last executing test programs: 3.695847699s ago: executing program 2 (id=1344): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0xfffffffe) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x14}}}}}}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a067fbc45ff620500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000ffd9dd00000010000100050808004149004006040800", 0x58}], 0x1) 3.058329771s ago: executing program 2 (id=1351): pipe(&(0x7f0000000d00)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000002100), 0x4009, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=0000000000000000004000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$binfmt_misc(r1, &(0x7f0000000240), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x714f, 0x0) 2.834466975s ago: executing program 1 (id=1353): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001"], 0x48) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x80800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000000, 0xc], 0x80a0000, 0x2010d3}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.624517819s ago: executing program 1 (id=1355): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYRESDEC], 0x14}, 0x1, 0x8000000000000, 0x0, 0x8040}, 0x8004) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6) r4 = socket(0x28, 0x5, 0x0) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r4, 0x84, 0x4, &(0x7f00000000c0), &(0x7f0000000180)=0x4) getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000380)={{{@in=@loopback, @in6=@loopback}}, {{@in=@dev}, 0x0, @in6=@ipv4={""/10, ""/2, @private}}}, &(0x7f00000001c0)=0xe8) r5 = socket$inet(0xa, 0x801, 0x84) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f00000002c0)}, {&(0x7f0000000300)="f00d34fb2af7900425e916a4f59f3adcf6181b14e13cf3ad195aac0ac5a38f62af2d4b0f02c306380bfbdf9ea70464b8dd7065f69986cb4f15fa1c3321331a6468ddea951d3706ebb2d5a0d1542316d5e90143826a2b14f4eaef3d2bae948b61e3d8dc9f43352122eec012aa7a10fd164b099bdc26ffca632a39b4c0bd", 0x7d}, {&(0x7f0000000500)="c6a33d4a117359abcd5f9cc4c30a6c03f11d8afe7062723e291ebfd72b4d1ef57e9b36464dd04136b36eaffe21ec71eaafb92258e6d0b904ff0ad05269cfc6c852d6c51d0cb4879b4ba5727005aaa858fb065e86d4fbf43e113e842e42023c3b90bae8fcba0a8393ecf38ea790c9fdc8c394933ba26745a14e85ae9632f5714666a6e3e43a54a687c74cb5090d49d674345a19b22f2b0b6a8924deaa5fc4574e4d09df27b2824ba6676eef1d2ef0d7e57aa4126e0541be5296c65dfc6d73fbd786", 0xc1}, {&(0x7f0000000600)}, {&(0x7f0000000480)="6ffaecbcfd277068866538d3b00753f138d7", 0x12}, {&(0x7f00000006c0)="4236fc64e3013773a655502685ff6fdb84938c93ed571f4c124b64cf4f704e0afbac7d47589f157149e08b4a0a12d9101598332df558b23387eb18b48634c1c79d2283043c0bb913a50e2ba4ced2aeee78c0ce4c47c5", 0x56}, {&(0x7f0000000740)="f61ba370ce9232ba978c97147bd24d4d5ea63adf49bddbf9a54a3ca231c22a1d418616592c91c5ee42cfc52497bcfd2e1beb57075756fe1b9c0d5b9f589e7ddf7f15013e2e0122d30c2b434f860970eeb941b6abdf82529aad51321ec43ea10b85cc3c1d23aad752567d9d3a9a1f5da74049f1a98061419b91c0be76e8cf9fdb91de55b4640aa81b743b57516fa4a4be34a4e17430be4a279413e50954bddef1e7e56546bf09c8b1ae0bb3", 0xab}, {0x0}, {&(0x7f00000008c0)="c778f6cf035e4b28257ced525c4dc05666c126", 0x13}, {&(0x7f0000000900)="c63d70e95a0c41db314532c354f8f830b79202f5b07103afb7464d60cf28d6e887a1caa2382f792363ecfbd2ce6761cbc60c9e069a8189090dc5747d205b3ca24f0f6fd5f8e78f9d0616f6a3634cfbbea43cb92e2e88eae61f094cc16a", 0x5d}], 0xa}, 0x0) connect$inet(r5, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r5, 0x8) r7 = accept4(r5, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, 0x8) sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xe3e5625455e07f5}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24044010}, 0x4) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0) ioctl$TIOCVHANGUP(r8, 0x5437, 0x0) writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000a40)="00d236422857657a2b21deadea1e84cd4185334d5b6a146d96377db0f62a28ef0d710f608e5d6e2822e2781c897ef4fd56548dda83f5294f522a06968d3945f2c041c374e3c1204c93403fd8f6e92f57bfb4e9355a7d67dd9641bb9ebe6e46c8d1d2cf9356419f78809f759f020be3ed9ad1ecb1ce0cfb5175326817a1e02803f63a434a441d610486076f39c84c0198fcf9978451cca84acf5b3aca8bc82a8a29ca0b44e1d33f5f6d4db51d3b8b866867e133d0c312436afa365eb8b5d501dcb45336c0b63b1911de82c809f365", 0xce}], 0x1) 2.474428202s ago: executing program 3 (id=1357): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000080)="0f231335200000000f060f01d19cc46ac31578bc2e14ca000800c800c801cfb9800000c00f3235000800000f300f79e9362e0f01fa43ad410f21fb", 0x3b}], 0x1, 0x63, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.528972021s ago: executing program 2 (id=1358): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8002, 0x4}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = epoll_create1(0x80000) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a}) pread64(r2, 0x0, 0x0, 0x200) 1.528366621s ago: executing program 3 (id=1359): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_DIRENTPLUS(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="10000000feff5366"], 0x10) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40) 1.462798482s ago: executing program 1 (id=1360): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4) sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="120000000000000029000000", @ANYRES64=r0], 0x108}}], 0x1, 0xc040) 1.279528346s ago: executing program 3 (id=1362): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c250000000007"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)={0x2004181, 0x0, 0x8, 0x2, 0x9a}) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000040000000001, 0xffffffffffffffff}) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.194916337s ago: executing program 1 (id=1363): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000"], 0x48) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x80800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000000, 0xc], 0x80a0000, 0x2010d3}) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.102240539s ago: executing program 2 (id=1364): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000200000000000000000000000850000004100000095000000000000004be98911ed5a3cf4451d51e400827eef4df9eb3fd52b8f0a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868562f04005972b6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e28a1a97b2c8c56a3f15b2f7a9b7ae2cf52d08555d3c3315e95095217bff8c9441a45fd00000000000000979ed4e35d21d13d428af521c553b9420385390207dc1634aee0244045e5c380e6090329d37b29a56c16d5c7bee160b91246bd2c205047bd92581165c774b1fd46072c161f1d33e6d5c1a5db7a714e3ed5468408f279bd9f98ec3c5ffd79cd37810f03000000b65d147fa05253a600adfb03775847b220369339529d434f3190c81c3dd501a780cfaaaa916c8a33ee4b52d18e160428893f33d206d3a7195e7f69c831099bdc940000aa2c2e61509bf6c58b100000000000000000000000005e3210346531c1eb14fbec6eb35d6f3e3853512c6bf186bd8b75d17aeeaa07"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r1, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x66, &(0x7f0000000100)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x30, 0x3a, 0xff, @private0, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x500, {0x6, 0x6, "1a00", 0x2, 0x3a, 0x0, @empty, @mcast2}}}}}}}, 0x0) 1.02782057s ago: executing program 0 (id=1365): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x80, &(0x7f0000000000)=""/4102, &(0x7f00000010c0)=0x1006) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000001fc0)={[0x5836, 0x8, 0x1000000000000007, 0x4000000000000e52, 0x33d4cad1, 0x5479, 0x1045, 0x200000000006, 0x0, 0x1, 0xfffffffffffffffe, 0x100000000, 0x1, 0x40000000009, 0x8000000000005, 0xfffffffffffffffb], 0x2000, 0x80}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 950.243982ms ago: executing program 2 (id=1366): pipe(&(0x7f0000000d00)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000002100), 0x4009, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$binfmt_misc(r1, &(0x7f0000000240), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x714f, 0x0) 941.747652ms ago: executing program 0 (id=1367): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x8800) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) capset(0x0, &(0x7f0000000080)={0x0, 0xfffffffc}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0x5, 0x9, 0x3, 0x0, 0x0, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x8080000, 0x4000, 0x8, 0x8, 0xb, 0xe4, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0x5000, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x15, 0x3, 0x2, 0x87}, {0x6000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0xb, 0x6, 0x4, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x95, 0x5, 0xab, 0x8, 0x9, 0x83, 0xf7, 0x83}, {0x1000, 0x3909e40c33606d9c, 0x0, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0xa0000015, 0x0, 0x1, 0x2024, 0x2, 0x1500, 0x3000, [0x6800000000000000, 0x4, 0x5e, 0x4650]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 889.132893ms ago: executing program 1 (id=1368): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000280)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]}) 831.857714ms ago: executing program 3 (id=1369): getsockname$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = dup(r1) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) sendmsg$inet6(r1, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{0x0}], 0x1}, 0x4048043) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x111, 0x5}}, 0x20) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e21, @empty}}, 0x5, 0x3, 0xf06, 0x1, 0x94, 0xfffffffd, 0x5}, 0x9c) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000880)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x111, 0x3}}, 0x20) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0xffffec47, 0x9, 0xffff1896, 0x100, 0x25, 0x7}, 0x9c) close_range(r0, 0xffffffffffffffff, 0x0) fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) 717.244346ms ago: executing program 3 (id=1370): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_DIRENTPLUS(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="10000000feff5366"], 0x10) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40) 645.978428ms ago: executing program 0 (id=1371): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4) sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="120000000000000029000000", @ANYRES64=r0], 0x108}}], 0x1, 0xc040) 559.739299ms ago: executing program 3 (id=1372): socket$inet6_tcp(0xa, 0x1, 0x0) memfd_create(&(0x7f0000000300)='\xb1Y\xf8$\x00\x00\x00\x00\x00\xb8\xc9\x84*\xc0\xfeR\x01\x95', 0x1) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r1, &(0x7f00000003c0)=[{&(0x7f0000000580)=""/148, 0x94}], 0x1) readv(r1, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/215, 0xd7}], 0x1) 537.910349ms ago: executing program 1 (id=1373): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17) creat(&(0x7f00000002c0)='./file0\x00', 0x0) open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x4, 0x1], 0x0, 0x0, 0x2, 0x1}}, 0x40) 508.14759ms ago: executing program 0 (id=1374): syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000280)='./file1\x00', 0x14806, &(0x7f0000000080)=ANY=[], 0xfd, 0x71d, &(0x7f00000002c0)="$eJzs3V1v3FgZB/D/mfdMIVSAqlWVbU5TkFIRZj2T7VSjgITxeBLDzHhkTyCRkFaFJquokwJtkejctLmBRVq+AHd7wwUfYiUuEBf7LeAKpBUICbECISOfY89Lxp4kTZp22f8v2h3HfnzO8bHXzzpjH4OIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIggrKZhVAXaTnd7R6azmp7biX/JYma5Li2P23ri9rw682G9gAj/QamEN/TsN748DrkW/msFS/q3JZTCjxKGV65d3fhSLhOvP6fBLwJpBQok1/X46fDBvcFg79EpCs8itfjXETLpy3LxxKbddXzX6ZibtnR8VzbqdeOtrZYvW07b9nf9vt2Rlmdn+q4nV63bstporEu7sntrEWiabTueeffrNcOoy+8U9Y4GUPGtLafddrqbKiZcHMbcle//QAfYZkfK/YPB3vpEw54l9XEYVE3YisxkcBhUO6lPakatVq3WatX6ncadu4aRm5lhhIQxgpmICz9o6VPmYk/gROeQsZr/Mf4kgDZK6GIbO5CJPxaa8OCik7I8Euf/DOy59U7m/yUgTI5L+fHi61D5/4b+7UZa/k9pi4RUKyQtESnzz/aTVy2SeIynGOIB7mGAAfbw6ALKlpDL5y6hYEQ9ObufktcopcTP/9mEjS4c+HDhoAMTm/g8ZDRHooE66jDwDrbQgg+JFhy0YcPHLnz0YYdHVCGs2YaJPlx4kFiFhduQqKKBBtYhYaOCXbjYRhebaMLEv4Ig2MeB6vf1qD3PE7YCcVA1ZSOKyMXH3R5qc7Y2Lf//8JleO8r/BvP/Z5U+Dor646N5MUSvgSC6/j+j5ZfTGiIiIiIiIiJ6GYT6jl2ob+XfBBCg5bRtYyqm+MpaR0REREREREQXQSAoYglC35WPNyFmr/+JiIiIiIiI6NNNqGfsBICyuqlfjB+XOs0fAbKX0EQiIiIiIiIiOif15P+NAhCou/yXIU66/s9dbgOJiIiIiIiI6NzemxhjP5eNxtgN4q/1MwCW/1wUH/6tCC8vjno7XxGHZrjEPIxiZu4A6Leui8VooF71UfiooJdY9pKIapPAP+O/PoQ+3k8e6/95oAkhvGMNKGQnC0hpgMC1qxv1XPQb3sdNvcrNaLjb+8MM1BI9onC55bTtiuW2N6owzcVM397p/+zhwc8Bb7Sd+weDvcqPfjy4r9pyFM46OgwLfTbVnExyZ4zb8kSNt6CeuUga3XgBrbjKX3U7ZaHqNeLtz8I8zExWNG8H1BcAvZW/wIreZyuBji0PRwP/CmBZDf5QrWyEO2xq6728GLeienzLk3ZEypaXVCtu6Zhbq7f0R9wnYTkZUfpaFqhVZvfBVCtqk604uS/E34/1//xWQJTCvlgPW/H7sKBjrfj+h3rl9d5OPDzGaVoxcxQQEb0q++MspAYxnxljP04P8Unt9HkHOSA6y+ns/l76m3yCKH/E2f3JbwKdobJALvpuIrmWOK8gPKOvClVOQX9JkbuecEY3Kp8EQWAuljB5Rv9vEMQbZMzPblN5/SgIguNn9N+N34EUNXumFf8OgmCjqjLJr49l1Q/CFT5Izap+u5ZFCUU8OfyJGgA/9O7eu3sPa7X1uvG2YdypIa/+VyH6yIK5h4iIZpz8jh0VkZkTId7GTV3Gzft//aqemsp4X4xuKVDeAga4jzUsh9e44TVnYqll7OOb/9C3Iazpq1Zgpaw/y0N57epGuPYo9kDk1Bte1lKv6lQu1bHq9obaKPaPX4hXmc7U49j1S9gTREREl2clfpXPsTwMTOV/TOf/0lT+X8Oqjli9nnjdXZ64pXAtvjoeXdIPrxwlxlZPbvy3LrgziIiIPiNs72NR7v9SeJ7Te6faaFTN/pYtPdf6rvSc5qYtnW7f9qwts7tpy57n9l3Lbcueh6KzYPvS3+71XK8vW64ne67v7Kg3v8vo1e/R9/7we23b9G1pud2+afVl0/Et2dv+dtvxt2xPrez3bMtpOZbZd9yu9N1tz7IrUvq2PRHoNO1u32k54WRX9jynY3q78ntue7tjy6btW57T67u6wLgup9tyvY4qtoLgzC86JCIi+n/0+Onwwb3BYO/R8YmF8NJczzlCSszsRCGhQI4RRERE9JoZp+szrFR6iQ0iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIqIZJz/Sd8aJfNLDgsBozk8Xozl4jvEjhjPlCJy3PZ94f8iHNbzI6pmzVho/EjHMAkgNXhjNibt/MuboLJXiKvDC/fOXzwFX1BzoObkLPABmnx+9qJLjEYsTY76xrxemra4WJi4qjvZF7uL/cwgnHv52dpEItyIIgmD+6sXpPiyc/ngOO+tRYc4uWDjh+LnMsxARvQr/CwAA///SlDIY") set_tid_address(0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r1 = eventfd2(0x3, 0x1) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) write$binfmt_register(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0xa0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x3a}) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x28011, r2, 0x0) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000a80)='./file1\x00', 0x2800810, &(0x7f00000025c0)=ANY=[@ANYBLOB="646f74732c747a3d5554432c646f74732c646f74732c6e6f646f74732c666c7573682c646f74732c6e6f646f74732c71756965742c00b3d27234e95eb4b44190021bbbe89ab824d38c571641668d362b4dff6e47bdf1638c7462a3bd66a53b404ae08c32af6843a2469c7210381b9d48047c77540b6447a8e50c44cb44f91e4264a37e0209c3a234f4803ba56b7a24536ee396f4838f4143b92ad909efb23eb22dce6477c2bb5b8f793b9e07c2120d566cf1f6ba51e4d01e8ef223a2ba72cfb3127844c045765149fb1219f433feb977426596e07082254e9930296256df143ff96377d8c28c533724fbd9fdad260e7d875d0f17374141abc60c8e3c07e4a7bc381791172c217f00964aaf6e213a252b9689ae38342862d27437921e13229d407e1a6037e3f16a2cdab8f9c76a66a72ccc67015c9435e200f9fbb9d78ce426b37310b9f127e7b1207c74eff7b853de7043a001de85931463c7fc7c78be9eb9b5f88c0067aabb3a5d1f94bcc90537c1c1ce509450160c"], 0x3, 0x176, &(0x7f0000000240)="$eJzs27GL01AcB/BfbNRTl5vFIeDiVNTJUZET1ICidNBJ4XS5yoG3RKfgX+LqHyfITTcIT2q0tSVFrU0j189n6Q++7eP3hteXF5IXV94c7B8evT58fBw7WRb57SjiJIvdOBODaNQBAJwmJynFl5RSOl/HhY+RUuq7IwCga/Z/ANg+v93/b/XUGADQGed/ANg+T589f3inLPeeFMVOxOe6GlWj5rPJ790v964X3+3OfnVcVaPBNL/R5MV8fjYu/shvtubn4trVJp9kdx+VC/ml2J9v1WOIAAAAsKJhMdV6vh8Ol+VN9cv9gYXzex6X841NAwD4C0fv3h+8HI9fvV1Dkcd6xlG0FVH/wZcnF239t7qZIvtZfE0prTDOh0/NEhg/+C+ms94ii4h/G6fvfyaga7NF33cnAAAAAAAAAAAAAADAMt2+jTToe3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ6lsAAAD//1UCS4E=") sendmsg$NFNL_MSG_CTHELPER_NEW(r2, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x2c, 0x0, 0x9, 0x301, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFCTH_STATUS={0x8}, @NFCTH_STATUS={0x8}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x11}]}, 0x2c}}, 0x0) syz_emit_ethernet(0x106, &(0x7f0000000080)=ANY=[], 0x0) 195.828796ms ago: executing program 0 (id=1375): openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x80, &(0x7f0000000000)=""/4102, &(0x7f00000010c0)=0x1006) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000001fc0)={[0x5836, 0x8, 0x1000000000000007, 0x4000000000000e52, 0x33d4cad1, 0x5479, 0x1045, 0x200000000006, 0x0, 0x1, 0xfffffffffffffffe, 0x100000000, 0x1, 0x40000000009, 0x8000000000005, 0xfffffffffffffffb], 0x2000, 0x80}) ioctl$KVM_RUN(r0, 0xae80, 0x0) 121.331747ms ago: executing program 0 (id=1376): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000080)="0f231335200000000f060f01d19cc46ac31578bc2e14ca000800c800c801cfb9800000c00f3235000800000f300f79e9362e0f01fa43ad410f21fb", 0x3b}], 0x1, 0x63, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 0s ago: executing program 2 (id=1377): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/oops_count', 0x8a883, 0x2) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) writev(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x7, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x9]}}) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x6) kernel console output (not intermixed with test programs): pending, handler #40!!! [ 96.748680][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 96.842748][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 96.945141][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.047493][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 97.185834][ T6019] sctp: failed to load transform for md5: -2 [ 97.670600][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.900018][ T27] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 98.024129][ T5793] Bluetooth: hci0: command 0x0406 tx timeout [ 98.114100][ T27] usb 3-1: config 0 has no interfaces? [ 98.145847][ T27] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 98.180080][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.196395][ T6040] loop3: detected capacity change from 0 to 256 [ 98.207994][ T27] usb 3-1: Product: syz [ 98.212170][ T6040] ======================================================= [ 98.212170][ T6040] WARNING: The mand mount option has been deprecated and [ 98.212170][ T6040] and is ignored by this kernel. Remove the mand [ 98.212170][ T6040] option from the mount to silence this warning. [ 98.212170][ T6040] ======================================================= [ 98.226181][ T27] usb 3-1: Manufacturer: syz [ 98.289789][ T6042] pim6reg1: entered promiscuous mode [ 98.297080][ T6040] exfat: Bad value for 'uid' [ 98.307385][ T6042] pim6reg1: entered allmulticast mode [ 98.323168][ T27] usb 3-1: SerialNumber: syz [ 98.361313][ T27] usb 3-1: config 0 descriptor?? [ 98.404095][ T6040] loop3: detected capacity change from 0 to 2048 [ 98.521069][ T6040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.672400][ T6040] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm syz.3.51: Invalid inode table block 163208811354 in block_group 0 [ 98.693477][ T6040] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm syz.3.51: Invalid inode table block 163208811354 in block_group 0 [ 98.713887][ T6040] EXT4-fs error (device loop3) in ext4_setattr:5645: Corrupt filesystem [ 98.759597][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.960086][ T6058] loop2: detected capacity change from 0 to 7 [ 98.971716][ T6058] loop2: [POWERTEC] p1 [ 98.976470][ T6058] loop2: p1 size 524288 extends beyond EOD, truncated [ 99.188731][ T6059] (null): rxe_set_mtu: Set mtu to 256 [ 99.195930][ T6059] vxcan1 speed is unknown, defaulting to 1000 [ 99.205000][ T6059] vxcan1 speed is unknown, defaulting to 1000 [ 99.213483][ T6059] vxcan1 speed is unknown, defaulting to 1000 [ 99.335101][ T6059] infiniband syz2: set active [ 99.340039][ T6059] infiniband syz2: added vxcan1 [ 99.380457][ T6059] RDS/IB: syz2: added [ 99.385071][ T6059] smc: adding ib device syz2 with port count 1 [ 99.391435][ T6059] smc: ib device syz2 port 1 has pnetid [ 99.400108][ T6059] vxcan1 speed is unknown, defaulting to 1000 [ 99.520421][ T6059] vxcan1 speed is unknown, defaulting to 1000 [ 99.637387][ T6059] vxcan1 speed is unknown, defaulting to 1000 [ 99.749944][ T27] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 99.757569][ T6059] vxcan1 speed is unknown, defaulting to 1000 [ 99.879671][ T5875] vxcan1 speed is unknown, defaulting to 1000 [ 99.887869][ T5875] vxcan1 speed is unknown, defaulting to 1000 [ 100.109933][ T27] usb 2-1: Using ep0 maxpacket: 8 [ 100.117913][ T27] usb 2-1: unable to get BOS descriptor or descriptor too short [ 100.130482][ T27] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 100.138776][ T27] usb 2-1: config 57 has no interface number 0 [ 100.145122][ T27] usb 2-1: config 57 interface 229 has no altsetting 0 [ 100.154596][ T27] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 100.163792][ T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.171880][ T27] usb 2-1: Product: syz [ 100.176056][ T27] usb 2-1: Manufacturer: syz [ 100.180729][ T27] usb 2-1: SerialNumber: syz [ 100.249970][ T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 100.442458][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 100.455595][ T9] usb 4-1: config 0 has no interfaces? [ 100.464394][ T9] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 100.473724][ T9] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 100.481872][ T9] usb 4-1: Product: syz [ 100.486210][ T9] usb 4-1: Manufacturer: syz [ 100.493714][ T9] usb 4-1: config 0 descriptor?? [ 100.706812][ T966] usb 3-1: USB disconnect, device number 2 [ 100.716012][ T9] usb 4-1: USB disconnect, device number 2 [ 100.764642][ T5103] Bluetooth: hci2: Unknown advertising packet type: 0x32 [ 100.764717][ T5103] Bluetooth: hci2: Malformed LE Event: 0x0d [ 100.938692][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 101.041740][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 101.120676][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 101.169563][ T6066] block device autoloading is deprecated and will be removed. [ 101.329945][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 102.009958][ T5875] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 102.053700][ T27] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 102.070532][ T27] usb 2-1: USB disconnect, device number 3 [ 102.227319][ T5875] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 102.285788][ T5875] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 102.303632][ T6087] ksmbd: Unknown IPC event: 0, ignore. [ 102.359813][ T5875] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 102.398662][ T5875] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 102.524633][ T5875] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 102.640963][ T5875] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 102.684129][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 102.826758][ T5875] usb 4-1: Product: syz [ 102.883270][ T5875] usb 4-1: Manufacturer: syz [ 103.231174][ T5875] cdc_wdm 4-1:1.0: skipping garbage [ 103.270816][ T6088] sctp: failed to load transform for md5: -2 [ 103.385582][ T5875] cdc_wdm 4-1:1.0: skipping garbage [ 103.641363][ T5875] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 103.743966][ T5875] cdc_wdm 4-1:1.0: Unknown control protocol [ 104.363841][ T3448] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 104.462989][ T3448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.489276][ T3448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.510482][ T9] usb 4-1: USB disconnect, device number 3 [ 105.048698][ T6122] (null): rxe_set_mtu: Set mtu to 256 [ 105.055116][ T6122] rdma_rxe: rxe_newlink: failed to add vxcan1 [ 105.148056][ T5855] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 105.340614][ T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 105.349473][ T5855] usb 1-1: Using ep0 maxpacket: 8 [ 105.375558][ T6129] ksmbd: Unknown IPC event: 0, ignore. [ 105.392766][ T5855] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 105.402968][ T5855] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 105.478565][ T5855] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 105.542428][ T5855] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 105.558906][ T5855] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 105.579192][ T5855] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 105.601115][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 105.630522][ T9] usb 3-1: unable to get BOS descriptor or descriptor too short [ 105.647531][ T5855] usb 1-1: config 168 descriptor has 1 excess byte, ignoring [ 105.686278][ T9] usb 3-1: config 57 has an invalid interface number: 229 but max is 0 [ 105.698559][ T5855] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 105.729069][ T9] usb 3-1: config 57 has no interface number 0 [ 105.747563][ T5855] usb 1-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 105.769273][ T9] usb 3-1: config 57 interface 229 has no altsetting 0 [ 106.274279][ T9] usb 3-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 106.403865][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.422930][ T5855] usb 1-1: string descriptor 0 read error: -22 [ 106.487660][ T5855] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 106.541111][ T9] usb 3-1: Product: syz [ 106.595565][ T9] usb 3-1: Manufacturer: syz [ 106.630397][ T5855] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.666931][ T9] usb 3-1: SerialNumber: syz [ 107.052656][ T5855] adutux 1-1:168.0: interrupt endpoints not found [ 107.159268][ T5855] usb 1-1: USB disconnect, device number 2 [ 108.813272][ T9] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 108.912816][ T9] usb 3-1: USB disconnect, device number 3 [ 109.294885][ T6151] syz.1.76[6151] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 109.295051][ T6151] syz.1.76[6151] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 109.560853][ T6159] netlink: 80 bytes leftover after parsing attributes in process `syz.0.85'. [ 110.167221][ T6168] (null): rxe_set_mtu: Set mtu to 256 [ 110.173133][ T6168] rdma_rxe: rxe_newlink: failed to add vxcan1 [ 110.188626][ T6171] tipc: Started in network mode [ 110.193829][ T6171] tipc: Node identity 8e239e4035c7, cluster identity 4711 [ 110.204194][ T6171] tipc: Enabled bearer , priority 0 [ 110.234514][ T6164] tipc: Resetting bearer [ 110.446933][ T6175] loop3: detected capacity change from 0 to 256 [ 110.453524][ T5875] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 110.472096][ T6175] exfat: Bad value for 'uid' [ 110.517979][ T5803] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 110.594861][ T6175] loop3: detected capacity change from 0 to 2048 [ 110.661111][ T6175] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.677780][ T5875] usb 1-1: Using ep0 maxpacket: 8 [ 110.717829][ T5875] usb 1-1: unable to get BOS descriptor or descriptor too short [ 110.752260][ T5875] usb 1-1: config 57 has an invalid interface number: 229 but max is 0 [ 110.793498][ T5875] usb 1-1: config 57 has no interface number 0 [ 110.830953][ T5875] usb 1-1: config 57 interface 229 has no altsetting 0 [ 110.849197][ T5875] usb 1-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 110.872862][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.916793][ T5875] usb 1-1: Product: syz [ 110.922500][ T5875] usb 1-1: Manufacturer: syz [ 110.927311][ T5875] usb 1-1: SerialNumber: syz [ 110.934429][ T6174] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 110.958964][ T6174] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 111.032596][ T6174] EXT4-fs (loop3): This should not happen!! Data will be lost [ 111.032596][ T6174] [ 111.060262][ T6174] EXT4-fs (loop3): Total free blocks count 0 [ 111.074407][ T6174] EXT4-fs (loop3): Free/Dirty block details [ 111.098858][ T6174] EXT4-fs (loop3): free_blocks=66060288 [ 111.113276][ T6174] EXT4-fs (loop3): dirty_blocks=32 [ 111.118503][ T6174] EXT4-fs (loop3): Block reservation details [ 111.124791][ T6174] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 111.247768][ T3532] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 111.262257][ T9] tipc: Node number set to 3152322112 [ 112.887673][ T5875] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 112.974520][ T5875] usb 1-1: USB disconnect, device number 3 [ 112.998667][ T6193] netlink: 80 bytes leftover after parsing attributes in process `syz.0.94'. [ 113.419080][ T5875] libceph: connect (1)[c::]:6789 error -101 [ 113.443381][ T5875] libceph: mon0 (1)[c::]:6789 connect error [ 113.478677][ T6199] ceph: No mds server is up or the cluster is laggy [ 114.671569][ T6164] tipc: Disabling bearer [ 115.178240][ T6227] (null): rxe_set_mtu: Set mtu to 256 [ 115.184664][ T6227] rdma_rxe: rxe_newlink: failed to add vxcan1 [ 116.570101][ T27] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 116.783610][ T27] usb 3-1: Using ep0 maxpacket: 8 [ 116.792389][ T27] usb 3-1: unable to get BOS descriptor or descriptor too short [ 116.818829][ T27] usb 3-1: config 57 has an invalid interface number: 229 but max is 0 [ 116.837625][ T27] usb 3-1: config 57 has no interface number 0 [ 116.851615][ T27] usb 3-1: config 57 interface 229 has no altsetting 0 [ 116.863200][ T27] usb 3-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 116.876397][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.886820][ T27] usb 3-1: Product: syz [ 116.891747][ T27] usb 3-1: Manufacturer: syz [ 116.896846][ T27] usb 3-1: SerialNumber: syz [ 118.521976][ T6259] sctp: failed to load transform for md5: -2 [ 118.783442][ T27] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 118.845036][ T27] usb 3-1: USB disconnect, device number 4 [ 120.272218][ T6280] netlink: 80 bytes leftover after parsing attributes in process `syz.3.118'. [ 120.650039][ T28] audit: type=1326 audit(1758581119.116:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6286 comm="syz.2.120" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x0 [ 120.964859][ T6301] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.119'. [ 121.749498][ T6305] sctp: failed to load transform for md5: -2 [ 124.199777][ T6332] netlink: 80 bytes leftover after parsing attributes in process `syz.0.132'. [ 124.670966][ T28] audit: type=1326 audit(1758581123.146:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.0.134" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x0 [ 125.192371][ T6355] ksmbd: Unknown IPC event: 0, ignore. [ 128.424557][ T6382] sctp: failed to load transform for md5: -2 [ 129.030626][ T28] audit: type=1326 audit(1758581127.506:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6394 comm="syz.1.150" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feae818eec9 code=0x0 [ 129.531180][ T6403] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.146'. [ 129.593924][ T6409] ksmbd: Unknown IPC event: 0, ignore. [ 131.437077][ T6437] sctp: failed to load transform for md5: -2 [ 132.129960][ T5103] Bluetooth: hci2: unknown advertising packet type: 0x82 [ 132.130045][ T5103] Bluetooth: hci2: Malformed LE Event: 0x02 [ 133.410571][ T6467] sctp: failed to load transform for md5: -2 [ 133.466751][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.475181][ T1275] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.064529][ T6472] ksmbd: Unknown IPC event: 0, ignore. [ 134.871021][ T966] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 135.120450][ T966] usb 3-1: Using ep0 maxpacket: 32 [ 135.314513][ T966] usb 3-1: config 0 has no interfaces? [ 135.531307][ T6488] sctp: failed to load transform for md5: -2 [ 135.586413][ T966] usb 3-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 135.659937][ T966] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.740730][ T966] usb 3-1: Product: syz [ 135.744963][ T966] usb 3-1: Manufacturer: syz [ 135.780994][ T966] usb 3-1: SerialNumber: syz [ 135.821484][ T966] usb 3-1: config 0 descriptor?? [ 136.090211][ T5873] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 136.310272][ T5873] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 136.321654][ T5873] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 136.331912][ T5873] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 136.341201][ T5873] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.391450][ T6503] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 136.484495][ T5873] usb 2-1: Quirk or no altest; falling back to MIDI 1.0 [ 136.706008][ T8] usb 2-1: USB disconnect, device number 4 [ 136.844989][ T5855] usb 3-1: USB disconnect, device number 5 [ 136.901741][ T6509] pim6reg1: entered promiscuous mode [ 136.907117][ T6509] pim6reg1: entered allmulticast mode [ 137.500068][ T5873] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 137.602049][ T6522] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.180'. [ 137.733625][ T6527] ksmbd: Unknown IPC event: 0, ignore. [ 137.742759][ T5873] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 137.892350][ T5873] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 137.902600][ T5873] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 137.913513][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.927084][ T6516] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 137.938757][ T5873] usb 1-1: Quirk or no altest; falling back to MIDI 1.0 [ 138.772657][ T6534] sctp: failed to load transform for md5: -2 [ 138.843759][ T5873] usb 1-1: USB disconnect, device number 4 [ 139.731648][ T6540] udevd[6540]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 140.782223][ T6565] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 140.795186][ T6565] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 141.083922][ T6571] infiniband syz2: set active [ 141.121761][ T6571] bridge_slave_0: left allmulticast mode [ 141.137748][ T6571] bridge_slave_0: left promiscuous mode [ 141.155087][ T6571] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.175144][ T6571] bridge_slave_1: left allmulticast mode [ 141.188398][ T6571] bridge_slave_1: left promiscuous mode [ 141.195179][ T6571] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.230583][ T6571] bond0: (slave bond_slave_0): Releasing backup interface [ 141.252617][ T6581] loop3: detected capacity change from 0 to 256 [ 141.259732][ T6581] exfat: Bad value for 'uid' [ 141.280718][ T6571] bond0: (slave bond_slave_1): Releasing backup interface [ 141.336299][ T6581] loop3: detected capacity change from 0 to 2048 [ 141.365192][ T6581] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.383543][ T6571] team0: Port device team_slave_0 removed [ 141.430720][ T6571] team0: Port device team_slave_1 removed [ 141.447214][ T6571] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.455287][ T6581] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm syz.3.199: Invalid inode table block 163208811354 in block_group 0 [ 141.455755][ T6571] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.485006][ T6581] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 141.491428][ T6571] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.499635][ T6581] EXT4-fs error (device loop3): ext4_setattr:5584: inode #15: comm syz.3.199: mark_inode_dirty error [ 141.512157][ T6571] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.515553][ T6581] EXT4-fs error (device loop3) in ext4_setattr:5645: Corrupt filesystem [ 141.547936][ T6581] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm syz.3.199: Invalid inode table block 163208811354 in block_group 0 [ 141.557862][ T966] vxcan1 speed is unknown, defaulting to 1000 [ 141.593715][ T6573] team0: Mode changed to "loadbalance" [ 141.604329][ T6581] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 1803188595: comm syz.3.199: lblock 0 mapped to illegal pblock 1803188595 (length 1) [ 141.625053][ T6581] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 141.640626][ T6581] EXT4-fs (loop3): This should not happen!! Data will be lost [ 141.640626][ T6581] [ 141.849443][ T11] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm kworker/u4:0: Invalid inode table block 163208811354 in block_group 0 [ 141.939558][ T11] EXT4-fs error (device loop3): ext4_ind_map_blocks:604: inode #15: comm kworker/u4:0: Can't allocate blocks for non-extent mapped inodes with bigalloc [ 141.966838][ T11] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 117 [ 141.993373][ T11] EXT4-fs (loop3): This should not happen!! Data will be lost [ 141.993373][ T11] [ 142.017575][ T11] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm kworker/u4:0: Invalid inode table block 163208811354 in block_group 0 [ 142.088876][ T11] EXT4-fs error (device loop3): __ext4_get_inode_loc:4483: comm kworker/u4:0: Invalid inode table block 163208811354 in block_group 0 [ 142.124863][ T5790] EXT4-fs (loop3): Inode 15 (ffff8880775b5a00): i_reserved_data_blocks (1) not cleared! [ 142.145822][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.233220][ T6595] syz2: rxe_newlink: already configured on vxcan1 [ 142.800141][ T5855] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 143.060038][ T5855] usb 2-1: Using ep0 maxpacket: 8 [ 143.068460][ T5855] usb 2-1: unable to get BOS descriptor or descriptor too short [ 143.090889][ T5855] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 143.113522][ T5855] usb 2-1: config 57 has no interface number 0 [ 143.133167][ T5855] usb 2-1: config 57 interface 229 has no altsetting 0 [ 143.157709][ T5855] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 143.174399][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.184176][ T5855] usb 2-1: Product: syz [ 143.188615][ T5855] usb 2-1: Manufacturer: syz [ 143.199331][ T5855] usb 2-1: SerialNumber: syz [ 143.243981][ T6604] syz.2.200[6604] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.245135][ T6604] syz.2.200[6604] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.503013][ T6607] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.205'. [ 144.987739][ T5855] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 145.021726][ T5855] usb 2-1: USB disconnect, device number 5 [ 146.646804][ T6637] syz2: rxe_newlink: already configured on vxcan1 [ 146.950488][ T8] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 147.210213][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 147.333429][ T8] usb 2-1: unable to get BOS descriptor or descriptor too short [ 147.335042][ T8] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 147.335067][ T8] usb 2-1: config 57 has no interface number 0 [ 147.335095][ T8] usb 2-1: config 57 interface 229 has no altsetting 0 [ 147.338220][ T8] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 147.338245][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.338266][ T8] usb 2-1: Product: syz [ 147.338279][ T8] usb 2-1: Manufacturer: syz [ 147.338293][ T8] usb 2-1: SerialNumber: syz [ 148.050442][ T5875] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 148.620277][ T5855] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 148.700135][ T5875] usb 1-1: device descriptor read/64, error -71 [ 148.734503][ T6651] sctp: failed to load transform for md5: -2 [ 148.900017][ T5855] usb 3-1: Using ep0 maxpacket: 8 [ 148.918725][ T5855] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 148.930310][ T5855] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 148.940445][ T5855] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 148.951710][ T5855] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 148.971828][ T5855] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 148.981980][ T5855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.030523][ T5875] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 149.190029][ T5875] usb 1-1: device descriptor read/64, error -71 [ 149.207955][ T5855] usb 3-1: GET_CAPABILITIES returned 0 [ 149.216103][ T5855] usbtmc 3-1:16.0: can't read capabilities [ 149.390708][ T5875] usb usb1-port1: attempt power cycle [ 149.401147][ T8] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 149.422303][ T8] usb 2-1: USB disconnect, device number 6 [ 149.447902][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.463674][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.472836][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.483163][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.492273][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.501332][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.510392][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.537242][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.546482][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.555611][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.564733][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.578725][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.587913][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.605208][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.614370][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.623503][ C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 149.649404][ T9] usb 3-1: USB disconnect, device number 6 [ 149.830274][ T5875] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 149.865359][ T5875] usb 1-1: device descriptor read/8, error -71 [ 150.198239][ T6684] netlink: 4 bytes leftover after parsing attributes in process `syz.1.230'. [ 150.230071][ T5875] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 150.280341][ T5875] usb 1-1: device descriptor read/8, error -71 [ 150.297816][ T6686] loop1: detected capacity change from 0 to 256 [ 150.309750][ T6687] syz.3.228[6687] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 150.311198][ T6687] syz.3.228[6687] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 150.325034][ T6686] exfat: Bad value for 'uid' [ 150.369717][ T6689] overlayfs: failed to resolve './file1': -2 [ 150.400658][ T5875] usb usb1-port1: unable to enumerate USB device [ 150.446294][ T6686] loop1: detected capacity change from 0 to 2048 [ 150.591426][ T6686] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.624857][ T5103] Bluetooth: hci0: Malformed LE Event: 0x0d [ 150.735157][ T6686] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz.1.231: Invalid inode table block 163208811354 in block_group 0 [ 150.775692][ T6686] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 150.810053][ T6686] EXT4-fs error (device loop1): ext4_setattr:5584: inode #15: comm syz.1.231: mark_inode_dirty error [ 150.828238][ T6686] EXT4-fs error (device loop1) in ext4_setattr:5645: Corrupt filesystem [ 150.856460][ T6686] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz.1.231: Invalid inode table block 163208811354 in block_group 0 [ 150.883495][ T6686] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 1803188595: comm syz.1.231: lblock 0 mapped to illegal pblock 1803188595 (length 1) [ 150.931619][ T6686] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 150.959128][ T6686] EXT4-fs (loop1): This should not happen!! Data will be lost [ 150.959128][ T6686] [ 151.071113][ T2113] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm kworker/u4:7: Invalid inode table block 163208811354 in block_group 0 [ 151.099248][ T2113] EXT4-fs error (device loop1): ext4_ind_map_blocks:604: inode #15: comm kworker/u4:7: Can't allocate blocks for non-extent mapped inodes with bigalloc [ 151.124767][ T2113] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 117 [ 151.149897][ T2113] EXT4-fs (loop1): This should not happen!! Data will be lost [ 151.149897][ T2113] [ 151.170333][ T2113] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm kworker/u4:7: Invalid inode table block 163208811354 in block_group 0 [ 151.235507][ T2113] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm kworker/u4:7: Invalid inode table block 163208811354 in block_group 0 [ 151.266063][ T5791] EXT4-fs (loop1): Inode 15 (ffff888077684600): i_reserved_data_blocks (1) not cleared! [ 151.321375][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.689935][ T966] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 151.880104][ T966] usb 1-1: device descriptor read/64, error -71 [ 152.170195][ T966] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 152.329974][ T966] usb 1-1: device descriptor read/64, error -71 [ 152.370949][ T6731] loop2: detected capacity change from 0 to 256 [ 152.382576][ T6731] exfat: Bad value for 'uid' [ 152.470978][ T966] usb usb1-port1: attempt power cycle [ 152.691012][ T6734] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.248'. [ 152.911094][ T966] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 152.961376][ T966] usb 1-1: device descriptor read/8, error -71 [ 153.380256][ T966] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 153.567504][ T966] usb 1-1: device descriptor read/8, error -71 [ 153.720211][ T966] usb usb1-port1: unable to enumerate USB device [ 154.852078][ T6759] loop2: detected capacity change from 0 to 7 [ 154.881632][ T6759] Dev loop2: unable to read RDB block 7 [ 154.887317][ T6759] loop2: AHDI p1 p2 p3 [ 154.906815][ T6759] loop2: partition table partially beyond EOD, truncated [ 154.930168][ T6759] loop2: p1 start 1601398130 is beyond EOD, truncated [ 154.954773][ T6759] loop2: p2 start 1702059890 is beyond EOD, truncated [ 155.632057][ T6773] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.260'. [ 157.002898][ T6785] overlayfs: failed to resolve './file0': -2 [ 157.257281][ T6783] binder: BINDER_SET_CONTEXT_MGR already set [ 157.435783][ T6783] binder: 6782:6783 ioctl 4018620d 200000004a80 returned -16 [ 158.134617][ T6809] syz2: rxe_newlink: already configured on vxcan1 [ 158.929981][ T5855] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 158.949458][ T6808] ksmbd: Unknown IPC event: 0, ignore. [ 159.189936][ T5855] usb 2-1: Using ep0 maxpacket: 8 [ 159.198035][ T5855] usb 2-1: unable to get BOS descriptor or descriptor too short [ 159.220488][ T5855] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 159.239256][ T5855] usb 2-1: config 57 has no interface number 0 [ 159.255376][ T5855] usb 2-1: config 57 interface 229 has no altsetting 0 [ 159.273187][ T5855] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 159.290556][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.302844][ T5855] usb 2-1: Product: syz [ 159.307601][ T5855] usb 2-1: Manufacturer: syz [ 159.312388][ T5855] usb 2-1: SerialNumber: syz [ 159.544199][ T6825] loop2: detected capacity change from 0 to 512 [ 159.629752][ T6825] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.276: bad orphan inode 13 [ 159.650085][ T6825] ext4_test_bit(bit=12, block=4) = 1 [ 159.655444][ T6825] is_bad_inode(inode)=0 [ 159.670385][ T6825] NEXT_ORPHAN(inode)=0 [ 159.674530][ T6825] max_ino=32 [ 159.677870][ T6825] i_nlink=1 [ 159.696127][ T6825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.854265][ T5855] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 160.876005][ T5855] usb 2-1: USB disconnect, device number 7 [ 161.926190][ T6859] ksmbd: Unknown IPC event: 0, ignore. [ 162.336326][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.458651][ T6871] Bluetooth: MGMT ver 1.22 [ 162.559742][ T6874] netlink: 'syz.2.291': attribute type 27 has an invalid length. [ 162.794438][ T6883] netlink: 40 bytes leftover after parsing attributes in process `syz.0.294'. [ 163.886879][ T6899] loop1: detected capacity change from 0 to 512 [ 163.976060][ T6896] ksmbd: Unknown IPC event: 0, ignore. [ 164.034386][ T6899] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.300: bad orphan inode 13 [ 164.125805][ T6899] ext4_test_bit(bit=12, block=4) = 1 [ 164.143798][ T6899] is_bad_inode(inode)=0 [ 164.164173][ T6899] NEXT_ORPHAN(inode)=0 [ 164.168383][ T6899] max_ino=32 [ 164.171851][ T6899] i_nlink=1 [ 164.179012][ T6899] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.435994][ T6874] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.443825][ T6874] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.462711][ T6903] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 166.148987][ T6917] loop3: detected capacity change from 0 to 512 [ 166.221613][ T6917] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.244207][ T6874] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 166.255206][ T6917] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 166.312939][ T6874] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 166.370968][ T6874] batadv_slave_1: left promiscuous mode [ 166.377647][ T6874] batadv_slave_1: left allmulticast mode [ 166.564877][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.331951][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.544232][ T6874] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.555739][ T6874] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.565350][ T6874] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.574774][ T6874] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.576879][ T6944] netlink: 40 bytes leftover after parsing attributes in process `syz.3.305'. [ 167.845502][ T6874] syz.2.291 (6874) used greatest stack depth: 20968 bytes left [ 168.936729][ T6962] loop3: detected capacity change from 0 to 512 [ 168.969885][ T6962] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.312: bad orphan inode 13 [ 169.330495][ T6962] ext4_test_bit(bit=12, block=4) = 1 [ 169.440432][ T6962] is_bad_inode(inode)=0 [ 169.492272][ T6967] netlink: 40 bytes leftover after parsing attributes in process `syz.2.314'. [ 169.648871][ T6962] NEXT_ORPHAN(inode)=0 [ 169.677544][ T6962] max_ino=32 [ 169.686019][ T6962] i_nlink=1 [ 169.697033][ T6962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 170.128198][ T6970] netlink: 'syz.0.316': attribute type 27 has an invalid length. [ 170.686854][ T6970] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.694975][ T6970] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.981325][ T6920] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 171.018903][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.591964][ T6970] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 171.618578][ T6970] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.729781][ T6970] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.745085][ T6970] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.756755][ T6970] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.766939][ T6970] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.836632][ T6970] bridge1: left promiscuous mode [ 171.902184][ T6979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.912290][ T6979] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.927025][ T6979] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 172.007274][ T6979] syz.0.316 (6979) used greatest stack depth: 20360 bytes left [ 172.202372][ T7010] loop0: detected capacity change from 0 to 512 [ 172.231990][ T7007] syz.3.327 (7007): drop_caches: 2 [ 172.375004][ T7010] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.328: bad orphan inode 13 [ 172.394348][ T7010] ext4_test_bit(bit=12, block=4) = 1 [ 172.403120][ T7010] is_bad_inode(inode)=0 [ 172.407337][ T7010] NEXT_ORPHAN(inode)=0 [ 172.416440][ T7010] max_ino=32 [ 172.419686][ T7010] i_nlink=1 [ 172.766342][ T7010] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.330082][ T7012] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 173.531509][ T6924] libceph: connect (1)[c::]:6789 error -101 [ 173.541541][ T6924] libceph: mon0 (1)[c::]:6789 connect error [ 173.701752][ T7023] ceph: No mds server is up or the cluster is laggy [ 173.853598][ T7032] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.331'. [ 174.590525][ T7047] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 174.621755][ T7044] netlink: 'syz.1.334': attribute type 27 has an invalid length. [ 174.956295][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.084410][ T7054] loop3: detected capacity change from 0 to 512 [ 175.561039][ T7054] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.879252][ T7054] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 177.451212][ T7044] infiniband syz2: set down [ 178.057879][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.166361][ T7044] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.176277][ T7044] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.187834][ T7044] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.197086][ T7044] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.310910][ T7048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.319437][ T7048] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.336432][ T7048] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 179.357756][ T5873] vxcan1 speed is unknown, defaulting to 1000 [ 179.357834][ T7085] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.343'. [ 179.504212][ T6923] vxcan1 speed is unknown, defaulting to 1000 [ 179.607788][ T7095] loop3: detected capacity change from 0 to 128 [ 179.642787][ T7095] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 179.769516][ T58] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 180.052815][ T7081] libceph: connect (1)[c::]:6789 error -101 [ 180.067575][ T7081] libceph: mon0 (1)[c::]:6789 connect error [ 180.123856][ T7107] ceph: No mds server is up or the cluster is laggy [ 180.284612][ T28] audit: type=1326 audit(1758581178.756:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7111 comm="syz.3.350" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feaab98eec9 code=0x0 [ 180.425401][ T28] audit: type=1326 audit(1758581178.896:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.0.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 180.462527][ T28] audit: type=1326 audit(1758581178.896:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.0.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 180.492730][ T28] audit: type=1326 audit(1758581178.896:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.0.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 180.539241][ T28] audit: type=1326 audit(1758581178.896:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.0.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 180.593660][ T28] audit: type=1326 audit(1758581178.896:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.0.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 180.627032][ T28] audit: type=1326 audit(1758581178.986:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.0.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 180.655932][ T28] audit: type=1326 audit(1758581178.986:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.0.351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 181.212964][ T7130] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.354'. [ 182.031349][ T7142] netlink: 'syz.3.355': attribute type 27 has an invalid length. [ 182.322279][ T7150] syz2: rxe_newlink: already configured on vxcan1 [ 182.805432][ T5778] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 183.170252][ T5778] usb 2-1: Using ep0 maxpacket: 8 [ 183.194057][ T5778] usb 2-1: unable to get BOS descriptor or descriptor too short [ 183.203739][ T5778] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 183.217760][ T5778] usb 2-1: config 57 has no interface number 0 [ 183.224852][ T5778] usb 2-1: config 57 interface 229 has no altsetting 0 [ 183.243141][ T5778] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 183.259887][ T5778] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.278974][ T5778] usb 2-1: Product: syz [ 183.287191][ T5778] usb 2-1: Manufacturer: syz [ 183.302362][ T5778] usb 2-1: SerialNumber: syz [ 184.669611][ T7142] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.679077][ T7142] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.689218][ T7142] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.698785][ T7142] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.835539][ T7134] 8021q: adding VLAN 0 to HW filter on device bond0 [ 184.848248][ T7134] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 184.975523][ T7134] syz.3.355 (7134) used greatest stack depth: 20232 bytes left [ 185.103439][ T5778] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 185.124375][ T5778] usb 2-1: USB disconnect, device number 8 [ 185.423485][ T7183] binder: 7169:7183 ioctl c0306201 0 returned -14 [ 186.213012][ T7188] netlink: 76 bytes leftover after parsing attributes in process `syz.3.368'. [ 186.405428][ T7193] loop2: detected capacity change from 0 to 8192 [ 186.466421][ T7193] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 189.109824][ C0] sched: RT throttling activated [ 189.358713][ T7235] loop2: detected capacity change from 0 to 512 [ 189.391166][ T7235] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.384: bad orphan inode 13 [ 189.416934][ T7235] ext4_test_bit(bit=12, block=4) = 1 [ 189.458965][ T7235] is_bad_inode(inode)=0 [ 189.490004][ T7235] NEXT_ORPHAN(inode)=0 [ 189.509729][ T7235] max_ino=32 [ 189.523906][ T7235] i_nlink=1 [ 189.548974][ T7235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.545643][ T7252] loop3: detected capacity change from 0 to 512 [ 193.470639][ T7238] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 193.858935][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.912915][ T7300] loop1: detected capacity change from 0 to 8192 [ 193.950785][ T7300] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 194.155186][ T7300] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 194.215725][ T7300] FAT-fs (loop1): Filesystem has been set read-only [ 194.232639][ T7300] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 194.256249][ T7300] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 194.504861][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.512057][ T1275] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.766349][ T7330] loop0: detected capacity change from 0 to 512 [ 194.963134][ T7330] EXT4-fs error (device loop0): ext4_orphan_get:1425: comm syz.0.419: bad orphan inode 13 [ 194.997936][ T7330] ext4_test_bit(bit=12, block=4) = 1 [ 195.009947][ T7330] is_bad_inode(inode)=0 [ 195.033067][ T7330] NEXT_ORPHAN(inode)=0 [ 195.043253][ T7330] max_ino=32 [ 195.194691][ T7330] i_nlink=1 [ 195.289174][ T7330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 195.830280][ T7338] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 196.474631][ T7353] ksmbd: Unknown IPC event: 0, ignore. [ 200.234833][ T7390] ksmbd: Unknown IPC event: 0, ignore. [ 201.283211][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.584504][ T7411] overlayfs: missing 'lowerdir' [ 201.626643][ T7413] mmap: syz.2.445 (7413) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 201.777313][ T7413] vxcan1 speed is unknown, defaulting to 1000 [ 201.839939][ T28] audit: type=1326 audit(1758581200.276:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7412 comm="syz.2.445" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x0 [ 202.994971][ T7430] loop1: detected capacity change from 0 to 512 [ 203.650139][ T7430] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.450: bad orphan inode 13 [ 203.680111][ T7430] ext4_test_bit(bit=12, block=4) = 1 [ 203.685616][ T7430] is_bad_inode(inode)=0 [ 203.690271][ T7430] NEXT_ORPHAN(inode)=0 [ 203.694374][ T7430] max_ino=32 [ 203.729926][ T7430] i_nlink=1 [ 203.750928][ T7430] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.969261][ T7456] fuse: Bad value for 'fd' [ 206.131247][ T7466] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 206.178702][ T7468] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 206.262994][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.592765][ T7471] loop3: detected capacity change from 0 to 8192 [ 206.661206][ T7471] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 206.694365][ T7471] FAT-fs (loop3): Filesystem has been set read-only [ 206.704339][ T7484] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 206.823419][ T5800] Bluetooth: hci1: command 0x0406 tx timeout [ 206.829591][ T5795] Bluetooth: hci0: command 0x0406 tx timeout [ 206.835648][ T50] Bluetooth: hci2: command 0x0406 tx timeout [ 207.351830][ T7494] loop1: detected capacity change from 0 to 512 [ 207.557923][ T7494] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.471: bad orphan inode 13 [ 207.705858][ T7494] ext4_test_bit(bit=12, block=4) = 1 [ 207.775065][ T7494] is_bad_inode(inode)=0 [ 207.779321][ T7494] NEXT_ORPHAN(inode)=0 [ 207.783831][ T7494] max_ino=32 [ 207.787069][ T7494] i_nlink=1 [ 207.799627][ T7494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 208.953222][ T7518] (null): rxe_set_mtu: Set mtu to 256 [ 208.965174][ T7518] rdma_rxe: rxe_newlink: failed to add vxcan1 [ 209.335701][ T6924] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 209.731617][ T6924] usb 1-1: Using ep0 maxpacket: 8 [ 209.763612][ T6924] usb 1-1: unable to get BOS descriptor or descriptor too short [ 209.802065][ T6924] usb 1-1: config 57 has an invalid interface number: 229 but max is 0 [ 209.812193][ T6924] usb 1-1: config 57 has no interface number 0 [ 209.822379][ T6924] usb 1-1: config 57 interface 229 has no altsetting 0 [ 209.838662][ T6924] usb 1-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 209.854226][ T6924] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.879875][ T6924] usb 1-1: Product: syz [ 209.889760][ T6924] usb 1-1: Manufacturer: syz [ 209.896615][ T6924] usb 1-1: SerialNumber: syz [ 209.943994][ T7499] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 210.265584][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.680001][ T6929] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 211.132216][ T6929] usb 2-1: Using ep0 maxpacket: 8 [ 211.358062][ T6929] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 211.397987][ T6929] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 211.434912][ T6929] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 211.467907][ T6929] usb 2-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 211.498879][ T6929] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 211.657888][ T6924] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 211.669998][ T6929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.692174][ T6924] usb 1-1: USB disconnect, device number 13 [ 211.732091][ T6929] usbtmc 2-1:16.0: bulk endpoints not found [ 212.847099][ T7556] loop2: detected capacity change from 0 to 512 [ 212.897162][ T7556] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.490: bad orphan inode 13 [ 212.957721][ T7556] ext4_test_bit(bit=12, block=4) = 1 [ 212.968995][ T7556] is_bad_inode(inode)=0 [ 212.973620][ T7556] NEXT_ORPHAN(inode)=0 [ 212.977856][ T7556] max_ino=32 [ 212.981522][ T7556] i_nlink=1 [ 212.986294][ T7556] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 213.590446][ T7566] loop0: detected capacity change from 0 to 128 [ 213.930876][ T28] audit: type=1800 audit(1758581212.396:15): pid=7562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.492" name="file2" dev="loop0" ino=1048601 res=0 errno=0 [ 213.944179][ T786] usb 2-1: USB disconnect, device number 9 [ 213.955344][ T7562] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 213.969612][ T7562] FAT-fs (loop0): Filesystem has been set read-only [ 213.998430][ T7562] syz.0.492: attempt to access beyond end of device [ 213.998430][ T7562] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 214.131796][ T7562] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 214.180339][ T7562] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 214.207040][ T7562] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 214.219036][ T7562] syz.0.492: attempt to access beyond end of device [ 214.219036][ T7562] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 214.300176][ T7562] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 214.319908][ T7562] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 214.364503][ T7562] syz.0.492: attempt to access beyond end of device [ 214.364503][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.427702][ T7562] syz.0.492: attempt to access beyond end of device [ 214.427702][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.465616][ T7562] syz.0.492: attempt to access beyond end of device [ 214.465616][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.500034][ T7562] syz.0.492: attempt to access beyond end of device [ 214.500034][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.529618][ T7562] syz.0.492: attempt to access beyond end of device [ 214.529618][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.568220][ T7562] syz.0.492: attempt to access beyond end of device [ 214.568220][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.607522][ T7562] syz.0.492: attempt to access beyond end of device [ 214.607522][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 214.658737][ T7562] syz.0.492: attempt to access beyond end of device [ 214.658737][ T7562] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 215.142368][ T7560] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 215.810964][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.968621][ T7595] ksmbd: Unknown IPC event: 0, ignore. [ 217.743438][ T7612] loop3: detected capacity change from 0 to 164 [ 218.001616][ T7612] rock: directory entry would overflow storage [ 218.038111][ T7606] netlink: 'syz.1.505': attribute type 27 has an invalid length. [ 218.063397][ T7612] rock: sig=0x66, size=4, remaining=3 [ 218.650084][ T7612] rock: directory entry would overflow storage [ 218.658501][ T7612] rock: sig=0x66, size=4, remaining=3 [ 218.993358][ T7623] loop2: detected capacity change from 0 to 128 [ 219.039489][ T7626] loop3: detected capacity change from 0 to 512 [ 219.060599][ T7626] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.510: bad orphan inode 13 [ 219.114940][ T7626] ext4_test_bit(bit=12, block=4) = 1 [ 219.122042][ T7626] is_bad_inode(inode)=0 [ 219.126260][ T7626] NEXT_ORPHAN(inode)=0 [ 219.132297][ T7626] max_ino=32 [ 219.135608][ T7626] i_nlink=1 [ 219.158284][ T7626] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.677046][ T7615] 8021q: adding VLAN 0 to HW filter on device bond0 [ 219.730440][ T7615] 8021q: adding VLAN 0 to HW filter on device team0 [ 219.761803][ T7615] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 221.755649][ T7671] netlink: 'syz.0.524': attribute type 27 has an invalid length. [ 221.872505][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.180050][ T5103] Bluetooth: hci3: command 0x0406 tx timeout [ 222.315023][ T7684] fuse: root generation should be zero [ 222.536543][ T7666] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.581650][ T7666] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.673544][ T7666] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 222.992397][ T7705] loop3: detected capacity change from 0 to 256 [ 223.149747][ T7707] loop1: detected capacity change from 0 to 256 [ 224.010053][ T7707] 9pnet: Could not find request transport: f0xffffffffffffffff [ 224.383621][ T7722] netlink: 'syz.2.543': attribute type 27 has an invalid length. [ 224.525661][ T7722] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.547307][ T7722] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.584827][ T7722] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 224.704659][ T7731] kvm: pic: non byte write [ 225.271483][ T7740] loop2: detected capacity change from 0 to 7 [ 225.365032][ T7740] Dev loop2: unable to read RDB block 7 [ 225.415592][ T7740] loop2: unable to read partition table [ 225.477789][ T7740] loop2: partition table beyond EOD, truncated [ 225.533509][ T7740] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 228.562001][ T7790] loop2: detected capacity change from 0 to 512 [ 228.628714][ T7790] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.564: bad orphan inode 13 [ 228.649293][ T7790] ext4_test_bit(bit=12, block=4) = 1 [ 228.655929][ T7790] is_bad_inode(inode)=0 [ 228.669897][ T7790] NEXT_ORPHAN(inode)=0 [ 228.752074][ T7790] max_ino=32 [ 228.755451][ T7790] i_nlink=1 [ 228.760397][ T7790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 230.210106][ T7090] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 230.450763][ T7090] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 230.502073][ T7090] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 230.561707][ T7090] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 230.631670][ T7090] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 230.721601][ T7090] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 230.838224][ T7090] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 230.894618][ T7090] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 230.929838][ T7090] usb 1-1: Product: syz [ 230.934088][ T7090] usb 1-1: Manufacturer: syz [ 230.977270][ T7090] cdc_wdm 1-1:1.0: skipping garbage [ 231.008283][ T7090] cdc_wdm 1-1:1.0: skipping garbage [ 231.025316][ T7090] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 231.040423][ T7090] cdc_wdm 1-1:1.0: Unknown control protocol [ 231.220133][ T7793] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 231.548503][ T7830] ksmbd: Unknown IPC event: 0, ignore. [ 231.705613][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.841873][ T7838] loop1: detected capacity change from 0 to 512 [ 233.006583][ T7838] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 233.046305][ T7838] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 233.087867][ T7090] usb 1-1: USB disconnect, device number 14 [ 234.581223][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.167638][ T7863] loop1: detected capacity change from 0 to 512 [ 235.232621][ T7863] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.585: bad orphan inode 13 [ 235.316641][ T7863] ext4_test_bit(bit=12, block=4) = 1 [ 235.342709][ T7863] is_bad_inode(inode)=0 [ 235.361053][ T7863] NEXT_ORPHAN(inode)=0 [ 235.398945][ T7863] max_ino=32 [ 235.424902][ T7863] i_nlink=1 [ 235.429604][ T7863] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 236.100645][ T7869] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 236.438026][ T28] audit: type=1326 audit(1758581234.906:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7894 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaab98eec9 code=0x7ffc0000 [ 236.512834][ T28] audit: type=1326 audit(1758581234.906:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7894 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaab98eec9 code=0x7ffc0000 [ 236.578651][ T28] audit: type=1326 audit(1758581234.916:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7894 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7feaab98eec9 code=0x7ffc0000 [ 236.630280][ T28] audit: type=1326 audit(1758581234.916:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7894 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaab98eec9 code=0x7ffc0000 [ 236.696878][ T28] audit: type=1326 audit(1758581234.916:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7894 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7feaab98eec9 code=0x7ffc0000 [ 236.737874][ T7896] kvm: pic: non byte write [ 236.749523][ T28] audit: type=1326 audit(1758581234.916:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7894 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaab98eec9 code=0x7ffc0000 [ 237.168357][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.711556][ T7929] loop0: detected capacity change from 0 to 164 [ 237.760155][ T7929] Unsupported NM flag settings (8) [ 238.061090][ T7935] loop3: detected capacity change from 0 to 512 [ 238.210336][ T7935] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.610: bad orphan inode 13 [ 238.250150][ T7935] ext4_test_bit(bit=12, block=4) = 1 [ 238.260750][ T7935] is_bad_inode(inode)=0 [ 238.270742][ T7935] NEXT_ORPHAN(inode)=0 [ 238.289984][ T7935] max_ino=32 [ 238.293257][ T7935] i_nlink=1 [ 238.318622][ T7935] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 238.647663][ T7946] kvm: pic: non byte write [ 239.950062][ T7939] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 240.572054][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.805840][ T7976] vxcan1 speed is unknown, defaulting to 1000 [ 241.338215][ T7983] syz2: rxe_newlink: already configured on vxcan1 [ 241.823217][ T6924] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 242.184938][ T7985] kvm: pic: non byte write [ 242.200051][ T6924] usb 2-1: Using ep0 maxpacket: 8 [ 242.215864][ T6924] usb 2-1: unable to get BOS descriptor or descriptor too short [ 242.227081][ T6924] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 242.242532][ T6924] usb 2-1: config 57 has no interface number 0 [ 242.257776][ T6924] usb 2-1: config 57 interface 229 has no altsetting 0 [ 242.274483][ T6924] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 242.285059][ T6924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.299655][ T6924] usb 2-1: Product: syz [ 242.308756][ T6924] usb 2-1: Manufacturer: syz [ 242.323357][ T6924] usb 2-1: SerialNumber: syz [ 244.184900][ T6924] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 244.533711][ T6924] usb 2-1: USB disconnect, device number 10 [ 246.572054][ T8042] syz2: rxe_newlink: already configured on vxcan1 [ 246.944977][ T6924] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 247.374919][ T8053] loop0: detected capacity change from 0 to 164 [ 247.396282][ T8053] Unable to read rock-ridge attributes [ 247.409857][ T6924] usb 2-1: Using ep0 maxpacket: 8 [ 247.417167][ T8053] Unable to read rock-ridge attributes [ 247.426438][ T6924] usb 2-1: unable to get BOS descriptor or descriptor too short [ 247.449605][ T6924] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 247.493513][ T6924] usb 2-1: config 57 has no interface number 0 [ 247.509859][ T6924] usb 2-1: config 57 interface 229 has no altsetting 0 [ 247.534349][ T6924] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 247.550023][ T6924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.558069][ T6924] usb 2-1: Product: syz [ 247.583486][ T6924] usb 2-1: Manufacturer: syz [ 247.599853][ T6924] usb 2-1: SerialNumber: syz [ 247.654448][ T8055] loop0: detected capacity change from 0 to 512 [ 247.721778][ T8055] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.750876][ T8055] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 249.425781][ T6924] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 249.440651][ T6924] usb 2-1: USB disconnect, device number 11 [ 249.521733][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.524417][ T8079] loop2: detected capacity change from 0 to 512 [ 251.737629][ T8112] (null): rxe_set_mtu: Set mtu to 256 [ 251.747730][ T8112] rdma_rxe: rxe_newlink: failed to add vxcan1 [ 252.414018][ T5855] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 252.640835][ T5855] usb 1-1: Using ep0 maxpacket: 8 [ 252.656427][ T5855] usb 1-1: unable to get BOS descriptor or descriptor too short [ 252.679038][ T5855] usb 1-1: config 57 has an invalid interface number: 229 but max is 0 [ 252.694467][ T5855] usb 1-1: config 57 has no interface number 0 [ 252.701111][ T5855] usb 1-1: config 57 interface 229 has no altsetting 0 [ 252.712931][ T5855] usb 1-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 252.727850][ T5855] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.746541][ T5855] usb 1-1: Product: syz [ 252.756578][ T5855] usb 1-1: Manufacturer: syz [ 252.761960][ T5855] usb 1-1: SerialNumber: syz [ 254.542382][ T5855] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 254.561588][ T5855] usb 1-1: USB disconnect, device number 15 [ 255.176711][ T8157] fuse: Bad value for 'fd' [ 255.848365][ T8178] loop2: detected capacity change from 0 to 128 [ 255.907530][ T28] audit: type=1800 audit(1758581254.376:22): pid=8178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.686" name="file2" dev="loop2" ino=1048604 res=0 errno=0 [ 255.958888][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.966637][ T1275] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.295569][ T8207] fuse: Bad value for 'fd' [ 257.952129][ T8225] loop0: detected capacity change from 0 to 128 [ 258.100598][ T8228] capability: warning: `syz.2.705' uses 32-bit capabilities (legacy support in use) [ 258.216305][ T8233] loop3: detected capacity change from 0 to 256 [ 260.358503][ T8280] loop2: detected capacity change from 0 to 128 [ 260.634758][ T8291] loop0: detected capacity change from 0 to 512 [ 260.754508][ T8293] syz2: rxe_newlink: already configured on vxcan1 [ 261.120351][ T6934] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 261.402315][ T8291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 261.430185][ T8291] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 261.719889][ T6934] usb 2-1: Using ep0 maxpacket: 8 [ 261.731618][ T6934] usb 2-1: unable to get BOS descriptor or descriptor too short [ 261.751652][ T6934] usb 2-1: config 57 has an invalid interface number: 229 but max is 0 [ 261.789596][ T6934] usb 2-1: config 57 has no interface number 0 [ 261.803394][ T6934] usb 2-1: config 57 interface 229 has no altsetting 0 [ 261.830241][ T6934] usb 2-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb [ 261.839355][ T6934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.869388][ T6934] usb 2-1: Product: syz [ 261.874206][ T6934] usb 2-1: Manufacturer: syz [ 261.878931][ T6934] usb 2-1: SerialNumber: syz [ 262.053725][ T8305] loop2: detected capacity change from 0 to 128 [ 262.083102][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.464388][ T6934] gspca_main: jeilinj-2.14.0 probing 0979:0270 [ 263.502656][ T6934] usb 2-1: USB disconnect, device number 12 [ 272.393683][ T8456] loop3: detected capacity change from 0 to 128 [ 272.441039][ T28] audit: type=1800 audit(1758581270.906:23): pid=8456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.779" name="file2" dev="loop3" ino=1048610 res=0 errno=0 [ 272.442009][ T8456] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 272.479444][ T8456] FAT-fs (loop3): Filesystem has been set read-only [ 272.490919][ T8456] bio_check_eod: 230 callbacks suppressed [ 272.490935][ T8456] syz.3.779: attempt to access beyond end of device [ 272.490935][ T8456] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 272.511454][ T8456] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 272.519325][ T8456] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 272.533413][ T8456] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 272.541505][ T8456] syz.3.779: attempt to access beyond end of device [ 272.541505][ T8456] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 272.556247][ T8456] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 272.564388][ T8456] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 272.572738][ T8456] syz.3.779: attempt to access beyond end of device [ 272.572738][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.586512][ T8456] syz.3.779: attempt to access beyond end of device [ 272.586512][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.599946][ T8456] syz.3.779: attempt to access beyond end of device [ 272.599946][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.613304][ T8456] syz.3.779: attempt to access beyond end of device [ 272.613304][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.626671][ T8456] syz.3.779: attempt to access beyond end of device [ 272.626671][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.640551][ T8456] syz.3.779: attempt to access beyond end of device [ 272.640551][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.653907][ T8456] syz.3.779: attempt to access beyond end of device [ 272.653907][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 272.667262][ T8456] syz.3.779: attempt to access beyond end of device [ 272.667262][ T8456] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 274.751179][ T8482] loop2: detected capacity change from 0 to 128 [ 274.839152][ T8482] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 274.840476][ T28] audit: type=1800 audit(1758581273.306:24): pid=8482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.788" name="file2" dev="loop2" ino=1048611 res=0 errno=0 [ 274.857710][ T8482] FAT-fs (loop2): Filesystem has been set read-only [ 274.911140][ T8482] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 274.923320][ T8482] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 274.942629][ T8482] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 274.965627][ T8482] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 274.980595][ T8482] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 275.799125][ T8507] loop0: detected capacity change from 0 to 512 [ 275.853461][ T8507] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 275.886403][ T8507] ext4 filesystem being mounted at /186/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.065280][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.266883][ T8552] loop0: detected capacity change from 0 to 128 [ 278.304075][ T8547] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 278.304253][ T28] audit: type=1800 audit(1758581276.766:25): pid=8547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.808" name="file2" dev="loop0" ino=1048612 res=0 errno=0 [ 278.326601][ T8547] FAT-fs (loop0): Filesystem has been set read-only [ 278.367747][ T8547] bio_check_eod: 12181 callbacks suppressed [ 278.367763][ T8547] syz.0.808: attempt to access beyond end of device [ 278.367763][ T8547] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 278.428785][ T8547] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 278.452618][ T8547] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 278.482497][ T8547] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 278.509965][ T8547] syz.0.808: attempt to access beyond end of device [ 278.509965][ T8547] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 278.543987][ T8547] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 278.570209][ T8547] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 278.590965][ T8547] syz.0.808: attempt to access beyond end of device [ 278.590965][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 278.615647][ T8547] syz.0.808: attempt to access beyond end of device [ 278.615647][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 278.634275][ T8547] syz.0.808: attempt to access beyond end of device [ 278.634275][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 278.648663][ T8547] syz.0.808: attempt to access beyond end of device [ 278.648663][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 278.667124][ T8547] syz.0.808: attempt to access beyond end of device [ 278.667124][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 278.685970][ T8547] syz.0.808: attempt to access beyond end of device [ 278.685970][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 278.699473][ T8547] syz.0.808: attempt to access beyond end of device [ 278.699473][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 278.717825][ T8547] syz.0.808: attempt to access beyond end of device [ 278.717825][ T8547] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 280.964721][ T8604] loop0: detected capacity change from 0 to 128 [ 281.048323][ T28] audit: type=1800 audit(1758581279.516:26): pid=8604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.827" name="file2" dev="loop0" ino=1048613 res=0 errno=0 [ 281.099127][ T8604] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 281.130353][ T8604] FAT-fs (loop0): Filesystem has been set read-only [ 281.165209][ T8604] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 281.189395][ T8604] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 281.221411][ T8604] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 281.256549][ T8604] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 281.280568][ T8604] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 283.529364][ T8637] loop2: detected capacity change from 0 to 128 [ 283.564180][ T28] audit: type=1800 audit(1758581282.036:27): pid=8637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.839" name="file2" dev="loop2" ino=1048614 res=0 errno=0 [ 283.590440][ T8637] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 283.599123][ T8637] FAT-fs (loop2): Filesystem has been set read-only [ 283.624322][ T8637] bio_check_eod: 8288 callbacks suppressed [ 283.624338][ T8637] syz.2.839: attempt to access beyond end of device [ 283.624338][ T8637] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 283.666607][ T8637] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 283.698659][ T8637] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 283.751223][ T8637] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 283.789916][ T8637] syz.2.839: attempt to access beyond end of device [ 283.789916][ T8637] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 283.817750][ T8637] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 283.826122][ T8637] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 283.834845][ T8637] syz.2.839: attempt to access beyond end of device [ 283.834845][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 283.849709][ T8637] syz.2.839: attempt to access beyond end of device [ 283.849709][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 283.863461][ T8637] syz.2.839: attempt to access beyond end of device [ 283.863461][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 283.880538][ T8637] syz.2.839: attempt to access beyond end of device [ 283.880538][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 283.894716][ T8637] syz.2.839: attempt to access beyond end of device [ 283.894716][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 283.944715][ T8637] syz.2.839: attempt to access beyond end of device [ 283.944715][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 283.987916][ T8637] syz.2.839: attempt to access beyond end of device [ 283.987916][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 284.035661][ T8637] syz.2.839: attempt to access beyond end of device [ 284.035661][ T8637] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 285.754350][ T8683] ksmbd: Unknown IPC event: 0, ignore. [ 286.364350][ T8696] loop2: detected capacity change from 0 to 128 [ 286.404643][ T28] audit: type=1800 audit(1758581284.876:28): pid=8692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.857" name="file2" dev="loop2" ino=1048615 res=0 errno=0 [ 286.427543][ T8692] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 286.436085][ T8692] FAT-fs (loop2): Filesystem has been set read-only [ 286.444085][ T8692] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 286.454337][ T8692] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 286.563238][ T8703] netlink: 4 bytes leftover after parsing attributes in process `syz.3.859'. [ 286.814886][ T8708] loop0: detected capacity change from 0 to 128 [ 286.841450][ T8708] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 287.788302][ T35] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 288.083688][ T8723] ksmbd: Unknown IPC event: 0, ignore. [ 288.103590][ T8722] loop2: detected capacity change from 0 to 164 [ 288.152642][ T8722] Unable to read rock-ridge attributes [ 288.243957][ T8722] Unable to read rock-ridge attributes [ 289.941883][ T8749] loop1: detected capacity change from 0 to 128 [ 290.295157][ T8747] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 290.319862][ T28] audit: type=1800 audit(1758581288.746:29): pid=8747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.874" name="file2" dev="loop1" ino=1048617 res=0 errno=0 [ 290.359920][ T8747] FAT-fs (loop1): Filesystem has been set read-only [ 290.400374][ T8747] bio_check_eod: 5997 callbacks suppressed [ 290.400390][ T8747] syz.1.874: attempt to access beyond end of device [ 290.400390][ T8747] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 290.437087][ T8747] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 290.445180][ T8747] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 290.460590][ T8747] syz.1.874: attempt to access beyond end of device [ 290.460590][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.476617][ T8747] syz.1.874: attempt to access beyond end of device [ 290.476617][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.489982][ T8747] syz.1.874: attempt to access beyond end of device [ 290.489982][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.503506][ T8747] syz.1.874: attempt to access beyond end of device [ 290.503506][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.518401][ T8747] syz.1.874: attempt to access beyond end of device [ 290.518401][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.533067][ T8747] syz.1.874: attempt to access beyond end of device [ 290.533067][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.546942][ T8747] syz.1.874: attempt to access beyond end of device [ 290.546942][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.561096][ T8747] syz.1.874: attempt to access beyond end of device [ 290.561096][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.579297][ T8747] syz.1.874: attempt to access beyond end of device [ 290.579297][ T8747] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 290.796401][ T8763] ksmbd: Unknown IPC event: 0, ignore. [ 294.303213][ T8786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'. [ 294.952680][ T8796] loop1: detected capacity change from 0 to 128 [ 295.139357][ T28] audit: type=1800 audit(1758581293.606:30): pid=8796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.888" name="file2" dev="loop1" ino=1048618 res=0 errno=0 [ 295.160826][ T8796] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 295.168678][ T8796] FAT-fs (loop1): Filesystem has been set read-only [ 295.225402][ T8796] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 295.262740][ T8796] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 295.306477][ T8796] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 295.346979][ T8796] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 295.355025][ T8796] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 295.411913][ T8796] bio_check_eod: 1859 callbacks suppressed [ 295.411930][ T8796] syz.1.888: attempt to access beyond end of device [ 295.411930][ T8796] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 295.478768][ T8802] loop2: detected capacity change from 0 to 512 [ 295.572421][ T8802] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.610750][ T8802] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 296.718289][ T8828] fuse: Bad value for 'group_id' [ 296.767691][ T8827] macvlan2: entered promiscuous mode [ 296.773610][ T8827] macvlan2: entered allmulticast mode [ 296.780801][ T8827] gretap0: entered allmulticast mode [ 296.795720][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.744521][ T8846] loop0: detected capacity change from 0 to 128 [ 297.773945][ T28] audit: type=1800 audit(1758581296.246:31): pid=8846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.903" name="file2" dev="loop0" ino=1048619 res=0 errno=0 [ 297.775652][ T8846] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 297.809494][ T8846] FAT-fs (loop0): Filesystem has been set read-only [ 297.829055][ T8846] syz.0.903: attempt to access beyond end of device [ 297.829055][ T8846] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 297.870302][ T8846] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 297.878205][ T8846] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 297.906517][ T8846] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 297.940242][ T8846] syz.0.903: attempt to access beyond end of device [ 297.940242][ T8846] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 297.984928][ T8846] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 298.015050][ T8846] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 298.040649][ T8846] syz.0.903: attempt to access beyond end of device [ 298.040649][ T8846] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.088990][ T8846] syz.0.903: attempt to access beyond end of device [ 298.088990][ T8846] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.112185][ T8846] syz.0.903: attempt to access beyond end of device [ 298.112185][ T8846] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.127324][ T8846] syz.0.903: attempt to access beyond end of device [ 298.127324][ T8846] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.141125][ T8846] syz.0.903: attempt to access beyond end of device [ 298.141125][ T8846] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.164033][ T8846] syz.0.903: attempt to access beyond end of device [ 298.164033][ T8846] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.183793][ T8846] syz.0.903: attempt to access beyond end of device [ 298.183793][ T8846] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.741112][ T8864] fuse: Bad value for 'group_id' [ 300.069390][ T8894] loop1: detected capacity change from 0 to 512 [ 300.149994][ T8894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.204790][ T8894] ext4 filesystem being mounted at /235/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 301.257651][ T8909] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 301.553944][ T8913] fuse: Bad value for 'group_id' [ 301.583727][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.893098][ T8921] netlink: 68 bytes leftover after parsing attributes in process `syz.2.929'. [ 302.928686][ T8942] loop2: detected capacity change from 0 to 512 [ 303.009032][ T8942] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 303.029201][ T8942] ext4 filesystem being mounted at /221/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 304.161722][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 304.369159][ T8959] netlink: 68 bytes leftover after parsing attributes in process `syz.1.941'. [ 305.804711][ T8987] loop3: detected capacity change from 0 to 512 [ 305.875863][ T8987] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 305.938336][ T8987] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.936683][ T9005] netlink: 68 bytes leftover after parsing attributes in process `syz.0.953'. [ 307.057197][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.515844][ T9022] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 308.417228][ T9052] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 308.837633][ T9074] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 308.845612][ T9074] IPv6: NLM_F_CREATE should be set when creating new route [ 309.490458][ T9103] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 310.283812][ T9133] ksmbd: Unknown IPC event: 0, ignore. [ 312.189452][ T28] audit: type=1326 audit(1758581310.656:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 312.426999][ T28] audit: type=1326 audit(1758581310.686:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 312.732087][ T28] audit: type=1326 audit(1758581310.776:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 313.011432][ T28] audit: type=1326 audit(1758581310.786:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 313.169896][ T28] audit: type=1326 audit(1758581310.786:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 313.192248][ T28] audit: type=1326 audit(1758581310.826:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 313.214544][ T28] audit: type=1326 audit(1758581310.866:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 313.236951][ T28] audit: type=1326 audit(1758581310.866:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 313.259339][ T28] audit: type=1326 audit(1758581310.956:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 313.281889][ T28] audit: type=1326 audit(1758581310.976:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.0.1003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff5df8eec9 code=0x7ffc0000 [ 314.165116][ T9184] ksmbd: Unknown IPC event: 0, ignore. [ 315.154621][ T9212] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 315.163360][ T9212] overlayfs: failed to set xattr on upper [ 315.169172][ T9212] overlayfs: ...falling back to redirect_dir=nofollow. [ 315.196512][ T9212] overlayfs: ...falling back to index=off. [ 315.205845][ T9212] overlayfs: ...falling back to uuid=null. [ 315.234471][ T9212] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 315.249074][ T9215] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 315.272584][ T9215] overlayfs: failed to set xattr on upper [ 315.296036][ T9215] overlayfs: ...falling back to redirect_dir=nofollow. [ 315.338887][ T9218] ksmbd: Unknown IPC event: 0, ignore. [ 315.356562][ T9215] overlayfs: ...falling back to index=off. [ 315.368787][ T9215] overlayfs: ...falling back to uuid=null. [ 315.440415][ T9215] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 315.528938][ T9215] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 315.769543][ T9227] overlayfs: failed to resolve './file1': -2 [ 315.781668][ T9227] overlayfs: failed to resolve './file1': -2 [ 316.528726][ T9251] ksmbd: Unknown IPC event: 0, ignore. [ 316.791172][ T9258] overlayfs: failed to resolve './file1': -2 [ 316.812390][ T9258] overlayfs: failed to resolve './file1': -2 [ 317.369476][ T9278] loop2: detected capacity change from 0 to 128 [ 317.398375][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.405219][ T1275] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.422602][ T9278] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 317.426102][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 317.426120][ T28] audit: type=1800 audit(1758581315.886:46): pid=9278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1050" name="file2" dev="loop2" ino=1048620 res=0 errno=0 [ 317.449669][ T9278] FAT-fs (loop2): Filesystem has been set read-only [ 317.467995][ T9278] bio_check_eod: 2943 callbacks suppressed [ 317.468011][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.468011][ T9278] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 317.491424][ T9278] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 317.499567][ T9278] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 317.511233][ T9278] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 317.519375][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.519375][ T9278] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 317.534840][ T9278] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 317.543056][ T9278] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 317.551468][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.551468][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 317.565328][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.565328][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 317.579222][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.579222][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 317.592989][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.592989][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 317.610031][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.610031][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 317.630766][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.630766][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 317.651308][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.651308][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 317.675241][ T9278] syz.2.1050: attempt to access beyond end of device [ 317.675241][ T9278] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 318.030053][ T9288] ksmbd: Unknown IPC event: 0, ignore. [ 320.486749][ T9308] team0: Failed to send options change via netlink (err -105) [ 320.522201][ T9308] team0: Failed to send options change via netlink (err -105) [ 320.538318][ T9308] team0: Mode changed to "activebackup" [ 320.622752][ T9313] loop0: detected capacity change from 0 to 128 [ 320.666357][ T28] audit: type=1800 audit(1758581319.136:47): pid=9313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1062" name="file2" dev="loop0" ino=1048621 res=0 errno=0 [ 320.681647][ T9313] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 320.735605][ T9313] FAT-fs (loop0): Filesystem has been set read-only [ 320.749483][ T9313] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 320.758826][ T9313] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 320.769007][ T9313] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 320.780376][ T9313] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 320.789006][ T9313] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 321.855958][ T9331] fuse: Unknown parameter 'grou00000000000000000000' [ 322.059302][ T9339] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 322.075173][ T9339] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 322.089153][ T9339] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 323.236384][ T9351] loop1: detected capacity change from 0 to 128 [ 323.332038][ T28] audit: type=1800 audit(1758581321.796:48): pid=9351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1075" name="file2" dev="loop1" ino=1048622 res=0 errno=0 [ 323.354165][ T9351] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 323.378101][ T9351] FAT-fs (loop1): Filesystem has been set read-only [ 323.399528][ T9351] bio_check_eod: 5436 callbacks suppressed [ 323.399544][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.399544][ T9351] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 323.438317][ T9351] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 323.467064][ T9351] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 323.488580][ T9351] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 323.522263][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.522263][ T9351] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 323.536709][ T9351] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 323.545255][ T9351] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 323.553579][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.553579][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 323.567738][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.567738][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 323.589533][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.589533][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 323.626992][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.626992][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 323.649055][ T9365] ksmbd: Unknown IPC event: 0, ignore. [ 323.669567][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.669567][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 323.708237][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.708237][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 323.763488][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.763488][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 323.829503][ T9351] syz.1.1075: attempt to access beyond end of device [ 323.829503][ T9351] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 324.472530][ T9388] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 324.479931][ T9388] overlayfs: failed to set xattr on upper [ 324.487987][ T9388] overlayfs: ...falling back to redirect_dir=nofollow. [ 324.518461][ T9388] overlayfs: ...falling back to index=off. [ 324.533096][ T9388] overlayfs: ...falling back to uuid=null. [ 324.900134][ T9401] loop1: detected capacity change from 0 to 128 [ 324.933675][ T28] audit: type=1800 audit(1758581323.406:49): pid=9401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1091" name="file2" dev="loop1" ino=1048623 res=0 errno=0 [ 324.934443][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 324.971166][ T9401] FAT-fs (loop1): Filesystem has been set read-only [ 324.988487][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 324.997957][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 325.007094][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 325.016050][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 325.024186][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 326.377426][ T9438] ksmbd: Unknown IPC event: 0, ignore. [ 327.447290][ T9446] loop3: detected capacity change from 0 to 128 [ 327.505784][ T9446] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 327.511793][ T28] audit: type=1800 audit(1758581325.976:50): pid=9446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1106" name="file2" dev="loop3" ino=1048624 res=0 errno=0 [ 327.536815][ T9446] FAT-fs (loop3): Filesystem has been set read-only [ 327.554946][ T9446] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 327.568097][ T9446] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 327.617842][ T9446] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 327.645048][ T9446] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 327.653324][ T9446] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 327.831943][ T9459] overlayfs: failed to resolve './file1': -2 [ 327.861632][ T9459] overlayfs: failed to resolve './file1': -2 [ 328.405609][ T9446] bio_check_eod: 20743 callbacks suppressed [ 328.405627][ T9446] syz.3.1106: attempt to access beyond end of device [ 328.405627][ T9446] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 329.012073][ T9446] syz.3.1106: attempt to access beyond end of device [ 329.012073][ T9446] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 329.027098][ T9446] syz.3.1106: attempt to access beyond end of device [ 329.027098][ T9446] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 329.109012][ T9477] ksmbd: Unknown IPC event: 0, ignore. [ 329.942234][ T9502] loop3: detected capacity change from 0 to 128 [ 329.992190][ T28] audit: type=1800 audit(1758581328.466:51): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1126" name="file2" dev="loop3" ino=1048625 res=0 errno=0 [ 329.993783][ T9502] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 330.067066][ T9502] FAT-fs (loop3): Filesystem has been set read-only [ 330.074408][ T9502] syz.3.1126: attempt to access beyond end of device [ 330.074408][ T9502] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 330.088939][ T9502] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 330.111566][ T9502] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 330.144610][ T9502] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 330.173239][ T9502] syz.3.1126: attempt to access beyond end of device [ 330.173239][ T9502] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 330.197729][ T9502] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 330.206634][ T9502] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 330.215134][ T9502] syz.3.1126: attempt to access beyond end of device [ 330.215134][ T9502] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 330.229662][ T9502] syz.3.1126: attempt to access beyond end of device [ 330.229662][ T9502] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 330.243717][ T9502] syz.3.1126: attempt to access beyond end of device [ 330.243717][ T9502] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 330.261198][ T9502] syz.3.1126: attempt to access beyond end of device [ 330.261198][ T9502] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 330.275283][ T9502] syz.3.1126: attempt to access beyond end of device [ 330.275283][ T9502] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 330.431337][ T9514] ksmbd: Unknown IPC event: 0, ignore. [ 330.478080][ T9516] capability: warning: `syz.0.1131' uses deprecated v2 capabilities in a way that may be insecure [ 332.609403][ T28] audit: type=1326 audit(1758581331.076:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.2.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x7ffc0000 [ 332.633760][ T28] audit: type=1326 audit(1758581331.086:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.2.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x7ffc0000 [ 332.657034][ T28] audit: type=1326 audit(1758581331.096:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.2.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4853d8eec9 code=0x7ffc0000 [ 332.699080][ T28] audit: type=1326 audit(1758581331.096:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.2.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x7ffc0000 [ 332.790429][ T28] audit: type=1326 audit(1758581331.096:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.2.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f4853d8eec9 code=0x7ffc0000 [ 332.881717][ T28] audit: type=1326 audit(1758581331.096:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.2.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x7ffc0000 [ 332.933648][ T28] audit: type=1326 audit(1758581331.106:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9533 comm="syz.2.1135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x7ffc0000 [ 332.981750][ T9548] loop3: detected capacity change from 0 to 128 [ 333.249434][ T9556] loop1: detected capacity change from 0 to 128 [ 333.313181][ T28] audit: type=1800 audit(1758581331.786:59): pid=9556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1142" name="file2" dev="loop1" ino=1048626 res=0 errno=0 [ 333.332993][ T9553] loop3: detected capacity change from 0 to 8192 [ 333.335486][ T9556] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 333.366143][ T9556] FAT-fs (loop1): Filesystem has been set read-only [ 333.376582][ T9556] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 333.395110][ T9556] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 333.444610][ T9556] bio_check_eod: 1000 callbacks suppressed [ 333.444628][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.444628][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.493453][ T9561] ksmbd: Unknown IPC event: 0, ignore. [ 333.550243][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.550243][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.564458][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.564458][ T9556] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 333.578506][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.578506][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.645371][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.645371][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.716335][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.716335][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.730170][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.730170][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.743828][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.743828][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.761827][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.761827][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 333.841384][ T9556] syz.1.1142: attempt to access beyond end of device [ 333.841384][ T9556] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 336.338349][ T9597] ksmbd: Unknown IPC event: 0, ignore. [ 336.998740][ T9615] loop1: detected capacity change from 0 to 512 [ 337.155884][ T9615] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 337.169131][ T9615] ext4 filesystem being mounted at /300/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 339.522129][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.770887][ T9649] ksmbd: Unknown IPC event: 0, ignore. [ 343.571392][ T9685] loop1: detected capacity change from 0 to 16 [ 343.617217][ T9685] erofs: (device loop1): mounted with root inode @ nid 36. [ 343.650471][ T9687] lo: entered allmulticast mode [ 343.680165][ T9685] bio_check_eod: 1457 callbacks suppressed [ 343.680183][ T9685] syz.1.1182: attempt to access beyond end of device [ 343.680183][ T9685] loop1: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 343.715782][ T9685] syz.1.1182: attempt to access beyond end of device [ 343.715782][ T9685] loop1: rw=0, sector=1342177272, nr_sectors = 32 limit=16 [ 343.732272][ T9687] tunl0: entered allmulticast mode [ 343.744592][ T28] audit: type=1800 audit(1758581342.216:60): pid=9685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1182" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 343.748082][ T9687] gre0: entered allmulticast mode [ 343.820168][ T9687] gretap0: entered allmulticast mode [ 343.826305][ T9687] erspan0: entered allmulticast mode [ 343.828748][ T9687] ip_vti0: entered allmulticast mode [ 343.832891][ T9687] ip6_vti0: entered allmulticast mode [ 343.835454][ T9687] sit0: entered allmulticast mode [ 343.861420][ T9687] ip6tnl0: entered allmulticast mode [ 344.075072][ T9687] ip6gre0: entered allmulticast mode [ 344.274752][ T9687] syz_tun: entered allmulticast mode [ 344.457255][ T9687] ip6gretap0: entered allmulticast mode [ 344.601878][ T9687] bridge0: entered allmulticast mode [ 344.646949][ T9687] vcan0: entered allmulticast mode [ 344.718181][ T9687] bond0: entered allmulticast mode [ 344.741977][ T9687] bond_slave_0: entered allmulticast mode [ 344.774866][ T9687] bond_slave_1: entered allmulticast mode [ 344.836064][ T9687] team0: entered allmulticast mode [ 344.850108][ T9687] team_slave_0: entered allmulticast mode [ 344.855954][ T9687] team_slave_1: entered allmulticast mode [ 344.935812][ T9687] dummy0: entered allmulticast mode [ 344.979030][ T9687] nlmon0: entered allmulticast mode [ 344.994599][ T9687] caif0: entered allmulticast mode [ 345.007398][ T9687] batadv0: entered allmulticast mode [ 345.017372][ T9687] vxcan0: entered allmulticast mode [ 345.024962][ T9687] vxcan1: entered allmulticast mode [ 345.040574][ T9687] veth0: entered allmulticast mode [ 345.050268][ T9687] veth1: entered allmulticast mode [ 345.055642][ T9687] wg0: entered allmulticast mode [ 345.077822][ T9687] wg1: entered allmulticast mode [ 345.083669][ T9687] wg2: entered allmulticast mode [ 345.089019][ T9687] veth0_to_bridge: entered allmulticast mode [ 345.095806][ T9687] veth1_to_bridge: entered allmulticast mode [ 345.102329][ T9687] veth0_to_bond: entered allmulticast mode [ 345.108616][ T9687] veth1_to_bond: entered allmulticast mode [ 345.115209][ T9687] veth0_to_team: entered allmulticast mode [ 345.130891][ T9687] veth1_to_team: entered allmulticast mode [ 345.137203][ T9687] veth0_to_batadv: entered allmulticast mode [ 345.155852][ T9687] batadv_slave_0: entered allmulticast mode [ 345.169570][ T9687] veth1_to_batadv: entered allmulticast mode [ 345.184621][ T9687] batadv_slave_1: entered allmulticast mode [ 345.200194][ T9687] xfrm0: entered allmulticast mode [ 345.224613][ T9687] veth0_to_hsr: entered allmulticast mode [ 345.235205][ T9687] hsr_slave_0: entered allmulticast mode [ 345.252432][ T9687] veth1_to_hsr: entered allmulticast mode [ 345.258375][ T9687] hsr_slave_1: entered allmulticast mode [ 345.291330][ T9687] hsr0: entered allmulticast mode [ 345.314959][ T9687] veth1_virt_wifi: entered allmulticast mode [ 345.333446][ T9687] veth0_virt_wifi: entered allmulticast mode [ 345.350623][ T9687] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 345.368432][ T9687] veth1_vlan: entered allmulticast mode [ 345.384757][ T9687] veth0_vlan: entered allmulticast mode [ 345.405460][ T9687] vlan0: entered allmulticast mode [ 345.411006][ T9687] vlan1: entered allmulticast mode [ 345.416341][ T9687] macvlan0: entered allmulticast mode [ 345.422235][ T9687] macvlan1: entered allmulticast mode [ 345.427849][ T9687] ipvlan0: entered allmulticast mode [ 345.433529][ T9687] ipvlan1: entered allmulticast mode [ 345.439006][ T9687] veth1_macvtap: entered allmulticast mode [ 345.445112][ T9687] veth0_macvtap: entered allmulticast mode [ 345.845492][ T9687] macvtap0: entered allmulticast mode [ 345.940425][ T9687] macsec0: entered allmulticast mode [ 346.115154][ T9687] geneve0: entered allmulticast mode [ 346.130170][ T9687] geneve1: entered allmulticast mode [ 346.146397][ T9687] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 346.164593][ T9687] netdevsim netdevsim2 netdevsim1: entered allmulticast mode [ 346.184767][ T9687] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 346.205174][ T9687] netdevsim netdevsim2 netdevsim3: entered allmulticast mode [ 346.230143][ T9687] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 346.247734][ T9687] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 346.562012][ T9723] loop1: detected capacity change from 0 to 128 [ 346.648640][ T28] audit: type=1804 audit(1758581345.116:61): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1194" name="/newroot/306/bus/bus" dev="loop1" ino=1048627 res=1 errno=0 [ 346.990430][ T28] audit: type=1326 audit(1758581345.466:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9737 comm="syz.2.1199" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4853d8eec9 code=0x0 [ 347.304664][ T9723] syz.1.1194: attempt to access beyond end of device [ 347.304664][ T9723] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 347.323762][ T9723] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 347.333169][ T9728] syz.1.1194: attempt to access beyond end of device [ 347.333169][ T9728] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 347.351528][ T9728] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 347.412138][ T9723] syz.1.1194: attempt to access beyond end of device [ 347.412138][ T9723] loop1: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 347.492243][ T9723] Buffer I/O error on dev loop1, logical block 128, lost async page write [ 349.153919][ T9773] fuse: Bad value for 'fd' [ 350.232889][ T9784] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 350.244119][ T9784] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 350.446607][ T9788] Illegal XDP return value 4294967274 on prog (id 103) dev N/A, expect packet loss! [ 350.483806][ T9790] loop3: detected capacity change from 0 to 512 [ 350.599946][ T9790] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1217: bad orphan inode 13 [ 350.705191][ T9790] ext4_test_bit(bit=12, block=4) = 1 [ 350.730005][ T9790] is_bad_inode(inode)=0 [ 350.757061][ T9790] NEXT_ORPHAN(inode)=0 [ 350.771932][ T9790] max_ino=32 [ 350.775198][ T9790] i_nlink=1 [ 350.779346][ T9790] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 352.502905][ T9820] kvm: pic: non byte write [ 353.184811][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.639793][ T9849] loop2: detected capacity change from 0 to 512 [ 353.656263][ T9849] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 354.841036][ T9863] loop3: detected capacity change from 0 to 512 [ 354.889195][ T9863] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.1241: bad orphan inode 13 [ 354.936110][ T9863] ext4_test_bit(bit=12, block=4) = 1 [ 354.955874][ T9863] is_bad_inode(inode)=0 [ 354.996828][ T9863] NEXT_ORPHAN(inode)=0 [ 355.020013][ T9863] max_ino=32 [ 355.023361][ T9863] i_nlink=1 [ 355.027939][ T9863] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 357.472866][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.488334][ T9898] kvm: pic: non byte write [ 358.946230][ T9929] loop2: detected capacity change from 0 to 512 [ 359.051457][ T9929] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.1263: bad orphan inode 13 [ 359.104403][ T9929] ext4_test_bit(bit=12, block=4) = 1 [ 359.161733][ T9929] is_bad_inode(inode)=0 [ 359.165984][ T9929] NEXT_ORPHAN(inode)=0 [ 359.209861][ T9929] max_ino=32 [ 359.213248][ T9929] i_nlink=1 [ 359.217778][ T9929] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 359.284179][ T9939] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1264'. [ 359.745362][ T9946] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 359.785116][ T9946] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 359.949699][ T9953] kvm: pic: non byte write [ 361.259886][ T6937] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 361.296929][ T9966] loop3: detected capacity change from 0 to 512 [ 361.443037][ T9968] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1275'. [ 361.470426][ T6937] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 361.479102][ T6937] usb 2-1: config 1 descriptor has 1 excess byte, ignoring [ 361.507540][ T6937] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 361.524138][ T6937] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 361.552524][ T6937] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 361.577070][ T6937] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 361.586168][ T6937] usb 2-1: Product: syz [ 361.599887][ T6937] usb 2-1: Manufacturer: syz [ 361.614597][ T6937] cdc_wdm 2-1:1.0: skipping garbage [ 361.625112][ T6937] cdc_wdm: probe of 2-1:1.0 failed with error -22 [ 361.760622][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.394998][ T6937] usb 2-1: USB disconnect, device number 13 [ 363.655593][T10002] loop1: detected capacity change from 0 to 512 [ 363.720012][T10002] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.1286: bad orphan inode 13 [ 363.741737][T10002] ext4_test_bit(bit=12, block=4) = 1 [ 363.747191][T10002] is_bad_inode(inode)=0 [ 363.793867][T10002] NEXT_ORPHAN(inode)=0 [ 363.819501][T10002] max_ino=32 [ 363.841833][T10002] i_nlink=1 [ 363.858255][T10002] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.739893][ T7164] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 365.686985][ T7164] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 365.697736][ T7164] usb 4-1: config 1 descriptor has 1 excess byte, ignoring [ 365.720094][ T7164] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 365.729239][ T7164] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 365.772321][ T7164] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 365.789844][ T7164] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 365.800463][T10036] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=568208745 (2272834980 ns) > initial count (932309172 ns). Using initial count to start timer. [ 365.809959][ T7164] usb 4-1: Product: syz [ 365.833996][ T7164] usb 4-1: Manufacturer: syz [ 365.846103][ T7164] cdc_wdm 4-1:1.0: skipping garbage [ 365.853725][ T7164] cdc_wdm: probe of 4-1:1.0 failed with error -22 [ 366.026878][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.534299][ T6937] usb 4-1: USB disconnect, device number 4 [ 367.646653][T10062] loop2: detected capacity change from 0 to 512 [ 367.670698][T10062] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.1306: bad orphan inode 13 [ 367.713802][T10062] ext4_test_bit(bit=12, block=4) = 1 [ 367.728490][T10062] is_bad_inode(inode)=0 [ 367.757520][T10062] NEXT_ORPHAN(inode)=0 [ 367.774608][T10062] max_ino=32 [ 367.790317][T10062] i_nlink=1 [ 367.795078][T10062] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.310693][T10065] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 368.482167][T10084] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 368.525251][T10084] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 369.070452][ T6937] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 369.400594][ T6937] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 369.524594][ T6937] usb 1-1: config 1 has an invalid descriptor of length 56, skipping remainder of the config [ 369.724411][ T6937] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 369.759900][ T6937] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 369.840452][ T6937] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 369.887827][ T6937] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 369.934834][ T6937] usb 1-1: Product: syz [ 369.952951][ T6937] usb 1-1: Manufacturer: syz [ 369.983311][ T6937] cdc_wdm 1-1:1.0: skipping garbage [ 369.988621][ T6937] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 370.046146][T10102] fuse: Bad value for 'rootmode' [ 370.123626][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.394503][T10115] loop1: detected capacity change from 0 to 256 [ 370.567525][T10121] loop1: detected capacity change from 0 to 128 [ 370.947583][T10131] loop2: detected capacity change from 0 to 512 [ 370.977687][T10131] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.1327: bad orphan inode 13 [ 371.019275][T10131] ext4_test_bit(bit=12, block=4) = 1 [ 371.052369][T10131] is_bad_inode(inode)=0 [ 371.056605][T10131] NEXT_ORPHAN(inode)=0 [ 371.070809][T10131] max_ino=32 [ 371.074169][T10131] i_nlink=1 [ 371.079009][T10131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 371.660022][T10126] 9pnet_fd: p9_fd_create_tcp (10126): problem connecting socket to 127.0.0.1 [ 371.687999][ T6937] usb 1-1: USB disconnect, device number 16 [ 372.229833][T10160] fuse: Bad value for 'rootmode' [ 372.438756][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.713847][T10173] loop2: detected capacity change from 0 to 512 [ 372.753134][T10173] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 372.770454][T10173] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 374.167732][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.308453][ T6924] kernel write not supported for file bpf-prog (pid: 6924 comm: kworker/1:8) [ 374.403509][ T5855] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 374.485535][T10190] program syz.3.1346 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 374.518281][T10190] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 374.609020][ T5855] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 374.639968][ T5855] usb 1-1: config 1 has an invalid descriptor of length 56, skipping remainder of the config [ 374.674377][ T5855] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 374.694791][ T5855] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 374.730629][ T5855] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 374.746149][ T5855] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 374.758352][ T5855] usb 1-1: Product: syz [ 374.774608][ T5855] usb 1-1: Manufacturer: syz [ 374.790726][T10201] fuse: Bad value for 'rootmode' [ 374.805401][ T5855] cdc_wdm 1-1:1.0: skipping garbage [ 374.817105][ T5855] cdc_wdm: probe of 1-1:1.0 failed with error -22 [ 376.409574][ T6924] usb 1-1: USB disconnect, device number 17 [ 376.925885][T10248] fuse: Unknown parameter 'use00000000000000000000' [ 377.327376][T10269] loop0: detected capacity change from 0 to 164 [ 377.373828][T10269] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 377.850687][T10279] loop7: detected capacity change from 0 to 7 [ 377.866324][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 377.875642][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 377.887334][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 377.896623][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 377.911766][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 377.921077][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 377.929455][T10280] [ 377.931819][T10280] ================================================ [ 377.938323][T10280] WARNING: lock held when returning to user space! [ 377.944840][T10280] syzkaller #0 Not tainted [ 377.949273][T10280] ------------------------------------------------ [ 377.955789][T10280] syz.2.1377/10280 is leaving the kernel with locks still held! [ 377.959990][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 377.963412][T10280] 1 lock held by syz.2.1377/10280: [ 377.963427][T10280] #0: ffff888021bf3b60 (&lo->lo_mutex){+.+.}-{3:3} [ 377.972657][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 377.977660][T10280] , at: loop_set_block_size+0x7c/0x480 [ 377.990218][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 378.006829][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 378.015935][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 378.025157][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 378.033829][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 378.043054][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 378.052412][T10279] ldm_validate_partition_table(): Disk read failed. [ 378.062796][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 378.072026][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 378.081441][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 378.090684][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 378.098922][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 378.108481][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 378.116525][T10279] Dev loop7: unable to read RDB block 0 [ 378.145681][T10279] loop7: unable to read partition table [ 378.151844][T10279] loop7: partition table beyond EOD, truncated [ 378.165337][T10279] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 378.822747][ T1275] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.829136][ T1275] ieee802154 phy1 wpan1: encryption failed: -22