last executing test programs: 15m8.507358442s ago: executing program 2 (id=866): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f0000000bc0)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x100000a, @local, 0x4}, 0x1c, &(0x7f0000002280)=[{&(0x7f0000001680)="1a", 0x1}], 0x1}}, {{&(0x7f0000000000)={0xa, 0x4e22, 0x80000000, @private2={0xfc, 0x2, '\x00', 0x1}, 0xffffffff}, 0x1c, &(0x7f0000000840)=[{&(0x7f00000000c0)="c0", 0x1}], 0x1}}], 0x2, 0x931766f6319a6555) shutdown(r0, 0x1) getsockopt$bt_hci(r0, 0x84, 0x84, &(0x7f0000004300)=""/4129, &(0x7f0000000080)=0x1021) 15m6.897851737s ago: executing program 2 (id=871): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000000)={0xc, 0x8, 0xfa00, {0x0}}, 0x10) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0xfffe, 0x7, @mcast2}, {0xa, 0x0, 0xb, @loopback={0xffffffffffffff9d}}, r1}}, 0x48) 15m5.994420427s ago: executing program 2 (id=874): r0 = io_uring_setup(0x7a5f, &(0x7f0000000640)={0x0, 0xddaa, 0x1, 0x503f6, 0x10c}) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 15m4.98150317s ago: executing program 2 (id=877): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) unlinkat(r0, &(0x7f0000000b40)='./file1\x00', 0x200) 15m3.919505743s ago: executing program 2 (id=881): r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_int(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) sendmmsg$inet6(r0, &(0x7f0000004900)=[{{&(0x7f0000000140)={0xa, 0x4e24, 0x3, @loopback, 0x2}, 0x1c, 0x0}}], 0x1, 0x8889) 15m2.513712981s ago: executing program 2 (id=886): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000940)={0x50, r1, 0x625, 0x70bd29, 0x82, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1ed}]]}, 0x50}, 0x1, 0x0, 0x0, 0x100040c5}, 0x40040) 15m0.250581431s ago: executing program 32 (id=886): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000940)={0x50, r1, 0x625, 0x70bd29, 0x82, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1ed}]]}, 0x50}, 0x1, 0x0, 0x0, 0x100040c5}, 0x40040) 5m32.075708927s ago: executing program 5 (id=3030): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-512\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmsg$nl_generic(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0xd8, 0x20, 0x100, 0x70bd29, 0x25dfdbff, {0x1f}, [@nested={0x4, 0x11e}, @nested={0xb5, 0x1a, 0x0, 0x1, [@typed={0x8, 0x14, 0x0, 0x0, @ipv4=@remote}, @nested={0x4, 0x65}, @nested={0x4, 0x30}, @typed={0x4, 0x5}, @typed={0x8, 0xe7, 0x0, 0x0, @uid}, @generic="0483094fb687de37bbced41ca6531a2abce6039b92dd40622f10ea65f1b3ed9a6887b964cc65767f29836801f14570f42b8d67bf23b24fa3f5a863e0ecd0ffd20f684404e472f93180eec05b8b3f2c0e1d91ea5415a379d1d85aef9a13c415132dbafb9d733ef9ca01aa3897ae33a9386444a6788d615f79c1ea0b6c255b8c65b63a0bda3a1318f2af4cb2e746efef9cca673f33e1"]}, @typed={0x8, 0xe3, 0x0, 0x0, @pid}]}, 0xd8}, 0x1, 0x0, 0x0, 0x8c5a156a69b753a8}, 0x800) 5m31.167847337s ago: executing program 5 (id=3035): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000300)={0x11, 0x1b, r1, 0x1, 0x0, 0x6, @local}, 0x14) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x21}}, 0x14) 5m30.365734814s ago: executing program 5 (id=3038): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000140)={0x8e54}, 0x10) recvmmsg(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x102, 0x0) write(r0, &(0x7f00000000c0)="1800000016005f0214fffffffffffff8070000000e000000", 0x18) 5m29.507469231s ago: executing program 5 (id=3043): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f0000000280)={[{@errors_remount}, {@usrquota}, {@minixdf}, {@nombcache}]}, 0x1, 0x51a, &(0x7f0000000f00)="$eJzs3c9vI1cdAPCvnThxfnSTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcuywGJHxFog8TBaMaTrDdrb6xNYqfx5yON5r2ZWX+/L868t36O/QIYWTcj4iAiJiLig4iYy47nsi3ebW/JdY8OH6weHT5YzUWr9f4/c+n55Fh0/JvETPaYxYj44acRP8k9Hbext7+5Uq1WdrL6QrO2vdDY27+zUVtZr6xXtsrl5aXlxbfvvlW+sLa+WpvISl99+IeDb/0sSWs2O9LZjovUbnrhJE5iPCK+fxnBhmAsa8/EsBPhueQj4qWIeC29/+diLH02AYDrrNWai9ZcZx0AuO7y6RxYLl/K5gJmI58vldpzeC/HdL5abzRv36/vbq2158rmo5C/v1GtLGZzhfNRyCX1pbT8uF4+Vb8bES9GxC8mp9J6abVeXRvmf3wAYITNnBr//zPZHv8BgGuuOOwEAICB6zH+Hww6DwBgcLz+B4DRY/wHgNFTTL/DYWrYaQAAA+T1PwCMHuM/AIyUH7z3XrK1jrLvv177cG93s/7hnbVKY7NU210trdZ3tkvr9fp6+p09tbMer1qvby+9GbsfzX97u9FcaOzt36vVd7ea99Lv9b5XKaRX+WQBAAzTi69+9udcMiK/M5Vu0bGWQ2GomQGXLT/sBIChGetRBq4/q33B6DrHa3zTA3BNdFmi9wnF6PIBoVar1bq8lIBLdutL5v9hVHXM//srYBgx5vxhdJn/h9HVauX6XfM/+r0QALjazPEDPd7/fynb/yZ7c+DHa6ev+OQyswIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr7Xj931K2Fvhs5POlUsQLETEfhdz9jWplMSJuRMSfJguTSX1pyDkDAOeV/1suW//r1twbs0+cemXmpDgRET/91fu//Gil2dz5Y8RE7l+Tx8ebn2THy4PPHgA42/E4ne47Xsg/OnywerwNMp+/fzciiu34R4cTcXQSfzzG030xChEx/e9cVm/LdcxdnMfBxxHxxW7tz8VsOgfSXvn0dPwk9gsDjZ9/In4+PdfeJz+LL1xALjBqPkv6n3e73X/5uJnuu9//xbSHOr+s/0seavUo7QMfxz/u/8Z69H83+43x5u++1y5NPX3u44gvj0ccxz7q6H+O4+d6xH+jz/h/+corr/U61/p1xK3oHr8z1kKztr3Q2Nu/s1FbWa+sV7bK5eWl5cW3775VXkjnqBd6jwb/eOf2jV7nkvZP94hfPKP9X++z/Z/+74Mffe0Z8b/5erf4+Xj5GfGTMfEbfcZfmf5tsde5JP5aj/af9fzf7jP+w7/uP7VsOAAwPI29/c2VarWy86zCjaOIs675XBaiv4t/n/2wrkTOI11InoUrkEbXwnc6jszEJcaa6HEz/vz19q/pZETnL3ar9VyxevUYFzHrBlwFJzd9RPx32MkAAAAAAAAAAAAAAABdDeLTUcNuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wMAAP//jMfJaQ==") syz_mount_image$fuse(0x0, &(0x7f0000000100)='./bus\x00', 0x20020, 0x0, 0x1, 0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340), 0x0, 0x0, 0x1) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]}) 5m28.222775722s ago: executing program 5 (id=3051): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=@newtaction={0x12c, 0x30, 0x101, 0x70bd2b, 0x25dfdbfe, {}, [{0x40, 0x1, [@m_simple={0x3c, 0x18, 0x0, 0x0, {{0xb}, {0x10, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x9, 0x3, '\t\x00\x00\x00\x00'}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}]}, {0xd8, 0x1, [@m_simple={0xa8, 0x2, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x9, 0x3, 'flow\x00'}, @TCA_DEF_DATA={0xa, 0x3, '\xbb\xbb\xbb\xbb\xbb\xbb'}, @TCA_DEF_DATA={0xd, 0x3, 'trans=fd,'}]}, {0x51, 0x6, "3ac47d8f66b9ada606aa60a7fc99c95c9fbb58402dd443e92602f7994c557e40094500a136bb53cc323abe8e9a032feb3b1811b3f9149f6f05ff436ae121782b9f13ed2deb3fee8a17863c1d88"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ct={0x2c, 0x17, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x12c}, 0x1, 0x0, 0x0, 0x4000880}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 5m25.139647664s ago: executing program 5 (id=3063): syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x4, 0xaf7, &(0x7f0000000380)="$eJzs3U1sXEfhAPDZtdexk/Qfp/+EmjS0CYW2fNRpHBM+IkiqREhETYW4VKq4RGlaIkKQKBJQVcLJiRutqiBx4kOceqkKQqIXFPXEpRKNVCH1VDhwIAqiEgcIJIu8nlnvTnbzdh3vvrX395OeZ+fNezszz2/f97wJwNiqNv4uLs5VQrj85qsn/vbwX2eWxxxtTjHb+DvZEquFECoxPpl93/sTK+HND1460ymshIXG3+X4luURT11vzrsthLAU9oUrYTbsuXz1lbcXnjx18eSl/e+8duTagKoPAABj5atXjizu/vMf79954/UHjoUtzfHpeH02xrfH4/5j8cA/Hf9XQ3u80jK0msqmm4xDdaZ9uokO0zXymew83WSX/Key/GtdptsS7pz/RMu4TvWGjSytx7OhUp1vi1er8/Mr5+ShcV4/VZm/cO78cy+UVFBg3f3zwRDCvpbh+KX2+CCHtLHpZ56jgyhLZWW/PuD61oe1XDfbcGx4ed2oryi9zkMa6jvK3f4AJPn9wtss5VcW7k7z2yZ7y//6E9XO88M6GPb633P+1XhRraz8kzHP/1cXbXFYP5t1bUr1Sr+j7TGe9t7pGab8+aXuv7/8Tkf72Px+RK3Hcna7j7BR7i90K+fEkMuxVt3Kn68Xm9UXY5iWw5ey9NbfT/4/3Sj/Y6Czf+XX/zfyMB0rVUbeEyNQ/4EM+0agDIa2oX0dr93Nd9VL3PYAoy1/bq6e7o9G+XN9efqWgvTpgvSZgvStBenbCtJhnP3muz8OL1dWz/Pzc/p+r4en62z3xPD/+ixPfj2y3/zz5377dbf5588Twyj73emnz37u2Weurjz/X2mu/7fi+p5ON2bjb+tKnCBdL8yvqzef/Z9tz6faZbp7s/Lc02H6xudd7dNVdq1+T2jZztxWjrn2+XZ0m25v+3Sz2XQzcZjOypsfn2zN5kvHH2m7mpbXZFbfWlaPqawcabuyM4Z5OWAt0vrY7fn/tH7OhVrluXPnzz6e7WP/MFHbsjz+4JDLDdy9Xtv/zIX29j/bm+Nr1bRdCC3717S9OBjeiN/XPn6hmU/7+EMxnvZz35iYaYyfP/Pt88+uf/VhrL3wgxe/efr8+bPf8WHNH748GsXo50M6bRmV8vTwIZ0BlVaMaih/IQzxQ4kbJWAoDvxw5SDgsXPfOv382efPXjh0+PChhYXDnz+0eKBxXH+g9ei+1VIJpQXW0+pOP0/ZXk6BAAAAAAAAAAAAgELfO3ni6rtvffa9lfb/q+3/Uvv/9ORvav//o6z9f95OPrWDT+0Ad3ZIb0yTvWB1KpuuFof/z8q7K8tndzbfh2LY7Mcvtv9P2eXvdU3luS8bX8ujMcPsdQK3vS9lKmsfnfcX+NEYXorhLwOUqDLTeXQMi95vndb11Dqr5b0U9YlxeYnyJpD+b2ltWHmPyWpPrh3f69Tyz945pHKyvgbTeHDqji0LgNHw99F7//fS4L77H6sVL7+ehq7D5HDz+2ljjaiO43pRr3frxaPXHmwA1kfZ/X+m654pvPD7r0wvD2my60+0by/z95dCP/70bnt81PufHHT+eb99w86/7PoPu//PZv93PW//sh7zsvc891q6f//s2nst2YY9veaf1z+9B3pXjxlHN2L+qTaPhN7yr/8iyz+/IdSj/2T5b+0x/9vqv3dt+f835p8W26MPFeSfLgxfXClxpdpejpmsHun+X37dOLmZ1T+92/MO9f/ai53qv8Z7DLdi/jDONko/s/3KjiOaB+2tzxeEvvr/jZbWt//fZmGzzVr+HMZnYjztCNJzDnl/J/2WPz1fkfYDu7PvrxTs3/T/u7F9IYZFv4fU/29aH2fjLr8l3liWKV7rsGw367YGNqr3R+/+37gP0yNQBkPvQ31iDfM1+4krufz1en2wF7QKlJo5pS//ss8Tys6/7OVfJO//Nz+Gb55/7uucnvf/m6fn/f/m6TPxP9QtPe//N1+eef+/efp92ffm/QPPFaR/uCB9T+f05mK7v2D+vQXpHylI399MP9o2RUp/oGD+BwvS7y1If6gg/WMF6R8vSH+4IP3RlvTWPqBT+icK5t/sUnuUTvXXpx9sbnn7vHHb/sE4S/d/uv3+dxWkAxvXT14/ePyZX399dqX9/1Tzeki6j3csxmvx/On7MZ7f9w4t8eW0t2L8L1n6qF/vgHGSvz8j378/UpAObFzpOS+/bxhDlenOo2NY9N6qbsf5bCyfjOGnYvjpGD4Ww/kYHohhuje0MKTyMRjH3/jtkZcrq+f7O7L0Xp8nz9sDtb0nKoRwqMfy5NcH+n2ePX+PX7/uNv81NgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoTbXxd3FxrhLC5TdfPfH0qXMHlsccbU4x2/g72RKrNecL4fEYTsTw5/HDzQ9eOtMa3ophJSyESqg0x4enrjdz2hZCWAr7wpUwG/ZcvvrK2wtPnrp48tL+d147cm1wSwAAAAA2v/8FAAD//zjgCFM=") r0 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100, 0x200, 0xfffffffd}, &(0x7f0000000ec0)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x64}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 5m22.813775707s ago: executing program 33 (id=3063): syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x4, 0xaf7, &(0x7f0000000380)="$eJzs3U1sXEfhAPDZtdexk/Qfp/+EmjS0CYW2fNRpHBM+IkiqREhETYW4VKq4RGlaIkKQKBJQVcLJiRutqiBx4kOceqkKQqIXFPXEpRKNVCH1VDhwIAqiEgcIJIu8nlnvTnbzdh3vvrX395OeZ+fNezszz2/f97wJwNiqNv4uLs5VQrj85qsn/vbwX2eWxxxtTjHb+DvZEquFECoxPpl93/sTK+HND1460ymshIXG3+X4luURT11vzrsthLAU9oUrYTbsuXz1lbcXnjx18eSl/e+8duTagKoPAABj5atXjizu/vMf79954/UHjoUtzfHpeH02xrfH4/5j8cA/Hf9XQ3u80jK0msqmm4xDdaZ9uokO0zXymew83WSX/Key/GtdptsS7pz/RMu4TvWGjSytx7OhUp1vi1er8/Mr5+ShcV4/VZm/cO78cy+UVFBg3f3zwRDCvpbh+KX2+CCHtLHpZ56jgyhLZWW/PuD61oe1XDfbcGx4ed2oryi9zkMa6jvK3f4AJPn9wtss5VcW7k7z2yZ7y//6E9XO88M6GPb633P+1XhRraz8kzHP/1cXbXFYP5t1bUr1Sr+j7TGe9t7pGab8+aXuv7/8Tkf72Px+RK3Hcna7j7BR7i90K+fEkMuxVt3Kn68Xm9UXY5iWw5ey9NbfT/4/3Sj/Y6Czf+XX/zfyMB0rVUbeEyNQ/4EM+0agDIa2oX0dr93Nd9VL3PYAoy1/bq6e7o9G+XN9efqWgvTpgvSZgvStBenbCtJhnP3muz8OL1dWz/Pzc/p+r4en62z3xPD/+ixPfj2y3/zz5377dbf5588Twyj73emnz37u2Weurjz/X2mu/7fi+p5ON2bjb+tKnCBdL8yvqzef/Z9tz6faZbp7s/Lc02H6xudd7dNVdq1+T2jZztxWjrn2+XZ0m25v+3Sz2XQzcZjOypsfn2zN5kvHH2m7mpbXZFbfWlaPqawcabuyM4Z5OWAt0vrY7fn/tH7OhVrluXPnzz6e7WP/MFHbsjz+4JDLDdy9Xtv/zIX29j/bm+Nr1bRdCC3717S9OBjeiN/XPn6hmU/7+EMxnvZz35iYaYyfP/Pt88+uf/VhrL3wgxe/efr8+bPf8WHNH748GsXo50M6bRmV8vTwIZ0BlVaMaih/IQzxQ4kbJWAoDvxw5SDgsXPfOv382efPXjh0+PChhYXDnz+0eKBxXH+g9ei+1VIJpQXW0+pOP0/ZXk6BAAAAAAAAAAAAgELfO3ni6rtvffa9lfb/q+3/Uvv/9ORvav//o6z9f95OPrWDT+0Ad3ZIb0yTvWB1KpuuFof/z8q7K8tndzbfh2LY7Mcvtv9P2eXvdU3luS8bX8ujMcPsdQK3vS9lKmsfnfcX+NEYXorhLwOUqDLTeXQMi95vndb11Dqr5b0U9YlxeYnyJpD+b2ltWHmPyWpPrh3f69Tyz945pHKyvgbTeHDqji0LgNHw99F7//fS4L77H6sVL7+ehq7D5HDz+2ljjaiO43pRr3frxaPXHmwA1kfZ/X+m654pvPD7r0wvD2my60+0by/z95dCP/70bnt81PufHHT+eb99w86/7PoPu//PZv93PW//sh7zsvc891q6f//s2nst2YY9veaf1z+9B3pXjxlHN2L+qTaPhN7yr/8iyz+/IdSj/2T5b+0x/9vqv3dt+f835p8W26MPFeSfLgxfXClxpdpejpmsHun+X37dOLmZ1T+92/MO9f/ai53qv8Z7DLdi/jDONko/s/3KjiOaB+2tzxeEvvr/jZbWt//fZmGzzVr+HMZnYjztCNJzDnl/J/2WPz1fkfYDu7PvrxTs3/T/u7F9IYZFv4fU/29aH2fjLr8l3liWKV7rsGw367YGNqr3R+/+37gP0yNQBkPvQ31iDfM1+4krufz1en2wF7QKlJo5pS//ss8Tys6/7OVfJO//Nz+Gb55/7uucnvf/m6fn/f/m6TPxP9QtPe//N1+eef+/efp92ffm/QPPFaR/uCB9T+f05mK7v2D+vQXpHylI399MP9o2RUp/oGD+BwvS7y1If6gg/WMF6R8vSH+4IP3RlvTWPqBT+icK5t/sUnuUTvXXpx9sbnn7vHHb/sE4S/d/uv3+dxWkAxvXT14/ePyZX399dqX9/1Tzeki6j3csxmvx/On7MZ7f9w4t8eW0t2L8L1n6qF/vgHGSvz8j378/UpAObFzpOS+/bxhDlenOo2NY9N6qbsf5bCyfjOGnYvjpGD4Ww/kYHohhuje0MKTyMRjH3/jtkZcrq+f7O7L0Xp8nz9sDtb0nKoRwqMfy5NcH+n2ePX+PX7/uNv81NgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoTbXxd3FxrhLC5TdfPfH0qXMHlsccbU4x2/g72RKrNecL4fEYTsTw5/HDzQ9eOtMa3ophJSyESqg0x4enrjdz2hZCWAr7wpUwG/ZcvvrK2wtPnrp48tL+d147cm1wSwAAAAA2v/8FAAD//zjgCFM=") r0 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x0, 0x10100, 0x200, 0xfffffffd}, &(0x7f0000000ec0)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x64}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 9.121425891s ago: executing program 3 (id=4362): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000002140)={0xa, 0x4e28, 0x8, @mcast2, 0x5}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000740)="7a916cdf9101563137b00411dbb047afeb6cceda18772e89938297d92977992f3acbe5877ed83aa2d1375b48d52dbf5654185514e8ad3f664805cb9861c3c6c2da5a9129c49dca8c057d3433076e4a4d7c41784cc978316f1d7b355603ea2096b9aee39ae6421e6576ab2dad7d79b85d94c73e55257c6f13b0e386241a79ae7e39390b9c473e659be0671f38065cf9090a7c", 0x92}], 0x1}}], 0x1, 0x4005c04) 8.203573162s ago: executing program 3 (id=4366): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = open(&(0x7f00000000c0)='./file1\x00', 0x66842, 0x21) pwritev(r0, &(0x7f0000000280)=[{&(0x7f0000000140)="97e816", 0x3}, {&(0x7f0000000200)}], 0x2, 0x70f0, 0x6) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8, 0x8, 0x2, 0xced, 0x8}) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) 7.517453426s ago: executing program 4 (id=4369): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1) getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newtaction={0x68, 0x30, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x7fc0, 0x7, 0xa, 0x7}, 0x1, r2}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 7.022139309s ago: executing program 1 (id=4371): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x40200000001, &(0x7f0000000000)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000600)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x7803, 0x3, {}, 0x8000, 0xa, 0x4}}}, 0x90) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000840)={0x14, 0x88, 0xfa00, {r1, 0x1c, 0x0, @in6={0xa, 0x4e21, 0x10, @remote, 0xf}}}, 0x90) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000440)={0x13, 0x10, 0xfa00, {&(0x7f0000000240), r1, 0x2}}, 0x18) 6.888886392s ago: executing program 0 (id=4372): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000200)='cgroup.clone_children\x00', 0x2, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f00000003c0)='cpuacct.stat\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x38) 6.574507251s ago: executing program 6 (id=4373): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="680000001000ffff25bd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="1720000021200000400012800c0001006d6163766c616e0030000280080003000300000008000100100000001c0005800a000400aaaaaaaaaa2d00000a0004003426f7b68ed1000008000500", @ANYRES32=r2], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x8000002) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xfc) 6.496942292s ago: executing program 4 (id=4374): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1002, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94) r0 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000640)=[{0x0}], 0x178) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0}, 0x94) io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[r0], 0x1) 6.472544888s ago: executing program 3 (id=4375): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000021c0)=0x1, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x4, &(0x7f0000000300)=0x3, 0x4) setsockopt(r0, 0x1, 0x10000000000009, &(0x7f0000000100)="0100ddff", 0x507b420f2d51f971) connect$inet6(r0, &(0x7f00000006c0)={0xa, 0x4e22, 0x7, @remote, 0x2}, 0x1c) 5.974979318s ago: executing program 1 (id=4376): syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x1200082, &(0x7f0000000300)=ANY=[], 0x5, 0x153b, &(0x7f0000001940)="$eJzs3AuYTmX3MPC17vvejGnS0ySH4b7vtXlocJskySFJDkmSJMk5IWmSJCEx5JQ0JCHHSXIYQnKYmDTO50POSfJKkiQkJLm/azp8/m/933+939v7ef/N+l3XvuxlP2s9a+8117MPzzXzZbfhtZrUrt6IiOBfgj/9kwIAMQAwGACuAoAAAMrHl4/P3p5HYsq/9ibsz3V/+uXugF1OPP+cjeefs/H8czaef87G88/ZeP45G88/Z+P5M5aTbZ1Z6Gpecu7y8/P/GODn/zkQn/9zNp7/X4b3vs8/ncTzz9l4/jkbzz9n4/nnbDz/nI3n/5eT+3/aaH8V8/wZy8n+lOfIv3zm/MPXiP/N3zP8cqj+xTrFg5/K/Lv6DP6f8i7Tjx1jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsRzmnL9EAcAv65e7L8YYY4wxxhhjjP15fO7L3QFjjDHGGGOMMcb+/RBASVAQQC7IDTGQB2LhCoiDKyEvXAURuBri4RrIB9dCfigABaEQJEBhKAIaDFggCKEoFIMoFIcScB0kQkkoBaXBQRlIguuhLNwA5eBGKA83QQW4GSpCJagMVeAWqAq3QjW4DarD7VADakItqA13QB28E+rCXVAP7ob6cA80gHuhIdwHjeB+aAwPQBN4EJpCM2gOLaAltILWv86HP5L/LPSC56A39IEU6Av94HnoDwNgIAyCwfACDIEXYSi8BKkwDIbDyzACXoGR8CqMgtEwBl6DsTAOxsMEmAiTIA1eh8nwBkyBN2EqTIPpMAPSYSbMgrdgNsyBufA2zIN3YD4sgIWwCDLgXVgMSyAT3oOl8D5kwTJYDitgJayC1bAG1sI6WA8bYCNsgs2wBbbCB7ANtsMO2Am7YDfsgQ9hL3wE++Bj2A+f/JP5Z3+V3x0BAQUKVKgwF+bCGIzBWIzFOIzDvJgXIxjBeIzHfJgP82N+LIgFMQETsAgWQYMGCQmLYlGMYhRLYAlMxEQshaXQocMkTMKyeAOWw3JYHstjBayAFbESVsIqWAWrYlWshtWw+s0LALAG1sJaeAfegXdiXayL9bAe1sf62AAbYENsiI2wETbGxtgEm2BTbIrNsTm2xJbYGltjG2yDbbEttsf22AE7YEfsiMmYjJ2wE3bGztgFu2BX7IrdsBt2xx7YA5/FZ/E5fA77YA3RF/thP+yP/XEgDsJB+AIOwRfxRXwJU3EYDseX8WV8BUfiGRyFo3EMjsGqYhyOxwlIYhKmYRpOxsk4BafgVJyG03AGpuNMnIWzcDbOwTn4Ns7Dd/AdXIALcBFmYAYuxiWYiZm4FM9iFi7D5bgCVwLgSlyDa3ENrscNuB434SbcglvwA/wAt+N23Ik7cTfuxg/xQ/wIP8JUbAYAB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfTvi88e6S61JBZFNCiVwil4gRMSJWxIo4ESfyirwiIiIiXsSLfCKfyC/yi4KioEgQCaKIKCKMMIJEKIqKoiIqoqKEKCESRaIoJUqJvsKJJJEkyoqyopwoJ8qLm0QFcbOoKCqJdq6KqCKqivaumrhNVBfVRQ1RU9QStUVtUUfUEXVFXVFP1BP1RX2hAKCh6IsD8X6RPZkmYhg2FcOxuWghWopW4hV8SLQRI7GtaCfai0fEaByFHUUblyweF53EeOwsnhQT8CnRVUzCbuIZ0V30ED3Fs6KXaOt6iz5iKvYV/cQM7C8GiIFikJiNNUX2xGqJl0SqGCaGi5fFInxFjBSvilFitBgjXhNjxTgxXkwQE8UkkSZeF5PFG2KKeFNMFdPEdDFDpIuZYpZ4S8wWc8Rc8baYJ94R88UCsVAsEhniXbFYLBGZ4j2xVLwvssQysVysECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFB2Kb2C52iJ1il9gt9ogPxV7xkdgnPhb7xSfigPibOCg+FYfEZ+Kw+FwcEV+Io+JLcUx8JY6LPuKEOClOiW/EafGtOCPOinPiO3FefC8uiB/EReEFSJRCSqlkIHPJ3DJG5pGx8goZJ6+UeeVVMiKvlvHyGplPXivzywKyoCwkE2RhWURqaaSVJENZVBaTUVlclpDXyURZUpaSpaWTZWSSvF6WlTfIcvJGWV7eJCvIm2VFWUlWllXkLbKqvFVWk7fJ6vJ2WUPWlLVkbXmHrCPvlHXlXbKevFvWl/fIBvJe2VDeJxvJ+2Vj+YBsIh+UTWUz2Vy2kC1lK9laPiTbyIdlW9lOtpePyA7yUdlRPiaT5eOyk3xCdpZPyi7yKdlVPi27yWdkd9lD9pQ/yIvSy96yj0yRfWU/+bzsL7PPhYPkYPmCHCJflEPlSzJVDpPD5ctyhHxFjpSvylFytBwjX5Nj5Tg5Xk6QE+UkmSZfl5PlG3KKfFNOldPkdDlDpsuZcuDPleb+gfw3fsn3+NMpWc6UQ1NS5bCULXKr/EBuk9vlDrlT7pK75R65R+6Ve+U+uU/ul/vlAXlAHpQH5SF5SB6Wh+UReUQelUflMXlMHpfH5Ql5Un4nv5Gn5bfyjDwrz8rv5Hl5Xl74+RiAQiWUVEoFKpfKrWJUHhWrrlBx6kqVVwCAulrFq2tUPnWtyq8KqIKqkEpQhVURpZVRVpEKVaCKqagqrkqo61SiKqlKqdLKqTIqSV2vIn8gv+j/kP/3/clf+lsx/acjpVqr1qqNaqPaqraqvWqvOqgOqqPqqJJVsuqkOqnOqrPqorqorqqr6qa6qe6qu+qpeqpeqpfqjaBSVIrqp55X/dUANVANUoPVC2qIGqKGqqEqVaWq4Wq4GqFGqJFqpBqlRqkxaowaq8aq8Wq8mqgmqjSVpiaryWqKmqKmqqlqupqu0lW6mqVmqdlqtpqr5qp5ap6ar+arhWqhylAZarFarDJVplqqlqostUwtUyvUCrVKrVJr1Bq1Tq1TG9QGtUltUllqq9qqtqltaofaoXapXWqP2qP2qr1qn9qn9qv96oA6oA6qg+qQOqQOq8PqiDqijqqj6pg6po6r4+qEOqFOqVPqtDqtzqgz6pw6p86r8+qCuqAuqovZl32BCESgAhXkCnIFMUFMEBvEBnFBXJA3yBtEgkgQH8QH+YJrg/xBgaBgUChICAoHRQIdmMAGFIRB0aBYEA2KByWC64LEoGRQKigduKBMkBRcH5QNbgjKBTcG5YObggrBzUHFoFJQOagS3BJUDW4NqgW3BdWD24MaQc2gVlA7uCOoE9wZ1A3uCuoFdwf1g3uCBsG9QcPgvqBRcH/QOHggaBI8GDQNmgXNgxZBy6BV0PrPqo/Z9b0/U+Bh11v30bmhr+6nn9f99QA9UA/Sg/ULeoh+UQ/VL+lUPUwPj3lZj9Cv6JH6VT1Kj9Zj9Gt6rB6nx+sJeqKepNP063qyfkNP0W/qqXqanq5n6HQ9U8/Sb+nZeo6eq9/W8/Q7er5eoBfqRTpDv6sX6yU6U7+nl+r3dZZeppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr/kBv09v1Dr1T79K79R79od6rP9L79Md6v/5EH9B/0wf1p/qQ/kwf1p/rI/oLfVR/qY/pr/Rx/bU+oU/qU/obfVp/q8/os/qc/k6f19/rC/oHfVH77Iv77NO7UUaZXCaXiTExJtbEmjgTZ/KavCZiIibexJt8Jp/Jb/KbgqagSTAJpogpYrKRIVPUFDVREzUlTAmTaBJNKVPKOONMkkkyZU1ZU86UM+VNeVPBVDAVTUVT2VQ2t5hbzK3mVnObuc3cbm43NU1NU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zU1z09K0NK1Na9PGtDFtTVvT3rQ3HUwH09F0NMkm2XQynUxn09l0MV1MV9PVdDPdTHfT3fQ0PU0v08v0Nr1Nikkx/Uw/09/0NwPNQDPYDDZDzBAz1Aw1qSbVDDfDzQgzwow0I80oM9qMMa+ZsWacGW8mmIlmkkkzaWaymWymmClmqplqppvpJt2km1lmlpltZpu5Zq6ZZ+aZ+Wa+WWgWmgyTYRabxSbTZJqlZqnJMllmuVluVpqVZrVZbdaatWa9WW82mo1ms9lstpqtZpvZZnaYHWaX2WX2mD1mr9lr9pl9Zr/Zbw6YA+agOWhi4JA5bA6bI+aIOWqOmmPmmDlujpsT5oQ5ZU6Z0+a0OWPOmHPmnDlvvjcXzA/movEmxuaxsfYKG2evtHntVfbXcUFbyCbYwraI1Ta/LfB3sbHWJtqStpQtbZ0tY5Ps9b+JK9pKtrKtYm+xVe2tttpv4jr2TlvX3mXr2bttbXvH38X17T22gX3QNrTNbCPbwja2rWwT+6BtapvZ5raFbWlb2Q72UdvRPmaT7eO2k33iN/Fiu8SutevservB7rUf2XP2O3vUfmnP2+9tb9vHDrYv2CH2RTvUvmRT7bDfxGPsa3asHWfH2wl2op30m3i6nWHT7Uw7y75lZ9s5v4kz7Lt2ns208+0Cu9Au+jHO7inTvmeX2vdtll1ml9sVdqVdZVfbNf+31xV2k91st9g99kO7zW63O+xOu8vu/jHO3o999mO7335ij9gv7EH7qT1kj9nD9vMf4+z9O2a/ssft1/aEPWlP2W/safutPWPP/rj/2fv+jf3BXrTeAiEJkqQooFyUm2IoD8XSFRRHV1JeuooidDXF0zWUj66l/FSAClIhSqDCVIQ0GbJEFFJRKkZRKk4l6DpKpJJUikqTozKURNdTWbqBytGNVJ5uogp0M1WkSlSZqtAtVJVupWp0G1Wn26kG1aRaVJvuoDp0J9Wlu6ge3U316R5qQPdSQ7qPGtH91JgeoCb0IDWlZtScWlBLakWt6SFqQw9TW2pH7ekR6kCPUkd6jJLpcepET1BnepK60FPUlZ6mbvQMdace1JOepV70HPWmPpRCfakfPU/9aQANpEE0mF6oAQA0lF6iVBpGw+llGkGv0Eh6lUbRaBpDr9FYGkfjaQJNpEmURq/TZHqDptCbNJWm0XSaQek0k2bRWzSb5tBcepvm0Ts0nxbQQlpEGfQuLaYllEnv0VJ6n7JoGS2nFbSSVtFqWuNzA9B62kAbaRNtpi20lT6gbbSdkHbSLtpNe+hD2ksf0T76mPbTJ3SAEA/Sp3SIPqPD9DkdoS/oKH1Jx+grOk5f0wk6SafoGzpN39IZOkvn6Ds6T9/TBfqBLpInCDEUoQxVGIS5wtxhTJgnjA2vCOPCK8O84VVhJLw6jA+vCfOF14b5wwJhwbBQmBAWDouEOjShDSkMw6JhsTAaFg9LhNeFiWHJsFRYOnRhmTApvD4sG94QlgtvDMuHN4UVwpvDimGl8MG7q4S3hFXDW8Nq4W1h9fD2sEZYM6wV1g7vCOuEd4Z1w7vCeuHdYbnwnrBBeG/YMLwvbBTeHzYOHwibhA+GTcNmYfOwRdgybBW2Dh8K24QPh23DdmH78JGwQ/ho2DF8LEwOHw87hU/87vaUsG/YL3w+fD70/i65MLoomhF9N7o4uiSaGX0vujT6fjQruiy6PLoiujK6Kro6uia6Nrouuj66Iboxuim6Obol6n3t3ODQCSedcoHL5XK7GJfHxborXJy70uV1V7mIu9rFu2tcPnety+8KuIKukEtwhV0Rp51x1pELXVFXzEVdcVfCXecSXUlXypV2zpVxSa6Va+1auzbuYdfWtXPt3SPuEfeoe9Q95h5zj7tO7gnX2T3purinXFf3tHvaPeO6ux6up3vW9XLPud6uj0txKa6f6+f6u/5uoBvoBrvBbogb4oa6oS7Vpbrhbrgb4Ua4kW6kG+VGuTFujBvrxrrxbryb6Ce6NJfmJrvJboqb4qa6qW66m+7SXbqb5Wa52W62m+vmunmJ89x8N98tdAtdhstwi91il+ky3VK31GW5LLfcLXcr3Uq32q12a91at96tdxvdRrfZbXZbXeTnp5Q73C63y+1xe9xet9ftc/vcfrffHXAHznl30B1yn7nD7nN3xH3hjrov3TH3lTvuvnYn3El3yn3jTrtv3Rl31p1z37nz7nt3wf3gLjrv0iKvRyZH3ohMibwZmRqZFpkemRFJj8yMzIq8FZkdmROZG0GYF3knMj+yILIwsiiSEXk3sjiyJJIZeS+yNPJ+JCuyLLI8siKyMrIq4n3hbaEv6ov5qC/uS/jrfKIv6Uv50t75Mj7JX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+2a+uW/hW/pWvrV/yLfxD/u2vp1v7x/xHfyjvqN/zCf7x30n/4Tv7J/0XfxTvqt/2nfzz/juvofv6Z/1vfxzvrfv41N8X9/PP+/7+wF+oB/kB/sX/BD/oh/qX/Kpfpgf7l/2I/wrfqR/1Y/yo/0Y/5of68f58X6Cn+gn+TT/up/s3/BT/Jt+qp/mp/sZPt3P9LP8W362n+Pn+rf9PP+On+8X+IV+kc/w7/rFfonP9O/5pf59n+WX+eV+hYeYVX61X+PX+nV+vd/gN/pNfrPf4rf6D/w2v93v8Dv9Lr/b7/Ef+r3+I7/Pf+z3+0/8Af83f9B/6g/5z/xh/7k/4r/wR/2X/pj/yh/3X/sT/qQ/5b/xp/23/ow/68/57/x5/72/4H/wF/l31hhjjDHG/hD5O9v7/jf/J35esvUDgCu3Fzr865ob8/+0PkAkdMi+hn+8T7f7f/52I6VGjZSUlJ9fmyUhKLYAACKX8nPBpXgZtIdHIRnaQdn/tr8Bosd5+rn+L8uv60dvAoj9LzkxcCm+VP+Gf1B/3Lzfrb8AILHYpZw8cCm+VL/cP6hfoM3v1M/zaRpA2/+SEweX4kv1k+BheAKSf2+gPznwh17FGGOMMcYYY+wvY4Co3OX37m+z788T1KWc3HAp/r378x/9sXtSxhhjjDHGGGOM/Zs81aPnYw8lJ7frcrlWAC7nu1/mfRf/EW387kqu/4w2/mIr8j+jjX+0crk/mRhjjDHGGGN/tksX/Ze7E8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLOf6//HnxC73PjLGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOX2/8JAAD//3RtHW0=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB='('], 0x28}, 0x1, 0x0, 0x0, 0x48891}, 0x880) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f00000000c0)="199adfa8361f11a9e30c35eb63d7ac01997abf225f6fcbba3baadf522b3d3bba1e0b4cd36aefc4cc8b85feefad4db6a3ea6a88ef11ed34c11bb32659729892619d355c1b32efe0469f2ac775267c96d046e17582cb6752ad952153a0165bcae66daa5b096b85609fd2bea8e4d6b83d616136e8379241f1259e8588cb4d264376c3f8d2ec09eb51e92db7ccea31f3fb4dd231d14956f22ef270befe4484acef9574ead9ac6a0e58ea93048b19ddb72dc779ee8bf3ca45bc1333bdbac6e2cd5a52b42c79edba9bfb4410e743ae0519bacfc7d6afd16d9e89dfe67fad85a7777455cf3a084f453fb3bc79a9275de05ffbede0d5765b4390be336f7f8419ea126e77") 5.835227935s ago: executing program 0 (id=4377): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4081}, 0x0) 5.465453111s ago: executing program 4 (id=4378): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r1, 0x107, 0xa, 0x0, &(0x7f0000000040)) 5.096809393s ago: executing program 1 (id=4379): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x10000003, 0x0, 0x81, 0x1ff, 0x1}, 0x1c) recvmmsg(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000340)=""/82, 0x52}], 0x1}, 0x10}], 0x1, 0x2100, 0x0) recvmmsg$unix(r0, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1, 0x0, 0x29}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffea5}}], 0x2, 0x40002000, 0x0) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) 5.096406781s ago: executing program 3 (id=4380): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', 0x0}) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd00000080190000000000000800", [0x0, 0x3]}}) sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc140000004788031c09103328", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 4.953227559s ago: executing program 6 (id=4381): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2, 0x25, 0x4, @void}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000000)=ANY=[], 0x0) 4.802937505s ago: executing program 0 (id=4382): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x5, &(0x7f00000001c0)=0x7, 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x5, 0x0, &(0x7f0000000180)) 4.689881208s ago: executing program 4 (id=4383): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x4006, &(0x7f0000000200)={[{@oldalloc}, {@test_dummy_encryption_v1}]}, 0x4, 0x463, &(0x7f00000010c0)="$eJzs289vFFUcAPDvzG6L/LIrwR/8UIloJP4otCBy8KLRxIMmJmqCJ1PbQpCFGloTIUTBGDwaEu/Gowl/gSe9GPVk4lU9ExJiuICe1szuDN0uu0t/bbeyn08y8N7Ma9/7zpu3+2ZeJ4CBtSf7J4nYEhF/RMRII7uwwJ7Gf7dunJ/858b5ySRqtbf/Turlbt44P1kULX5uc5EpR6RfJLGrTb2zZ8+dnKhWp8/k+f1zpz7aP3v23PMnTk0cnz4+fXr8yJFDB8dePDz+wqrEmcV1c+enM7t3vP7e5Tcnj17+4JcrSRF/SxwrV46mX93WU7Xa6lW3DmxtSiflPjaEJSnlV+tQffyPRCnmO28kXvu8r40DeqpWq9Ue6nz4Qg24hyXR7xYA/VF80Wf3v8W2RlOPdeH6y40boCzuW/nWOFKONC8z1HJ/u5r2RMTRC/9+k23R+hxiY48qBQAG2g/Z/Oe5dvO/NJqfC92fr6FUIuKBiNgWEYcjYntEPBhRL/twRDyyxPpbF0nunH+m15YV2CJl87+X8rWthfO/YvYXlVKe21qPfyg5dqI6fSA/J/tiaEOWH+tSx4+v/v5Vp2PN879sy+ov5oJ5O66VN8znsinh1MTcxErjLly/GLGz3C7+5PZKQBIROyJi5zLrOPHMd7s7HesQ//CifvEqrDPVvo14utH/F6Il/kLSfX1y/31RnT6wIfKr4k6//nbprU71373/eyvr/01tr/8i/r8qSfN67ezS67j055cd7ylb478a3a//yK//4eSdBfs+mZibOzMWMZy8Uc9XmvePt5Qbny+fxb9vb/vxvy3mz8SuiMgu4kcj4rGIeLzps+uJiNjbJrap/BT+/MqTHy42/n70/1TX/o+W/p9PDEfrnvaJ0smfvl9QaWUp8Wf9f6ie2pfvWcznX7vmFBE1H1rJuQMAAID/izQitkSSjt5Op+noaONv+LfHprQ6Mzv37LGZj09PNd4RqMRQWjz/HGl6HjqW39YX+fGW/MH8ufHXpY31/OjkTHWq38HDgNvcYfxnrpb63Tqg57yvBYPL+IfBZfzD4DL+YXC1Gf9ePYMB0e77/7M+tANYey3jv+uyn4kB3Fvc/8PgMv5hcBn/MJAuRnR/eb+niSt5K9ak0jQilv3jEXcv8+77/TiHvU1EpdOhSNdHCyV6k+jzBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAq+S8AAP//dfvcJg==") syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0)) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) 4.272539688s ago: executing program 3 (id=4384): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$msdos(&(0x7f00000008c0), &(0x7f0000001200)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[@ANYBLOB="646973636172642c646f74732c646f74732c6e6f646f74732c636865636b3d7374726963742c646f74732c0080fcdc5c3dd34a5bee25f099008bade73ed878442a18112f260a6de8f9de23ca03128aff6e01"], 0x1, 0x11c1, &(0x7f0000001240)="$eJzs209LdFUcB/CfPtpj86TZP0s3HWpTm0u6aNVGQiEcKNQJNAiuONYw08wwdxYz0kJo16rXES3bBdEb8F20kyBq46qJHNMUIw30Bn0+m/nB95y5v8OFC+dyz8k7X33WPCiyg7wfkxMTMdWdjnSaIsVkPIqxo3jzi/Vfv9za2d1YrVbXNlNaX91efjulNPfq9x99/s1rP/SffPjt3HeP43j+45OfV348XjhePPlt+9NGkRpFanf6KU97nU4/32vV036jaGYpfdCq50U9NdpFvXclP2h1ut1hytv7s5Vur14UKW8PU7M+TP1O6veGKf8kb7RTlmVpthJcNxqNRrcdW/v69Gz0aDQdT53NfDoq8SSeidmYi2djPp6L5+OFeDFeioV4OV6JxTv9PwAAAAAAAAAAAAAAAAAAAHAbzv8DAAAAAAAAAAAAAAAAAABA+Zz/BwAAAAAAAAAAAAAAAAAAgPI5/w8AAAAAAAAAAAAAAAAAAADl29rZ3VitVtc2U5qJ+OloUBvUxr/jfP296tpb6cz85axfBoPao4t8eZynq/njqJznKzfmM/HG6+P8j+zd96vX8qXYv//lAwAAwP9Cli7cuL/Psr/Lx9Vf3g9c279PxdLUTVecua+l8C8Uw8Nm3mrVe8Vw+s/isLRi4ryrkttQKO6rmPxvtPHPRckPJh7E5U0vuxMAAAAAAAAAAADu4iE+Jyx7jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOztwLAAAAAAgzN86jY4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCqAAAA//9fwpXh") mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0x7, 0x1, 0x1, 0xffffffffffffffff, 0x2}) 4.022050881s ago: executing program 6 (id=4385): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) unshare(0x6020400) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) 3.782570842s ago: executing program 0 (id=4386): syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000180)='./file1\x00', 0x804800, &(0x7f00000002c0)=ANY=[@ANYRES8=0x0, @ANYBLOB="6092034e5823f645654f6e8edfc3b8e1a948efb0d4b9a9d4c30f5dacb3c1a7ea2587d59165777f070017c2921e793ec5a1384e143b57bb832f14bb43afdef6cb4ed4960b6c732be46a927cdd8c57f93ee6c15401df91ebcbe4f9989843313ea9f243d4dc3d276b966b898100a620b69b543033b9b7bcd9069b9248fbdff46c4a49f094a61938776ce1a1d0f0c84cb7a84bf0b1e2ce5f38f95e11d5b1977ead80625337f66dc391089ab8573d008a4bd03f6f9f01406db632558ed25be4beecd844ac00e52f95c5dc96a1e4a25c80d56aebf6cb33914d6bc72a40bf2fc94efed2f941cf3e"], 0xf9, 0x1213, &(0x7f0000000600)="$eJzs3E9rXFUYB+A3Y2rS1PxRa7Vd6AtuxMWlycKVIEFSkAwotRFaQbg1Ex0yzpTcITAiVldu/Ryu3Ql+g2z8DO6y6bIL8UrvNG1SU4vQZMQ+z2Luyz3nxzkHhoEz3HP33/3xq+2tqtgqh9GamorWrYi8m5HRigOvr4+v12+sr7bba1czr6xeW34nMxfe+PXTb2Yi4twnPy/8MhN7S5/t31n5fe/C3sX9P6992a2yW2V/MMwybw4Gw/JmbyE3u9V2kflRr1NWnez2q87OofZObr0dEaMs+5vzc7d2OlWVZX+U251RDgc53Bll+UXZ7WdRFDk/FzzWmSd32fjpbl3XEXV9Jp6Puq7rszEX5+KFmI+F+C4iXoyX4uU4H6/EhXg1XouLTa/TmD4AAAAAAAAAAAAAAAAAAAA8O/7p/P9iLDn/DwAAAAAAAAAAAAAAAAAAAKfg4+s31lfb7bWrmbMRvR92N3Y3xtdx+9K9j1504nIsxh/RnP4fG9dXPmivXc7GUnzfu30/f3t347kmv3qQX25eJ3A/P920HeSXx/k8mp+JuXv5reg2+ZVYjPPHj79ybH423nrzUL6Ixfjt8xhELzabsR/mv13OfP/D9iP5S00/AAAA+D8o8oFj9+9F8bj2cf7B/vrJ/w88sr+ejkvTk107EdXo6+2y1evsNEXvoJj9252TK+IUx3q6RcSduilmjja1TmjQVkx8yYeKqf/GNBRPpzgbR+9M+peJ0/DwazDpmQAAAAAAAAAAAPBvnPBzhdNxzJNl701mqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//qH3FUA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105142, 0x2c) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x80000000, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600) 2.977693626s ago: executing program 4 (id=4387): setreuid(0x0, 0xee01) r0 = shmget$private(0x0, 0x3000, 0x100, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_SET(r0, 0x1, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x180, 0xe12}, 0xfffffbff, 0x466a, 0x2, 0x6}) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) shmctl$IPC_RMID(r0, 0x0) 2.82193205s ago: executing program 1 (id=4388): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000000080)={[{@fat=@errors_continue}, {@nodots}, {@fat=@dmask={'dmask', 0x3d, 0x32}}, {@fat=@flush}]}, 0x1, 0x29e, &(0x7f0000000680)="$eJzs3T1rFFsABuCTvQm55JKQ6nKvjQetbIYktUWCJBBcUDQrqCBMyESXHXfDzha7wSLWNoKl/0As7QSxtEnpP7ALQkiVykicfG3AxsREyPM08zLvnOGcGThTzsb1l08by0WynHZCZXogVKZDqGwPhPFQCfvWwrVXz1+/uHv/wc2ZanX2ToxzMwuTUzHGscsfHj57e+Vj559778beD4f18Ucbm1Nf1v9d/3/j28KTehHrRWy2OjGNi61WJ13Ms7hULxpJjLfzLC2yWG8WWbuvX85bKyu9mDaXRkdW2llRxLTZi42sFzut2Gn3Yvo4rTdjkiRxdCRwErU32zs7YXOndN6z4ex5/xfbkU397xC21rq1bq08lv3cfHV2Iv4wdDhqq9v9/Omgnyz72NfXhsLIXj91vN//tFwt+93uxq3qsfHDYek3rx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLK4kHxg/PbnW7tb/KPvlZX6a5+ersxN4F/f1guDR4ZssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBMpequNNM+ztvDrYfdB/gHTEITTC+e9MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDZ6/+JPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABdV0VttpHmetU8rfP2vvPGR6rzXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn9T0AAP//pApp4Q==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x42, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff2, 0x4012011, r0, 0x0) fcntl$setstatus(r0, 0x4, 0x2400) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x3}}, 0x20) 2.821462991s ago: executing program 6 (id=4389): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CLEAR_DIRTY_LOG(r1, 0xc018aec0, &(0x7f0000000140)={0x0, 0x1c0, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x80000000000000c, 0x0, 0x4, 0x10000, 0x100000001, 0x9004, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x1, 0x8, 0x207, 0xc1, 0x1, 0x2, 0x2, 0x6, 0x9, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x5, 0x800000000100007, 0x4, 0x3, 0x9, 0x888f, 0x1, 0x6, 0x46, 0x1, 0x3, 0xa3de, 0x800020000000006, 0x6, 0x7, 0x400, 0x3, 0xffffffffffffffb7, 0xfffffffffffffffa, 0x2, 0xf, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x10001, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0xfffffffffffffffe, 0x2, 0x2, 0x6, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0xfff, 0x6, 0x1fe, 0x1, 0xab9, 0x0, 0x4, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x8061d, 0x3, 0x7, 0xf6, 0x4, 0x400006, 0x204, 0x7, 0xe542, 0x4, 0x8, 0x2293332f, 0x6, 0x7, 0x1e, 0x200d, 0x2, 0x4, 0xfffffffffffffffb, 0x80020005, 0x7, 0xdfc4, 0xfff9, 0x7, 0x5, 0x8, 0x1, 0x53e0f0fb, 0xeb4, 0x3, 0xfffffffffffffffe, 0x7, 0xcc, 0x7, 0x1000003]}) 1.929829111s ago: executing program 0 (id=4390): openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) r0 = syz_io_uring_setup(0x110, &(0x7f00000008c0)={0x0, 0xfad8, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=0x0, &(0x7f0000000940)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x133d, 0x0, 0x8, 0x0, 0x0) 1.61677538s ago: executing program 6 (id=4391): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x30, r0, 0x1, 0x0, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x3}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x9}]}]}, 0x30}}, 0x0) 1.470792485s ago: executing program 1 (id=4392): setfsuid(0xee00) r0 = syz_clone(0x908091, 0x0, 0x0, 0x0, 0x0, 0x0) setfsuid(0x0) r1 = syz_pidfd_open(r0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0xff03, 0x0) 1.122319092s ago: executing program 3 (id=4393): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='batadv0\x00', 0x10) write(r0, &(0x7f0000000180)="8f2a0a65aa8c002b0304000e0580a7b6074d63e286ae3c71", 0x18) 987.037031ms ago: executing program 4 (id=4394): r0 = epoll_create1(0x0) r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0)={0x60000015}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)={0x0, 0x100000000000}) ppoll(&(0x7f0000000100)=[{r0, 0x228}], 0x1, &(0x7f0000000140)={0x0, 0x3938700}, 0x0, 0x0) 781.343085ms ago: executing program 0 (id=4395): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x20000023896) close_range(r0, 0xffffffffffffffff, 0x0) 679.847383ms ago: executing program 6 (id=4396): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0xc080) sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x30, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x4}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}]}, 0x30}}, 0xc00) 0s ago: executing program 1 (id=4397): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, [@snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, 0x0, 0x80, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82004000000", @ANYRES32=r0, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r1, &(0x7f0000000140), 0x4924b68, 0x0) kernel console output (not intermixed with test programs): partitions: partition scan of loop6 (ir¡c‡’ úÒVUŸX¯ÃG¨=›˜ñZtM<IÆ i8NL í á·ùWû@©àQ6ÒÝ%ž…û¥¡Úè) failed (rc=-5) [ 1007.174842][T13294] loop4: detected capacity change from 0 to 1024 [ 1008.253239][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 1008.694846][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 1008.785814][T13303] loop4: detected capacity change from 0 to 512 [ 1008.855338][T13303] EXT4-fs: Ignoring removed i_version option [ 1008.863588][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1009.076214][T13303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1009.102258][T13303] ext4 filesystem being mounted at /571/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1009.347392][ T29] audit: type=1326 audit(1770837720.182:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13308 comm="syz.0.2839" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62f6c code=0x7ffc0000 [ 1009.895882][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1010.388099][T13321] program syz.0.2843 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1010.616921][T13324] loop4: detected capacity change from 0 to 512 [ 1010.840280][T13324] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.2842: inode has both inline data and extents flags [ 1010.854754][T13324] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1010.868511][T13324] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2842: couldn't read orphan inode 15 (err -117) [ 1011.015673][T13324] loop4: lost filesystem error report for type 5 error -117 [ 1011.037204][T13324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1012.431534][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1012.492478][T13339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2848'. [ 1012.600047][T13339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2848'. [ 1014.141154][T13352] loop4: detected capacity change from 0 to 64 [ 1014.423117][T13352] Trying to free block not in datazone [ 1014.455471][T13352] minix_free_block (loop4:21): bit already cleared [ 1015.405556][T13364] loop0: detected capacity change from 0 to 1024 [ 1015.562625][T13364] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1015.782018][T13364] EXT4-fs warning (device loop0): ext4_rmdir:3185: inode #11: comm syz.0.2859: empty directory 'file0' has too many links (111) [ 1016.219085][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1017.966088][T13390] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1017.977759][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1018.243988][T13395] loop0: detected capacity change from 0 to 2048 [ 1018.485460][T13395] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1018.620295][T13395] ext4 filesystem being mounted at /579/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1018.798169][T13395] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2869: bg 0: block 345: padding at end of block bitmap is not set [ 1018.959122][T13395] fs-verity (loop0, inode 13): Error -117 writing Merkle tree block 0 [ 1018.967779][T13395] fs-verity (loop0, inode 13): Error -117 building Merkle tree [ 1019.337463][T13404] loop3: detected capacity change from 0 to 2048 [ 1019.363690][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1019.440935][T13404] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1020.328952][T13411] sctp: [Deprecated]: syz.0.2874 (pid 13411) Use of int in max_burst socket option deprecated. [ 1020.328952][T13411] Use struct sctp_assoc_value instead [ 1021.990708][T13433] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2884'. [ 1022.035291][T13433] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2884'. [ 1022.922724][T13445] input: syz0 as /devices/virtual/input/input22 [ 1024.276968][T13454] loop3: detected capacity change from 0 to 2048 [ 1024.506324][T13454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1025.203696][ T57] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 1025.220086][ T57] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 461 with error 28 [ 1025.220254][ T57] EXT4-fs (loop3): This should not happen!! Data will be lost [ 1025.220254][ T57] [ 1025.220355][ T57] EXT4-fs (loop3): Total free blocks count 0 [ 1025.220451][ T57] EXT4-fs (loop3): Free/Dirty block details [ 1025.220538][ T57] EXT4-fs (loop3): free_blocks=2415919104 [ 1025.220638][ T57] EXT4-fs (loop3): dirty_blocks=464 [ 1025.221189][ T57] EXT4-fs (loop3): Block reservation details [ 1025.221277][ T57] EXT4-fs (loop3): i_reserved_data_blocks=29 [ 1025.604024][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1027.895774][T13492] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2909'. [ 1028.618219][T13504] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2914'. [ 1029.377598][T13512] loop5: detected capacity change from 0 to 256 [ 1029.439600][T13512] exfat: Deprecated parameter 'utf8' [ 1029.473864][ T29] audit: type=1800 audit(1770837740.332:85): pid=13514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2918" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0 [ 1029.678569][T13512] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d) [ 1030.476925][T13522] netlink: 1684 bytes leftover after parsing attributes in process `syz.0.2922'. [ 1030.519353][T13522] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2922'. [ 1031.608737][ T9] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 1031.809918][ T9] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 1031.825353][ T9] usb 1-1: config 0 has no interface number 0 [ 1031.865674][ T9] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 1031.918950][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1031.956780][ T9] usb 1-1: Product: syz [ 1031.994288][ T9] usb 1-1: Manufacturer: syz [ 1032.028218][ T9] usb 1-1: SerialNumber: syz [ 1032.070546][ T9] usb 1-1: config 0 descriptor?? [ 1032.394503][ T9] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 1032.450506][ T9] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1032.489690][ T9] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 1032.497995][ T9] usb 1-1: media controller created [ 1032.816004][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1033.596630][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1033.610777][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1033.700969][ T9] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 1034.454918][ T9] usb 1-1: USB disconnect, device number 16 [ 1035.583744][T13566] loop5: detected capacity change from 0 to 512 [ 1035.877734][T13566] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.2943: inode has both inline data and extents flags [ 1035.947900][ T29] audit: type=1326 audit(1770837746.802:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13571 comm="syz.0.2947" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f62f6c code=0x0 [ 1035.969227][T13566] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1035.995889][T13566] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2943: couldn't read orphan inode 15 (err -117) [ 1036.112838][T13566] loop5: lost filesystem error report for type 5 error -117 [ 1036.126101][T13566] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1036.141251][T13577] loop3: detected capacity change from 0 to 512 [ 1036.253577][T13577] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 1036.335485][T13577] EXT4-fs (loop3): invalid journal inode [ 1036.374525][T13577] EXT4-fs (loop3): can't get journal size [ 1036.530428][T13577] EXT4-fs (loop3): 1 truncate cleaned up [ 1036.580833][T13577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1036.643689][ T8398] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1037.014072][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1037.686734][T13590] Failed to get privilege flags for destination (handle=0x2:0x0) [ 1038.986346][T13600] loop5: detected capacity change from 0 to 256 [ 1039.061429][T13600] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1039.203508][T13600] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1039.279411][T13606] GUP no longer grows the stack in syz.0.2961 (13606): 80004000-80005000 (80001000) [ 1039.329867][T13606] CPU: 1 UID: 0 PID: 13606 Comm: syz.0.2961 Tainted: G L syzkaller #0 PREEMPT(full) [ 1039.330083][T13606] Tainted: [L]=SOFTLOCKUP [ 1039.330150][T13606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1039.330260][T13606] Call Trace: [ 1039.330320][T13606] [ 1039.330379][T13606] __dump_stack+0x26/0x30 [ 1039.330587][T13606] dump_stack_lvl+0x14c/0x1c0 [ 1039.330785][T13606] dump_stack+0x1e/0x25 [ 1039.330967][T13606] __get_user_pages+0x44ea/0x5f00 [ 1039.331213][T13606] ? kmsan_get_metadata+0xf1/0x160 [ 1039.331422][T13606] ? kmsan_get_metadata+0xf1/0x160 [ 1039.331622][T13606] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1039.331935][T13606] __gup_longterm_locked+0x1862/0x2660 [ 1039.332121][T13606] ? gup_fast_fallback+0xeb1/0x3b40 [ 1039.332281][T13606] ? filter_irq_stacks+0x49/0x190 [ 1039.332479][T13606] ? stack_depot_save_flags+0x35/0x790 [ 1039.332709][T13606] ? kmsan_get_metadata+0xf1/0x160 [ 1039.332907][T13606] ? kmsan_get_metadata+0xf1/0x160 [ 1039.333089][T13606] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1039.333287][T13606] ? kmsan_get_metadata+0xf1/0x160 [ 1039.333461][T13606] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1039.333660][T13606] gup_fast_fallback+0x3476/0x3b40 [ 1039.333954][T13606] get_user_pages_fast+0xb7/0x120 [ 1039.334125][T13606] __iov_iter_get_pages_alloc+0x988/0x14d0 [ 1039.334335][T13606] ? stack_depot_save_flags+0x35/0x790 [ 1039.334584][T13606] iov_iter_get_pages2+0xa9/0xf0 [ 1039.334795][T13606] __se_sys_vmsplice+0xdd2/0x3230 [ 1039.335019][T13606] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1039.335308][T13606] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1039.335509][T13606] ? kmsan_get_metadata+0xf1/0x160 [ 1039.335704][T13606] ? kmsan_get_metadata+0xf1/0x160 [ 1039.335889][T13606] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1039.336087][T13606] __ia32_sys_vmsplice+0xb8/0x110 [ 1039.336276][T13606] ia32_sys_call+0x358b/0x4360 [ 1039.336427][T13606] __do_fast_syscall_32+0x17f/0x3f0 [ 1039.336615][T13606] do_fast_syscall_32+0x37/0x80 [ 1039.336777][T13606] do_SYSENTER_32+0x1f/0x30 [ 1039.336946][T13606] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1039.337147][T13606] RIP: 0023:0xf7f62f6c [ 1039.337267][T13606] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 90 90 90 90 90 90 b8 ad [ 1039.337408][T13606] RSP: 002b:00000000f542650c EFLAGS: 00000206 ORIG_RAX: 000000000000013c [ 1039.337562][T13606] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140 [ 1039.337672][T13606] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1039.337766][T13606] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1039.337872][T13606] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1039.337968][T13606] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1039.338104][T13606] [ 1041.627940][T13626] loop5: detected capacity change from 0 to 128 [ 1042.590558][T13628] Process accounting resumed [ 1043.573920][T13640] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1043.591154][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1043.632580][T13641] loop5: detected capacity change from 0 to 256 [ 1043.665215][T13641] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1043.803245][T13641] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 1044.800428][T13650] netlink: 'syz.3.2979': attribute type 3 has an invalid length. [ 1044.843614][T13647] loop4: detected capacity change from 0 to 512 [ 1044.888050][T13650] netlink: 'syz.3.2979': attribute type 3 has an invalid length. [ 1044.952460][T13647] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 1045.029601][T13647] EXT4-fs (loop4): invalid journal inode [ 1045.035553][T13647] EXT4-fs (loop4): can't get journal size [ 1045.083318][T13651] loop0: detected capacity change from 0 to 2048 [ 1045.173767][T13647] EXT4-fs (loop4): 1 truncate cleaned up [ 1045.245353][T13647] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1045.355185][T13651] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1045.792101][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1046.215873][ T58] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 1046.281287][ T58] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 154 with error 28 [ 1046.351933][ T58] EXT4-fs (loop0): This should not happen!! Data will be lost [ 1046.351933][ T58] [ 1046.412261][ T58] EXT4-fs (loop0): Total free blocks count 0 [ 1046.469505][ T58] EXT4-fs (loop0): Free/Dirty block details [ 1046.475764][ T58] EXT4-fs (loop0): free_blocks=2415919104 [ 1046.519198][ T58] EXT4-fs (loop0): dirty_blocks=160 [ 1046.524649][ T58] EXT4-fs (loop0): Block reservation details [ 1046.536047][ T58] EXT4-fs (loop0): i_reserved_data_blocks=10 [ 1046.686362][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1047.281688][T13673] loop4: detected capacity change from 0 to 512 [ 1047.478880][T13673] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.2988: bad orphan inode 15 [ 1047.523011][T13673] loop4: lost filesystem error report for type 5 error -117 [ 1047.541263][T13673] ext4_test_bit(bit=14, block=18) = 1 [ 1047.573761][T13673] is_bad_inode(inode)=0 [ 1047.578123][T13673] NEXT_ORPHAN(inode)=1023 [ 1047.587513][T13673] max_ino=32 [ 1047.592886][T13673] i_nlink=0 [ 1047.599764][T13673] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2972: inode #15: comm syz.4.2988: corrupted xattr block 19: invalid header [ 1047.688514][T13673] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1047.690003][T13673] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -117) [ 1047.787716][T13673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 1047.850535][T13673] ext4 filesystem being mounted at /602/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 1048.469673][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 1050.352434][T13707] loop3: detected capacity change from 0 to 1024 [ 1050.396883][T13705] loop5: detected capacity change from 0 to 1024 [ 1050.594457][T13707] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1051.229449][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1052.089256][T13728] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3008'. [ 1054.184108][T13750] netlink: 'syz.0.3020': attribute type 11 has an invalid length. [ 1054.194652][T13751] loop3: detected capacity change from 0 to 64 [ 1054.195239][T13750] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3020'. [ 1054.275617][T13751] hfs: Unknown parameter 'dir_0000000000001tor' [ 1054.559472][ T57] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1054.600141][ T57] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1054.670925][ T57] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1054.728094][ T57] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1055.529442][T13765] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3024'. [ 1058.216406][T13796] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3039'. [ 1058.331192][T13801] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3039'. [ 1058.990665][T13806] loop5: detected capacity change from 0 to 512 [ 1059.104870][T13806] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1059.133078][T13806] ext4 filesystem being mounted at /380/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1059.876236][T13818] loop4: detected capacity change from 0 to 128 [ 1059.935925][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.004164][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.081030][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.147598][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.200929][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.272196][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.310771][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.380156][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.421041][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.501096][ T8398] EXT4-fs warning (device loop5): ext4_empty_dir:3087: inode #12: comm syz-executor: directory missing '.' [ 1060.917778][T13828] 9p: Bad value for 'rfdno' [ 1061.293987][T13830] loop4: detected capacity change from 0 to 2048 [ 1061.451468][T13830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1062.182375][T13127] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1062.188835][ T69] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 1062.268963][ T69] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 209 with error 28 [ 1062.325991][ T69] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1062.325991][ T69] [ 1062.344202][ T69] EXT4-fs (loop4): Total free blocks count 0 [ 1062.377095][ T69] EXT4-fs (loop4): Free/Dirty block details [ 1062.385571][ T69] EXT4-fs (loop4): free_blocks=2415919104 [ 1062.393521][ T69] EXT4-fs (loop4): dirty_blocks=224 [ 1062.405847][ T69] EXT4-fs (loop4): Block reservation details [ 1062.413284][ T69] EXT4-fs (loop4): i_reserved_data_blocks=14 [ 1062.547700][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1063.070478][ T57] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1063.126135][ T57] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.306362][ T57] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1063.309074][T13854] program syz.4.3060 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1063.343836][ T57] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.536482][ T57] team0: Port device netdevsim1 removed [ 1063.607431][ T57] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1063.636342][ T57] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.823899][ T57] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1063.845984][ T57] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1064.346124][ T57] bridge_slave_1: left promiscuous mode [ 1064.377457][ T57] bridge0: port 2(bridge_slave_1) entered disabled state [ 1064.429309][ T57] bridge_slave_0: left allmulticast mode [ 1064.442680][ T57] bridge_slave_0: left promiscuous mode [ 1064.457327][ T57] bridge0: port 1(bridge_slave_0) entered disabled state [ 1065.245666][ T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1065.280440][ T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1065.343366][ T57] bond0 (unregistering): Released all slaves [ 1066.028983][ T5831] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 1066.231955][ T5831] usb 4-1: Using ep0 maxpacket: 8 [ 1066.337116][ T5831] usb 4-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 1066.368807][ T5831] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1066.396884][ T5831] usb 4-1: Product: syz [ 1066.404941][ T5831] usb 4-1: Manufacturer: syz [ 1066.448886][ T5831] usb 4-1: SerialNumber: syz [ 1066.489914][ T5831] usb 4-1: config 0 descriptor?? [ 1066.543457][ T5831] option 4-1:0.0: GSM modem (1-port) converter detected [ 1066.558498][ T5885] IPVS: starting estimator thread 0... [ 1066.693229][T13871] IPVS: using max 192 ests per chain, 9600 per kthread [ 1066.813936][ T5831] usb 4-1: USB disconnect, device number 16 [ 1066.862060][ T5831] option 4-1:0.0: device disconnected [ 1066.971924][ T57] hsr_slave_0: left promiscuous mode [ 1067.017229][ T57] hsr_slave_1: left promiscuous mode [ 1067.039080][T13876] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1067.062118][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1067.071879][T13876] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1067.098554][T13876] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1067.106263][ T57] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1067.133029][T13876] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1067.146227][T13876] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1067.157079][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1067.166718][ T57] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1067.359706][ T57] veth1_macvtap: left promiscuous mode [ 1067.365491][ T57] veth0_macvtap: left promiscuous mode [ 1067.406272][ T57] veth1_vlan: left promiscuous mode [ 1067.414526][ T57] veth0_vlan: left promiscuous mode [ 1069.063859][T13897] loop3: detected capacity change from 0 to 128 [ 1069.248560][ T5071] Bluetooth: hci3: command tx timeout [ 1070.449311][ T57] team0 (unregistering): Port device team_slave_1 removed [ 1070.574361][ T57] team0 (unregistering): Port device team_slave_0 removed [ 1071.163025][T13913] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3082'. [ 1071.339157][ T5071] Bluetooth: hci3: command tx timeout [ 1071.429995][T13894] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3077'. [ 1071.591084][T13910] hsr0: entered promiscuous mode [ 1071.823576][T13913] ip6gre1: entered promiscuous mode [ 1071.849134][T13913] ip6gre1: entered allmulticast mode [ 1072.282645][ T57] IPVS: stop unused estimator thread 0... [ 1072.399567][T13915] loop4: detected capacity change from 0 to 256 [ 1072.439710][T13915] exfat: Deprecated parameter 'utf8' [ 1072.449183][T13915] exfat: Deprecated parameter 'utf8' [ 1072.472472][T13915] exfat: Deprecated parameter 'utf8' [ 1072.515567][ T34] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1072.578434][ T34] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1072.586796][ T5833] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1072.677584][T13915] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1072.919265][ T5833] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1073.110635][ T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1073.408885][ T5071] Bluetooth: hci3: command tx timeout [ 1074.687855][T13875] chnl_net:caif_netlink_parms(): no params data found [ 1075.489328][ T5071] Bluetooth: hci3: command tx timeout [ 1076.529199][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1076.810010][T13875] bridge0: port 1(bridge_slave_0) entered blocking state [ 1076.817626][T13875] bridge0: port 1(bridge_slave_0) entered disabled state [ 1076.887349][T13875] bridge_slave_0: entered allmulticast mode [ 1076.932984][T13875] bridge_slave_0: entered promiscuous mode [ 1076.990755][T13875] bridge0: port 2(bridge_slave_1) entered blocking state [ 1077.026136][T13875] bridge0: port 2(bridge_slave_1) entered disabled state [ 1077.063973][T13875] bridge_slave_1: entered allmulticast mode [ 1077.085645][T13875] bridge_slave_1: entered promiscuous mode [ 1077.499623][T13875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1077.544843][T13967] loop4: detected capacity change from 0 to 8192 [ 1077.575105][T13875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1078.127858][T13875] team0: Port device team_slave_0 added [ 1078.171055][T13979] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3102'. [ 1078.271980][T13875] team0: Port device team_slave_1 added [ 1078.759651][T13875] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1078.818817][T13875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1078.930335][T13875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1079.047391][T13875] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1079.128553][T13875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1079.246481][T13875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1080.036397][T13875] hsr_slave_0: entered promiscuous mode [ 1080.094407][T13875] hsr_slave_1: entered promiscuous mode [ 1080.136223][T13875] debugfs: 'hsr0' already exists in 'hsr' [ 1080.173406][T13875] Cannot create hsr debugfs directory [ 1082.638975][T13875] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1082.770261][T13875] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1082.908949][T13875] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1083.018178][T13875] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1083.860332][T14038] netlink: 'syz.3.3122': attribute type 10 has an invalid length. [ 1084.041636][T14038] syz_tun: entered promiscuous mode [ 1084.092033][T14038] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 1084.769116][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1084.866747][T13875] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1085.227381][T13875] 8021q: adding VLAN 0 to HW filter on device team0 [ 1085.394002][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 1085.401653][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1085.620062][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 1085.627710][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1085.771538][T14050] netlink: 128 bytes leftover after parsing attributes in process `syz.1.3126'. [ 1089.201161][T13875] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1090.713956][T14113] 9p: Bad value for 'rfdno' [ 1092.819195][T13875] veth0_vlan: entered promiscuous mode [ 1092.825607][ T5071] Bluetooth: hci2: Malformed LE Event: 0x0d [ 1092.889498][T13875] veth1_vlan: entered promiscuous mode [ 1093.324792][T13875] veth0_macvtap: entered promiscuous mode [ 1093.475235][T13875] veth1_macvtap: entered promiscuous mode [ 1093.901065][T13875] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1093.982970][T14146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1094.029697][T14146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1094.063692][T13875] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1094.225195][T14150] bridge0: port 2(bridge_slave_1) entered blocking state [ 1094.233207][T14150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1094.381398][T14150] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1094.741403][ T149] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.804521][ T149] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.903654][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.994195][ T149] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.041685][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1095.049660][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1095.243805][ T5833] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 1095.472453][ T5833] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1095.531801][ T5833] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1095.579022][ T5833] usb 5-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.ba [ 1095.616320][ T5833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1095.685292][ T5833] usb 5-1: config 0 descriptor?? [ 1096.224012][ T5833] stadia 0003:18D1:9400.0017: collection stack underflow [ 1096.299249][ T5833] stadia 0003:18D1:9400.0017: item 0 4 0 12 parsing failed [ 1096.332995][ T5833] stadia 0003:18D1:9400.0017: parse failed [ 1096.345242][ T5833] stadia 0003:18D1:9400.0017: probe with driver stadia failed with error -22 [ 1096.448026][ T5833] usb 5-1: USB disconnect, device number 19 [ 1097.649685][T14185] netlink: 'syz.0.3167': attribute type 14 has an invalid length. [ 1100.053453][T14219] io-wq is not configured for unbound workers [ 1100.771767][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1101.223641][T14237] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 1101.295978][T14237] overlayfs: NFS export requires an index dir, falling back to nfs_export=off. [ 1102.808625][ T5901] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1102.851309][ T5901] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1103.249312][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1103.257383][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1104.487650][T14274] loop6: detected capacity change from 0 to 128 [ 1105.978675][T14289] 9p: Bad value for 'rfdno' [ 1106.922459][T14300] loop6: detected capacity change from 0 to 256 [ 1106.991496][T14300] exfat: Deprecated parameter 'namecase' [ 1107.039789][T14300] exfat: Deprecated parameter 'namecase' [ 1107.108934][T14300] exfat: Deprecated parameter 'utf8' [ 1107.115233][T14300] exfat: Deprecated parameter 'namecase' [ 1107.291094][T14300] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1108.746965][T14321] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3214'. [ 1109.129630][T14328] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3217'. [ 1111.378517][ T29] audit: type=1326 audit(1770837822.202:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14351 comm="syz.1.3226" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffef6c code=0x0 [ 1113.164461][T14375] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 1114.091729][T14388] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3238'. [ 1114.126665][T14388] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3238'. [ 1115.469755][T14090] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 1115.658761][T14090] usb 4-1: Using ep0 maxpacket: 16 [ 1115.740210][T14090] usb 4-1: New USB device found, idVendor=2001, idProduct=4002, bcdDevice=df.bf [ 1115.780655][T14090] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1115.841657][T14090] usb 4-1: config 0 descriptor?? [ 1117.021500][T14090] pegasus 4-1:0.0: probe with driver pegasus failed with error -71 [ 1117.117938][T14090] usb 4-1: USB disconnect, device number 17 [ 1118.417354][T14440] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 1118.480038][T14440] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 1118.622309][T14444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3256'. [ 1118.708827][T14444] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3256'. [ 1119.600967][T14458] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3260'. [ 1119.655388][T14458] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3260'. [ 1119.776859][T14458] loop4: detected capacity change from 0 to 128 [ 1119.848507][T14458] FAT-fs (loop4): bogus number of FAT structure [ 1119.855304][T14458] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 1119.974476][T14458] FAT-fs (loop4): Can't find a valid FAT filesystem [ 1122.668681][ T5831] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 1122.782428][T14498] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3274'. [ 1122.868693][ T5831] usb 7-1: Using ep0 maxpacket: 16 [ 1122.958727][ T5831] usb 7-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 1122.987695][ T5831] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1123.019257][ T5831] usb 7-1: Product: syz [ 1123.023696][ T5831] usb 7-1: Manufacturer: syz [ 1123.055410][ T5831] usb 7-1: SerialNumber: syz [ 1123.617365][ T5831] usb 7-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 1123.687024][ T5831] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1123.744124][ T5831] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 1123.788588][ T5831] usb 7-1: media controller created [ 1123.918018][ T29] audit: type=1326 audit(1770837834.772:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.007162][ T29] audit: type=1326 audit(1770837834.772:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.092037][ T5831] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1124.095370][ T29] audit: type=1326 audit(1770837834.772:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.218440][ T29] audit: type=1326 audit(1770837834.802:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.307979][ T29] audit: type=1326 audit(1770837834.802:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.425375][ T29] audit: type=1326 audit(1770837834.802:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.493810][ T5831] zl10353_read_register: readreg error (reg=127, ret==-71) [ 1124.542682][ T29] audit: type=1326 audit(1770837834.802:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.619600][ T29] audit: type=1326 audit(1770837834.802:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.726669][ T29] audit: type=1326 audit(1770837834.802:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1124.857538][ T29] audit: type=1326 audit(1770837834.802:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14508 comm="syz.4.3279" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x50000 [ 1125.341190][T14516] sg_write: process 36 (syz.6.3282) changed security contexts after opening file descriptor, this is not allowed. [ 1125.355279][ T5831] dvb_usb_gl861 7-1:157.0: probe with driver dvb_usb_gl861 failed with error -5 [ 1125.403800][ T5831] usb 7-1: USB disconnect, device number 2 [ 1126.497496][T14528] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3287'. [ 1127.295036][T14538] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3290'. [ 1127.389799][T14540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3290'. [ 1127.477432][T14538] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3290'. [ 1127.536681][T14538] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3290'. [ 1128.454232][T14556] 9p: Bad value for 'rfdno' [ 1128.818733][T14090] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 1129.073542][T14090] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1129.151544][T14090] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1129.258955][T14090] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1129.382421][T14090] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1129.499120][T14090] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1129.548977][T14090] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1129.631125][T14090] usb 7-1: config 0 descriptor?? [ 1130.399686][T14090] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 1130.608977][T14090] usb 7-1: USB disconnect, device number 3 [ 1131.488982][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1131.576674][T14579] fido_id[14579]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1133.778990][T14612] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 1133.836444][T14615] sctp: [Deprecated]: syz.3.3313 (pid 14615) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1133.836444][T14615] Use struct sctp_sack_info instead [ 1134.642244][T14622] overlayfs: failed to clone upperpath [ 1135.686586][T14637] IPVS: set_ctl: invalid protocol: 44 0.0.0.0:20000 [ 1137.402124][T14661] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3333'. [ 1137.450716][T14663] netlink: 'syz.0.3334': attribute type 4 has an invalid length. [ 1137.469004][T14661] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3333'. [ 1137.501423][T14663] netlink: 17 bytes leftover after parsing attributes in process `syz.0.3334'. [ 1138.984080][T14678] loop4: detected capacity change from 0 to 256 [ 1139.294242][T14678] exFAT-fs (loop4): failed to load upcase table (idx : 0x00002e7f, chksum : 0x03279930, utbl_chksum : 0xe619d30d) [ 1144.088681][ T5831] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 1144.272929][ T5071] Bluetooth: hci4: hardware error 0x00 [ 1144.300192][ T5831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1144.368040][ T5831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1144.469852][ T5831] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1144.534430][ T5831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1144.556613][ T5831] usb 7-1: config 0 descriptor?? [ 1144.574053][ T5831] hub 7-1:0.0: USB hub found [ 1144.797053][ T5831] hub 7-1:0.0: config failed, hub has too many ports! (err -19) [ 1145.028972][ T5831] usbhid 7-1:0.0: can't add hid device: -71 [ 1145.046089][T14739] loop4: detected capacity change from 0 to 4096 [ 1145.063381][ T5831] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1145.111246][ T5831] usb 7-1: USB disconnect, device number 4 [ 1145.204863][T14745] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3369'. [ 1145.241703][T14745] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3369'. [ 1146.370785][ T5071] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1148.180078][T11856] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 1148.244194][T14777] loop4: detected capacity change from 0 to 2048 [ 1148.366826][T14777] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1148.437033][T11856] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1148.474972][T11856] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 1148.529644][T11856] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1148.590699][T11856] usb 7-1: config 0 descriptor?? [ 1148.619646][T14776] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1149.304614][T11856] elan 0003:04F3:0755.0019: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.6-1/input0 [ 1149.436261][T11856] usb 7-1: USB disconnect, device number 5 [ 1149.689255][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1150.288903][T14787] fido_id[14787]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 1150.953441][T14795] loop3: detected capacity change from 0 to 2048 [ 1151.101363][T14795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1151.606009][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1152.166183][T14817] pim6reg1: entered promiscuous mode [ 1152.190416][T14817] pim6reg1: entered allmulticast mode [ 1152.742721][T14090] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 1152.979267][T14090] usb 4-1: Using ep0 maxpacket: 8 [ 1153.027366][T14090] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 1153.084369][T14090] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1153.103054][T14090] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1153.129251][T14090] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1153.157332][T14090] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1153.178106][T14826] loop4: detected capacity change from 0 to 256 [ 1153.218122][T14826] vfat: Unknown parameter 'obj_user' [ 1153.218885][T14090] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1153.270955][T14090] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1153.319540][T14826] overlayfs: invalid origin (0000007900ef9e535f1cf5bf49dbbdeefb17f384faf4fca0bf4f369df707dacdfa03a5d561779e0f93fdfd81f6f6e7e936ca31735faf1c000000000000000000) [ 1153.642769][T14090] usb 4-1: GET_CAPABILITIES returned 0 [ 1153.681906][T14090] usbtmc 4-1:16.0: can't read capabilities [ 1153.891530][T14090] usb 4-1: USB disconnect, device number 18 [ 1156.096973][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 1156.097059][ T29] audit: type=1326 audit(1770837866.952:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.240824][ T29] audit: type=1326 audit(1770837866.952:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.379165][ T29] audit: type=1326 audit(1770837866.952:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.505315][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1156.512366][ T29] audit: type=1326 audit(1770837866.952:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.515376][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1156.594449][ T29] audit: type=1326 audit(1770837866.952:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.613306][T14865] ip6_vti0: entered promiscuous mode [ 1156.621186][ T29] audit: type=1326 audit(1770837866.952:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.649135][ T29] audit: type=1326 audit(1770837866.952:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.736056][ T29] audit: type=1326 audit(1770837866.952:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.839083][ T29] audit: type=1326 audit(1770837866.992:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1156.933843][ T29] audit: type=1326 audit(1770837867.022:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14858 comm="syz.6.3418" exe="/root/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1157.560351][ T9] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 1157.663756][T14878] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3426'. [ 1157.719080][T11856] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 1157.792316][ T9] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1157.827455][ T9] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1157.880161][ T9] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1157.891047][T11856] usb 4-1: Using ep0 maxpacket: 16 [ 1157.927620][ T9] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1157.947673][ T9] usb 7-1: Product: syz [ 1157.981731][ T9] usb 7-1: Manufacturer: syz [ 1157.986586][ T9] usb 7-1: SerialNumber: syz [ 1158.008939][T11856] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 1158.067108][T11856] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1158.096267][ T9] usb 7-1: config 0 descriptor?? [ 1158.101703][T11856] usb 4-1: Product: syz [ 1158.101821][T11856] usb 4-1: Manufacturer: syz [ 1158.101938][T11856] usb 4-1: SerialNumber: syz [ 1158.124361][T11856] usb 4-1: config 0 descriptor?? [ 1158.187250][T11856] ums-onetouch 4-1:0.0: USB Mass Storage device detected [ 1158.292203][ T9] usb 7-1: selecting invalid altsetting 0 [ 1158.456301][T11856] usb 4-1: USB disconnect, device number 19 [ 1158.631121][ T5831] usb 7-1: USB disconnect, device number 6 [ 1158.917947][ T6260] udevd[6260]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1160.751260][T14906] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3438'. [ 1160.789142][T14906] bond0: ARP target 8.4.0.0 is already present [ 1160.795579][T14906] bond0: option arp_ip_target: invalid value (1032) [ 1165.061456][T14955] netlink: 'syz.6.3462': attribute type 34 has an invalid length. [ 1165.196015][T14957] smc: net device bond0 applied user defined pnetid SYZ2 [ 1165.217998][T14957] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3463'. [ 1165.339796][T14957] smc: removing net device bond0 with user defined pnetid SYZ2 [ 1165.407861][T14957] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1165.455333][T14961] loop3: detected capacity change from 0 to 256 [ 1165.516938][T14961] vfat: Unknown parameter 'obj_user' [ 1165.540254][T14957] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1165.630566][T14957] bond0 (unregistering): Released all slaves [ 1165.693217][T14961] overlayfs: invalid origin (0000007900ef9e535f1cf5bf49dbbdeefb17f384faf4fca0bf4f369df707dacdfa03a5d561779e0f93fdfd81f6f6e7e936ca31735faf1c000000000000000000) [ 1166.820423][T14971] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3470'. [ 1167.272659][T14980] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1168.962227][T14995] overlayfs: failed to clone upperpath [ 1171.347467][T15025] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3493'. [ 1171.427221][T15025] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3493'. [ 1172.401093][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 1172.401186][ T29] audit: type=1326 audit(1770837883.242:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1172.529375][ T29] audit: type=1326 audit(1770837883.262:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1172.600752][ T29] audit: type=1326 audit(1770837883.262:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1172.738798][ T29] audit: type=1326 audit(1770837883.302:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1172.859268][ T29] audit: type=1326 audit(1770837883.302:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1172.989738][ T29] audit: type=1326 audit(1770837883.312:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1173.155859][ T29] audit: type=1326 audit(1770837883.322:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1173.270382][T15034] loop4: detected capacity change from 0 to 4096 [ 1173.298624][ T29] audit: type=1326 audit(1770837883.352:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1173.451530][ T29] audit: type=1326 audit(1770837883.352:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1173.585191][ T29] audit: type=1326 audit(1770837883.352:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15031 comm="syz.1.3497" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1175.664331][T15057] loop3: detected capacity change from 0 to 512 [ 1175.791183][T15057] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1176.368022][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1177.194282][T15077] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1181.579694][T15130] loop4: detected capacity change from 0 to 256 [ 1181.887087][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 1181.887175][ T29] audit: type=1326 audit(1770837892.742:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.6.3536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1181.929958][T15136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3537'. [ 1181.988354][T15136] netlink: 452 bytes leftover after parsing attributes in process `syz.1.3537'. [ 1182.028578][T15136] netlink: 452 bytes leftover after parsing attributes in process `syz.1.3537'. [ 1182.028809][ T29] audit: type=1326 audit(1770837892.812:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.6.3536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1182.116530][ T29] audit: type=1326 audit(1770837892.812:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.6.3536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1182.144060][ T29] audit: type=1326 audit(1770837892.812:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.6.3536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1182.187710][ T29] audit: type=1326 audit(1770837892.812:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.6.3536" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1184.253206][T15163] overlayfs: upper fs does not support file handles, falling back to index=off. [ 1187.991285][T15206] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.3570'. [ 1188.005082][T15202] loop4: detected capacity change from 0 to 1024 [ 1188.214014][T15202] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1188.326283][T15202] ext4 filesystem being mounted at /718/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1188.504456][T15202] EXT4-fs error (device loop4): ext4_map_blocks:825: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 3) [ 1188.594940][T15202] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 1188.622644][T15202] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1188.622644][T15202] [ 1188.657466][T15214] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1188.757592][T15201] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1188.835811][T15201] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1188.886223][T15214] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1188.905984][T15214] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1188.992476][T15201] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1189.008925][T15210] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 1189.056474][T15201] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1189.113642][T15214] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #15: block 3: comm syz.4.3568: lblock 3 mapped to illegal pblock 3 (length 1) [ 1189.931626][ T149] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 1189.949229][ T149] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1189.949229][ T149] [ 1189.987928][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1190.757561][T15231] loop4: detected capacity change from 0 to 512 [ 1190.899944][T15231] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1190.955854][T15231] ext4 filesystem being mounted at /719/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1191.047454][T15231] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3579'. [ 1191.079099][T15231] netlink: 'syz.4.3579': attribute type 7 has an invalid length. [ 1191.087065][T15231] netlink: 'syz.4.3579': attribute type 8 has an invalid length. [ 1191.149429][T15231] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3579'. [ 1191.554962][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1192.290450][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1192.306225][T15249] loop4: detected capacity change from 0 to 256 [ 1193.165039][T15255] smc: net device bond0 applied user defined pnetid SYZ2 [ 1193.219616][T15256] netlink: 14 bytes leftover after parsing attributes in process `syz.3.3589'. [ 1193.447288][T15256] smc: removing net device bond0 with user defined pnetid SYZ2 [ 1193.569604][T15256] bond0 (unregistering): left promiscuous mode [ 1193.588596][T15256] bond_slave_0: left promiscuous mode [ 1193.611338][T15256] bond_slave_1: left promiscuous mode [ 1193.640210][T15256] syz_tun: left promiscuous mode [ 1194.125445][T11856] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 1194.318538][T11856] usb 7-1: Using ep0 maxpacket: 16 [ 1194.357989][T11856] usb 7-1: config 1 has an invalid interface number: 105 but max is 0 [ 1194.372112][T13876] Bluetooth: hci3: command 0x0406 tx timeout [ 1194.395552][T11856] usb 7-1: config 1 has no interface number 0 [ 1194.420272][T11856] usb 7-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 1194.470466][T11856] usb 7-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 1194.503150][T11856] usb 7-1: config 1 interface 105 has no altsetting 0 [ 1194.541652][T11856] usb 7-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 1194.555484][T11856] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1194.566668][T11856] usb 7-1: Product: syz [ 1194.573095][T11856] usb 7-1: Manufacturer: syz [ 1194.580305][T11856] usb 7-1: SerialNumber: syz [ 1194.606679][T15261] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1194.663990][T15261] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1195.165947][T15261] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1195.199717][T15261] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1195.840472][T11856] aqc111 7-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 1195.913519][T11856] aqc111 7-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 1196.363100][T15256] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1196.513137][T15256] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1196.642988][T15256] bond0 (unregistering): (slave syz_tun): Releasing backup interface [ 1196.696371][T15256] bond0 (unregistering): Released all slaves [ 1196.908387][T11856] aqc111 7-1:1.105 eth9: register 'aqc111' at usb-dummy_hcd.6-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, d2:e1:e8:0d:64:a5 [ 1196.999607][T11856] usb 7-1: USB disconnect, device number 7 [ 1197.046761][T11856] aqc111 7-1:1.105 eth9: unregister 'aqc111' usb-dummy_hcd.6-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 1197.242438][T15276] bridge0: adding interface bridge_slave_0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 1197.339584][T11856] aqc111 7-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 1197.399990][T11856] aqc111 7-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 1197.479925][T11856] aqc111 7-1:1.105 eth9 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 1198.719142][T14090] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 1198.897644][T14090] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1198.944537][T14090] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1199.021934][T14090] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1199.025018][T15296] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 1199.075360][T14090] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1199.123458][T14090] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1199.181331][T14090] usb 4-1: config 0 descriptor?? [ 1199.596835][T15302] netlink: 'syz.4.3609': attribute type 11 has an invalid length. [ 1199.606127][T15302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3609'. [ 1199.728140][T15306] smc: net device bond0 applied user defined pnetid SYZ2 [ 1199.761343][T14090] usbhid 4-1:0.0: can't add hid device: -71 [ 1199.781953][T14090] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 1199.802220][T15307] netlink: 14 bytes leftover after parsing attributes in process `syz.6.3610'. [ 1199.823124][T14090] usb 4-1: USB disconnect, device number 20 [ 1200.031288][T15307] smc: removing net device bond0 with user defined pnetid SYZ2 [ 1200.131740][T15307] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1200.196704][T15307] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1200.234812][T15307] bond0 (unregistering): Released all slaves [ 1202.158641][T11856] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 1202.338728][T11856] usb 4-1: Using ep0 maxpacket: 8 [ 1202.367982][T11856] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 1202.377162][T11856] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1202.411140][T11856] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1202.468848][T11856] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1202.514623][T11856] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1202.559559][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 1202.616061][T11856] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1202.638496][T11856] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1202.974796][T11856] usb 4-1: usb_control_msg returned -32 [ 1202.988598][T11856] usbtmc 4-1:16.0: can't read capabilities [ 1203.611215][T15347] smc: net device bond0 applied user defined pnetid SYZ2 [ 1203.639107][T14090] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 1203.661469][T15347] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3627'. [ 1203.841852][T15347] smc: removing net device bond0 with user defined pnetid SYZ2 [ 1203.905619][T14090] usb 7-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 1203.906063][T15347] bond0 (unregistering): left promiscuous mode [ 1203.938447][T14090] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1203.970887][T14090] usb 7-1: Product: syz [ 1203.975327][T14090] usb 7-1: Manufacturer: syz [ 1203.983598][T15347] bond_slave_0: left promiscuous mode [ 1204.010991][T15347] bond_slave_1: left promiscuous mode [ 1204.024443][T14090] usb 7-1: SerialNumber: syz [ 1204.101140][T15347] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1204.249345][T15347] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1204.389969][T15347] bond0 (unregistering): Released all slaves [ 1204.969627][T14090] rtl8150 7-1:1.0: eth9: rtl8150 is detected [ 1205.090876][T14090] usb 7-1: USB disconnect, device number 8 [ 1205.248070][T11856] usb 4-1: USB disconnect, device number 21 [ 1206.080129][T15362] netlink: 'syz.3.3634': attribute type 11 has an invalid length. [ 1207.141909][T15373] loop3: detected capacity change from 0 to 1024 [ 1207.157416][T15375] loop4: detected capacity change from 0 to 128 [ 1207.192371][T15375] EXT4-fs: Ignoring removed nobh option [ 1207.320096][T15375] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1207.402231][T15375] ext4 filesystem being mounted at /732/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1207.871522][T15382] smc: net device bond0 applied user defined pnetid SYZ2 [ 1207.953131][ T57] hfsplus: b-tree write err: -5, ino 25 [ 1207.975496][T15382] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3644'. [ 1208.018854][ T57] hfsplus: b-tree write err: -5, ino 4 [ 1208.059427][ T57] hfsplus: b-tree write err: -5, ino 2 [ 1208.127986][ T5774] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1208.169117][T15382] smc: removing net device bond0 with user defined pnetid SYZ2 [ 1208.206121][T15382] bond0 (unregistering): left promiscuous mode [ 1208.249940][T15382] bond_slave_0: left promiscuous mode [ 1208.256857][T15382] bond_slave_1: left promiscuous mode [ 1208.365636][T15382] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1208.540434][T15382] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1208.751975][T15382] bond0 (unregistering): Released all slaves [ 1210.164093][T15405] loop4: detected capacity change from 0 to 256 [ 1213.226348][ T29] audit: type=1326 audit(1770837924.022:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15439 comm="syz.6.3668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1213.326073][ T29] audit: type=1326 audit(1770837924.082:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15439 comm="syz.6.3668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1213.453022][ T29] audit: type=1326 audit(1770837924.082:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15439 comm="syz.6.3668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=177 compat=1 ip=0xf6feef6c code=0x7ffc0000 [ 1215.393630][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 1215.449897][T15471] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3679'. [ 1216.082362][ T5831] usb 5-1: new full-speed USB device number 20 using dummy_hcd [ 1216.286823][ T5831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1216.318671][ T5831] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1216.376446][ T5831] usb 5-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00 [ 1216.414210][ T5831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1216.527544][ T5831] usb 5-1: config 0 descriptor?? [ 1217.168935][ T5831] hid-multitouch 0003:0457:07DA.001A: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.4-1/input0 [ 1217.419998][T14090] usb 5-1: USB disconnect, device number 20 [ 1217.922228][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1217.933721][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1218.025037][T15484] fido_id[15484]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 1219.405278][T15505] loop3: detected capacity change from 0 to 256 [ 1221.068708][ T5831] usb 4-1: new full-speed USB device number 22 using dummy_hcd [ 1221.331562][ T5831] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1221.398456][ T5831] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1221.423856][ T5831] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00 [ 1221.485378][ T5831] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1221.512151][ T5831] usb 4-1: config 0 descriptor?? [ 1221.975231][ T5831] konepure 0003:1E7D:2DBE.001B: unknown main item tag 0x0 [ 1222.017013][ T5831] konepure 0003:1E7D:2DBE.001B: item fetching failed at offset 3/7 [ 1222.037472][ T5831] konepure 0003:1E7D:2DBE.001B: parse failed [ 1222.069696][ T5831] konepure 0003:1E7D:2DBE.001B: probe with driver konepure failed with error -22 [ 1222.140866][T15534] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3709'. [ 1222.178972][ T5831] usb 4-1: USB disconnect, device number 22 [ 1223.545581][T15545] Invalid argument reading file caps for ./file0 [ 1225.088025][T15562] sock: sock_set_timeout: `syz.1.3724' (pid 15562) tries to set negative timeout [ 1226.034264][T15577] ipvlan1: entered promiscuous mode [ 1226.082890][T15573] ipvlan1: left promiscuous mode [ 1228.972411][T15613] loop4: detected capacity change from 0 to 512 [ 1229.105659][T15613] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.3745: iget: bad i_size value: 38620345925642 [ 1229.245483][T15613] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1229.256189][T15613] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3745: couldn't read orphan inode 15 (err -117) [ 1229.340695][T15613] loop4: lost filesystem error report for type 5 error -117 [ 1229.344667][T15613] EXT4-fs (loop4): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1229.506353][T15613] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.3745: bg 0: block 5: invalid block bitmap [ 1229.592750][T15613] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28 [ 1229.628360][T15613] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1229.628360][T15613] [ 1229.644729][T15613] EXT4-fs (loop4): Total free blocks count 0 [ 1229.651980][T15613] EXT4-fs (loop4): Free/Dirty block details [ 1229.670122][T15613] EXT4-fs (loop4): free_blocks=0 [ 1229.787990][T15613] EXT4-fs (loop4): dirty_blocks=65 [ 1229.800608][T15613] EXT4-fs (loop4): Block reservation details [ 1229.806819][T15613] EXT4-fs (loop4): i_reserved_data_blocks=65 [ 1230.127336][ T34] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 131587 with max blocks 1 with error 28 [ 1230.348102][T15629] syzkaller1: entered promiscuous mode [ 1230.400958][T15629] syzkaller1: entered allmulticast mode [ 1234.327576][T15672] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3770'. [ 1235.599474][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 1236.337409][T15694] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3778'. [ 1238.703502][T14090] Process accounting resumed [ 1239.365440][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1241.519403][T15745] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3801'. [ 1241.610400][T15745] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3801'. [ 1241.678069][T15750] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3801'. [ 1241.712948][T15750] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3801'. [ 1241.732481][T15751] sctp: [Deprecated]: syz.3.3803 (pid 15751) Use of int in maxseg socket option. [ 1241.732481][T15751] Use struct sctp_assoc_value instead [ 1242.575169][T15761] netlink: 512 bytes leftover after parsing attributes in process `syz.6.3807'. [ 1245.097541][ C1] hrtimer: interrupt took 291840 ns [ 1249.347366][T15830] loop3: detected capacity change from 0 to 128 [ 1251.416585][T15853] input: syz0 as /devices/virtual/input/input24 [ 1254.123768][T15874] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3855'. [ 1259.613655][T15917] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1261.058849][T15933] faux_driver vkms: [drm] Unknown color mode 11; guessing buffer size. [ 1265.778730][ T5831] usb 5-1: new full-speed USB device number 21 using dummy_hcd [ 1265.971612][ T5831] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1266.029219][ T5831] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 1266.068624][ T5831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 1266.118396][ T5831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 170, setting to 64 [ 1266.168737][ T5831] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1266.259288][ T5831] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 1266.282899][ T5831] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 1266.338522][ T5831] usb 5-1: Product: syz [ 1266.343211][ T5831] usb 5-1: Manufacturer: syz [ 1266.379663][ T5831] usb 5-1: SerialNumber: syz [ 1266.412227][ T5831] usb 5-1: config 0 descriptor?? [ 1266.431018][T15980] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1266.749849][ T5831] radio-si470x 5-1:0.0: DeviceID=0x6465 ChipID=0x7669 [ 1266.956751][ T5831] radio-si470x 5-1:0.0: software version 100, hardware version 101 [ 1267.164055][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.173322][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.180816][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.187935][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.194986][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.202083][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.209334][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.217090][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.224756][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.231973][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.239039][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.246964][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.256114][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.263484][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.270591][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.277660][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.284807][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.291822][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.298996][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.306002][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.313615][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.321668][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.329041][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.336098][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.344071][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.351521][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.358842][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.365991][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.373300][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.380548][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.387673][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.395052][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.402786][ T5831] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1267.416684][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.418669][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.425717][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.434901][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.442064][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.449248][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.464882][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.472777][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.479952][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.487026][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.494312][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.501823][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.509110][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.516176][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.523381][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.532601][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.539765][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.546835][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.555624][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.563198][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.570503][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.577575][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.584726][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.592029][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.599186][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.606240][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.613388][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.620532][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.627598][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.638873][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.645986][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.656103][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.669341][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.681434][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.691202][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.698467][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.705576][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.712787][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.728522][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.736901][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.748457][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.759365][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.766780][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.773952][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.781067][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.788038][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.795029][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.802049][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.809170][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.816183][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.825563][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.839434][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.846830][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.856080][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.868733][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.875850][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.884897][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.899578][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.906777][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.918428][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.925475][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.938066][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.946517][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.958771][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.968934][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.976219][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.987884][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1267.995117][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.002099][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.009183][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.016473][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.025851][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.038410][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.047745][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.058641][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.066300][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.078768][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.085922][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.093008][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.100121][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.107419][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.118535][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.125725][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.140280][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.148989][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.156041][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.169268][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.176635][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.188792][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.195818][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.202949][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.210098][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.217103][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.226000][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.238418][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.253442][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.260930][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.268725][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.275745][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.283457][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.290636][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.297707][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.306122][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.318520][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.325589][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.332718][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.340399][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.348629][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.355737][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.362980][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.379404][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.386835][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.398428][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.405469][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.412746][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.419780][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.426873][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.433952][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.441135][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.459353][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.466839][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.474970][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.482540][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.494232][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.501711][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.518399][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.525489][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.538567][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.545626][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.553330][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.569077][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.577211][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.586372][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.598557][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.605643][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.618436][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.625581][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.638456][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.645561][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.653669][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.661223][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.668265][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.676069][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.691998][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.699584][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.706651][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.715606][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.724949][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.733059][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.748455][ C1] radio-si470x 5-1:0.0: non-zero urb status (-71) [ 1268.758064][ T5831] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22 [ 1268.888682][ T5831] usb 5-1: USB disconnect, device number 21 [ 1271.393761][T16033] netlink: 63 bytes leftover after parsing attributes in process `syz.6.3925'. [ 1273.051645][T16049] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3932'. [ 1274.595058][T16068] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3941'. [ 1274.628811][T16068] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3941'. [ 1275.111079][T16073] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3943'. [ 1275.159111][T16073] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3943'. [ 1275.454492][T16079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3945'. [ 1275.492428][T16079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3945'. [ 1276.777068][T16095] evm: overlay not supported [ 1278.008442][ T5831] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 1278.186662][ T5831] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1278.227151][ T5831] usb 7-1: config 1 has no interface number 0 [ 1278.257189][ T5831] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1278.317366][ T5831] usb 7-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 1278.343844][ T5831] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 14129, setting to 64 [ 1278.429070][ T5831] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1278.478865][ T5831] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1278.523129][ T5831] usb 7-1: Product: syz [ 1278.527554][ T5831] usb 7-1: Manufacturer: syz [ 1278.581151][ T5831] usb 7-1: SerialNumber: syz [ 1279.358541][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1279.365297][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1279.579073][ T5831] cdc_ncm 7-1:1.1: bind() failure [ 1279.854535][ T5831] usb 7-1: USB disconnect, device number 9 [ 1281.225564][T16134] loop4: detected capacity change from 0 to 4096 [ 1281.290260][T16134] EXT4-fs: inline encryption not supported [ 1281.340069][T16134] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1281.386996][T16134] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 1281.439727][T16134] System zones: 0-5 [ 1281.513448][T16134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1282.240983][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1282.543461][T16155] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3977'. [ 1282.707730][T16157] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3979'. [ 1282.708300][T16155] vlan2: entered allmulticast mode [ 1282.747949][T16155] dummy0: entered allmulticast mode [ 1282.756505][T16155] bridge0: port 1(vlan2) entered blocking state [ 1282.766031][T16155] bridge0: port 1(vlan2) entered disabled state [ 1282.778968][ T5831] page_pool_release_retry() stalled pool shutdown: id 72, 1 inflight 60 sec [ 1282.840323][T16155] vlan2: entered promiscuous mode [ 1282.855969][T16155] dummy0: entered promiscuous mode [ 1283.279318][ T5831] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 1283.479156][ T5831] usb 5-1: Using ep0 maxpacket: 32 [ 1283.514811][ T5831] usb 5-1: config 76 has an invalid descriptor of length 0, skipping remainder of the config [ 1283.566300][ T5831] usb 5-1: New USB device found, idVendor=069a, idProduct=0001, bcdDevice=51.c5 [ 1283.645708][ T5831] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1283.780518][ T5831] usb 5-1: Product: syz [ 1283.801957][ T5831] usb 5-1: Manufacturer: syz [ 1283.826376][ T5831] usb 5-1: SerialNumber: syz [ 1283.892141][ T5831] pwc: Askey VC010 type 1 USB webcam detected. [ 1284.089593][ T5831] pwc: send_video_command error -71 [ 1284.127932][ T5831] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 1284.159954][ T5831] Philips webcam 5-1:76.0: probe with driver Philips webcam failed with error -71 [ 1284.222033][ T5831] usb 5-1: USB disconnect, device number 22 [ 1286.720194][T16198] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3995'. [ 1288.078604][ T5831] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 1288.289267][ T5831] usb 7-1: Using ep0 maxpacket: 16 [ 1288.377791][ T5831] usb 7-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 1288.411966][ T5831] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1288.456563][ T5831] usb 7-1: Product: syz [ 1288.473427][ T5831] usb 7-1: Manufacturer: syz [ 1288.488377][ T5831] usb 7-1: SerialNumber: syz [ 1288.530796][ T5831] usb 7-1: config 0 descriptor?? [ 1289.041208][ T5831] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 1289.095068][T16226] vcan0: tx drop: invalid da for name 0x0000008000000000 [ 1289.109597][ T5831] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1289.157183][ T5831] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 1289.187439][ T5831] usb 7-1: media controller created [ 1289.253746][T16216] dtv5100: rlen = 51 is too big! [ 1289.253746][T16216] [ 1289.467070][ T5831] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1289.740484][ T5831] zl10353_read_register: readreg error (reg=127, ret==0) [ 1289.771962][ T5831] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 1289.799034][ T5831] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 1289.904533][ T5831] usb 7-1: USB disconnect, device number 10 [ 1290.410271][ T5831] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 1291.734516][T16245] 9p: Bad value for 'rfdno' [ 1294.840950][T16277] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4027'. [ 1294.948760][T16279] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4027'. [ 1294.975982][ T29] audit: type=1800 audit(1770838005.832:210): pid=16275 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4026" name="file1" dev="tmpfs" ino=4338 res=0 errno=0 [ 1295.679291][T16281] loop3: detected capacity change from 0 to 4096 [ 1295.916254][T16288] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1296.084171][ T29] audit: type=1800 audit(1770838006.942:211): pid=16281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4028" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 1296.258559][ T29] audit: type=1800 audit(1770838006.972:212): pid=16281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4028" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 1296.558070][T16291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4032'. [ 1296.638854][T16291] netlink: 'syz.4.4032': attribute type 29 has an invalid length. [ 1296.646914][T16291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4032'. [ 1297.869565][ T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 1298.067163][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 1298.098082][T16310] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.4040'. [ 1298.113897][ T9] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1298.160729][ T9] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1298.232343][ T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1298.269606][ T9] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 1298.310527][ T9] usb 5-1: Product: syz [ 1298.315048][ T9] usb 5-1: Manufacturer: syz [ 1298.385718][ T9] hub 5-1:4.0: USB hub found [ 1298.651720][ T9] hub 5-1:4.0: 2 ports detected [ 1298.889018][ T9] hub 5-1:4.0: hub_hub_status failed (err = -71) [ 1298.929960][ T9] hub 5-1:4.0: config failed, can't get hub status (err -71) [ 1299.041743][ T9] usb 5-1: USB disconnect, device number 23 [ 1301.178068][T16339] overlayfs: failed to clone lowerpath [ 1302.155145][T16349] loop3: detected capacity change from 0 to 1024 [ 1302.361569][T16349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1302.538097][T16348] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 1302.612345][T16348] EXT4-fs (loop3): Remounting filesystem read-only [ 1302.639268][T16348] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 18, error -30) [ 1303.036128][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1303.198525][ T9] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 1303.398550][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 1303.461615][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1303.519214][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1303.563747][ T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1303.606606][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 1303.625762][ T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 1303.637083][ T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1303.664185][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1303.711562][ T9] usb 5-1: config 0 descriptor?? [ 1303.823170][ T5071] Bluetooth: hci5: urb ffff88801ead0480 submission failed (90) [ 1303.944270][ T5831] usb 5-1: USB disconnect, device number 24 [ 1304.692751][T16368] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1305.451310][T16376] 9p: Bad value for 'wfdno' [ 1306.125106][T16383] loop3: detected capacity change from 0 to 512 [ 1306.218354][T16383] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1306.389486][T16383] EXT4-fs (loop3): 1 truncate cleaned up [ 1306.450359][T16383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1307.319709][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1309.659014][T16423] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4087'. [ 1310.630165][T16442] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4093'. [ 1310.703493][T16442] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4093'. [ 1311.392179][T16445] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22) [ 1311.559194][T16452] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4095'. [ 1313.463089][T16475] loop3: detected capacity change from 0 to 256 [ 1313.515254][T16475] exfat: Deprecated parameter 'namecase' [ 1313.565414][T16475] exfat: Deprecated parameter 'utf8' [ 1313.710215][T16475] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1314.519449][ T5831] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 1314.719085][ T5831] usb 5-1: Using ep0 maxpacket: 8 [ 1314.798641][ T5831] usb 5-1: New USB device found, idVendor=0c45, idProduct=6128, bcdDevice=c4.6d [ 1314.835373][ T5831] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1314.878638][ T5831] usb 5-1: Product: syz [ 1314.896872][ T5831] usb 5-1: Manufacturer: syz [ 1314.918700][ T5831] usb 5-1: SerialNumber: syz [ 1314.971522][ T5831] usb 5-1: config 0 descriptor?? [ 1315.049109][ T5831] gspca_main: sonixj-2.14.0 probing 0c45:6128 [ 1315.169080][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1315.927472][T16496] loop3: detected capacity change from 0 to 512 [ 1316.026441][T16496] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.4117: Invalid inode bitmap blk 4 in block_group 0 [ 1316.058419][T16496] loop3: lost filesystem error report for type 5 error -117 [ 1316.067082][T16496] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1316.096904][ T5833] usb 5-1: USB disconnect, device number 25 [ 1316.185808][T16503] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters [ 1316.973820][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1317.909545][T16512] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4124'. [ 1319.021720][T16519] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1320.301519][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 1321.150097][T13876] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1321.179300][T13876] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1321.202998][T13876] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1321.228812][T13876] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1321.242439][T13876] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1321.256148][T16541] Mount JFS Failure: -22 [ 1321.260868][T16541] jfs_mount failed w/return code = -22 [ 1322.698405][T16539] chnl_net:caif_netlink_parms(): no params data found [ 1323.330780][ T5071] Bluetooth: hci1: command tx timeout [ 1323.993178][ T5833] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 1324.168659][ T5833] usb 5-1: Using ep0 maxpacket: 32 [ 1324.218981][ T5833] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 1324.248470][ T5833] usb 5-1: config 0 has no interface number 0 [ 1324.319545][ T5833] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1324.372890][ T5833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1324.418500][ T5833] usb 5-1: Product: syz [ 1324.422916][ T5833] usb 5-1: Manufacturer: syz [ 1324.427745][ T5833] usb 5-1: SerialNumber: syz [ 1324.483067][ T5833] usb 5-1: config 0 descriptor?? [ 1324.570761][ T5833] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1324.740441][T16539] bridge0: port 1(bridge_slave_0) entered blocking state [ 1324.758892][T16539] bridge0: port 1(bridge_slave_0) entered disabled state [ 1324.785470][T16539] bridge_slave_0: entered allmulticast mode [ 1324.805904][ T5833] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1324.836147][T16539] bridge_slave_0: entered promiscuous mode [ 1324.895224][ T5833] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1324.924780][T16539] bridge0: port 2(bridge_slave_1) entered blocking state [ 1324.985852][T16539] bridge0: port 2(bridge_slave_1) entered disabled state [ 1325.028626][T16539] bridge_slave_1: entered allmulticast mode [ 1325.064386][T16539] bridge_slave_1: entered promiscuous mode [ 1325.222799][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1325.243730][ T5833] usb 5-1: USB disconnect, device number 26 [ 1325.310855][ T5833] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1325.439607][ T5071] Bluetooth: hci1: command tx timeout [ 1325.466058][ T5833] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1325.635788][ T5833] quatech2 5-1:0.51: device disconnected [ 1325.773619][T16539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1325.877129][T16539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1326.382899][T16539] team0: Port device team_slave_0 added [ 1326.476996][T16539] team0: Port device team_slave_1 added [ 1326.652819][T16594] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4155'. [ 1326.836200][T16539] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1326.883100][T16539] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1326.927503][T16539] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1327.046785][T16539] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1327.065990][T16539] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1327.115401][T16539] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1327.491110][ T5071] Bluetooth: hci1: command tx timeout [ 1327.618664][T16607] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 1327.787604][T16539] hsr_slave_0: entered promiscuous mode [ 1327.803699][T16539] hsr_slave_1: entered promiscuous mode [ 1327.866556][T16539] debugfs: 'hsr0' already exists in 'hsr' [ 1327.887272][T16539] Cannot create hsr debugfs directory [ 1328.574673][T16611] loop4: detected capacity change from 0 to 2048 [ 1328.701057][T16611] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1329.571355][ T5071] Bluetooth: hci1: command tx timeout [ 1329.844412][T16539] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1330.149360][T16539] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1330.382519][T16539] team0: Port device netdevsim1 removed [ 1330.430400][T16625] Invalid argument reading file caps for ./file0 [ 1330.447556][T16539] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1330.599119][ T5831] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 1330.765224][T16539] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1330.844755][ T5831] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1330.891239][ T5831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1330.940783][ T5831] usb 7-1: config 0 descriptor?? [ 1331.013285][ T5831] cp210x 7-1:0.0: cp210x converter detected [ 1331.600354][ T5831] cp210x 7-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 1331.633372][ T5831] cp210x 7-1:0.0: GPIO initialisation failed: -71 [ 1331.681182][ T5831] usb 7-1: cp210x converter now attached to ttyUSB0 [ 1331.763988][ T5831] usb 7-1: USB disconnect, device number 11 [ 1331.765925][T16539] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1331.812418][ T5965] udevd[5965]: setting owner of /dev/ttyUSB0 to uid=0, gid=18 failed: No such file or directory [ 1331.849622][ T5831] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1331.850413][T16539] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1331.903202][ T5831] cp210x 7-1:0.0: device disconnected [ 1331.964602][T16539] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1332.155511][T16539] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1332.976209][T16642] input: syz0 as /devices/virtual/input/input25 [ 1333.614445][T16648] loop3: detected capacity change from 0 to 256 [ 1333.837768][T16539] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1333.847028][T16648] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1334.160716][T16539] 8021q: adding VLAN 0 to HW filter on device team0 [ 1334.356681][ T149] bridge0: port 1(bridge_slave_0) entered blocking state [ 1334.364529][ T149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1334.575236][ T149] bridge0: port 2(bridge_slave_1) entered blocking state [ 1334.582977][ T149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1334.593446][ T5833] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 1334.810921][ T5833] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1334.868429][ T5833] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1334.928633][ T5833] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1334.987706][ T5833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1335.023620][ T5833] usb 7-1: SerialNumber: syz [ 1335.380608][ T5833] usb 7-1: 0:2 : does not exist [ 1335.579056][ T5833] usb 7-1: USB disconnect, device number 12 [ 1335.914111][ T5965] udevd[5965]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1336.648870][ T29] audit: type=1326 audit(1770838047.502:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1336.783193][ T29] audit: type=1326 audit(1770838047.502:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1336.898790][ T29] audit: type=1326 audit(1770838047.532:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.001900][ T29] audit: type=1326 audit(1770838047.532:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.116183][ T29] audit: type=1326 audit(1770838047.532:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.206189][ T29] audit: type=1326 audit(1770838047.502:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.346792][ T29] audit: type=1326 audit(1770838047.482:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.488849][ T29] audit: type=1326 audit(1770838047.572:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=247 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.576733][ T29] audit: type=1326 audit(1770838047.572:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.689282][ T29] audit: type=1326 audit(1770838047.582:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16670 comm="syz.1.4184" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1337.852075][T16686] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1337.992865][T16539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1338.716330][T16695] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4191'. [ 1338.727994][T16539] veth0_vlan: entered promiscuous mode [ 1338.767840][T16696] raw_sendmsg: syz.1.4193 forgot to set AF_INET. Fix it! [ 1338.789143][T16695] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4191'. [ 1338.862255][T16539] veth1_vlan: entered promiscuous mode [ 1339.363475][T16539] veth0_macvtap: entered promiscuous mode [ 1339.401138][T16699] loop3: detected capacity change from 0 to 164 [ 1339.495184][T16539] veth1_macvtap: entered promiscuous mode [ 1339.545332][T16699] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1339.872849][T16539] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1340.133395][T16539] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1340.514762][ T2937] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1340.597261][ T2937] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1340.634217][T16709] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 1340.655424][T16712] loop3: detected capacity change from 0 to 512 [ 1340.719319][ T2937] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1340.782503][T16712] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1340.796944][ T2937] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1340.811534][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 1340.830853][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 1340.971610][T16712] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.4198: inode has both inline data and extents flags [ 1341.037346][T16712] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1341.055048][T16712] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.4198: couldn't read orphan inode 15 (err -117) [ 1341.159211][T16712] loop3: lost filesystem error report for type 5 error -117 [ 1341.164119][T16712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1341.317799][T16712] syz.3.4198 (pid 16712) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 1341.810152][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1345.549250][T16771] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4220'. [ 1345.617250][T16772] loop4: detected capacity change from 0 to 1024 [ 1345.833133][T16772] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1346.052224][T16772] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 161808409 free clusters [ 1346.121467][T16772] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28 [ 1346.127859][T16783] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 1346.147380][T16783] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1346.147380][T16783] [ 1346.179235][T16783] EXT4-fs (loop4): Total free blocks count 0 [ 1346.205695][T16783] EXT4-fs (loop4): Free/Dirty block details [ 1346.259238][T16783] EXT4-fs (loop4): free_blocks=2588934144 [ 1346.316506][T16772] EXT4-fs (loop4): This should not happen!! Data will be lost [ 1346.316506][T16772] [ 1346.323331][T16783] EXT4-fs (loop4): dirty_blocks=32 [ 1346.377447][T16783] EXT4-fs (loop4): Block reservation details [ 1348.965781][ T149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1349.040384][ T149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1349.295381][T16813] loop4: detected capacity change from 0 to 512 [ 1349.364829][T16813] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1349.414392][ T2937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1349.452041][ T2937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1349.457719][T16813] EXT4-fs error (device loop4): ext4_iget_extra_inode:5073: inode #12: comm syz.4.4233: corrupted in-inode xattr: invalid ea_ino [ 1349.480517][T16813] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 1349.519581][T16813] EXT4-fs (loop4): Remounting filesystem read-only [ 1349.577581][T16813] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1350.168990][ T5774] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 1350.845950][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 1350.846049][ T29] audit: type=1326 audit(1770838061.702:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16825 comm="syz.4.4236" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffef6c code=0x0 [ 1352.901522][T16843] netlink: 'syz.6.4245': attribute type 4 has an invalid length. [ 1353.884249][T16857] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4250'. [ 1353.894580][T16858] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 1353.895479][T16857] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4250'. [ 1356.009096][ T5833] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 1356.238344][ T5833] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1356.290385][ T5833] usb 4-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00 [ 1356.318637][ T5833] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1356.374695][ T5833] usb 4-1: config 0 descriptor?? [ 1356.929878][ T5833] cherry 0003:046A:0023.001C: unknown main item tag 0x0 [ 1356.952769][ T5833] cherry 0003:046A:0023.001C: unknown main item tag 0x0 [ 1357.049968][ T5833] cherry 0003:046A:0023.001C: hidraw0: USB HID v0.00 Device [HID 046a:0023] on usb-dummy_hcd.3-1/input0 [ 1357.160102][ T5833] usb 4-1: USB disconnect, device number 23 [ 1358.090237][T16886] fido_id[16886]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 1360.386720][T16915] [U] [ 1360.389803][T16915] [U] [ 1360.392860][T16915] [U] [ 1360.395867][T16915] [U] [ 1360.398881][T16915] [U] [ 1360.401913][T16915] [U] [ 1360.404932][T16915] [U] [ 1360.407938][T16915] [U] [ 1360.534046][T16915] [U] [ 1360.537136][T16915] [U] [ 1360.540166][T16915] [U] [ 1361.106238][T16912] [U] [ 1361.650967][T16926] loop3: detected capacity change from 0 to 64 [ 1364.588526][T16954] loop3: detected capacity change from 0 to 128 [ 1364.760291][T16954] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1364.890718][T16954] ext4 filesystem being mounted at /816/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1365.039565][ T2937] tipc: Subscription rejected, illegal request [ 1365.760006][ T5770] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1369.876195][T17019] input: syz1 as /devices/virtual/input/input26 [ 1370.625168][T17021] batadv_slave_0: entered promiscuous mode [ 1370.682132][T17020] batadv_slave_0: left promiscuous mode [ 1371.455543][ T29] audit: type=1326 audit(1770838082.302:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.510851][T17035] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 1371.552210][ T29] audit: type=1326 audit(1770838082.312:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.611192][ T29] audit: type=1326 audit(1770838082.342:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=162 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.675015][ T29] audit: type=1326 audit(1770838082.342:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.710988][T17035] pim6reg: entered allmulticast mode [ 1371.728879][ T29] audit: type=1326 audit(1770838082.392:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.765503][ T29] audit: type=1326 audit(1770838082.392:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.768042][T17038] pim6reg: left allmulticast mode [ 1371.852098][ T29] audit: type=1326 audit(1770838082.392:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.897841][ T29] audit: type=1326 audit(1770838082.412:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf713572b code=0x7ffc0000 [ 1371.931053][ T29] audit: type=1326 audit(1770838082.432:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf6ffef6c code=0x7ffc0000 [ 1371.931188][T17038] netdevsim netdevsim0 netdevsim0: left allmulticast mode [ 1372.030515][ T29] audit: type=1326 audit(1770838082.462:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17032 comm="syz.1.4328" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf713572b code=0x7ffc0000 [ 1373.143046][T17053] loop3: detected capacity change from 0 to 512 [ 1374.088418][T11856] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 1374.314992][T11856] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1374.354265][T11856] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1374.409360][T11856] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1374.460237][T11856] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1374.578982][T11856] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1374.625936][T11856] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1374.674055][T11856] usb 7-1: Product: syz [ 1374.691078][T11856] usb 7-1: Manufacturer: syz [ 1374.695934][T11856] usb 7-1: SerialNumber: syz [ 1375.295726][T17073] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4342'. [ 1375.956887][T11856] cdc_ncm 7-1:1.0: bind() failure [ 1376.138664][T11856] usbtest 7-1:1.1: probe with driver usbtest failed with error -71 [ 1376.219897][T11856] usb 7-1: USB disconnect, device number 13 [ 1376.287132][T17084] overlayfs: failed to clone upperpath [ 1376.351779][T17085] overlayfs: failed to clone lowerpath [ 1378.363883][T17106] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4357'. [ 1378.724075][T17099] loop4: detected capacity change from 0 to 8192 [ 1380.656761][T17130] loop3: detected capacity change from 0 to 1024 [ 1380.723240][T17130] EXT4-fs: Ignoring removed nobh option [ 1380.799003][T17130] EXT4-fs: Ignoring removed bh option [ 1380.949302][T17132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4368'. [ 1380.993172][T17130] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1381.003055][T17132] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4368'. [ 1381.126730][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 1381.126818][ T29] audit: type=1800 audit(1770838091.982:248): pid=17130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4366" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 1381.703036][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1382.163049][T17147] team_slave_0: entered promiscuous mode [ 1382.169213][T17147] team_slave_1: entered promiscuous mode [ 1382.252663][T17147] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1382.606279][T17148] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 1383.837734][T17168] loop4: detected capacity change from 0 to 512 [ 1383.882814][T17168] EXT4-fs: Ignoring removed oldalloc option [ 1383.935333][T17168] EXT4-fs (loop4): Test dummy encryption mode enabled [ 1383.957022][T17168] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1384.087734][T17168] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.4383: inode has both inline data and extents flags [ 1384.161595][T17168] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1384.184790][T17168] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4383: couldn't read orphan inode 15 (err -117) [ 1384.255432][T17168] loop4: lost filesystem error report for type 5 error -117 [ 1384.273151][T17168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1384.487017][T17168] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 1384.992191][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1385.461493][T17177] loop0: detected capacity change from 0 to 8192 [ 1385.647829][T17177] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1385.675249][T17172] loop3: detected capacity change from 0 to 8192 [ 1385.817592][ T29] audit: type=1800 audit(1770838096.652:249): pid=17177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4386" name="file2" dev="loop0" ino=1048750 res=0 errno=0 [ 1385.871145][T17177] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 1385.881787][T17177] FAT-fs (loop0): Filesystem has been set read-only [ 1388.388375][ T57] ===================================================== [ 1388.395587][ T57] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xe7b/0xc820 [ 1388.404304][ T57] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1388.410452][ T57] n_tty_receive_buf_common+0x1a59/0x2610 [ 1388.416373][ T57] n_tty_receive_buf2+0x4c/0x60 [ 1388.422456][ T57] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1388.427955][ T57] tty_port_default_receive_buf+0xd7/0x1a0 [ 1388.434182][ T57] flush_to_ldisc+0x43e/0xe40 [ 1388.439259][ T57] process_scheduled_works+0xae7/0x1d60 [ 1388.445044][ T57] worker_thread+0x1741/0x1de0 [ 1388.450747][ T57] kthread+0x53f/0x600 [ 1388.454993][ T57] ret_from_fork+0x20f/0x910 [ 1388.461115][ T57] ret_from_fork_asm+0x1a/0x30 [ 1388.466106][ T57] [ 1388.468998][ T57] Uninit was stored to memory at: [ 1388.474316][ T57] n_tty_receive_buf_standard+0xe74/0xc820 [ 1388.481067][ T57] n_tty_receive_buf_common+0x1a59/0x2610 [ 1388.489785][ T57] n_tty_receive_buf2+0x4c/0x60 [ 1388.494820][ T57] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1388.500393][ T57] tty_port_default_receive_buf+0xd7/0x1a0 [ 1388.506445][ T57] flush_to_ldisc+0x43e/0xe40 [ 1388.511866][ T57] process_scheduled_works+0xae7/0x1d60 [ 1388.517650][ T57] worker_thread+0x1741/0x1de0 [ 1388.522736][ T57] kthread+0x53f/0x600 [ 1388.526981][ T57] ret_from_fork+0x20f/0x910 [ 1388.534057][ T57] ret_from_fork_asm+0x1a/0x30 SYZFAIL: failed to send rpc fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 1388.539624][ T57] [ 1388.542036][ T57] Uninit was created at: [ 1388.546549][ T57] __kmalloc_noprof+0xae9/0x1bf0 [ 1388.551867][ T57] __tty_buffer_request_room+0x3d4/0x7a0 [ 1388.557743][ T57] __tty_insert_flip_string_flags+0x157/0x6e0 [ 1388.565465][ T57] uart_insert_char+0x368/0x930 [ 1388.571232][ T57] serial8250_read_char+0x1ba/0x670 [ 1388.576654][ T57] serial8250_handle_irq+0x930/0x1110 [ 1388.582409][ T57] serial8250_default_handle_irq+0x116/0x370 [ 1388.591221][ T57] serial8250_interrupt+0xcb/0x420 [ 1388.597342][ T57] __handle_irq_event_percpu+0x118/0xed0 [ 1388.608788][ T57] handle_irq_event+0xe0/0x2a0 [ 1388.614049][ T57] handle_edge_irq+0x2a9/0xb30 [ 1388.619177][ T57] __common_interrupt+0x9d/0x180 [ 1388.624298][ T57] common_interrupt+0x4c/0xb0 [ 1388.629539][ T57] asm_common_interrupt+0x2b/0x40 [ 1388.634753][ T57] [ 1388.637214][ T57] CPU: 1 UID: 0 PID: 57 Comm: kworker/u8:3 Tainted: G L syzkaller #0 PREEMPT(full) [ 1388.648506][ T57] Tainted: [L]=SOFTLOCKUP [ 1388.652966][ T57] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1388.664257][ T57] Workqueue: events_unbound flush_to_ldisc [ 1388.671014][ T57] ===================================================== [ 1388.678076][ T57] Disabling lock debugging due to kernel taint [ 1389.031725][ T57] Kernel panic - not syncing: kmsan.panic set ... [ 1389.038360][ T57] CPU: 1 UID: 0 PID: 57 Comm: kworker/u8:3 Tainted: G B L syzkaller #0 PREEMPT(full) [ 1389.049488][ T57] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP [ 1389.055151][ T57] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1389.065384][ T57] Workqueue: events_unbound flush_to_ldisc [ 1389.071639][ T57] Call Trace: [ 1389.075037][ T57] [ 1389.078080][ T57] __dump_stack+0x26/0x30 [ 1389.082625][ T57] dump_stack_lvl+0x50/0x1c0 [ 1389.087420][ T57] ? dump_stack+0x12/0x25 [ 1389.091956][ T57] dump_stack+0x1e/0x25 [ 1389.096320][ T57] vpanic+0x435/0xd40 [ 1389.100720][ T57] panic+0x15d/0x160 [ 1389.104893][ T57] kmsan_report+0x31a/0x320 [ 1389.109590][ T57] ? __msan_warning+0x1b/0x30 [ 1389.114434][ T57] ? n_tty_receive_buf_standard+0xe7b/0xc820 [ 1389.120623][ T57] ? n_tty_receive_buf_common+0x1a59/0x2610 [ 1389.126718][ T57] ? n_tty_receive_buf2+0x4c/0x60 [ 1389.131934][ T57] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 1389.137535][ T57] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 1389.143761][ T57] ? flush_to_ldisc+0x43e/0xe40 [ 1389.148840][ T57] ? process_scheduled_works+0xae7/0x1d60 [ 1389.154812][ T57] ? worker_thread+0x1741/0x1de0 [ 1389.159923][ T57] ? kthread+0x53f/0x600 [ 1389.164352][ T57] ? ret_from_fork+0x20f/0x910 [ 1389.169289][ T57] ? ret_from_fork_asm+0x1a/0x30 [ 1389.174444][ T57] ? ret_from_fork_asm+0x1a/0x30 [ 1389.179605][ T57] ? __mutex_lock+0x1aa1/0x2640 [ 1389.184658][ T57] ? kmsan_get_metadata+0x146/0x160 [ 1389.190058][ T57] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1389.196655][ T57] ? kmsan_get_metadata+0x146/0x160 [ 1389.202052][ T57] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1389.208073][ T57] ? n_tty_receive_char+0x1223/0x14f0 [ 1389.213673][ T57] ? kmsan_get_metadata+0xf1/0x160 [ 1389.218999][ T57] __msan_warning+0x1b/0x30 [ 1389.223678][ T57] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1389.229742][ T57] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1389.236090][ T57] ? kmsan_get_metadata+0xf1/0x160 [ 1389.241472][ T57] n_tty_receive_buf_common+0x1a59/0x2610 [ 1389.247518][ T57] n_tty_receive_buf2+0x4c/0x60 [ 1389.252553][ T57] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 1389.258307][ T57] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1389.263756][ T57] tty_port_default_receive_buf+0xd7/0x1a0 [ 1389.269924][ T57] flush_to_ldisc+0x43e/0xe40 [ 1389.274852][ T57] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 1389.281529][ T57] ? __pfx_flush_to_ldisc+0x10/0x10 [ 1389.286962][ T57] process_scheduled_works+0xae7/0x1d60 [ 1389.292829][ T57] worker_thread+0x1741/0x1de0 [ 1389.297842][ T57] kthread+0x53f/0x600 [ 1389.302121][ T57] ? __pfx_worker_thread+0x10/0x10 [ 1389.307424][ T57] ? __pfx_kthread+0x10/0x10 [ 1389.312210][ T57] ret_from_fork+0x20f/0x910 [ 1389.317504][ T57] ? __switch_to+0x51c/0x750 [ 1389.322310][ T57] ? __pfx_kthread+0x10/0x10 [ 1389.327097][ T57] ret_from_fork_asm+0x1a/0x30 [ 1389.332111][ T57] [ 1389.335415][ T57] Kernel Offset: disabled [ 1389.339802][ T57] Rebooting in 86400 seconds..