0 [ 137.483709][ T6996] really_probe+0x25b/0xb20 [ 137.488333][ T6996] __driver_probe_device+0x18c/0x330 [ 137.493652][ T6996] driver_probe_device+0x4f/0x420 [ 137.498709][ T6996] __device_attach_driver+0x2ca/0x510 [ 137.504209][ T6996] bus_for_each_drv+0x252/0x2e0 [ 137.509105][ T6996] __device_attach+0x2c2/0x420 [ 137.513926][ T6996] bus_probe_device+0x180/0x260 [ 137.518827][ T6996] device_add+0x85b/0xc20 [ 137.523193][ T6996] hid_add_device+0x38d/0x530 [ 137.527904][ T6996] usbhid_probe+0xe02/0x1220 [ 137.532613][ T6996] usb_probe_interface+0x5c9/0xb20 [ 137.537769][ T6996] really_probe+0x25b/0xb20 [ 137.542321][ T6996] __driver_probe_device+0x18c/0x330 [ 137.547638][ T6996] driver_probe_device+0x4f/0x420 [ 137.552693][ T6996] __device_attach_driver+0x2ca/0x510 [ 137.558105][ T6996] bus_for_each_drv+0x252/0x2e0 [ 137.562995][ T6996] __device_attach+0x2c2/0x420 [ 137.567795][ T6996] bus_probe_device+0x180/0x260 [ 137.572689][ T6996] device_add+0x85b/0xc20 [ 137.577051][ T6996] usb_set_configuration+0x1a79/0x20c0 [ 137.582543][ T6996] usb_generic_driver_probe+0x8d/0x150 [ 137.588042][ T6996] usb_probe_device+0x13d/0x270 [ 137.592929][ T6996] really_probe+0x25b/0xb20 [ 137.597472][ T6996] __driver_probe_device+0x18c/0x330 [ 137.602800][ T6996] driver_probe_device+0x4f/0x420 [ 137.607872][ T6996] __device_attach_driver+0x2ca/0x510 [ 137.613281][ T6996] bus_for_each_drv+0x252/0x2e0 [ 137.618186][ T6996] __device_attach+0x2c2/0x420 [ 137.622986][ T6996] bus_probe_device+0x180/0x260 [ 137.627880][ T6996] device_add+0x85b/0xc20 [ 137.632253][ T6996] usb_new_device+0xa3c/0x1660 [ 137.637233][ T6996] hub_event+0x29bf/0x49f0 [ 137.641681][ T6996] process_scheduled_works+0xa5d/0x15d0 [ 137.647265][ T6996] worker_thread+0xa55/0xfc0 [ 137.651902][ T6996] kthread+0x2fa/0x390 [ 137.656018][ T6996] ret_from_fork+0x48/0x80 [ 137.660486][ T6996] ret_from_fork_asm+0x11/0x20 [ 137.665300][ T6996] [ 137.667662][ T6996] Freed by task 9: [ 137.671408][ T6996] kasan_set_track+0x4e/0x70 [ 137.676033][ T6996] kasan_save_free_info+0x2e/0x50 [ 137.681107][ T6996] ____kasan_slab_free+0x126/0x1e0 [ 137.686248][ T6996] slab_free_freelist_hook+0x130/0x1a0 [ 137.691752][ T6996] __kmem_cache_free+0xba/0x1e0 [ 137.696644][ T6996] hid_close_report+0x605/0x6d0 [ 137.701707][ T6996] hid_device_probe+0x3da/0x5b0 [ 137.706602][ T6996] really_probe+0x25b/0xb20 [ 137.711139][ T6996] __driver_probe_device+0x18c/0x330 [ 137.716477][ T6996] driver_probe_device+0x4f/0x420 [ 137.721545][ T6996] __device_attach_driver+0x2ca/0x510 [ 137.726957][ T6996] bus_for_each_drv+0x252/0x2e0 [ 137.731894][ T6996] __device_attach+0x2c2/0x420 [ 137.736699][ T6996] bus_probe_device+0x180/0x260 [ 137.741588][ T6996] device_add+0x85b/0xc20 [ 137.745980][ T6996] hid_add_device+0x38d/0x530 [ 137.750690][ T6996] usbhid_probe+0xe02/0x1220 [ 137.755335][ T6996] usb_probe_interface+0x5c9/0xb20 [ 137.760498][ T6996] really_probe+0x25b/0xb20 [ 137.765033][ T6996] __driver_probe_device+0x18c/0x330 [ 137.770450][ T6996] driver_probe_device+0x4f/0x420 [ 137.775526][ T6996] __device_attach_driver+0x2ca/0x510 [ 137.780947][ T6996] bus_for_each_drv+0x252/0x2e0 [ 137.785834][ T6996] __device_attach+0x2c2/0x420 [ 137.790624][ T6996] bus_probe_device+0x180/0x260 [ 137.795516][ T6996] device_add+0x85b/0xc20 [ 137.799881][ T6996] usb_set_configuration+0x1a79/0x20c0 [ 137.805416][ T6996] usb_generic_driver_probe+0x8d/0x150 [ 137.810904][ T6996] usb_probe_device+0x13d/0x270 [ 137.815795][ T6996] really_probe+0x25b/0xb20 [ 137.820339][ T6996] __driver_probe_device+0x18c/0x330 [ 137.825673][ T6996] driver_probe_device+0x4f/0x420 [ 137.830757][ T6996] __device_attach_driver+0x2ca/0x510 [ 137.836164][ T6996] bus_for_each_drv+0x252/0x2e0 [ 137.841055][ T6996] __device_attach+0x2c2/0x420 [ 137.845848][ T6996] bus_probe_device+0x180/0x260 [ 137.850740][ T6996] device_add+0x85b/0xc20 [ 137.855107][ T6996] usb_new_device+0xa3c/0x1660 [ 137.859915][ T6996] hub_event+0x29bf/0x49f0 [ 137.864371][ T6996] process_scheduled_works+0xa5d/0x15d0 [ 137.869962][ T6996] worker_thread+0xa55/0xfc0 [ 137.874589][ T6996] kthread+0x2fa/0x390 [ 137.878702][ T6996] ret_from_fork+0x48/0x80 [ 137.883158][ T6996] ret_from_fork_asm+0x11/0x20 [ 137.887969][ T6996] [ 137.890316][ T6996] The buggy address belongs to the object at ffff8880601dbf50 [ 137.890316][ T6996] which belongs to the cache kmalloc-8 of size 8 [ 137.904056][ T6996] The buggy address is located 0 bytes inside of [ 137.904056][ T6996] freed 8-byte region [ffff8880601dbf50, ffff8880601dbf58) [ 137.917540][ T6996] [ 137.919885][ T6996] The buggy address belongs to the physical page: [ 137.926329][ T6996] page:ffffea00018076c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880601db550 pfn:0x601db [ 137.937848][ T6996] flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff) [ 137.945433][ T6996] page_type: 0xffffffff() [ 137.949812][ T6996] raw: 00fff00000000800 ffff888017c41280 ffffea00009940c0 dead000000000002 [ 137.958429][ T6996] raw: 0000000000000000 0000000000660066 00000001ffffffff 0000000000000000 [ 137.967054][ T6996] page dumped because: kasan: bad access detected [ 137.973509][ T6996] page_owner tracks the page as allocated [ 137.979250][ T6996] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 5768, tgid 5768 (syz-executor), ts 94159554699, free_ts 94159368117 [ 137.997568][ T6996] post_alloc_hook+0x1c1/0x200 [ 138.002380][ T6996] get_page_from_freelist+0x1951/0x19e0 [ 138.007958][ T6996] __alloc_pages+0x1f0/0x460 [ 138.012580][ T6996] alloc_slab_page+0x5d/0x160 [ 138.017297][ T6996] new_slab+0x87/0x2d0 [ 138.021419][ T6996] ___slab_alloc+0xc5d/0x12f0 [ 138.026153][ T6996] __kmem_cache_alloc_node+0x19e/0x250 [ 138.031659][ T6996] __kmalloc_node+0xa4/0x230 [ 138.036295][ T6996] __vmalloc_node_range+0x59a/0x1330 [ 138.041669][ T6996] vzalloc+0x79/0x90 [ 138.045599][ T6996] __do_replace+0xb2/0x980 [ 138.050049][ T6996] do_ipt_set_ctl+0xb3f/0xe00 [ 138.054760][ T6996] nf_setsockopt+0x263/0x280 [ 138.059383][ T6996] do_sock_setsockopt+0x175/0x1a0 [ 138.064433][ T6996] __x64_sys_setsockopt+0x182/0x200 [ 138.069658][ T6996] do_syscall_64+0x55/0xa0 [ 138.074118][ T6996] page last free stack trace: [ 138.078812][ T6996] free_unref_page_prepare+0x7b2/0x8c0 [ 138.084307][ T6996] free_unref_page+0x32/0x2e0 [ 138.089030][ T6996] vfree+0x1a6/0x320 [ 138.092960][ T6996] do_ipt_get_ctl+0xf15/0x1200 [ 138.097775][ T6996] nf_getsockopt+0x262/0x280 [ 138.102400][ T6996] ip_getsockopt+0x19f/0x230 [ 138.107030][ T6996] do_sock_getsockopt+0x379/0x450 [ 138.112084][ T6996] __x64_sys_getsockopt+0x1d6/0x280 [ 138.117326][ T6996] do_syscall_64+0x55/0xa0 [ 138.121787][ T6996] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 138.127715][ T6996] [ 138.130077][ T6996] Memory state around the buggy address: [ 138.135735][ T6996] ffff8880601dbe00: fc fc fa fc fc fc fc fa fc fc fc fc 00 fc fc fc [ 138.143828][ T6996] ffff8880601dbe80: fc fa fc fc fc fc 04 fc fc fc fc 00 fc fc fc fc [ 138.151944][ T6996] >ffff8880601dbf00: fa fc fc fc fc 00 fc fc fc fc fa fc fc fc fc 05 [ 138.160037][ T6996] ^ [ 138.166739][ T6996] ffff8880601dbf80: fc fc fc fc fa fc fc fc fc fa fc fc fc fc fc fc [ 138.174831][ T6996] ffff8880601dc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 138.182916][ T6996] ================================================================== [ 138.299875][ T6996] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 138.307213][ T6996] CPU: 0 PID: 6996 Comm: fido_id Not tainted syzkaller #0 [ 138.314354][ T6996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 138.324451][ T6996] Call Trace: [ 138.327774][ T6996] [ 138.330732][ T6996] dump_stack_lvl+0x18c/0x250 [ 138.335453][ T6996] ? show_regs_print_info+0x20/0x20 [ 138.340688][ T6996] ? load_image+0x400/0x400 [ 138.345234][ T6996] panic+0x2dc/0x730 [ 138.349170][ T6996] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 138.355350][ T6996] ? bpf_jit_dump+0xd0/0xd0 [ 138.359872][ T6996] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 138.365889][ T6996] ? _raw_spin_unlock+0x40/0x40 [ 138.370802][ T6996] ? read_report_descriptor+0xb2/0xf0 [ 138.376213][ T6996] check_panic_on_warn+0x84/0xa0 [ 138.381243][ T6996] ? read_report_descriptor+0xb2/0xf0 [ 138.386697][ T6996] end_report+0x6f/0x130 [ 138.390975][ T6996] kasan_report+0x128/0x150 [ 138.395517][ T6996] ? read_report_descriptor+0xb2/0xf0 [ 138.400929][ T6996] kasan_check_range+0x241/0x290 [ 138.405909][ T6996] ? read_report_descriptor+0xb2/0xf0 [ 138.411323][ T6996] __asan_memcpy+0x29/0x70 [ 138.415789][ T6996] read_report_descriptor+0xb2/0xf0 [ 138.421036][ T6996] ? sysfs_kf_bin_open+0xd0/0xd0 [ 138.426013][ T6996] kernfs_fop_read_iter+0x42d/0x670 [ 138.431263][ T6996] vfs_read+0x46a/0x970 [ 138.435467][ T6996] ? kernel_read+0x1e0/0x1e0 [ 138.440100][ T6996] ? do_sys_openat2+0x170/0x1d0 [ 138.445001][ T6996] ? __fdget_pos+0x2ba/0x330 [ 138.449632][ T6996] ksys_read+0x150/0x260 [ 138.453931][ T6996] ? vfs_write+0x990/0x990 [ 138.458395][ T6996] ? lockdep_hardirqs_on+0x98/0x150 [ 138.463632][ T6996] do_syscall_64+0x55/0xa0 [ 138.468092][ T6996] ? clear_bhb_loop+0x40/0x90 [ 138.472793][ T6996] ? clear_bhb_loop+0x40/0x90 [ 138.477500][ T6996] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 138.483432][ T6996] RIP: 0033:0x7f9393ca7407 [ 138.487883][ T6996] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 138.507520][ T6996] RSP: 002b:00007fff5c1f71a0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000 [ 138.515968][ T6996] RAX: ffffffffffffffda RBX: 00007f939438c880 RCX: 00007f9393ca7407 [ 138.523973][ T6996] RDX: 0000000000001000 RSI: 00007fff5c1f71f0 RDI: 0000000000000004 [ 138.531975][ T6996] RBP: 0000561998232730 R08: 0000000000000000 R09: 0000000000000000 [ 138.539978][ T6996] R10: 0000000000000000 R11: 0000000000000202 R12: 0000561998231930 [ 138.544515][ T7004] loop2: detected capacity change from 0 to 128 [ 138.554241][ T6996] R13: 00007fff5c1f71f0 R14: 0000000000000004 R15: 0000561966fd54d8 [ 138.562258][ T6996] [ 138.565852][ T6996] Kernel Offset: disabled [ 138.570186][ T6996] Rebooting in 86400 seconds..