last executing test programs: 15m48.349962268s ago: executing program 0 (id=40): r0 = socket$inet(0x2, 0x2, 0x1) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4000, @rand_addr=0x64010101}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000300)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x810) 15m47.317194243s ago: executing program 0 (id=45): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)={0x38, r1, 0x1, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x8040}, 0x80) 15m46.421302058s ago: executing program 0 (id=50): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1f000000ff7f0000", @ANYRESHEX], 0x50) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default trusted:syz -'], 0x2d, 0xfffffffffffffff9) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) 15m45.582341535s ago: executing program 0 (id=52): mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioperm(0x40, 0x9, 0x7f) syz_clone3(&(0x7f00000016c0)={0xa4281200, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, 0x0}, 0x58) 15m44.091605258s ago: executing program 0 (id=58): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r0, &(0x7f0000000300)) 15m43.09067925s ago: executing program 0 (id=60): socket(0x11, 0x2, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x24, 0x14, 0x51b, 0x70bd26, 0x25dfdbff, {0x11}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "695ee93d40b4f10000"}]}, 0x24}, 0x1, 0x0, 0x0, 0x400a051}, 0x44000) 15m27.762877062s ago: executing program 32 (id=60): socket(0x11, 0x2, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)={0x24, 0x14, 0x51b, 0x70bd26, 0x25dfdbff, {0x11}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "695ee93d40b4f10000"}]}, 0x24}, 0x1, 0x0, 0x0, 0x400a051}, 0x44000) 12m17.466772396s ago: executing program 2 (id=854): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0xa3, @loopback, 0x5}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000340)=[@in6={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x12}}, 0x6}, @in6={0xa, 0x4e23, 0xffffffff, @loopback, 0x4}], 0x38) 12m16.850664601s ago: executing program 2 (id=856): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'macvtap0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r1, {0xfff3}, {0xb, 0xfff1}, {0x2, 0x8}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000) 12m16.082693317s ago: executing program 2 (id=858): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000100)=0x924) ppoll(&(0x7f0000000080)=[{r0}], 0x1, 0x0, 0x0, 0x0) write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37) 12m14.45057767s ago: executing program 2 (id=864): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)={[{@nobarrier}, {@barrier}, {@noauto_da_alloc}, {@noload}, {@nobarrier}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}]}, 0xfe, 0x44e, &(0x7f00000010c0)="$eJzs3M9vFFUcAPDvTLflt62KP0DUKhqJP1pafh68YDTxoImJHjCe6rYQZKFKayKEKHrAoyHxbjya+Bd40otRTyZe9W5IiOECmpismdmZsi67pVu2LLCfTzLw3s7bvved2bf75r2dDWBgjWf/JBGbI+L3iBhtZP9fYLzx39XLZ6t/Xz5bTaJef/OvJC935fLZalm0fN6mRqZeL/Lr2tR7/p2ImVpt7lSRn1w88f7kwukzLxw7MXN07ujcyemDB/fueXRk//S+nsSZxXVl+8fzO7a9+vaF16uHL7z787dZezcX+5vj6JXxxtFt6+leV9ZnW5rSSaWPDaErQxGRna7hvP+PxlBsWNo3Gq981tfGAWuqXq/X230+F87VgbtYEv1uAdAf5Qd9dv1bbrdo6HFbuHQo4oMDjfivFltjTyXSosxwy/VtL41HxOFz/3yVbbFG8xAAAM2+PxQRz7cb/6XxYFO5e4o1lLGIuDci7ouI+yNia0Q8EJGXfSgiHu6y/tYVkuvHP+nFVQW2Qtn478VibWtp/PdvPY+/MDZU5Lbk8Q8nR47V5nYXx2RXDK/L8lPL1PHDy7990Wlf8/gv27L6y7FgQ3qx0jJBNzuzOHOTYS+59GnE9kpL/LkkymWcJCK2RcT2rv7ytSuMY89+s6NTqRvHv4werDPVv454pnH+z0VL/KWk4/rk1IH90/sm10dtbvdk+aq43i+/nn+jU/03FX8PZOd/Y+vrP7cU/1iyPmLh9Jnj+XrtQvd1nP/j82qnK6jVvv5Hkrfy9Ejx2Eczi4unpiJGkteuf3z62nPLfFk+i3/Xznbxp/l7XHkkHmmq/7GIeLxo+xMR8WRE7Fwm/p9eeuq9Tvs6x7/MrHwPZfHP3uj8R/P57z4xdPzH77qPv5Sd/715alfxyEre/1bawJs5dgAAAHCnSPPvwCfpxFI6TScmGt/h3xob09r8wuJzR+Y/PDnb+K78WAyn5UzXaNN86FQxN1zmp1vye4p54y+HNuT5iep8bbbfwcOA29Sh/2f+HOp364A1534tGFz6Pwwu/R8Gl/4Pg0v/h8HVrv9/0od2ALeez38YXPo/DC79HwaX/g8DqeO98Wn5s8CruuVf4q5PRNr9sypxmzT+TkpUVvxjFqtMrGu7q9/vTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xXwAAAP//xuLr/w==") mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262) 12m13.000738971s ago: executing program 2 (id=869): r0 = syz_usb_connect$uac1(0x2, 0xa5, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902930003010000000904000000010100000a240100000002010213240600000600000000000000dfff000000000924030000000000000924050000f8431cfd09240300000300040206240504"], 0x0) syz_usb_control_io(r0, &(0x7f00000009c0)={0x2c, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x816}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x140c}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$uac1(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x340a}}}, 0x0) 12m11.882143032s ago: executing program 2 (id=874): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) shutdown(r0, 0x1) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x9) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000200)=0x3, 0x4) 12m9.496013101s ago: executing program 33 (id=874): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) shutdown(r0, 0x1) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x9) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000200)=0x3, 0x4) 7m2.421045862s ago: executing program 5 (id=1938): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@dev={0xfe, 0x80, '\x00', 0x12}, 0x300, 0x0, 0x2, 0x9, 0x0, 0x8}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000003c0)={@mcast1, 0x0, 0x0, 0x2, 0x1, 0x5, 0xb}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x300, 0x2, 0x2, 0x0, 0x6, 0xf}, 0x20) 7m1.691223795s ago: executing program 5 (id=1943): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f00000000c0)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a340977770a89"], 0xa) 7m0.920259665s ago: executing program 5 (id=1947): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x2c, &(0x7f00000001c0)=[@in6={0xa, 0x4e24, 0x9, @private2={0xfc, 0x2, '\x00', 0x6}, 0x7177}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000380)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@sack_info={r1, 0x0, 0x40}, 0xc) 6m59.173938123s ago: executing program 5 (id=1953): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) unlinkat(r0, &(0x7f0000000b40)='./file1\x00', 0x200) 6m58.485923039s ago: executing program 5 (id=1957): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000840)=[{{&(0x7f0000000300)={0xa, 0x4e25, 0x40000, @rand_addr=' \x01\x00', 0x5}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000000340)='P', 0x1}], 0x1}}], 0x1, 0x24004001) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000240)={0x0, 0x6, 0x30, 0x7, 0x9}, &(0x7f0000000280)=0x18) 6m56.995652585s ago: executing program 5 (id=1961): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x20040000) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x7b64, &(0x7f0000000280)=[{&(0x7f0000000100)="5c00000012006bab9e3fe3d8fd8978f45225d9ee000000007ea60860160af36504000100080ec000000002009ee517c356a7b0251e61e659ad3af435cf01c937e786a6d0bdd7fcf50e4509c5cc68b7ed9c232d786c35fe0000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 6m54.051161777s ago: executing program 34 (id=1961): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x20040000) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x7b64, &(0x7f0000000280)=[{&(0x7f0000000100)="5c00000012006bab9e3fe3d8fd8978f45225d9ee000000007ea60860160af36504000100080ec000000002009ee517c356a7b0251e61e659ad3af435cf01c937e786a6d0bdd7fcf50e4509c5cc68b7ed9c232d786c35fe0000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 3m39.373643744s ago: executing program 6 (id=2722): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000180)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x5a}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x1c, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x5, "75e7c9"}]}}}}}}}}, 0x0) 3m38.588884596s ago: executing program 6 (id=2726): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0xdc, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x88, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x3e, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17], 0x0, [0x5, 0x4, 0x19, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8001]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x24, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x9}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x2c2a1f44}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x6, 0x100, 0x40059, 0x0, 0x7ff, 0x1fe}}, {0x4}}]}]}, 0xdc}}, 0x0) 3m37.859608508s ago: executing program 6 (id=2729): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)={0x20, 0x1, 0x3, 0x401, 0x0, 0x0, {0x1}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffc}}]}, 0x20}, 0x1, 0x0, 0x0, 0x804}, 0x4004840) 3m37.230305215s ago: executing program 6 (id=2733): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x12c5008, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) 3m36.494873638s ago: executing program 6 (id=2736): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) io_uring_setup(0x456, &(0x7f00000000c0)={0x0, 0x3, 0x1000, 0x1004003, 0x3c}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r0, 0xc008aec1, &(0x7f00000000c0)) 3m35.684108993s ago: executing program 6 (id=2739): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-256\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x80800) recvmsg$unix(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)=""/23, 0x17}, {&(0x7f00000001c0)=""/12, 0xc}], 0x2}, 0x2) 3m33.366905907s ago: executing program 35 (id=2739): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-256\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x80800) recvmsg$unix(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)=""/23, 0x17}, {&(0x7f00000001c0)=""/12, 0xc}], 0x2}, 0x2) 11.050487834s ago: executing program 7 (id=3639): r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000201c1b091c00000000000109022d0001000060000904008002030000000921080400012205000905810320000908070905020340"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_ep_read(r0, 0x2, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0) 7.678443067s ago: executing program 1 (id=3655): r0 = io_uring_setup(0x46ea, &(0x7f00000000c0)={0x0, 0xc0a6, 0x40, 0x7fc, 0x3e2}) openat$mice(0xffffffffffffff9c, &(0x7f0000019080), 0x2000) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000019140)=ANY=[@ANYBLOB="1201000000000040ac0538024000010203010902240601010000000904000000030102"], 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 7.3624493s ago: executing program 7 (id=3658): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket(0x10, 0x80003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xb, "00000000000204000000000000000010"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) 6.879841483s ago: executing program 4 (id=3659): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000000)=0x6728) write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) 6.672453931s ago: executing program 7 (id=3660): unshare(0x6a040000) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1") r0 = socket(0x2, 0x3, 0xff) getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, &(0x7f00000001c0)={'broute\x00', 0x0, 0x4, 0x0, [0x7, 0x7ff, 0xfff, 0x497, 0x9, 0x2], 0x0, 0x0, 0x0}, &(0x7f0000000240)=0x78) 6.101147574s ago: executing program 4 (id=3663): r0 = syz_io_uring_setup(0xc2d, &(0x7f0000000440)={0x0, 0x40000004, 0x100, 0x1, 0x109}, &(0x7f0000000080)=0x0, &(0x7f0000000240)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0xbe9, 0x10a5, 0x3, 0x0, 0x0) io_uring_enter(r0, 0x5e5, 0xf419, 0x1, 0x0, 0x0) 4.869572611s ago: executing program 8 (id=3666): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv4_newroute={0x2c, 0x18, 0xaba64f4add525e83, 0x1, 0x0, {0x2, 0x0, 0x0, 0x0, 0xfd, 0x0, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r2}, @RTA_PREFSRC={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x44}}]}, 0x2c}, 0x1, 0xffffff7f}, 0x84) 4.757650841s ago: executing program 1 (id=3667): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000180)={0xfffff2d4, 0x200ffffd, 0x7, 0xfffffff2, 0x0, "4d6b5ccb000000000000000000000000000004", 0x8}) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/124, 0x7c}], 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x1) 4.413875498s ago: executing program 4 (id=3668): ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5f7, @name="ac2ad54970138065d4b1a10a14b7e65642722c3da99ba40f000026e78ffc1e0a"}) r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x11, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 4.25653851s ago: executing program 3 (id=3669): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bond0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xd40, 0x1200}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r2}, @IFLA_HSR_SLAVE1={0x8, 0x1, r1}, @IFLA_HSR_PROTOCOL={0x5, 0x7, 0x3}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40010}, 0x8000) 4.083159596s ago: executing program 8 (id=3670): r0 = fsopen(&(0x7f0000000180)='sysfs\x00', 0x0) r1 = fsopen(&(0x7f0000000180)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 3.868251513s ago: executing program 1 (id=3671): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000200)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100fdffffff000000001d00000008000300", @ANYRES32=r2, @ANYBLOB="40002f800c00020000000000000000000800010000000000280003801c0003800600010000000000060001000100000097fe020002000000080001"], 0x5c}}, 0x0) 3.622107599s ago: executing program 8 (id=3672): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}]}}}]}, 0x3c}}, 0x0) 3.604401703s ago: executing program 4 (id=3673): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0xffffd000) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) syz_mount_image$exfat(&(0x7f00000006c0), &(0x7f0000000240)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1008a, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYBLOB="15522f9fb321938cfd0c603340e816cfb39f3ae482756c416a8e3dabe05bb61d23c5034491a6c0ed4bb207ea240eef89d97fc58d9510ae8554624ff7a24f417541e1e7b7ccf2ded193f962b38cf53324ab7bc9fbc66cdcd1a668d65f4dabf71abf4019f3727642887ed6a0ae34e8b9e440253e246f01f989127b2f6e4a56b34d3c6f073cecb0ac12b8bfaf4d4685781a4f6d7f9256ea2de748b55e47af84", @ANYRES32, @ANYRES64], 0x21, 0x1517, &(0x7f0000001240)="$eJzs3AuYTlX7MPD7XmttxjTxNMlhWGvdmycNlkOSHJLkkCTJK0lOCaFJkoTEOEsakiTHSXIYQnKYxqRxPh9yTpKkSZKQkLC+S3993rf30Pf+/32f63vn/l3Xvqz72c+99r2fez/2s/dzPfNdj1F1mtWt2YSI4H8E/+ufZACIAYBhAJAPAAIAqBhfMf7y+jwSk/9nG2F/rofTrnUF7Fri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxs2+zCN/CScxe+/5+T8fn/P0h2mUlfbShzU89/I4X7n7Nx/3M27n/Oxv3P2bj/ORv3P2fj/uds3H/GcrL//r1j/u7gP2G51scfY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLGc4Zy/SgHAb+NrXRdjjDHGGGOMMcb+PD73ta6AMcYYY4wxxhhj//chCJCACJALckMM5IFYuA7i4HrIC/kgAjdAPNwI+eEmKAAFoRAUhgQoAkVBgwELBCEUg+IQhZuhBNwCiVASSkFpcFAGykI5KA+3QgW4DSrC7VAJ7oDKUAWqQjW4E6rDXVAD7oaacA/UgtpQB+rCvVAP7oP6cD80gAegITwIjeAhaAx/gSbwMDSFR6AZPArN4TFoAS2hFbSGNv+t/BehD7wEfaEfJEN/GAADYRAMhiEwFIbByzAcXoER8CqkwEgYBa/BaHgdxsAbMBbehHHwFoyHCTARJsFkmAKp8DZMhXdgGrwL02EGzIRZkAazYQ68B3NhHsyH92EBfAALYREshiWQDh9CBiyFTPgIlsHHkAXLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBp/AdtgBO2EX7IY9sBc+hX3wGeyHz+EAfPFv5p/9XX5PBAQUKFChwlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBQNGiQkVFeOpBJYAhMxEUthKXTosCyWxfJ4K1bAClgRK2IlrISVsQpWwWpYDatjdayBNbAm1sRaWAvrYB28F+/F+7A+1scG2AAbYkNshI2wMTbGJtgEm2JTbIbNsDk2xxbYAlthK2yDbbAttsV22A47YAfsiB2xM3bGJEzCLtgFu2JX7IbdsDt2xx7YA3tiL+yFL+KL+BK+hP2wluiPA3AADsJBOASH4lB8GYfjK/gKvoopOBJH4Wv4Gr6OY/AMjsU3cRyOw+piAk7ESUhiCqZiKk7FqTgNp+F0nIEzcBam4Wycg3NwLs7Defg+LsAP8ANchItwCaZjOmbgUszETFyGZzELl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBU/wU9wB+7AXbgL91x+rfFT/Aw/wxQ8gAfwIB7EQ3gID+NhzMZsPIJH8CgexWN4DI/jcTyBJ/EUnsTTeBrP4Fk8h+fwPJ7HC/h8wjdN95RcnwLiMiWUyCVyiRgRI2JFrIgTcSKvyCsiIiLiRbzIL/KLAqKAKCQKiQSRIIqKosIII0iEopgoJqIiKkqIEiJRJIpSopRwwomyoqwoL8qLCqKCqChuF5XEHaKyqCLau2qimqguOrga4m5RU9QUtURtUUfUFXVFPVFP1Bf1RQPRQDQUDUUj8ZBoLPrjEHxYXO5MMzESm4tR2EK0FK1Ea/E6Pi7aijHYTrQXHcST4k0ci51FW5cknhZdxETsKp4Vk/A50V1MwR7iBdFT9BK9xYuij2jn+op+Yjr2FwPELBwkBoshYqiYi7XF5Y7VEa+KFDFSjBKviSX4uvjtGB8n3hLjxQQxUUwSk8UUkSreFlPFO2KaeFdMFzPETDFLpInZYo54T8wV88R88b5YID4QC8UisVgsEeniQ5EhlopM8ZFYJj4WWWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im3iE7Fd7BA7xS6xW+wRe8WnYp/4TOwXn4sD4gtxUHwpDomvxGHxtcgW34gj4ltxVHwnjonvxXHxgzghTopT4kdxWvwkzoiz4pz4WZwXv4gL4qK4JLwAiVJIKZUMZC6ZW8bIPDJWXifj5PUyr8wnI/IGGS9vlPnlTbKALCgLycIyQRaRRaWWRlpJMpTFZHEZlTfLEvIWmShLylKytHSyjCwry8ny8lZZQd4mK8rbZSV5h6wsq8iqspq8U1aXd8ka8m5ZU94ja8naso6sK++V9eR9sr68XzaQD8iG8kHZSD4kG8u/yCbyYdlUPiKbyUdlc/mYbCFbylaytWwjH5dt5ROynWwvO8gnZUfZSXaWT8kk+bTsIp+RXeWzspt8TnaXz8se8gXZU/aSveVFeUl62Vf2k8myvxwgB8pBcrAcIofKYfJlOVy+IkfIV2VKDADI1+Ro+bocI9+QY+Wbcpx8S46XE+REOUlOllNkqnxbTpXvyGnyXTldzpAz5SyZJmfLIVdmmv9/kP/OP8gfIVPkSLlVbpOfyO1yh9wpd8ndco/cK/fKfXKf3C/3ywPygDwoD8pD8pA8LA/LbJktj8gj8qg8Ko/JY/K4PC5PyJPyZ/mjPC1/kmfkWXlW/izPy/PywpXXABQqoaRSKlC5VG4Vo/KoWHWdilPXq7wqn4qoG1S8ulHlVzepAqqgKqQKqwRVRBVVWhllFalQFVPFVVTdjFfeIqqUKq2cKqPKqnL/Tr4qoW5Riark3+T/UX1tVBvVVrVV7VQ71UF1UB1VR9VZdVZJKkl1UV1UV9VVdVPdVHfVXfVQPVRP1VP1Vr1VH9VH9VV9VbJKVgPUQDVIDVZD1FA1rD+o4Wq4GqFGqBSVokapUWq0Gq3GqDFqrBqrxqlxarwaryaqiWqymqxSVaqaqqaqaWqamq6mq5lqpkpTaWqOmqPmqrlqvpqvFqgFaqFaqBarxSpdpasMlaEyVaZappapLLVcLVcr1Uq1Wq1Wa9VatV6tVxvVRrVZbVZZapvaprar7Wqn2ql2q91qr9qr9ql9ar/arw6oA+qgOqgOqUPqsDqsslW2OqKOqKPqqDqmjqnj6rg6oU6oU+qUOq1OqzPqjDqnzqnz6ry6oC6oS+qSggACEYhABSrIFeQKYoKYIDaIDeKCuCBvkDeIBJEgPogP8gc3BQWCgkGhoHCQEBQJigY6MIENKAiDYkHxIBrcHJQIbgkSg5JBqaB04IIyQdmgXFA+uDWoENwWVAxuDyoFdwSVgypB1aBacGdQPbgrqBHcHdQM7glqBbWDOkHd4N6gXnBfUD+4P2gQPBA0DB4MGgUPBY2DvwRNgoeDpsEjQbPg0aB58FjQImgZtApaB23+rPkVBE0D788UfML11f10su6vB+iBepAerIfooXqYflkP16/oEfpVnaJH6lH6NT1av67H6Df0WP2mHqff0uP1BD1RT9KT9RSdqt/WU/U7epp+V0/XM/RMPUun6dl6jn5Pz9Xz9Hz9vl6gP9AL9SK9WC/R6fpDnaGX6kz9kV6mP9ZZerleoVfqVXq1XqPX6nV6vd6gN+pNerPeorfqbfoTvV3v0Dv1Lr1b79F79ad6n/5M79ef6wP6C31Qf6kP6a/0Yf21ztbf6CP6W31Uf6eP6e/1cf2DPqFP6lP6R31a/6TP6LP6nP5Zn9e/6Av6or6k/eUP95dP70YZZXKZXCbGxJhYE2viTJzJa/KaiImYeBNv8pv8poApYAqZQibBJJiipqi5jAyZYqaYiZqoKWFKmESTaEqZUsYZZ8qasqa8KW8qmAqmoqloKplKprKpbKqaquZOc6e5y9xl7jZ3m3vMPaa2qW3qmrqmnqln6pv6poFpYBqahqaRaWQam8amiWlimpqmpplpZpqb5qaFaWFamVamjWlj2pq2pp1pZzqYDqaj6Wg6m84mySSZLqaL6Wq6mm6mm+luupsepofpaXqa3qa36WP6mL6mr0k2yWaAGWAGmUFmiBlihplhZrgZbkaYESbFpJhRZpQZbUabMWaMGWveNOPMW2a8mWAmmklmspliUk2qmWqmmmlmmpluppuZZqZJM2lmjplj5pq5Zr6ZbxaYBWahWWgWm8Um3aSbDJNhMk2mWWaWmSyTZVaYFWaVWWXWmDVmnVlnNpgNZpPZZLaYLWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W8OmAPmoDnoEcAcNodNtsk2R8wRc9QcNcfMMXPcHDcnzAlzypwyp81pc8acMefMOXPe/GIumIvmkvEmxuaxsfY6G2evt3ltPvv7uJAtbBNsEVvUalvAFvyb2FhrE21JW+q3S0xbziZePpfa0tbZMrasLWcr2yq2qq1m77TV7V22xu/jfGDvs/Xt/baBfcDWtffaen8VN7QP2kb2UdvYPmab2Ja2qW1tm9lHbXP7mG1hW9pWtrXtaDvZzvYpm2Sftl3sM38XZ9ildp1dbzfYjXaf/cyesz/bo/Y7e97+YvvafnaYfdkOt6/YEfZVm2JH/l08zr5lx9sJdqKdZCfbKX8Xz7SzbJqdbefY9+xcO+/v4nT7oV1gM+1Cu8gutkt+jS/XlGk/ssvsxzbLLrcr7Eq7yq62a+za/13rSrvZbrFb7V77qd1ud9iddpfdbff8Gl/ej/32c3vAfmGP2G/tIfuVPWyP2Wz7za/x5f07Zr+3x+0P9oQ9aU/ZH+1p+5M9Y89e3n9/ed9/tBftJestEJIgSYoCykW5KYbyUCxdR3F0PeWlfBShGyiebqT8dBMVoIJUiApTAhWhoqTJkCWikIpRcYrSzVSCbqFEKkmlqDQ5KkNlqRyVp1upAt1GFel2qkR3UGWqQlWpGt1J1ekuqkF3U026h2pRbapDdeleqkf3UX26nxrQA9SQHqRG9BA1pr9QE3qYmtIj1Iwepeb0GLWgltSKWlMbepza0hPUjtpTB3qSOlIn6kxPURI9TV3oGepKz1I3eo660/PUg16gntSLetOL1Ideor7Uj5KpPw2ggTSIBtMQGkrD6GUaTq/QCHqVUmgkjaLXaDS9TmPoDRpLb9I4eovG0wSaSJNoMk2hVHqbptI7NI3epek0g2bSLEqj2TSH3qO5NI/m0/u0gD6ghbSIFtMSSqcPKYOWUiZ9RMvoY8qi5bSCVtIqWk1raC2to/W0gTbSJtpMW2grbaNPaDvtoJ20i3bTHtpLn9I+ynPlDfcFHaQv6RB9RYfpa8qmb+gIfUtH6Ts6Rt/TcfqBTtBJOkU/0mn6ic7QWTpHP9N5+oUu0EW6RJ4gxFCEMlRhEOYKc4cxYZ4wNrwujAuvD/OG+cJIeEMYH94Y5g9vCguEBcNCYeEwISwSFg11aEIbUhiGxcLiYTS8OSwR3hImhiXDUmHp0IVlwrJhubB8eGtYIbwtrBjeHlYK7wgrh1XCRx+oFt4ZVg/vCmuEd4c1w3vCWmHtsE5YN7w3rBfeF9YP7w8bhA+EFcIHw0bhQyFc+b1K0/CRsFn4aNg8fCxsEbYMW4Wtwzbh42Hb8ImwXdg+7BA+GXYMO4Wdw6fCpPDpsEv4zB+uTw77hwPCgeHA0Pv75eLokmh69MNoRnRpNDP6UXRZ9ONoVnR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U3RzdEt0a9T7urnBoRNOOuUCl8vldjEuj4t117k4d73L6/K5iLvBxbsbXX53kyvgCrpCrrBLcEVcUaedcdaRC10xV9xF3c2uhLvFJbqSrpQr7Zwr48q61q6Na+PauidcO9fedXBPuiddJ9fJPeWeck+7Lu4Z19U967q551x397x73r3gerperrd70fVxL7m+rp9LdslugBvgBrlBbogb4oa5YW64G+5GuBEuxaW4UW6UG+1GuzFujBvrxrpxbpwb78a7iW6im+wmu1SX6qa6qW6am+YCAJjpZro0l+bmuDlurpvr5rv5bkHiArfQLXSL3WKX7tJdhstwmS7TLXPLXJbLcivcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXPb3Xa30+10u91ut9ftdfvcPrff7XcH3AF30B10h9whd9h97bLdN+6I+9Yddd+5Y+57d9z94E64k+6U+9Gddj+5M+6sO+d+dufdL+6Cu+guOe9SI29HpkbeiUyLvBuZHpkRmRmZFUmLzI7MibwXmRuZF5kfeT+yIPJBZGFkUWRxZEkkPfJhJCOyNJIZ+SiyLPJxJCuyPLIisjKyKrJagS+yPfTFfHEf9Tf7Ev4Wn+hL+lK+tHe+jM/ty/ny/lZfwd/mK/rbfSV/h6/sq/iq/jHfwrf0rXxr38Y/7tv6J3w739538E/6jr6T7+yf8kn+ad/FP+O7+md9N/+c7+6f9z38C76n7+V7+xd9H/+S7+v7+WTf3w/wA/0gP9gP8UP9MP+yH+5f8SP8qz7Fj/Sj/Gt+tH/dj/Fv+LH+TT/Ov+XH+wl+op/kJ/spPtW/7af6d/w0/66f7mf4mX6WT/Oz/Rz/np/r5/n5/n2/wH/gF/pFfrFf4tP9hz7DL/WZ/iO/zH/ss/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8J3673+F3+l1+t9/j9/pP/T7/md/vP/cH/Bf+oP/SH/Jf+cP+a5/tv/FHsr71R/13/pj/3h/3P/gT/qQ/5X/0p/1P/ow/68/5n/15/4u/4C/6S//mb9Zq/xm3zhljjDHG/j808A/W9/8HjykAEFfGv3jvr99ROPuv10sA2FTgv8aDRULHCAA83a/Hw78ttWolJydfeW6WhKD4IgCI/G4DV+Ll0AE6QRK0h/L/sL7Botd5+hfzZ4yhydHbAWL/KicGrsZX5//yn8z/+JPjMiqF5+L/ef3RRQCJxa/mXL4K/y1eDh1+/eqwPVT4J/MXbPuv6s+SkOerVIB2f5UTBwDt8vy+/rLwBDwDSX/zzAb/cJuMMcYYY4wxxnKewaJqtz+4/vz1+jxBXc3JDVfjP7o+Z4wxxhhjjDHG2LX3XK/eTz2elNS+Gw94wIMcNuj0L55zrf9nYowxxhhjjP3Zrn7ov/pYnmtZEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9v/hLY9d6HxljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//8HaM+M=") 3.432755951s ago: executing program 3 (id=3674): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000006c0)={[{@orlov}, {@noauto_da_alloc}, {@inlinecrypt}, {@dioread_lock}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0xffff) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0) 3.017831927s ago: executing program 1 (id=3675): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a80)=@newtaction={0x1f4, 0x30, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [{0xdc, 0x1, [@m_simple={0xd8, 0x18, 0x0, 0x0, {{0xb}, {0x4}, {0xa9, 0x6, "c92acebef543cf5eac95ff99fdfe71226f0f8ca3945cf1e27303fef4d7edee9dc07b9c204234f1518f815a1e6f9900be0653c30ee7044fc49940d26166aca9768a60e2633236607ed8e41497a644f35e0d2494ec2432e189bde8a31ee3c25d98a9d5eabb59832b6b5d302ef8dbee798a364094b288f82acbcd5acc3d37148318dc5491c9505a46e3387d31e31c2a8f31a806aff980e9556c76256efb4a5cd9c0b1d305d220"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}]}, {0x104, 0x1, [@m_simple={0xc0, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x91, 0x6, "3ac47d8f66b9ada606aa60a7fc99c95c9fbb58402dd443e92602f7994c557e40094500a136bb53cc323abe8e9a032feb3b1811b3f9149f6f05ff436ae121782b9f13ed2deb3fee8a17863c1d88b38005a4604a93ebbc213530b8e07f71d1175d1580cb57e68478f9edf7f8e766c01a7ba01dde9f5efc04e3eb55e8d86d594f207de74400f37d97ac2edd9679a2"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ct={0x40, 0x17, 0x0, 0x0, {{0x7}, {0x18, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @remote}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x1f4}, 0x1, 0x0, 0x0, 0x4000880}, 0x20000080) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 2.755469389s ago: executing program 7 (id=3676): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000003c0)={0x0, 0xfffffffffffffd90, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r1, 0x701, 0x74bd2b, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0) syz_genetlink_get_family_id$nbd(&(0x7f0000001100), r0) 2.708154682s ago: executing program 8 (id=3677): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) 2.444345768s ago: executing program 3 (id=3678): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000005c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r0, 0x121, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0xa}]}, 0x24}, 0x1, 0x300, 0x0, 0x4048044}, 0x4800) 2.092108194s ago: executing program 1 (id=3679): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000000), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f00000005c0)={&(0x7f0000000180)={0x1d, r1}, 0x10, &(0x7f00000001c0)={&(0x7f0000000cc0)={0x1, 0x40, 0x0, {0x0, 0x2710}, {}, {}, 0x1, @can={{}, 0xfa, 0x1, 0x0, 0x0, "c6e83912ce2150c0"}}, 0x48}, 0x2}, 0x20000080) 2.019581489s ago: executing program 8 (id=3680): sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)={0x18c, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0x7c, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_TUPLE={0x60, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0xfffffffd}]}, @CTA_EXPECT_NAT={0xd4, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x4c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2c}}}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x64, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @private=0xa010100}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'sip-20000\x00'}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'snmp_trap\x00'}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xc}]}, 0x18c}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) 1.969907231s ago: executing program 7 (id=3681): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x21081e, &(0x7f00000009c0)={[{@nomblk_io_submit}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@discard}]}, 0x1, 0x515, &(0x7f00000010c0)="$eJzs3U9sHFcZAPBv1vHfuHVaegAEbWgLAUVZ25s2qnqAckIIVUL0CFJq7I1leddredelNjk4Z65IROIER44cOOfEnQuCG5dwQOKPFRQjcRg0s7Nhbe8mq8T2ut7fTxrNm3mT+b4XZ97zvs3uC2BkXY2IvYiYiIiPI2KuOJ8UW3zQ3rLrHu/fXT7Yv7ucRJp+9M8kr8/ORdefyVwu7jkVET/4TsSPk+Nxmzu760u1WnWrOJ5v1Tfnmzu7N9bqS6vV1epGpXJr8dbCezffrZxYW9+oTxSlLz/8w943fpqlNVuc6W7HSWo3ffxJnMyliPjeaQQbgrGiPRPDToTnUoqIVyPizfz5n4ux/KcJAFxkaToX6Vz3MQBw0ZXyObCkVC7mAmajVCqX23N4r8VMqdZotq7faWxvrLTnyq7EeOnOWq26UMwVXoqI7Hgxr8vrk+y4cuT4ZkS8EhE/n5zOj8vLjdrKMH/xAYARdvnI+P/vyfb4DwBccFPDTgAAOHPGfwAYPcZ/ABg9xn8AGD3t8X962GkAAGfI638AGD3GfwAYKd//8MNsSw+K779e+WRne73xyY2VanO9XN9eLi83tjbLq43Gav6dPfVn3a/WaGwuvhPbn1755mazNd/c2b1db2xvtG7n3+t9uzqeX7V3Bi0DAPp55Y0Hf06yEfn96XyLrrUcxoeaGXDaSsNOABiasWEnAAyN1b5gdL3Aa3zTA3BB9Fii95CpXh8QStM0Pb2UgFN27QuDzP8nA/QQwGdN1/y//wUMI8b8P4wu8/8wutI0GXTN/xj0QgDgfPP7P9Dn3b1Xi/1vijcHfrRy9Ir7p5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnG+d9X/LxVrgs1EqlcsRL0XElRhP7qzVqgsR8XJE/GlyfDI7XhxyzgDAiyr9LSnW/7o29/bsoarXLz8pTkTET3750S8+XWq1tv4YMZH8a7JzvnW/OF/pHeC0WwAAPF1nnM73XS/kH+/fXe5sZ5nP378dEVPt+Af7E3FQxN951FmbeCrGI2LmURLdaxUnXXMXL2LvXkR8vlf7k5jN50DaK58ejZ/FfulM45cOxS/lde199nfxuRPIBUbNg6z/+aDX81eKq/m+9/OfnT2JtdOL/i+71fJB3gf+P36n/xvr0/9dHTTGO7//brs0fbzuXsQXL0V0Yh909T+d+Emf+G8PGP8vX3r9zX516a8irkXv+N2x5lv1zfnmzu6NtfrSanW1ulGpjMWthfduvluZz+eo5/uPBv94//rL/eqy9s/0iT/1jPZ/dcD2//q/H//wK0+J//W3esUvxWtPiZ+NiV8bMP7SzO+m+tVl8Vf6tP9ZP//r/W6aHF5Q/OFfd48tGw4ADE9zZ3d9qVarbiko5IXfxrlIo3ch+yd7DtLoWfjWqdw5nTtWNRG9L/7ZW+1n+khVmj5X9H49xknMugHnwZOHPiL+M+xkAAAAAAAAAAAAAACAns7i01HDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX1/8CAAD//3ZK0g4=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x80) lseek(r0, 0x100, 0x1) getdents64(r0, 0x0, 0x0) 1.840267123s ago: executing program 4 (id=3682): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010200000000000000006700000008000300", @ANYRES32=r2, @ANYBLOB="0800c300741300000800c4"], 0x30}}, 0x0) 1.800954916s ago: executing program 3 (id=3683): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x404c8e0}, 0xc094) r0 = add_key$user(&(0x7f0000000080), &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000200)='\x00', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/67, 0x43, 0x0) 1.357461939s ago: executing program 1 (id=3684): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_dev$usbfs(&(0x7f00000000c0), 0x205, 0x2) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, 0x0, 0x20) 1.202396098s ago: executing program 3 (id=3685): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newlink={0x5c, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x4b416, 0x2021}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x24, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x4}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @local}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002) 936.768502ms ago: executing program 8 (id=3686): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) close(0x3) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x1005, &(0x7f0000000e00)=""/4101, 0x0, 0xc}, 0x22) 785.673862ms ago: executing program 4 (id=3687): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1b) 488.292204ms ago: executing program 7 (id=3688): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000019080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r2, @ANYBLOB="1c005a801800018014000300ac030800090004001d0f"], 0x38}}, 0x0) 0s ago: executing program 3 (id=3689): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x80e, &(0x7f00000005c0)={[{@barrier_val={'barrier', 0x3d, 0x101}}, {@errors_remount}]}, 0x2, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x540f, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x3053, 0x973f, 0x181, 0x1}) kernel console output (not intermixed with test programs): dpoint descriptor, different from the interface descriptor's value: 2 [ 707.248508][ T5825] aqc111 7-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 707.302913][ T5825] aqc111 7-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 707.320573][ T5821] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 707.341669][ T5821] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 707.379545][ T5825] aqc111 7-1:1.105 eth9 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 707.470680][ T5821] usb 6-1: config 0 descriptor?? [ 708.002131][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.056631][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.101051][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.123928][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.171442][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.207369][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.217112][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.240440][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.265308][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.291505][ T5821] steelseries 0003:1038:12B6.0016: unknown main item tag 0x0 [ 708.390552][ T5821] steelseries 0003:1038:12B6.0016: hidraw0: USB HID vff.fc Device [HID 1038:12b6] on usb-dummy_hcd.5-1/input0 [ 708.895271][ T5092] usb 6-1: USB disconnect, device number 14 [ 708.926525][T10701] netlink: 'syz.4.1757': attribute type 10 has an invalid length. [ 709.281880][T10700] fido_id[10700]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 709.371872][T10703] loop6: detected capacity change from 0 to 2048 [ 709.531585][T10703] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 709.602549][T10703] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 710.255147][ T9328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 710.303265][T10711] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1760'. [ 711.747230][T10718] loop4: detected capacity change from 0 to 4096 [ 712.085088][T10726] IPv6: NLM_F_CREATE should be specified when creating new route [ 712.173937][T10718] ntfs3(loop4): ino=1f, mi_enum_attr [ 712.186137][T10730] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1769'. [ 712.195920][T10718] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 712.242428][T10731] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1768'. [ 712.263462][T10718] ntfs3(loop4): ino=1f, mi_enum_attr [ 712.281109][T10731] netem: unknown loss type 13 [ 712.343827][T10731] netem: change failed [ 713.121652][ T5821] hid_parser_main: 1 callbacks suppressed [ 713.121756][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.179147][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.223015][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.251147][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.323831][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.381467][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.411339][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.449787][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.535954][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.603833][ T5821] hid-generic 0006:0004:0009.0017: unknown main item tag 0x0 [ 713.786142][ T5821] hid-generic 0006:0004:0009.0017: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 713.842679][T10742] loop4: detected capacity change from 0 to 1024 [ 714.321427][T10743] loop6: detected capacity change from 0 to 32768 [ 714.339728][T10743] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1775 (10743) [ 714.364210][T10743] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 714.374992][T10743] BTRFS info (device loop6): using sha256 checksum algorithm [ 714.391685][T10743] BTRFS error (device loop6): ignoredatacsums must be used with ro mount option [ 714.402035][T10743] BTRFS error (device loop6): open_ctree failed: -22 [ 714.641536][T10742] hfsplus: unable to mark blocks free: error -4 [ 714.738686][T10742] hfsplus: can't free extent: start 134, count 1 [ 715.074853][T10746] fido_id[10746]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 715.257970][T10748] program syz.5.1776 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 715.338278][ T12] hfsplus: b-tree write err: -5, ino 8 [ 715.338278][T10750] program syz.3.1777 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 717.182276][T10768] loop5: detected capacity change from 0 to 64 [ 717.507203][ T5821] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 717.782970][ T5821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 717.806403][ T5821] usb 4-1: New USB device found, idVendor=18d1, idProduct=503c, bcdDevice= 0.00 [ 717.824805][ T9256] Trying to free block not in datazone [ 717.856978][ T5821] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.911615][ T9256] minix_free_block (loop5:9): bit already cleared [ 717.935351][ T9256] Trying to free block not in datazone [ 717.947143][ T5821] usb 4-1: config 0 descriptor?? [ 718.561796][ T5821] hid-generic 0003:18D1:503C.0018: unbalanced delimiter at end of report description [ 718.673361][ T5821] hid-generic 0003:18D1:503C.0018: probe with driver hid-generic failed with error -22 [ 718.798782][ T5821] usb 4-1: USB disconnect, device number 16 [ 719.562457][T10786] input: syz1 as /devices/virtual/input/input20 [ 720.058954][ T29] audit: type=1326 audit(1771122154.737:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10791 comm="syz.3.1794" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb8f6c code=0x0 [ 720.948683][ T29] audit: type=1326 audit(1771122155.597:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.076472][ T29] audit: type=1326 audit(1771122155.597:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.234342][ T29] audit: type=1326 audit(1771122155.677:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.368271][ T29] audit: type=1326 audit(1771122155.677:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.492553][T10810] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1800'. [ 721.513531][ T29] audit: type=1326 audit(1771122155.677:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.663591][ T29] audit: type=1326 audit(1771122155.697:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.791767][ T29] audit: type=1326 audit(1771122155.697:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.943347][ T29] audit: type=1326 audit(1771122155.697:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=229 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 721.978440][ T29] audit: type=1326 audit(1771122155.697:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10803 comm="syz.4.1799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd7f6c code=0x7ffc0000 [ 722.859704][T10825] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1806'. [ 722.929581][T10825] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1806'. [ 722.961349][T10825] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1806'. [ 723.036204][T10825] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1806'. [ 723.101530][T10825] netlink: 'syz.5.1806': attribute type 6 has an invalid length. [ 723.836262][T10835] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1810'. [ 724.043555][T10843] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1813'. [ 729.419011][ T5092] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 729.644878][ T5092] usb 4-1: Using ep0 maxpacket: 32 [ 729.669514][T10908] ptrace attach of "./syz-executor exec"[5775] was attempted by ""[10908] [ 729.691811][ T5092] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 729.723002][ T5092] usb 4-1: config 0 has no interface number 0 [ 729.756520][ T5092] usb 4-1: config 0 interface 184 has no altsetting 0 [ 729.799026][ T5092] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 729.813155][ T5092] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 729.861444][ T5092] usb 4-1: Product: syz [ 729.880498][ T5092] usb 4-1: Manufacturer: syz [ 729.900893][ T5092] usb 4-1: SerialNumber: syz [ 729.939109][ T5092] usb 4-1: config 0 descriptor?? [ 730.780292][T10919] loop5: detected capacity change from 0 to 64 [ 730.832820][T10919] hfs: Unknown parameter 'dir_0000000000001tor' [ 730.843711][ T5092] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71 [ 730.882825][ T5092] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 730.938172][ T5092] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 731.017725][ T5092] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 731.038720][ T5092] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 731.157735][ T5092] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 731.214988][ T5092] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71 [ 731.354356][ T5092] usb 4-1: USB disconnect, device number 17 [ 731.438416][T10923] loop4: detected capacity change from 0 to 512 [ 731.776765][T10923] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.1844: corrupted in-inode xattr: e_value size too large [ 731.880828][T10923] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 731.882262][T10923] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1844: couldn't read orphan inode 15 (err -117) [ 731.892165][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 731.892269][ C0] EXT4-fs (loop4): initial error at time 1771122166: ext4_iget_extra_inode:5025: inode 15 [ 731.892444][ C0] EXT4-fs (loop4): last error at time 1771122166: ext4_iget_extra_inode:5025: inode 15 [ 732.038761][T10923] loop4: lost filesystem error report for type 5 error -117 [ 732.044278][T10923] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 732.531021][T10932] bond1: entered promiscuous mode [ 732.566571][T10936] ucma_write: process 915 (syz.3.1847) changed security contexts after opening file descriptor, this is not allowed. [ 732.656075][T10932] 8021q: adding VLAN 0 to HW filter on device bond1 [ 732.802619][T10932] team0: Port device bond1 added [ 732.952974][ T8984] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 733.488270][ T5092] kernel read not supported for file /dsp1 (pid: 5092 comm: kworker/1:3) [ 734.279768][ T29] audit: type=1800 audit(1771122168.957:87): pid=10950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1852" name="nullb0" dev="devtmpfs" ino=3373 res=0 errno=0 [ 736.682975][T10977] netlink: 'syz.1.1865': attribute type 10 has an invalid length. [ 738.258223][ T5824] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 738.439147][ T5824] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 738.481839][ T5824] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 738.532269][ T5824] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 738.564413][ T5824] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 738.616949][ T5824] usb 7-1: config 0 descriptor?? [ 738.915656][ T5824] usb 7-1: USB disconnect, device number 10 [ 739.421374][T11003] loop4: detected capacity change from 0 to 512 [ 739.443667][T11003] EXT4-fs: Ignoring removed i_version option [ 739.581768][T11003] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 740.105025][ T8984] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 741.503855][T11024] loop5: detected capacity change from 0 to 2048 [ 741.730676][T11024] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 741.826407][ T29] audit: type=1800 audit(1771122176.487:88): pid=11024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1884" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 742.754092][ T9256] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 744.693620][T11065] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1900'. [ 744.820693][T11067] veth1_macvtap: left promiscuous mode [ 744.931798][T11067] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 747.513475][T11091] loop3: detected capacity change from 0 to 4096 [ 747.631832][T11091] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 748.271104][T11091] ntfs3(loop3): ino=1d, mi_enum_attr [ 748.338428][T11091] ntfs3(loop3): ino=1d, mi_enum_attr [ 748.394350][T11091] ntfs3(loop3): ino=1d, "file1" mi_enum_attr [ 749.184045][T11112] loop5: detected capacity change from 0 to 128 [ 749.255250][T11112] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 749.368766][T11112] hpfs: filesystem error: improperly stopped [ 749.418049][T11112] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 749.488681][T11112] hpfs: You really don't want any checks? You are crazy... [ 749.573639][T11112] hpfs: hpfs_map_sector(): read error [ 749.629359][T11112] hpfs: code page support is disabled [ 749.666375][T11112] hpfs: hpfs_map_4sectors(): unaligned read [ 749.718368][T11112] hpfs: hpfs_map_4sectors(): unaligned read [ 749.801894][T11112] hpfs: filesystem error: unable to find root dir [ 752.248530][T11140] nbd0: detected capacity change from 0 to 63 [ 752.285015][ T5779] block nbd0: Receive control failed (result -104) [ 752.583888][T11143] erspan0: entered promiscuous mode [ 754.138128][T11161] loop4: detected capacity change from 0 to 256 [ 754.174695][T11161] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 754.303239][T11161] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 754.706963][T11171] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1948'. [ 756.142263][T11180] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1952'. [ 756.165599][T11180] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1952'. [ 756.645092][T11186] tap0: tun_chr_ioctl cmd 1074025672 [ 756.685522][T11186] tap0: ignored: set checksum enabled [ 756.967998][ T5092] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 757.076432][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 757.198294][ T5092] usb 4-1: Using ep0 maxpacket: 8 [ 757.237870][ T5092] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 757.258638][ T5092] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 757.301821][ T5092] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 757.348078][ T5092] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 757.416777][ T5092] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 757.448579][ T5825] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 757.487198][ T5092] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 757.551743][ T5092] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 757.605755][T11196] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1959'. [ 757.661448][ T5825] usb 7-1: Using ep0 maxpacket: 8 [ 757.707679][ T5825] usb 7-1: config 0 has no interfaces? [ 757.728058][ T5825] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 757.774128][ T5825] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 757.851534][ T5825] usb 7-1: config 0 descriptor?? [ 757.866375][ T5092] usb 4-1: GET_CAPABILITIES returned 2f [ 757.891504][ T5092] usbtmc 4-1:16.0: can't read capabilities [ 758.028846][ T2897] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 758.144458][ T5092] usb 7-1: USB disconnect, device number 11 [ 758.204431][ T5821] usb 4-1: USB disconnect, device number 18 [ 758.404089][ T2897] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 758.576131][T11199] loop4: detected capacity change from 0 to 512 [ 758.642897][ T2897] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 758.968459][ T1491] block nbd0: Connection timed out, retrying (0/1 alive) [ 758.975839][ T1491] block nbd0: Connection timed out, retrying (0/1 alive) [ 758.983842][ T1491] block nbd0: Connection timed out, retrying (0/1 alive) [ 758.994599][ T1491] block nbd0: Connection timed out, retrying (0/1 alive) [ 759.002327][ T1491] block nbd0: Dead connection, failed to find a fallback [ 759.017372][ T1491] block nbd0: shutting down sockets [ 759.031272][ T1491] blk_print_req_error: 10 callbacks suppressed [ 759.031360][ T1491] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.050772][ T1491] buffer_io_error: 10 callbacks suppressed [ 759.050852][ T1491] Buffer I/O error on dev nbd0, logical block 3, async page read [ 759.065291][ T1491] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.075510][ T1491] Buffer I/O error on dev nbd0, logical block 2, async page read [ 759.086707][ T1491] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.096698][ T1491] Buffer I/O error on dev nbd0, logical block 1, async page read [ 759.104993][ T1491] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.118556][ T1491] Buffer I/O error on dev nbd0, logical block 0, async page read [ 759.127243][ T9262] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.151001][ T9262] Buffer I/O error on dev nbd0, logical block 0, async page read [ 759.159775][ T9262] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.170076][ T9262] Buffer I/O error on dev nbd0, logical block 1, async page read [ 759.181769][ T9262] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.191702][ T9262] Buffer I/O error on dev nbd0, logical block 2, async page read [ 759.200615][ T9262] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.213578][ T9262] Buffer I/O error on dev nbd0, logical block 3, async page read [ 759.222031][ T9262] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.241819][ T9262] Buffer I/O error on dev nbd0, logical block 0, async page read [ 759.250804][ T9262] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 759.261346][ T9262] Buffer I/O error on dev nbd0, logical block 1, async page read [ 759.276210][ T9262] ldm_validate_partition_table(): Disk read failed. [ 759.285908][ T9262] Dev nbd0: unable to read RDB block 0 [ 759.294826][ T9262] nbd0: unable to read partition table [ 759.352663][ T2897] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 759.354283][ T9262] ldm_validate_partition_table(): Disk read failed. [ 759.490756][ T9262] Dev nbd0: unable to read RDB block 0 [ 759.549630][ T9262] nbd0: unable to read partition table [ 760.087378][ T2897] bridge_slave_1: left allmulticast mode [ 760.094313][ T2897] bridge_slave_1: left promiscuous mode [ 760.106764][ T2897] bridge0: port 2(bridge_slave_1) entered disabled state [ 760.132327][ T2897] bridge_slave_0: left allmulticast mode [ 760.145864][ T2897] bridge_slave_0: left promiscuous mode [ 760.180051][ T2897] bridge0: port 1(bridge_slave_0) entered disabled state [ 760.827017][ T2897] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 760.864339][ T2897] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 760.885632][ T2897] bond0 (unregistering): Released all slaves [ 761.214490][T11208] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1965'. [ 761.559209][T11208] bond0: entered promiscuous mode [ 761.594457][T11208] bond_slave_0: entered promiscuous mode [ 761.617207][T11208] bond_slave_1: entered promiscuous mode [ 761.728414][T11209] IPVS: persistence engine module ip_vs_pe_ not found [ 761.823113][T11208] bond0: left promiscuous mode [ 761.858159][T11208] bond_slave_0: left promiscuous mode [ 761.900077][T11208] bond_slave_1: left promiscuous mode [ 762.558685][ T5068] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 762.580871][ T5068] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 762.637962][ T5068] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 762.698945][ T5068] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 762.726731][ T5068] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 763.081101][ T2897] hsr_slave_0: left promiscuous mode [ 763.177984][ T2897] hsr_slave_1: left promiscuous mode [ 763.186494][ T2897] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 763.268853][ T2897] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 763.323239][ T2897] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 763.376734][ T2897] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 763.489820][T11235] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1973'. [ 763.537150][ T2897] veth1_macvtap: left promiscuous mode [ 763.587225][ T2897] veth0_macvtap: left promiscuous mode [ 763.606043][ T2897] veth1_vlan: left promiscuous mode [ 763.638878][ T2897] veth0_vlan: left promiscuous mode [ 764.227948][ T5825] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 764.477020][ T5825] usb 5-1: Using ep0 maxpacket: 16 [ 764.514414][ T5825] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 764.552636][ T5825] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 764.634893][ T5825] usb 5-1: config 0 interface 0 has no altsetting 0 [ 764.648501][ T5825] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 764.707730][ T5825] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 764.791228][ T5825] usb 5-1: config 0 descriptor?? [ 764.897959][ T5779] Bluetooth: hci3: command tx timeout [ 765.340600][ T5825] hid_parser_main: 7 callbacks suppressed [ 765.340709][ T5825] nzxt-smart2 0003:1E71:2009.0019: unknown main item tag 0x0 [ 765.391206][ T5825] nzxt-smart2 0003:1E71:2009.0019: unknown main item tag 0x0 [ 765.408915][ T5825] nzxt-smart2 0003:1E71:2009.0019: unknown main item tag 0x0 [ 765.490524][ T5825] nzxt-smart2 0003:1E71:2009.0019: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.4-1/input0 [ 765.673419][ T5825] usb 5-1: USB disconnect, device number 13 [ 766.006913][ T2897] team0 (unregistering): Port device team_slave_1 removed [ 766.115702][ T2897] team0 (unregistering): Port device team_slave_0 removed [ 766.159986][T11250] fido_id[11250]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 766.806234][T11257] loop7: detected capacity change from 0 to 7 [ 766.832175][ C1] blk_print_req_error: 138 callbacks suppressed [ 766.832258][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 766.849002][ C1] buffer_io_error: 138 callbacks suppressed [ 766.849084][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 766.881709][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 766.891723][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 766.905366][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 766.915618][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 766.940636][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 766.950847][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 766.972524][ T5779] Bluetooth: hci3: command tx timeout [ 766.994381][T11258] loop7: detected capacity change from 7 to 0 [ 767.006350][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 767.016515][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 767.038795][ T9835] ldm_validate_partition_table(): Disk read failed. [ 767.059736][ T9835] Dev loop7: unable to read RDB block 0 [ 767.079879][ T9835] loop7: unable to read partition table [ 767.098752][ T9835] loop7: partition table beyond EOD, truncated [ 769.047983][ T5779] Bluetooth: hci3: command tx timeout [ 770.034565][T11220] chnl_net:caif_netlink_parms(): no params data found [ 770.357885][ T5825] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 770.542035][ T5825] usb 4-1: Using ep0 maxpacket: 16 [ 770.559857][ T5825] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 770.607960][ T5825] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 770.667735][ T5825] usb 4-1: config 0 interface 0 has no altsetting 0 [ 770.674692][ T5825] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 770.762444][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 770.815468][ T5825] usb 4-1: config 0 descriptor?? [ 771.138612][ T5779] Bluetooth: hci3: command tx timeout [ 771.406672][ T5825] nzxt-smart2 0003:1E71:2009.001A: unknown main item tag 0x0 [ 771.469152][ T5825] nzxt-smart2 0003:1E71:2009.001A: unknown main item tag 0x0 [ 771.476981][ T5825] nzxt-smart2 0003:1E71:2009.001A: unknown main item tag 0x0 [ 771.600033][ T5825] nzxt-smart2 0003:1E71:2009.001A: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0 [ 771.864682][ T5825] usb 4-1: USB disconnect, device number 19 [ 772.064252][T11303] loop4: detected capacity change from 0 to 2048 [ 772.206756][T11303] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 772.478151][T11220] bridge0: port 1(bridge_slave_0) entered blocking state [ 772.483563][T11310] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 772.534043][T11220] bridge0: port 1(bridge_slave_0) entered disabled state [ 772.618595][T11220] bridge_slave_0: entered allmulticast mode [ 772.676330][T11220] bridge_slave_0: entered promiscuous mode [ 772.792367][T11220] bridge0: port 2(bridge_slave_1) entered blocking state [ 772.821895][T11220] bridge0: port 2(bridge_slave_1) entered disabled state [ 772.876860][T11220] bridge_slave_1: entered allmulticast mode [ 772.948413][T11220] bridge_slave_1: entered promiscuous mode [ 773.093567][T11309] fido_id[11309]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 773.685904][T11220] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 773.792989][T11220] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 774.324304][T11220] team0: Port device team_slave_0 added [ 774.423411][T11220] team0: Port device team_slave_1 added [ 774.957380][T11220] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 774.984555][T11220] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 775.120308][T11220] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 775.241026][T11220] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 775.258021][T11220] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 775.343078][T11220] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 775.905361][T11220] hsr_slave_0: entered promiscuous mode [ 775.962832][T11220] hsr_slave_1: entered promiscuous mode [ 776.014454][T11220] debugfs: 'hsr0' already exists in 'hsr' [ 776.077893][T11220] Cannot create hsr debugfs directory [ 776.189400][T11346] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2010'. [ 776.659779][T11352] loop4: detected capacity change from 0 to 1024 [ 776.958231][T11352] hfsplus: xattr searching failed [ 776.966039][ T29] audit: type=1800 audit(1771122211.637:89): pid=11352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2012" name="file1" dev="loop4" ino=2 res=0 errno=0 [ 777.065648][T11358] hfsplus: xattr searching failed [ 777.126978][T11356] hfsplus: xattr searching failed [ 779.079636][T11220] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 779.269648][T11220] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 779.438331][T11220] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 779.595310][T11220] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 780.118406][ T5825] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 780.317883][ T5825] usb 2-1: Using ep0 maxpacket: 32 [ 780.381030][ T5825] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 780.467268][ T5825] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 780.549133][ T795] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 780.566336][ T5825] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 780.605968][ T5825] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 780.661148][ T5825] usb 2-1: Product: syz [ 780.665652][ T5825] usb 2-1: Manufacturer: syz [ 780.762231][ T5825] hub 2-1:4.0: USB hub found [ 780.789247][ T795] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 780.832306][ T795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 780.868030][T11259] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 780.932504][ T795] usb 5-1: config 0 descriptor?? [ 781.025478][ T5825] hub 2-1:4.0: 2 ports detected [ 781.048916][T11259] usb 4-1: Using ep0 maxpacket: 16 [ 781.073614][ T795] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 781.109664][T11259] usb 4-1: config 166 has an invalid interface number: 177 but max is 1 [ 781.177270][T11259] usb 4-1: config 166 has an invalid interface number: 34 but max is 1 [ 781.227243][T11259] usb 4-1: config 166 has no interface number 0 [ 781.262640][ T5825] hub 2-1:4.0: hub_hub_status failed (err = -71) [ 781.296945][T11259] usb 4-1: config 166 has no interface number 1 [ 781.303539][ T795] gp8psk: usb in 128 operation failed. [ 781.305110][ T5825] hub 2-1:4.0: config failed, can't get hub status (err -71) [ 781.336977][ T795] gp8psk: usb in 137 operation failed. [ 781.347779][ T795] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 781.435693][T11259] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 781.450059][ T5825] usb 2-1: USB disconnect, device number 14 [ 781.475897][ T795] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver) [ 781.511724][T11259] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 781.561487][ T795] usb 5-1: media controller created [ 781.595150][T11259] usb 4-1: config 166 interface 34 altsetting 1 has a duplicate endpoint with address 0x9, skipping [ 781.642494][T11259] usb 4-1: config 166 interface 34 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 781.710813][T11259] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024 [ 781.772966][T11259] usb 4-1: config 166 interface 34 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024 [ 781.845460][T11259] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 781.882260][T11220] 8021q: adding VLAN 0 to HW filter on device bond0 [ 781.892987][T11259] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has invalid wMaxPacketSize 0 [ 781.899851][ T795] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 781.927476][T11259] usb 4-1: config 166 interface 34 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 782.012961][T11259] usb 4-1: config 166 interface 177 has no altsetting 0 [ 782.033970][T11259] usb 4-1: config 166 interface 34 has no altsetting 0 [ 782.117404][T11259] usb 4-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12 [ 782.172270][T11259] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 782.213634][T11259] usb 4-1: Product: syz [ 782.235955][T11220] 8021q: adding VLAN 0 to HW filter on device team0 [ 782.258326][T11259] usb 4-1: Manufacturer: syz [ 782.288321][T11259] usb 4-1: SerialNumber: syz [ 782.417144][ T795] gp8psk_fe: Frontend attached [ 782.444220][ T71] bridge0: port 1(bridge_slave_0) entered blocking state [ 782.452411][ T71] bridge0: port 1(bridge_slave_0) entered forwarding state [ 782.498346][ T795] usb 5-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)... [ 782.543394][ T795] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered. [ 782.676898][T11259] ums-realtek 4-1:166.177: USB Mass Storage device detected [ 782.719953][ T71] bridge0: port 2(bridge_slave_1) entered blocking state [ 782.727882][ T71] bridge0: port 2(bridge_slave_1) entered forwarding state [ 783.038039][T11259] ums-realtek 4-1:166.34: USB Mass Storage device detected [ 783.145306][ T795] gp8psk: usb in 137 operation failed. [ 783.187839][ T795] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected. [ 783.227671][ T795] gp8psk: found Genpix USB device pID = 203 (hex) [ 783.288826][ T795] usb 5-1: USB disconnect, device number 14 [ 783.371585][T11259] ums-realtek 4-1:166.34: probe with driver ums-realtek failed with error -5 [ 783.514869][T11259] uvcvideo 4-1:166.34: Found UVC 0.00 device syz (0bda:0138) [ 783.597982][T11259] uvcvideo 4-1:166.34: No valid video chain found. [ 783.702185][T11413] loop6: detected capacity change from 0 to 1024 [ 783.743567][T11259] usb 4-1: USB disconnect, device number 20 [ 784.059824][T11413] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 784.101106][T11413] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 784.346139][T11413] EXT4-fs error (device loop6): ext4_map_blocks:818: inode #15: comm syz.6.2030: lblock 0 mapped to illegal pblock 0 (length 1) [ 784.542846][T11413] EXT4-fs (loop6): Remounting filesystem read-only [ 785.352038][ T9328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 785.532813][ T795] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected. [ 785.791713][ T5821] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 786.000861][ T5821] usb 2-1: Using ep0 maxpacket: 8 [ 786.091094][ T5821] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 786.125686][ T5821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 786.183695][T11432] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2034'. [ 786.188794][ T5821] usb 2-1: Product: syz [ 786.212469][ T5821] usb 2-1: Manufacturer: syz [ 786.217326][ T5821] usb 2-1: SerialNumber: syz [ 786.277229][ T5821] usb 2-1: config 0 descriptor?? [ 786.427297][ T5821] gspca_main: se401-2.14.0 probing 047d:5003 [ 786.958135][ T795] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 787.202808][ T795] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 787.278190][ T795] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 787.309157][ T5821] usb 2-1: reset high-speed USB device number 15 using dummy_hcd [ 787.330065][T11220] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 787.350238][ T795] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 787.399516][ T795] usb 4-1: config 0 descriptor?? [ 787.967262][ T795] logitech 0003:046D:C295.001B: hidraw0: USB HID v0.02 Device [HID 046d:c295] on usb-dummy_hcd.3-1/input0 [ 787.991395][ T5821] gspca_se401: write req failed req 0x57 val 0x00 error -71 [ 788.045167][ T5821] se401 2-1:0.0: probe with driver se401 failed with error -71 [ 788.066368][ T795] logitech 0003:046D:C295.001B: no inputs found [ 788.132248][ T5821] usb 2-1: USB disconnect, device number 15 [ 788.245128][ T795] usb 4-1: USB disconnect, device number 21 [ 789.037414][T11452] fido_id[11452]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 789.588238][ T29] audit: type=1800 audit(1771122224.247:90): pid=11462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2042" name="nullb0" dev="devtmpfs" ino=3373 res=0 errno=0 [ 790.895155][T11477] netlink: 'syz.1.2045': attribute type 11 has an invalid length. [ 790.926348][T11477] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2045'. [ 791.650262][T11220] veth0_vlan: entered promiscuous mode [ 791.851362][T11220] veth1_vlan: entered promiscuous mode [ 792.122574][T11488] vlan2: entered promiscuous mode [ 792.128558][T11488] bond0: entered promiscuous mode [ 792.134890][T11488] bond_slave_0: entered promiscuous mode [ 792.179578][T11488] bond_slave_1: entered promiscuous mode [ 792.688975][T11494] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2053'. [ 792.729310][T11220] veth0_macvtap: entered promiscuous mode [ 792.796543][T11220] veth1_macvtap: entered promiscuous mode [ 793.265813][T11220] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 793.343222][T11501] program syz.6.2055 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 793.510708][T11503] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 793.517512][T11503] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 793.574391][T11220] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 793.649603][T11503] vhci_hcd vhci_hcd.0: Device attached [ 793.692475][T11504] vhci_hcd: connection closed [ 793.693792][ T12] vhci_hcd vhci_hcd.3: stop threads [ 793.769337][ T12] vhci_hcd vhci_hcd.3: release socket [ 793.775869][ T12] vhci_hcd vhci_hcd.3: disconnect device [ 793.933146][ T57] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.995390][ T57] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.064937][ T57] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.101605][ T57] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.538437][T11520] loop4: detected capacity change from 0 to 4096 [ 798.075974][T11552] loop6: detected capacity change from 0 to 64 [ 800.383245][T11579] can0: slcan on ttyS3. [ 800.663526][T11585] can0 (unregistered): slcan off ttyS3. [ 800.867943][T11586] can0: slcan on ttyS3. [ 801.028192][T11577] can0 (unregistered): slcan off ttyS3. [ 801.917047][ T29] audit: type=1800 audit(1771122236.587:91): pid=11599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2085" name="nullb0" dev="devtmpfs" ino=3373 res=0 errno=0 [ 802.716730][T11611] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2089'. [ 803.486118][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 803.509362][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 803.867780][ T135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 803.911924][ T135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 805.076305][ T5821] IPVS: starting estimator thread 0... [ 805.198128][T11629] IPVS: using max 192 ests per chain, 9600 per kthread [ 807.507992][T11654] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2103'. [ 808.799288][T11666] Falling back ldisc for ptm0. [ 809.544165][T11670] loop6: detected capacity change from 0 to 4096 [ 809.733278][T11678] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 812.984385][T11708] vlan3: entered allmulticast mode [ 813.100066][T11708] vlan0: entered allmulticast mode [ 813.168575][T11708] veth0_vlan: entered allmulticast mode [ 813.497012][T11716] Failed to get privilege flags for destination (handle=0x2:0x0) [ 818.536679][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 819.390154][T11765] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2144'. [ 822.643022][T11805] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2156'. [ 823.565837][T11813] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2160'. [ 823.679436][T11813] netlink: 220 bytes leftover after parsing attributes in process `syz.4.2160'. [ 823.738105][T11813] netlink: 220 bytes leftover after parsing attributes in process `syz.4.2160'. [ 825.946845][T11841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2169'. [ 826.077840][T11842] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2169'. [ 828.031033][ T5811] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 828.278075][ T5811] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 828.314226][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 828.371392][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 828.421460][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 828.493861][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 828.512345][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 828.543649][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 828.594819][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 828.649092][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 828.713314][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 828.797859][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 828.825468][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 828.876014][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 828.918903][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 828.929936][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 828.954828][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 829.011850][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 829.027439][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 829.102697][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 829.136850][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 829.188576][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 829.258684][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 829.302766][ T5811] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 829.351626][ T5811] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 829.418888][ T5811] usb 8-1: config 0 interface 0 has no altsetting 0 [ 829.498410][ T5811] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 829.528158][ T5811] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 829.568002][ T5811] usb 8-1: Product: syz [ 829.596334][ T5811] usb 8-1: Manufacturer: syz [ 829.618132][ T5811] usb 8-1: SerialNumber: syz [ 829.690770][ T5811] usb 8-1: config 0 descriptor?? [ 829.936002][ T5811] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 830.133953][ T5811] usb 8-1: USB disconnect, device number 2 [ 830.167456][ T5811] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 832.490634][ T5779] Bluetooth: hci3: command tx timeout [ 833.946301][T11910] loop7: detected capacity change from 0 to 4096 [ 834.373061][T11910] ntfs3(loop7): Failed to initialize $Extend/$ObjId. [ 835.231427][T11927] loop6: detected capacity change from 0 to 1024 [ 835.771515][T11931] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2202'. [ 838.840988][T11966] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2219'. [ 842.031057][T12004] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2236'. [ 842.978984][T12014] netlink: 200 bytes leftover after parsing attributes in process `syz.3.2240'. [ 843.938882][ T5092] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 844.137810][ T5092] usb 8-1: Using ep0 maxpacket: 32 [ 844.203849][ T5092] usb 8-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 844.267968][ T5092] usb 8-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 844.320182][ T5092] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 844.379254][ T5092] usb 8-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 844.442399][ T5092] usb 8-1: Product: syz [ 844.467897][ T5092] usb 8-1: Manufacturer: syz [ 844.523964][ T5092] hub 8-1:4.0: USB hub found [ 844.797229][ T5092] hub 8-1:4.0: 2 ports detected [ 845.005275][ T5092] hub 8-1:4.0: hub_hub_status failed (err = -71) [ 845.027857][ T5092] hub 8-1:4.0: config failed, can't get hub status (err -71) [ 845.252560][ T5092] usb 8-1: USB disconnect, device number 3 [ 846.266821][T12043] loop4: detected capacity change from 0 to 1024 [ 847.164351][T12049] loop7: detected capacity change from 0 to 2048 [ 847.267091][T12049] EXT4-fs: Ignoring removed mblk_io_submit option [ 847.413730][T12049] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 847.738094][T12049] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.2255: bg 0: block 234: padding at end of block bitmap is not set [ 847.898190][T12049] EXT4-fs (loop7): Remounting filesystem read-only [ 848.475691][T11220] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 850.745828][T12081] loop6: detected capacity change from 0 to 512 [ 850.795109][T12081] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 850.900986][T12081] EXT4-fs (loop6): 1 truncate cleaned up [ 850.949694][T12081] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 851.140298][ T29] audit: type=1800 audit(1771122285.817:92): pid=12081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2269" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 852.166640][ T9328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 853.062124][T12103] team0: entered promiscuous mode [ 853.091332][T12103] team_slave_0: entered promiscuous mode [ 853.137452][T12103] team_slave_1: entered promiscuous mode [ 853.226018][T12102] team0: left promiscuous mode [ 853.289052][T12102] team_slave_0: left promiscuous mode [ 853.350420][T12102] team_slave_1: left promiscuous mode [ 855.881204][T12140] loop3: detected capacity change from 0 to 256 [ 856.013200][T12140] exfat: Deprecated parameter 'utf8' [ 856.029801][T12142] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input21 [ 856.285579][T12140] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 857.156057][T12155] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 857.165144][T12155] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 858.095446][T12164] loop6: detected capacity change from 0 to 64 [ 859.649105][T12179] netlink: 7 bytes leftover after parsing attributes in process `syz.4.2306'. [ 860.768805][T12190] bond1: invalid ARP target 0.0.0.0 specified for addition [ 860.776411][T12190] bond1: option arp_ip_target: invalid value (0) [ 860.891303][T12190] bond1 (unregistering): Released all slaves [ 861.913752][T12208] loop6: detected capacity change from 0 to 164 [ 862.064213][T12208] rock: directory entry would overflow storage [ 862.115393][T12208] rock: sig=0x4d4e, size=5, remaining=4 [ 865.040700][T12243] loop3: detected capacity change from 0 to 512 [ 865.233709][T12243] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 865.289419][T12243] ext4 filesystem being mounted at /500/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 865.980385][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 867.187368][T12260] loop7: detected capacity change from 0 to 4096 [ 867.257954][T12260] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512). [ 871.552333][T12319] loop4: detected capacity change from 0 to 128 [ 872.601623][T11259] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 872.763035][T12329] vivid-007: disconnect [ 872.780837][T12328] vivid-007: reconnect [ 872.857278][T11259] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 872.891165][T11259] usb 2-1: config 0 has no interface number 0 [ 872.952386][T11259] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 873.006627][T11259] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 873.054741][T11259] usb 2-1: Product: syz [ 873.071998][T11259] usb 2-1: Manufacturer: syz [ 873.119049][T11259] usb 2-1: SerialNumber: syz [ 873.161397][T11259] usb 2-1: config 0 descriptor?? [ 873.465540][T11259] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 873.522818][T11259] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 873.542357][T11259] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 873.553018][T11259] usb 2-1: media controller created [ 873.733498][T11259] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 873.743641][T12335] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2373'. [ 874.006089][T11259] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 875.080923][T11259] usb 2-1: USB disconnect, device number 16 [ 875.510222][ T9835] udevd[9835]: setting mode of /dev/gsmtty42 to 020600 failed: No such file or directory [ 875.572033][ T9835] udevd[9835]: setting owner of /dev/gsmtty42 to uid=0, gid=0 failed: No such file or directory [ 875.645770][T12348] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2379'. [ 875.690686][T12348] netlink: 'syz.7.2379': attribute type 30 has an invalid length. [ 875.735163][T12350] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2380'. [ 875.759522][T12351] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2379'. [ 875.868458][T12351] netlink: 'syz.7.2379': attribute type 30 has an invalid length. [ 876.197264][ T135] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 876.242390][ T56] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 876.318649][ T56] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 876.354726][ T56] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 877.904184][T12367] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2386'. [ 879.963898][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 880.031915][T12388] loop3: detected capacity change from 0 to 4096 [ 880.094559][T12388] EXT4-fs: Ignoring removed bh option [ 880.236294][T12388] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 880.582675][T12399] EXT4-fs error (device loop3): ext4_empty_dir:3094: inode #12: block 80: comm syz.3.2395: bad entry in directory: directory entry overrun - offset=12, inode=6, rec_len=4096, size=4096 fake=0 [ 880.701656][T12399] EXT4-fs (loop3): Remounting filesystem read-only [ 880.743203][T12399] EXT4-fs warning (device loop3): ext4_empty_dir:3097: inode #12: comm syz.3.2395: directory missing '..' [ 881.659153][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 882.244254][T12407] loop4: detected capacity change from 0 to 8192 [ 882.495262][ T29] audit: type=1800 audit(1771122317.157:93): pid=12407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2403" name="file1" dev="loop4" ino=1048685 res=0 errno=0 [ 882.627035][T12412] loop3: detected capacity change from 0 to 1024 [ 882.924396][T12412] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 882.980551][T12412] ext4 filesystem being mounted at /511/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 883.095383][T12412] EXT4-fs error (device loop3): ext4_map_blocks:818: inode #15: comm syz.3.2404: lblock 0 mapped to illegal pblock 0 (length 6) [ 883.208849][T12412] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 883.292345][T12412] EXT4-fs (loop3): This should not happen!! Data will be lost [ 883.292345][T12412] [ 883.385579][T12420] EXT4-fs error (device loop3): ext4_map_blocks:818: inode #15: block 8: comm syz.3.2404: lblock 8 mapped to illegal pblock 8 (length 8) [ 883.484320][T12420] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 883.602393][T12420] EXT4-fs (loop3): This should not happen!! Data will be lost [ 883.602393][T12420] [ 884.035978][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 884.707797][T11259] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 884.871035][T11259] usb 2-1: Using ep0 maxpacket: 32 [ 884.926689][T11259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 884.953708][T11259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 884.965984][T11259] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 884.996024][T11259] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 885.011560][T11259] usb 2-1: config 0 descriptor?? [ 885.066609][T11259] hub 2-1:0.0: USB hub found [ 885.310157][T11259] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 885.764436][T11259] hid-generic 0003:046D:C31C.001C: unknown main item tag 0x0 [ 885.789610][ T5811] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 885.894121][T11259] hid-generic 0003:046D:C31C.001C: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0 [ 886.000936][T11259] usb 2-1: USB disconnect, device number 17 [ 886.058401][ T5811] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 886.083964][ T5811] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 886.167342][ T5811] usb 7-1: config 0 descriptor?? [ 886.250825][ T5811] cp210x 7-1:0.0: cp210x converter detected [ 886.671055][ T5811] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 886.761461][T12453] loop4: detected capacity change from 0 to 2048 [ 886.774641][T12450] fido_id[12450]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 886.877192][ T5811] usb 7-1: cp210x converter now attached to ttyUSB0 [ 887.014027][ T5811] usb 7-1: USB disconnect, device number 12 [ 887.062168][T12453] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 887.220979][ T5811] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 887.289149][T12453] netlink: 'syz.4.2422': attribute type 11 has an invalid length. [ 887.330393][T12453] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2422'. [ 887.379938][ T5811] cp210x 7-1:0.0: device disconnected [ 887.576371][T12462] netlink: 'syz.7.2424': attribute type 4 has an invalid length. [ 887.800670][ T8984] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 888.284368][T12468] sock: sock_set_timeout: `syz.6.2428' (pid 12468) tries to set negative timeout [ 889.147373][T12476] loop6: detected capacity change from 0 to 512 [ 889.233224][T12476] EXT4-fs: Ignoring removed nobh option [ 889.285065][T12483] input: syz1 as /devices/virtual/input/input22 [ 889.324989][T12476] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 889.447277][T12476] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.2431: invalid indirect mapped block 256 (level 1) [ 889.529027][T12476] loop6: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 889.530533][T12476] EXT4-fs (loop6): Remounting filesystem read-only [ 889.540637][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 889.540743][ C1] EXT4-fs (loop6): initial error at time 1771122324: ext4_free_branches:1023: inode 13 [ 889.540922][ C1] EXT4-fs (loop6): last error at time 1771122324: ext4_free_branches:1023: inode 13 [ 889.658765][T12476] EXT4-fs (loop6): 1 truncate cleaned up [ 889.667093][T12476] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 890.324624][ T9328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 892.344058][T12514] loop7: detected capacity change from 0 to 512 [ 892.617158][T12510] loop3: detected capacity change from 0 to 4096 [ 893.231139][T12510] ntfs3(loop3): ino=1a, mi_enum_attr [ 893.236716][T12510] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 894.700028][ T5825] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 894.957930][ T5825] usb 4-1: Using ep0 maxpacket: 16 [ 895.008026][ T5825] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 895.052953][ T5825] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 895.098704][ T5825] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 895.167993][ T5825] usb 4-1: New USB device found, idVendor=045e, idProduct=fc40, bcdDevice=72.a8 [ 895.177417][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 895.260625][ T5825] usb 4-1: config 0 descriptor?? [ 895.770357][ T5825] hid-generic 0003:045E:FC40.001D: hidraw0: USB HID v0.00 Device [HID 045e:fc40] on usb-dummy_hcd.3-1/input0 [ 895.948432][ T5825] usb 4-1: USB disconnect, device number 22 [ 896.796404][T12546] fido_id[12546]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 897.026808][T12551] loop6: detected capacity change from 0 to 164 [ 898.686811][T12567] loop3: detected capacity change from 0 to 2048 [ 898.770505][T12567] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 898.828492][T12567] ext4 filesystem being mounted at /522/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 899.101825][T12567] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2469: bg 0: block 345: padding at end of block bitmap is not set [ 899.241421][T12567] fs-verity (loop3, inode 13): Error -117 writing Merkle tree block 0 [ 899.276947][T12567] fs-verity (loop3, inode 13): Error -117 building Merkle tree [ 899.413998][T12578] loop6: detected capacity change from 0 to 256 [ 899.461349][T12578] exfat: Deprecated parameter 'utf8' [ 899.639100][T12578] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 899.794036][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 901.238077][ T5811] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 901.428291][ T5811] usb 2-1: Using ep0 maxpacket: 8 [ 901.473840][ T5811] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 901.533388][ T5811] usb 2-1: config 179 has no interface number 0 [ 901.550846][ T5811] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 901.597727][ T5811] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 901.637792][ T5811] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 25300, setting to 1024 [ 901.686300][ T5811] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 901.761571][ T5811] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 901.807950][ T5811] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 901.894465][T12584] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 902.274772][T12584] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 902.401777][T12584] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 902.753781][ T5825] usb 2-1: USB disconnect, device number 18 [ 902.753857][ C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 902.768527][ C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 903.483392][T12612] loop6: detected capacity change from 0 to 512 [ 903.659076][T12612] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.2489: inode has both inline data and extents flags [ 903.774660][T12612] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 903.775869][T12612] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.2489: couldn't read orphan inode 15 (err -117) [ 903.785892][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 903.785996][ C1] EXT4-fs (loop6): initial error at time 1771122338: ext4_orphan_get:1391: inode 15 [ 903.786173][ C1] EXT4-fs (loop6): last error at time 1771122338: ext4_orphan_get:1391: inode 15 [ 903.967673][T12612] loop6: lost filesystem error report for type 5 error -117 [ 903.991449][T12612] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 904.643363][ T9328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 907.760025][T12657] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2507'. [ 908.279452][T12659] netlink: 'syz.3.2508': attribute type 28 has an invalid length. [ 910.308008][ T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 910.320184][ T71] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 910.392291][ T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 910.434578][T12686] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2521'. [ 910.473776][ T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 910.562674][T12687] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2521'. [ 911.140399][T12693] bridge0: port 3(netdevsim0) entered blocking state [ 911.173206][T12693] bridge0: port 3(netdevsim0) entered disabled state [ 911.224565][T12693] netdevsim netdevsim7 netdevsim0: entered allmulticast mode [ 911.339496][T12693] netdevsim netdevsim7 netdevsim0: entered promiscuous mode [ 911.350417][T12693] bridge0: port 3(netdevsim0) entered blocking state [ 911.358040][T12693] bridge0: port 3(netdevsim0) entered forwarding state [ 913.121639][T12717] loop4: detected capacity change from 0 to 128 [ 913.693523][T12723] loop3: detected capacity change from 0 to 256 [ 913.893694][ T29] audit: type=1800 audit(1771122348.567:94): pid=12723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2537" name="file2" dev="loop3" ino=1048691 res=0 errno=0 [ 915.445815][T12741] loop6: detected capacity change from 0 to 1024 [ 915.449258][T12738] loop7: detected capacity change from 0 to 4096 [ 915.528643][ T5811] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 915.624112][T12741] hfsplus: b-tree write err: -5, ino 2 [ 915.659455][T12741] hfsplus: bad catalog entry type [ 915.715448][T12743] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 915.743931][ T5811] usb 5-1: config 165 has no interfaces? [ 915.826782][ T5811] usb 5-1: New USB device found, idVendor=0c52, idProduct=2431, bcdDevice=fc.33 [ 915.871902][ T5811] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 915.892862][ T5811] usb 5-1: Product: syz [ 915.897289][ T5811] usb 5-1: Manufacturer: syz [ 915.958339][ T5811] usb 5-1: SerialNumber: syz [ 916.029731][T12745] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2547'. [ 916.167430][ T12] hfsplus: b-tree write err: -5, ino 25 [ 916.175000][ T12] hfsplus: b-tree write err: -5, ino 4 [ 916.238343][ T12] hfsplus: b-tree write err: -5, ino 2 [ 916.250048][ T12] hfsplus: b-tree write err: -5, ino 26 [ 916.457991][ T5811] usb 5-1: USB disconnect, device number 15 [ 916.629458][ T5825] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 916.832400][ T5825] usb 4-1: Using ep0 maxpacket: 8 [ 916.896298][ T5825] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 916.947015][ T5825] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 916.977952][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 917.012339][ T5825] usb 4-1: config 0 descriptor?? [ 917.380806][ T5825] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 917.660585][ T5811] usb 4-1: USB disconnect, device number 23 [ 917.925111][T12762] sctp: [Deprecated]: syz.4.2553 (pid 12762) Use of struct sctp_assoc_value in delayed_ack socket option. [ 917.925111][T12762] Use struct sctp_sack_info instead [ 918.868194][T12770] loop3: detected capacity change from 0 to 24 [ 919.309494][T12777] loop7: detected capacity change from 0 to 256 [ 919.380839][T12777] exfat: Deprecated parameter 'utf8' [ 919.543099][T12777] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xbe649ead, utbl_chksum : 0xe619d30d) [ 924.111744][T12833] hugetlbfs: syz.1.2583 (12833): Using mlock ulimits for SHM_HUGETLB is obsolete [ 924.544337][T12837] loop7: detected capacity change from 0 to 2048 [ 924.721624][T12845] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 924.852262][T12837] NILFS error (device loop7): nilfs_readdir: zero-length directory entry [ 924.905681][T12837] Remounting filesystem read-only [ 926.989904][T12866] loop3: detected capacity change from 0 to 2048 [ 927.010807][T12866] EXT4-fs: Ignoring removed mblk_io_submit option [ 927.229946][T12866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 927.346519][T12876] program syz.6.2600 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 927.491804][ T29] audit: type=1326 audit(1771122362.167:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12867 comm="syz.7.2608" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 927.613039][T12869] loop7: detected capacity change from 0 to 4096 [ 927.658810][T12869] ntfs3(loop7): ino=3, Correct links count -> 2. [ 927.709249][ T29] audit: type=1326 audit(1771122362.167:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12867 comm="syz.7.2608" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 927.758983][T12874] loop4: detected capacity change from 0 to 4096 [ 927.903191][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 928.006249][T12879] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 928.568096][ T29] audit: type=1326 audit(1771122363.237:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12867 comm="syz.7.2608" exe="/root/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 928.720157][ T29] audit: type=1326 audit(1771122363.387:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12867 comm="syz.7.2608" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 928.867785][ T29] audit: type=1326 audit(1771122363.387:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12867 comm="syz.7.2608" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 929.811709][T12895] Bluetooth: MGMT ver 1.23 [ 931.773549][T12918] loop3: detected capacity change from 0 to 1024 [ 931.862417][T12918] EXT4-fs: Ignoring removed nobh option [ 931.906363][T12918] EXT4-fs: inline encryption not supported [ 932.061866][T12918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 932.267396][T12918] EXT4-fs (loop3): Online defrag not supported with bigalloc [ 932.715575][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 933.836260][T12945] loop4: detected capacity change from 0 to 1 [ 933.908395][T12945] Dev loop4: unable to read RDB block 1 [ 933.914606][T12945] loop4: unable to read partition table [ 933.963277][T12945] loop4: partition table beyond EOD, truncated [ 933.998427][T12945] loop_reread_partitions: partition scan of loop4 (þ被xü^>Ñà– ) failed (rc=-5) [ 934.147834][T12949] netlink: 27 bytes leftover after parsing attributes in process `syz.3.2632'. [ 934.198852][T12948] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 934.219241][T12948] syzkaller1: linktype set to 805 [ 936.494520][T12975] netlink: 168 bytes leftover after parsing attributes in process `syz.7.2643'. [ 936.563047][T12975] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2643'. [ 937.516256][T12989] random: crng reseeded on system resumption [ 939.315995][T13011] netlink: 'syz.1.2657': attribute type 1 has an invalid length. [ 940.208685][ T5811] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 940.400679][T13028] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2665'. [ 940.483044][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 940.524174][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 940.526929][T13027] loop6: detected capacity change from 0 to 2048 [ 940.538278][ T5811] usb 2-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00 [ 940.598055][ T5811] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 940.641527][ T5811] usb 2-1: config 0 descriptor?? [ 940.742750][T13027] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 941.352027][ T5811] hid-led 0003:1D34:0004.001E: hidraw0: USB HID v0.06 Device [HID 1d34:0004] on usb-dummy_hcd.1-1/input0 [ 941.393885][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 941.518649][ T5811] hid-led 0003:1D34:0004.001E: Dream Cheeky Webmail Notifier initialized [ 941.638364][ T5811] usb 2-1: USB disconnect, device number 19 [ 942.173503][T13034] fido_id[13034]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 942.198805][ T5811] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 942.442078][ T5811] usb 7-1: config 8 has an invalid interface number: 235 but max is 0 [ 942.476651][ T5811] usb 7-1: config 8 has no interface number 0 [ 942.509632][ T5811] usb 7-1: config 8 interface 235 has no altsetting 0 [ 942.516748][ T5811] usb 7-1: New USB device found, idVendor=06cd, idProduct=0118, bcdDevice=3e.1f [ 942.608233][ T5811] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 942.929252][ T5811] usb 7-1: string descriptor 0 read error: -71 [ 942.952119][ T5811] keyspan 7-1:8.235: Keyspan - (without firmware) converter detected [ 942.967221][ T5811] usb 7-1: USB disconnect, device number 13 [ 943.081399][ T5811] keyspan 7-1:8.235: device disconnected [ 944.128262][ T5811] usb 2-1: new full-speed USB device number 20 using dummy_hcd [ 944.360184][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 944.427918][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 944.485697][ T5811] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 944.558141][ T5811] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 944.651077][ T5811] usb 2-1: config 0 descriptor?? [ 945.184356][ T5811] isku 0003:1E7D:319C.001F: unknown main item tag 0x0 [ 945.241180][T13066] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2681'. [ 945.242675][ T5811] isku 0003:1E7D:319C.001F: unknown main item tag 0x0 [ 945.299677][T13064] loop7: detected capacity change from 0 to 4096 [ 945.339256][ T5811] isku 0003:1E7D:319C.001F: unknown main item tag 0x0 [ 945.346477][ T5811] isku 0003:1E7D:319C.001F: unknown main item tag 0x0 [ 945.384805][ T5811] isku 0003:1E7D:319C.001F: unknown main item tag 0x0 [ 945.426308][ T5811] isku 0003:1E7D:319C.001F: unknown main item tag 0x0 [ 945.458623][ T5811] isku 0003:1E7D:319C.001F: unknown main item tag 0x0 [ 945.557953][ T5811] isku 0003:1E7D:319C.001F: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0 [ 945.862757][ T5811] usb 2-1: USB disconnect, device number 20 [ 946.644565][T13072] fido_id[13072]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 947.850793][ T5811] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 947.968184][T13094] netlink: 332 bytes leftover after parsing attributes in process `syz.6.2693'. [ 948.018502][T13094] netlink: 'syz.6.2693': attribute type 9 has an invalid length. [ 948.026674][T13094] netlink: 'syz.6.2693': attribute type 10 has an invalid length. [ 948.078693][ T5811] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 948.127955][ T5811] usb 4-1: config 0 interface 0 has no altsetting 0 [ 948.189908][ T5811] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 948.211220][ T5811] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 948.237971][ T5811] usb 4-1: Product: syz [ 948.246991][ T5811] usb 4-1: Manufacturer: syz [ 948.260121][ T5811] usb 4-1: SerialNumber: syz [ 948.326605][ T5811] usb 4-1: config 0 descriptor?? [ 948.355316][ T5811] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state. [ 948.446738][ T5811] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 948.546008][ T5811] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0) [ 948.611791][ T5811] usb 4-1: media controller created [ 948.825356][ T5811] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 949.103612][T13105] loop4: detected capacity change from 0 to 1024 [ 949.484493][ T5811] DVB: Unable to find symbol tda10046_attach() [ 949.534597][ T5811] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0' [ 949.585891][ T5811] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected. [ 949.612887][T13105] hfsplus: xattr search failed [ 949.865626][ T5811] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71 [ 950.009497][ T5811] usb 4-1: USB disconnect, device number 24 [ 951.483904][T13128] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2705'. [ 951.559135][T13128] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2705'. [ 953.046959][T13144] loop7: detected capacity change from 0 to 512 [ 953.314461][T13144] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 953.369868][T13144] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 954.071803][T11220] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 954.180046][T13154] loop4: detected capacity change from 0 to 256 [ 954.666220][T13154] FAT-fs (loop4): Directory bread(block 64) failed [ 954.715817][T13154] FAT-fs (loop4): Directory bread(block 65) failed [ 954.735292][T13154] FAT-fs (loop4): Directory bread(block 66) failed [ 954.803686][T13154] FAT-fs (loop4): Directory bread(block 67) failed [ 954.868600][T13154] FAT-fs (loop4): Directory bread(block 68) failed [ 954.875434][T13154] FAT-fs (loop4): Directory bread(block 69) failed [ 954.987055][T13154] FAT-fs (loop4): Directory bread(block 70) failed [ 955.062245][T13154] FAT-fs (loop4): Directory bread(block 71) failed [ 955.119907][T13154] FAT-fs (loop4): Directory bread(block 72) failed [ 955.200538][T13154] FAT-fs (loop4): Directory bread(block 73) failed [ 957.674303][ T5811] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 957.878522][ T5811] usb 2-1: Using ep0 maxpacket: 32 [ 957.952367][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 958.016734][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 958.058276][ T5811] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 958.089511][ T5811] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 958.168139][ T5811] usb 2-1: config 0 descriptor?? [ 958.742415][ T5811] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0 [ 958.787727][ T5811] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0 [ 958.795186][ T5811] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0 [ 958.828077][ T5811] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0 [ 958.861967][ T5811] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0 [ 958.958647][ T5811] koneplus 0003:1E7D:2D51.0020: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.1-1/input0 [ 959.284352][ T5092] usb 2-1: USB disconnect, device number 21 [ 959.287208][ T56] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 959.620329][ T56] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 959.792414][T13204] fido_id[13204]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 959.859035][ T56] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 960.169361][ T56] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 960.701821][ T56] bridge_slave_1: left allmulticast mode [ 960.707912][ T56] bridge_slave_1: left promiscuous mode [ 960.714697][ T56] bridge0: port 2(bridge_slave_1) entered disabled state [ 960.749203][ T56] bridge_slave_0: left allmulticast mode [ 960.768608][ T56] bridge_slave_0: left promiscuous mode [ 960.775709][ T56] bridge0: port 1(bridge_slave_0) entered disabled state [ 961.545092][ T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 961.555393][ T56] bond_slave_0: left promiscuous mode [ 961.619820][ T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 961.647288][ T56] bond_slave_1: left promiscuous mode [ 961.691206][ T56] bond0 (unregistering): Released all slaves [ 962.002476][T13216] loop3: detected capacity change from 0 to 1024 [ 962.475462][T13216] hfsplus: xattr search failed [ 963.172139][ T5068] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 963.187300][ T5068] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 963.232540][ T5068] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 963.258832][ T5068] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 963.421305][ T5068] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 963.559870][ T56] hsr_slave_0: left promiscuous mode [ 963.638903][ T56] hsr_slave_1: left promiscuous mode [ 963.670437][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 963.708369][ T56] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 963.779223][ T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 963.806903][ T56] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 963.988472][ T56] veth1_macvtap: left promiscuous mode [ 964.026726][ T56] veth0_macvtap: left promiscuous mode [ 964.076340][ T56] veth1_vlan: left promiscuous mode [ 964.115584][ T56] veth0_vlan: left promiscuous mode [ 965.118235][T13248] netlink: 'syz.1.2753': attribute type 1 has an invalid length. [ 965.126647][T13248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2753'. [ 965.535009][ T5779] Bluetooth: hci0: command tx timeout [ 966.403499][ T56] team0 (unregistering): Port device team_slave_1 removed [ 966.582986][ T56] team0 (unregistering): Port device team_slave_0 removed [ 967.611227][ T5779] Bluetooth: hci0: command tx timeout [ 968.061326][T13270] loop3: detected capacity change from 0 to 4096 [ 968.992665][T13281] ntfs3(loop3): ino=1e, "file1" attr_set_size [ 969.082206][T13269] ntfs3(loop3): ino=1e, "file1" attr_set_size [ 969.692870][ T5779] Bluetooth: hci0: command tx timeout [ 969.914769][T13227] chnl_net:caif_netlink_parms(): no params data found [ 970.746130][T13303] loop7: detected capacity change from 0 to 164 [ 970.828328][T13303] Unable to read rock-ridge attributes [ 970.957274][T13303] Unable to read rock-ridge attributes [ 971.306689][T13310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2770'. [ 971.378625][T13310] netlink: 452 bytes leftover after parsing attributes in process `syz.3.2770'. [ 971.455565][T13310] netlink: 452 bytes leftover after parsing attributes in process `syz.3.2770'. [ 971.768434][ T5779] Bluetooth: hci0: command tx timeout [ 972.377062][T13227] bridge0: port 1(bridge_slave_0) entered blocking state [ 972.418148][T13227] bridge0: port 1(bridge_slave_0) entered disabled state [ 972.426419][T13227] bridge_slave_0: entered allmulticast mode [ 972.510780][T13227] bridge_slave_0: entered promiscuous mode [ 972.667155][T13227] bridge0: port 2(bridge_slave_1) entered blocking state [ 972.708043][T13227] bridge0: port 2(bridge_slave_1) entered disabled state [ 972.716420][T13227] bridge_slave_1: entered allmulticast mode [ 972.783509][T13324] loop7: detected capacity change from 0 to 64 [ 972.808736][T13227] bridge_slave_1: entered promiscuous mode [ 972.820325][T13326] loop4: detected capacity change from 0 to 8 [ 973.111555][T13324] BFS-fs: bfs_readdir(): Bad f_pos=00000049 for loop7:00000002 [ 973.406060][T13227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 973.521441][T13227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 974.107089][T13227] team0: Port device team_slave_0 added [ 974.220804][T13227] team0: Port device team_slave_1 added [ 974.281686][ T29] audit: type=1326 audit(1771122664.939:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13335 comm="syz.7.2779" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70aef6c code=0x0 [ 974.716852][T13227] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 974.747337][T13227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 974.835888][T13227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 974.923320][T13227] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 974.932641][T13227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 974.961935][T13227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 975.856139][T13227] hsr_slave_0: entered promiscuous mode [ 975.895430][T13227] hsr_slave_1: entered promiscuous mode [ 975.921073][T13227] debugfs: 'hsr0' already exists in 'hsr' [ 975.959999][T13227] Cannot create hsr debugfs directory [ 976.544583][T13357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2788'. [ 978.040406][T13227] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 978.142216][T13227] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 978.248913][T13227] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 978.335949][T13227] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 978.394550][T13368] loop4: detected capacity change from 0 to 4096 [ 979.139693][T13381] ntfs3(loop4): ino=1e, "file1" attr_set_size [ 979.218163][T13366] ntfs3(loop4): ino=1e, "file1" attr_set_size [ 980.359515][T13227] 8021q: adding VLAN 0 to HW filter on device bond0 [ 980.602351][T13227] 8021q: adding VLAN 0 to HW filter on device team0 [ 980.739203][ T2897] bridge0: port 1(bridge_slave_0) entered blocking state [ 980.747942][ T2897] bridge0: port 1(bridge_slave_0) entered forwarding state [ 980.969062][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 980.977780][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 984.038494][T13227] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 987.243516][T13227] veth0_vlan: entered promiscuous mode [ 987.456307][T13227] veth1_vlan: entered promiscuous mode [ 988.549242][T13227] veth0_macvtap: entered promiscuous mode [ 988.750633][T13227] veth1_macvtap: entered promiscuous mode [ 989.132787][T13227] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 989.277359][T13476] program syz.1.2823 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 989.402051][T13227] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 989.874690][ T57] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 989.953626][ T56] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 990.133155][ T56] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 990.213255][ T56] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 994.655111][T13509] Bluetooth: hci3: command 0x0406 tx timeout [ 998.319218][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 998.367864][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 998.416367][T13581] netlink: 'syz.3.2856': attribute type 6 has an invalid length. [ 998.782718][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 998.857716][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1000.397781][ T5825] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 1000.584201][ T5825] usb 2-1: Using ep0 maxpacket: 8 [ 1000.645706][ T5825] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1000.700989][ T5825] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1000.722734][ T5825] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1000.765625][ T5825] usb 2-1: config 0 descriptor?? [ 1001.096344][ T5825] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1001.360420][ T5825] usb 2-1: USB disconnect, device number 22 [ 1002.813073][ T5779] Bluetooth: hci0: command tx timeout [ 1002.846419][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 1005.038732][T13656] loop4: detected capacity change from 0 to 1024 [ 1005.385755][T13656] hfsplus: invalid extended attribute record [ 1005.442352][T13656] hfsplus: b-tree write err: -5, ino 2 [ 1006.046239][ T3424] hfsplus: b-tree write err: -5, ino 25 [ 1006.110303][ T3424] hfsplus: b-tree write err: -5, ino 4 [ 1006.122603][ T3424] hfsplus: b-tree write err: -5, ino 2 [ 1011.721017][T13726] loop7: detected capacity change from 0 to 4096 [ 1011.947716][T13737] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1012.049602][ T29] audit: type=1800 audit(1771122702.729:101): pid=13726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2918" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1013.128118][ T5821] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 1013.349889][ T5821] usb 9-1: Using ep0 maxpacket: 8 [ 1013.443705][ T5821] usb 9-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 1013.478165][ T5821] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1013.486734][ T5821] usb 9-1: Product: syz [ 1013.550222][ T5821] usb 9-1: Manufacturer: syz [ 1013.573873][ T5821] usb 9-1: SerialNumber: syz [ 1013.630569][ T5821] usb 9-1: config 0 descriptor?? [ 1014.000267][ T5821] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 1014.068883][ T5821] gspca_sunplus: reg_w_riv err -71 [ 1014.074562][ T5821] sunplus 9-1:0.0: probe with driver sunplus failed with error -71 [ 1014.213790][ T5821] usb 9-1: USB disconnect, device number 2 [ 1015.739046][T13774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2929'. [ 1019.244137][T13812] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2942'. [ 1019.580684][T13816] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 1019.631270][T13816] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 1019.691472][T13816] overlayfs: fs on '.' does not support file handles, falling back to xino=off. [ 1020.216612][T13822] program syz.7.2947 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1026.737791][ T5779] Bluetooth: hci0: command tx timeout [ 1028.755759][T13928] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2987'. [ 1029.588563][T13938] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2992'. [ 1029.695883][T13938] netlink: 104 bytes leftover after parsing attributes in process `syz.8.2992'. [ 1029.738043][T13938] netlink: 104 bytes leftover after parsing attributes in process `syz.8.2992'. [ 1034.570364][T13987] loop4: detected capacity change from 0 to 256 [ 1034.615529][T13987] exfat: Deprecated parameter 'utf8' [ 1034.677765][T13987] exfat: Deprecated parameter 'utf8' [ 1034.683698][T13987] exfat: Deprecated parameter 'utf8' [ 1034.975202][T13987] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 1037.347935][T14013] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3026'. [ 1038.692743][T14030] tipc: Started in network mode [ 1038.700398][T14030] tipc: Node identity ac1414aa, cluster identity 4711 [ 1038.738793][T14030] tipc: Enabling of bearer rejected, failed to enable media [ 1043.446333][T14079] loop8: detected capacity change from 0 to 512 [ 1043.561969][T14079] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 1043.680593][T14079] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 1043.717532][ C0] EXT4-fs (loop8): error count since last fsck: 1 [ 1043.724205][ C0] EXT4-fs (loop8): initial error at time 1771122734: ext4_mb_generate_buddy:1315 [ 1043.733723][ C0] EXT4-fs (loop8): last error at time 1771122734: ext4_mb_generate_buddy:1315 [ 1043.798563][T14079] EXT4-fs (loop8): 1 truncate cleaned up [ 1043.876131][T14084] loop7: detected capacity change from 0 to 64 [ 1043.886494][T14079] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1044.154182][T14079] EXT4-fs (loop8): shut down requested (1) [ 1044.720356][T13227] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1045.796757][T14099] netlink: 'syz.4.3064': attribute type 3 has an invalid length. [ 1045.808970][T14099] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3064'. [ 1046.929594][T11197] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 1047.110270][T11197] usb 5-1: config 220 has an invalid interface number: 76 but max is 2 [ 1047.148331][T11197] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1047.169436][T11197] usb 5-1: config 220 has no interface number 2 [ 1047.195490][T11197] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1047.274879][T11197] usb 5-1: config 220 interface 0 has no altsetting 0 [ 1047.394994][T11197] usb 5-1: config 220 interface 76 has no altsetting 0 [ 1047.413567][T11197] usb 5-1: config 220 interface 1 has no altsetting 0 [ 1047.477299][T11197] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1047.517881][T11197] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1047.535827][T11197] usb 5-1: Product: syz [ 1047.547950][T11197] usb 5-1: Manufacturer: syz [ 1047.553133][T11197] usb 5-1: SerialNumber: syz [ 1047.915178][T11197] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 1047.942535][T11197] uvcvideo 5-1:220.0: No valid video chain found. [ 1047.950045][T11197] usb 5-1: selecting invalid altsetting 0 [ 1048.046597][T11197] usb 5-1: selecting invalid altsetting 0 [ 1048.067914][T11197] usbtest 5-1:220.1: probe with driver usbtest failed with error -22 [ 1048.133269][T11197] usb 5-1: USB disconnect, device number 16 [ 1048.566096][T14129] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3077'. [ 1048.593281][T14129] bond0: Unable to set down delay as MII monitoring is disabled [ 1049.600208][T14139] loop4: detected capacity change from 0 to 512 [ 1050.529395][T14147] netlink: 'syz.4.3085': attribute type 12 has an invalid length. [ 1050.563733][T14147] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3085'. [ 1050.605693][T14147] bond0: option primary_reselect: invalid value (8) [ 1050.910895][T14151] loop8: detected capacity change from 0 to 2048 [ 1051.114890][T14151] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1053.480040][T14185] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3100'. [ 1054.326471][T14194] GUP no longer grows the stack in syz.8.3103 (14194): 80004000-80005000 (80001000) [ 1054.362223][T14194] CPU: 0 UID: 0 PID: 14194 Comm: syz.8.3103 Tainted: G L syzkaller #0 PREEMPT(full) [ 1054.362407][T14194] Tainted: [L]=SOFTLOCKUP [ 1054.362463][T14194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1054.362555][T14194] Call Trace: [ 1054.362611][T14194] [ 1054.362660][T14194] __dump_stack+0x26/0x30 [ 1054.362839][T14194] dump_stack_lvl+0x14c/0x1c0 [ 1054.363001][T14194] dump_stack+0x1e/0x25 [ 1054.363145][T14194] __get_user_pages+0x44ea/0x5f00 [ 1054.363307][T14194] ? update_load_avg+0x14eb/0x25d0 [ 1054.363516][T14194] ? kmsan_get_metadata+0xf1/0x160 [ 1054.363701][T14194] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1054.363890][T14194] __gup_longterm_locked+0x1862/0x2660 [ 1054.364051][T14194] ? gup_fast_fallback+0xee1/0x3b40 [ 1054.364201][T14194] ? filter_irq_stacks+0x49/0x190 [ 1054.364380][T14194] ? stack_depot_save_flags+0x35/0x790 [ 1054.364552][T14194] ? kmsan_get_metadata+0xf1/0x160 [ 1054.364732][T14194] ? kmsan_get_metadata+0xf1/0x160 [ 1054.364905][T14194] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.365086][T14194] ? kmsan_get_metadata+0xf1/0x160 [ 1054.365261][T14194] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.365451][T14194] gup_fast_fallback+0x3476/0x3b40 [ 1054.365724][T14194] get_user_pages_fast+0xb7/0x120 [ 1054.365888][T14194] __iov_iter_get_pages_alloc+0x988/0x14d0 [ 1054.366060][T14194] ? stack_depot_save_flags+0x35/0x790 [ 1054.366266][T14194] iov_iter_get_pages2+0xa9/0xf0 [ 1054.366441][T14194] __se_sys_vmsplice+0xdd2/0x3230 [ 1054.366686][T14194] ? kmsan_get_metadata+0xf1/0x160 [ 1054.366862][T14194] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.367049][T14194] ? kmsan_get_metadata+0xf1/0x160 [ 1054.367225][T14194] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1054.367401][T14194] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1054.367566][T14194] ? kmsan_get_metadata+0xf1/0x160 [ 1054.367787][T14194] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1054.368000][T14194] __ia32_sys_vmsplice+0xb8/0x110 [ 1054.368215][T14194] ia32_sys_call+0x358b/0x4360 [ 1054.368354][T14194] __do_fast_syscall_32+0x17f/0x3f0 [ 1054.368529][T14194] do_fast_syscall_32+0x37/0x80 [ 1054.368678][T14194] do_SYSENTER_32+0x1f/0x30 [ 1054.368830][T14194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1054.369013][T14194] RIP: 0023:0xf700ef6c [ 1054.369118][T14194] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 90 90 90 90 90 90 b8 ad [ 1054.369242][T14194] RSP: 002b:00000000f53fd50c EFLAGS: 00000206 ORIG_RAX: 000000000000013c [ 1054.369374][T14194] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000140 [ 1054.369465][T14194] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 1054.369549][T14194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1054.369629][T14194] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1054.369715][T14194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1054.369831][T14194] [ 1055.073024][T14199] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3107'. [ 1055.153297][T14199] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3107'. [ 1056.002348][ T56] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 1056.140496][ T56] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 1057.800370][T14232] netlink: 'syz.4.3120': attribute type 15 has an invalid length. [ 1058.377306][T14238] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3121'. [ 1059.196907][T14246] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1061.883803][T14281] loop7: detected capacity change from 0 to 512 [ 1061.921664][T14281] EXT4-fs: Ignoring removed nobh option [ 1062.002230][T14281] EXT4-fs (loop7): Test dummy encryption mode enabled [ 1062.031929][T14285] netlink: 'syz.1.3151': attribute type 2 has an invalid length. [ 1062.097370][T14281] EXT4-fs error (device loop7): __ext4_iget:5378: inode #11: block 1: comm syz.7.3140: invalid block [ 1062.251277][T14281] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1062.257703][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 1062.273866][ C0] EXT4-fs (loop7): initial error at time 1771122752: __ext4_iget:5378: inode 11: block 1 [ 1062.284269][ C0] EXT4-fs (loop7): last error at time 1771122752: __ext4_iget:5378: inode 11: block 1 [ 1062.312427][T14281] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.3140: couldn't read orphan inode 11 (err -117) [ 1062.348196][T14281] loop7: lost filesystem error report for type 5 error -117 [ 1062.353590][T14281] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1062.860766][T11220] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1063.603502][T14295] netlink: 'syz.7.3145': attribute type 9 has an invalid length. [ 1064.277471][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 1064.888534][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3153'. [ 1064.903284][T14308] input: syz1 as /devices/virtual/input/input24 [ 1064.994188][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3153'. [ 1065.932677][T14322] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3158'. [ 1066.073644][T14322] bond0: entered promiscuous mode [ 1066.096491][T14325] netlink: 84 bytes leftover after parsing attributes in process `syz.7.3160'. [ 1066.101633][T14322] bond_slave_0: entered promiscuous mode [ 1066.146537][T14322] bond_slave_1: entered promiscuous mode [ 1066.183824][T14322] syz_tun: entered promiscuous mode [ 1066.279358][T14322] bond0: left promiscuous mode [ 1066.301366][T14322] bond_slave_0: left promiscuous mode [ 1066.336068][T14322] bond_slave_1: left promiscuous mode [ 1066.372857][T14322] syz_tun: left promiscuous mode [ 1067.185114][T14333] loop8: detected capacity change from 0 to 512 [ 1068.356283][T14344] 9p: Bad value for 'rfdno' [ 1069.106491][T14355] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3173'. [ 1071.469194][T14386] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3) [ 1071.476079][T14386] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1071.524496][T14386] vhci_hcd vhci_hcd.0: Device attached [ 1071.538713][T14385] netlink: 'syz.4.3187': attribute type 7 has an invalid length. [ 1071.797749][ T5824] usb 47-1: new low-speed USB device number 2 using vhci_hcd [ 1074.494634][ C0] Illegal XDP return value 16128 on prog (id 73) dev veth0_to_bond, expect packet loss! [ 1074.646824][T14422] loop8: detected capacity change from 0 to 4096 [ 1074.810678][T14387] vhci_hcd: connection reset by peer [ 1074.871453][ T14] vhci_hcd vhci_hcd.7: stop threads [ 1074.877021][ T14] vhci_hcd vhci_hcd.7: release socket [ 1074.889134][T14428] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1074.928486][ T14] vhci_hcd vhci_hcd.7: disconnect device [ 1075.091529][T14422] NILFS error (device loop8): nilfs_dotdot: directory #12 missing '.' [ 1075.168324][T14422] Remounting filesystem read-only [ 1075.567212][T13227] NILFS (loop8): disposed unprocessed dirty file(s) when detaching log writer [ 1076.974344][ T5824] vhci_hcd vhci_hcd.7: vhci_device speed not set [ 1077.293811][T14445] loop4: detected capacity change from 0 to 32768 [ 1077.306889][T14445] xfs: Deprecated parameter 'ikeep' [ 1077.312555][T14445] XFS: ikeep mount option is deprecated. [ 1077.378162][T14445] xfs: Unknown parameter 'mtpt' [ 1080.591300][T14481] Bluetooth: MGMT ver 1.23 [ 1081.358834][T14489] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3230'. [ 1081.428242][T14489] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3230'. [ 1082.051117][T14495] netlink: 'syz.8.3233': attribute type 11 has an invalid length. [ 1082.139033][T14497] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3234'. [ 1082.445369][T14491] loop4: detected capacity change from 0 to 8192 [ 1083.582924][T14514] RDS: rds_bind could not find a transport for ::d00:0:0:0, load rds_tcp or rds_rdma? [ 1084.268649][T14521] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3245'. [ 1084.367708][T14521] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3245'. [ 1084.437193][T14525] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3245'. [ 1085.015535][T14532] netlink: 68 bytes leftover after parsing attributes in process `syz.8.3250'. [ 1085.063101][T14532] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3250'. [ 1087.087179][T14561] loop4: detected capacity change from 0 to 64 [ 1087.335213][ T29] audit: type=1326 audit(1771122777.989:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1087.451240][ T29] audit: type=1326 audit(1771122778.099:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1087.537729][ T29] audit: type=1326 audit(1771122778.099:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1087.562032][T14567] netlink: 4580 bytes leftover after parsing attributes in process `syz.8.3265'. [ 1087.641919][ T29] audit: type=1326 audit(1771122778.109:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1087.652970][T14567] netlink: 4580 bytes leftover after parsing attributes in process `syz.8.3265'. [ 1087.795533][ T29] audit: type=1326 audit(1771122778.109:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1087.895506][ T29] audit: type=1326 audit(1771122778.109:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1087.987673][ T29] audit: type=1326 audit(1771122778.099:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1088.108090][ T29] audit: type=1326 audit(1771122778.159:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1088.188216][ T29] audit: type=1326 audit(1771122778.159:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1088.288827][ T29] audit: type=1326 audit(1771122778.159:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14562 comm="syz.3.3264" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 1088.704235][T14573] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3267'. [ 1090.024478][T14586] loop8: detected capacity change from 0 to 4096 [ 1090.112266][T14586] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512). [ 1090.667953][T14586] ntfs3(loop8): ino=1a, mi_enum_attr [ 1090.673532][T14586] ntfs3(loop8): Mark volume as dirty due to NTFS errors [ 1090.773492][T14586] ntfs3(loop8): ino=1a, mi_enum_attr [ 1090.808854][T14586] ntfs3(loop8): Failed to initialize $Extend/$Reparse. [ 1091.439121][T14606] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3282'. [ 1091.495608][T14605] loop4: detected capacity change from 0 to 512 [ 1091.693886][T14605] EXT4-fs (loop4): 1 orphan inode deleted [ 1091.813713][T14605] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1091.868818][ T71] EXT4-fs error (device loop4): ext4_release_dquot:7039: comm kworker/u8:5: Failed to release dquot type 1 [ 1091.907755][ T71] loop4: lost filesystem error report for type 5 error -117 [ 1091.956097][T14605] ext4 filesystem being mounted at /468/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1092.123493][T14605] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3283'. [ 1092.590079][ T8984] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1093.277849][T11498] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 1093.498008][T11498] usb 5-1: Using ep0 maxpacket: 32 [ 1093.528870][T11498] usb 5-1: config 0 has an invalid interface number: 85 but max is 0 [ 1093.562726][T11498] usb 5-1: config 0 has no interface number 0 [ 1093.617732][T11498] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1093.654855][T11498] usb 5-1: config 0 interface 85 has no altsetting 0 [ 1093.742622][T11498] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 1093.801928][T11498] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.846528][T11498] usb 5-1: Product: syz [ 1093.880361][T11498] usb 5-1: Manufacturer: syz [ 1093.885478][T11498] usb 5-1: SerialNumber: syz [ 1093.950525][T11498] usb 5-1: config 0 descriptor?? [ 1094.638608][T11498] appletouch 5-1:0.85: Geyser mode initialized. [ 1094.710866][T11498] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.85/input/input25 [ 1094.847708][ T5824] usb 5-1: USB disconnect, device number 17 [ 1094.996874][ T5824] appletouch 5-1:0.85: input: appletouch disconnected [ 1095.076534][T14645] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3300'. [ 1096.728542][T13509] Bluetooth: hci5: command 0x1003 tx timeout [ 1096.734931][ T5779] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1097.056957][T14668] loop8: detected capacity change from 0 to 1024 [ 1097.711369][T14675] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3314'. [ 1097.781225][T14675] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3314'. [ 1098.805435][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 1098.805518][ T29] audit: type=1326 audit(1771122789.479:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm="syz.7.3319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1098.988592][ T29] audit: type=1326 audit(1771122789.529:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm="syz.7.3319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1099.107750][ T29] audit: type=1326 audit(1771122789.539:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm="syz.7.3319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1099.204023][T14689] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3321'. [ 1099.232285][ T29] audit: type=1326 audit(1771122789.539:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm="syz.7.3319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1099.268476][ T29] audit: type=1326 audit(1771122789.549:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm="syz.7.3319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1099.379427][ T29] audit: type=1326 audit(1771122789.549:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm="syz.7.3319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1099.472584][T14693] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3322'. [ 1099.501975][ T29] audit: type=1326 audit(1771122789.559:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14685 comm="syz.7.3319" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1099.589443][T14695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3322'. [ 1099.673824][T14695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3322'. [ 1100.608731][T14709] loop7: detected capacity change from 0 to 256 [ 1100.812415][T14709] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1101.369504][T14716] ip6tnl1: entered allmulticast mode [ 1102.061553][T14724] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3335'. [ 1102.976417][T14737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3340'. [ 1103.154826][T14737] macvtap1: entered promiscuous mode [ 1103.181975][T14737] bridge0: entered promiscuous mode [ 1103.209023][T14737] macvtap1: entered allmulticast mode [ 1103.247263][T14737] bridge0: entered allmulticast mode [ 1103.307770][T14737] bridge0: port 3(macvtap1) entered blocking state [ 1103.331131][T14737] bridge0: port 3(macvtap1) entered disabled state [ 1103.431416][T14737] bridge0: left allmulticast mode [ 1103.488190][T14737] bridge0: left promiscuous mode [ 1110.237871][ T5824] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 1110.448240][ T5824] usb 5-1: Using ep0 maxpacket: 32 [ 1110.470709][ T5824] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 1110.508069][ T5824] usb 5-1: config 0 has no interface number 0 [ 1110.548396][ T5824] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1110.590276][ T5824] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1110.622271][ T5824] usb 5-1: Product: syz [ 1110.626706][ T5824] usb 5-1: Manufacturer: syz [ 1110.659229][ T5824] usb 5-1: SerialNumber: syz [ 1110.689932][ T5824] usb 5-1: config 0 descriptor?? [ 1110.787848][ T5824] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1111.009250][ T5824] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1111.056180][ T5824] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1111.235913][T14812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1111.279517][T14812] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1111.565006][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1111.573259][T11498] usb 5-1: USB disconnect, device number 18 [ 1111.720333][T11498] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1111.780093][T11498] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1111.851948][T11498] quatech2 5-1:0.51: device disconnected [ 1112.031811][T14833] vcan0: tx drop: invalid da for name 0x00000000000000eb [ 1112.918529][T14843] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3391'. [ 1113.000518][T14843] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3391'. [ 1113.027877][T14843] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3391'. [ 1114.517664][ T5824] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 1114.778885][ T5824] usb 9-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 1114.808027][ T5824] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1114.851251][ T5824] usb 9-1: Product: syz [ 1114.855754][ T5824] usb 9-1: Manufacturer: syz [ 1114.887699][ T5824] usb 9-1: SerialNumber: syz [ 1115.862721][ T5824] (unnamed net_device) (uninitialized): Assigned a random MAC address: 4a:4f:d7:85:14:62 [ 1115.990553][ T5824] rtl8150 9-1:1.0: eth17: rtl8150 is detected [ 1116.087998][ T5824] usb 9-1: USB disconnect, device number 3 [ 1116.250816][T14882] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3409'. [ 1117.536245][T14902] program syz.4.3416 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1120.272679][T14921] loop7: detected capacity change from 0 to 4096 [ 1120.526715][T14921] Quota error (device loop7): v2_read_file_info: Block with free entry 5 out of range (1, 0). [ 1120.621783][T14921] EXT4-fs warning (device loop7): ext4_enable_quotas:7238: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 1120.695175][T14921] EXT4-fs (loop7): mount failed [ 1123.331857][T14969] netlink: 'syz.3.3444': attribute type 32 has an invalid length. [ 1123.352227][T14969] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3444'. [ 1123.557975][T14969] bond1: option coupled_control: invalid value (18) [ 1123.585340][T14969] bond1 (unregistering): Released all slaves [ 1124.237927][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.278489][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.308206][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.326967][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.358036][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.396948][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.455952][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.503315][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.534154][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.600314][T11498] hid-generic 0103:0004:0000.0021: unknown main item tag 0x0 [ 1124.644247][T11498] hid-generic 0103:0004:0000.0021: hidraw0: HID v0.02 Device [syz0] on syz1 [ 1125.493110][T14984] fido_id[14984]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1125.731012][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 1127.067898][T15010] loop7: detected capacity change from 0 to 256 [ 1127.175429][T15010] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1127.284664][ T29] audit: type=1800 audit(1771122818.967:128): pid=15010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3462" name="file0" dev="loop7" ino=1048723 res=0 errno=0 [ 1127.322517][T15013] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 1128.677100][T15026] Invalid ELF header magic: != ELF [ 1128.782953][T15027] loop7: detected capacity change from 0 to 2048 [ 1128.869186][T15027] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1129.040240][T15029] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1129.055344][ T9835] udevd[9835]: incorrect nilfs2 checksum on /dev/loop7 [ 1130.170533][T15037] loop4: detected capacity change from 0 to 512 [ 1130.599045][T15037] EXT4-fs (loop4): too many log groups per flexible block group [ 1130.646205][T15037] EXT4-fs (loop4): failed to initialize mballoc (-12) [ 1130.704224][T15037] EXT4-fs (loop4): mount failed [ 1131.173913][T15045] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 1131.227903][T15045] macsec3: entered promiscuous mode [ 1131.252578][T15045] macsec3: entered allmulticast mode [ 1131.271977][T15045] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 1137.271829][T15176] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 1137.316714][T15176] dvmrp1: linktype set to 774 [ 1137.586304][T15178] fuse: Bad value for 'fd' [ 1138.216720][T15189] netlink: 256 bytes leftover after parsing attributes in process `syz.7.3505'. [ 1140.609411][T15219] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 1140.626381][T15219] macsec2: entered promiscuous mode [ 1140.656213][T15219] macsec2: entered allmulticast mode [ 1140.674226][T15219] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 1141.719806][T15229] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3525'. [ 1141.786066][T15229] netlink: 'syz.4.3525': attribute type 14 has an invalid length. [ 1141.828123][T15229] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3525'. [ 1144.118590][T15259] netlink: 75 bytes leftover after parsing attributes in process `syz.3.3537'. [ 1144.325976][T15260] loop8: detected capacity change from 0 to 1764 [ 1146.372395][T15276] loop7: detected capacity change from 0 to 2048 [ 1146.540620][T15276] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1146.665952][T15276] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 1146.720916][T15276] overlayfs: failed to set uuid (/file0, err=-28); falling back to uuid=null. [ 1146.858311][T15276] overlayfs: failed to verify upper root origin [ 1147.240801][T11220] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1147.284469][T15291] program syz.1.3549 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1147.986565][T15285] loop8: detected capacity change from 0 to 8192 [ 1148.120047][T15299] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3555'. [ 1148.879337][T15304] tipc: Enabling of bearer rejected, failed to enable media [ 1149.439960][T15309] fuse: Bad value for 'fd' [ 1150.919449][T15329] loop8: detected capacity change from 0 to 512 [ 1151.137724][T15329] EXT4-fs (loop8): too many log groups per flexible block group [ 1151.229334][T15329] EXT4-fs (loop8): failed to initialize mballoc (-12) [ 1151.236710][T15329] EXT4-fs (loop8): mount failed [ 1153.687255][T11197] hid_parser_main: 1 callbacks suppressed [ 1153.730348][T11197] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 1153.774187][T11197] hid-generic 0000:0000:0000.0022: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1154.652189][T15366] fido_id[15366]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1154.805359][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1154.894297][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 1155.849838][T15386] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3591'. [ 1155.922043][T15386] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3591'. [ 1156.390338][T15389] loop8: detected capacity change from 0 to 2048 [ 1156.776238][T15399] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3595'. [ 1162.423174][T15473] program syz.8.3630 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1166.899433][T15522] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3652'. [ 1168.157707][ T5811] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 1168.387802][ T5811] usb 2-1: config index 0 descriptor too short (expected 1572, got 36) [ 1168.396347][ T5811] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1168.515792][ T5811] usb 2-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40 [ 1168.552796][ T5811] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1168.575366][ T5811] usb 2-1: Product: syz [ 1168.607868][ T5811] usb 2-1: Manufacturer: syz [ 1168.612751][ T5811] usb 2-1: SerialNumber: syz [ 1168.706537][ T5811] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input28 [ 1168.902870][T15545] loop7: detected capacity change from 0 to 512 [ 1168.912465][ T5115] bcm5974 2-1:1.0: could not read from device [ 1168.950078][ T5115] bcm5974 2-1:1.0: could not read from device [ 1168.978839][ T5811] bcm5974 2-1:1.0: could not read from device [ 1169.029293][ T5115] bcm5974 2-1:1.0: could not read from device [ 1169.118217][ T5811] input: failed to attach handler mousedev to device input28, error: -5 [ 1169.143023][T15545] EXT4-fs (loop7): too many log groups per flexible block group [ 1169.175507][ T5115] bcm5974 2-1:1.0: could not read from device [ 1169.212726][ T5811] usb 2-1: USB disconnect, device number 23 [ 1169.233277][T15545] EXT4-fs (loop7): failed to initialize mballoc (-12) [ 1169.247186][T15545] EXT4-fs (loop7): mount failed [ 1169.370533][T15551] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.3662'. [ 1171.566465][T15570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3671'. [ 1171.678945][T15573] netlink: 'syz.8.3672': attribute type 8 has an invalid length. [ 1173.374017][T15590] loop7: detected capacity change from 0 to 512 [ 1173.475488][T15590] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1173.543489][T15595] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3682'. [ 1173.770294][T15590] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1173.789973][T15590] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1173.849341][T15590] EXT4-fs error (device loop7): ext4_readdir:265: inode #2: block 3: comm syz.7.3681: path /314/bus: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=15, rec_len=4, size=2048 fake=0 [ 1174.314523][T11220] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1174.852707][T15098] ===================================================== [ 1174.861230][T15098] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xe7b/0xc820 [ 1174.870271][T15098] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1174.880804][T15098] n_tty_receive_buf_common+0x1a59/0x2610 [ 1174.886785][T15098] n_tty_receive_buf2+0x4c/0x60 [ 1174.893351][T15098] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1174.899990][T15098] tty_port_default_receive_buf+0xd7/0x1a0 [ 1174.906042][T15098] flush_to_ldisc+0x43e/0xe40 [ 1174.911402][T15098] process_scheduled_works+0xb21/0x1e30 [ 1174.917154][T15098] worker_thread+0xede/0x1580 [ 1174.922193][T15098] kthread+0x53f/0x600 [ 1174.926482][T15098] ret_from_fork+0x20f/0x910 [ 1174.932784][T15098] ret_from_fork_asm+0x1a/0x30 [ 1174.937911][T15098] [ 1174.940333][T15098] Uninit was stored to memory at: [ 1174.945700][T15098] n_tty_receive_buf_standard+0xe74/0xc820 SYZFAIL: failed to send rpc fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 1174.951973][T15098] n_tty_receive_buf_common+0x1a59/0x2610 [ 1174.958616][T15098] n_tty_receive_buf2+0x4c/0x60 [ 1174.963673][T15098] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1174.969345][T15098] tty_port_default_receive_buf+0xd7/0x1a0 [ 1174.979945][T15098] flush_to_ldisc+0x43e/0xe40 [ 1174.986046][T15098] process_scheduled_works+0xb21/0x1e30 [ 1174.992225][T15098] worker_thread+0xede/0x1580 [ 1175.001696][T15098] kthread+0x53f/0x600 [ 1175.006009][T15098] ret_from_fork+0x20f/0x910 [ 1175.011832][T15098] ret_from_fork_asm+0x1a/0x30 [ 1175.016842][T15098] [ 1175.019715][T15098] Uninit was created at: [ 1175.024234][T15098] __kmalloc_noprof+0x486/0x1680 [ 1175.029556][T15098] __tty_buffer_request_room+0x3d4/0x7a0 [ 1175.035445][T15098] __tty_insert_flip_string_flags+0x157/0x6e0 [ 1175.041963][T15098] uart_insert_char+0x368/0x930 [ 1175.047144][T15098] serial8250_read_char+0x1ba/0x670 [ 1175.052898][T15098] serial8250_handle_irq+0x930/0x1110 [ 1175.058721][T15098] serial8250_default_handle_irq+0x116/0x370 [ 1175.064995][T15098] serial8250_interrupt+0xcb/0x420 [ 1175.070493][T15098] __handle_irq_event_percpu+0x13c/0xf90 [ 1175.080144][T15098] handle_irq_event+0xe0/0x2a0 [ 1175.085196][T15098] handle_edge_irq+0x2a9/0xb30 [ 1175.091436][T15098] __common_interrupt+0x9d/0x180 [ 1175.096663][T15098] common_interrupt+0x94/0xb0 [ 1175.102482][T15098] asm_common_interrupt+0x2b/0x40 [ 1175.108848][T15098] [ 1175.111310][T15098] CPU: 1 UID: 0 PID: 15098 Comm: kworker/u8:17 Tainted: G L syzkaller #0 PREEMPT(full) [ 1175.122914][T15098] Tainted: [L]=SOFTLOCKUP [ 1175.127494][T15098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1175.138096][T15098] Workqueue: events_unbound flush_to_ldisc [ 1175.144149][T15098] ===================================================== [ 1175.151376][T15098] Disabling lock debugging due to kernel taint [ 1175.357972][T15098] Kernel panic - not syncing: kmsan.panic set ... [ 1175.364615][T15098] CPU: 1 UID: 0 PID: 15098 Comm: kworker/u8:17 Tainted: G B L syzkaller #0 PREEMPT(full) [ 1175.376176][T15098] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP [ 1175.381850][T15098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1175.392132][T15098] Workqueue: events_unbound flush_to_ldisc [ 1175.398232][T15098] Call Trace: [ 1175.401660][T15098] [ 1175.404699][T15098] __dump_stack+0x26/0x30 [ 1175.409228][T15098] dump_stack_lvl+0x50/0x1c0 [ 1175.414087][T15098] ? dump_stack+0x12/0x25 [ 1175.418714][T15098] dump_stack+0x1e/0x25 [ 1175.423088][T15098] vpanic+0x7b4/0x1430 [ 1175.427399][T15098] panic+0x15d/0x160 [ 1175.431546][T15098] kmsan_report+0x31a/0x320 [ 1175.436263][T15098] ? __msan_warning+0x1b/0x30 [ 1175.441122][T15098] ? n_tty_receive_buf_standard+0xe7b/0xc820 [ 1175.447315][T15098] ? n_tty_receive_buf_common+0x1a59/0x2610 [ 1175.453443][T15098] ? n_tty_receive_buf2+0x4c/0x60 [ 1175.458713][T15098] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 1175.464348][T15098] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 1175.470519][T15098] ? flush_to_ldisc+0x43e/0xe40 [ 1175.475535][T15098] ? process_scheduled_works+0xb21/0x1e30 [ 1175.481527][T15098] ? worker_thread+0xede/0x1580 [ 1175.486562][T15098] ? kthread+0x53f/0x600 [ 1175.491029][T15098] ? ret_from_fork+0x20f/0x910 [ 1175.496000][T15098] ? ret_from_fork_asm+0x1a/0x30 [ 1175.501330][T15098] ? ret_from_fork_asm+0x1a/0x30 [ 1175.506482][T15098] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1175.513114][T15098] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1175.519391][T15098] ? kmsan_get_metadata+0x146/0x160 [ 1175.524799][T15098] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1175.531332][T15098] ? kmsan_get_metadata+0x146/0x160 [ 1175.536734][T15098] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1175.542757][T15098] ? n_tty_receive_char+0x1223/0x14f0 [ 1175.548334][T15098] ? kmsan_get_metadata+0xf1/0x160 [ 1175.553661][T15098] __msan_warning+0x1b/0x30 [ 1175.558353][T15098] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1175.564411][T15098] ? kmsan_get_metadata+0xf1/0x160 [ 1175.569897][T15098] n_tty_receive_buf_common+0x1a59/0x2610 [ 1175.575821][T15098] ? __pfx_native_smp_send_reschedule+0x10/0x10 [ 1175.582372][T15098] n_tty_receive_buf2+0x4c/0x60 [ 1175.587414][T15098] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 1175.593154][T15098] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1175.598610][T15098] tty_port_default_receive_buf+0xd7/0x1a0 [ 1175.604638][T15098] flush_to_ldisc+0x43e/0xe40 [ 1175.609506][T15098] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 1175.616221][T15098] ? __pfx_flush_to_ldisc+0x10/0x10 [ 1175.621705][T15098] process_scheduled_works+0xb21/0x1e30 [ 1175.627528][T15098] worker_thread+0xede/0x1580 [ 1175.632438][T15098] kthread+0x53f/0x600 [ 1175.636879][T15098] ? __pfx_worker_thread+0x10/0x10 [ 1175.642181][T15098] ? __pfx_kthread+0x10/0x10 [ 1175.647095][T15098] ret_from_fork+0x20f/0x910 [ 1175.651879][T15098] ? __switch_to+0x51c/0x750 [ 1175.656678][T15098] ? __pfx_kthread+0x10/0x10 [ 1175.661467][T15098] ret_from_fork_asm+0x1a/0x30 [ 1175.666466][T15098] [ 1175.670196][T15098] Kernel Offset: disabled [ 1175.674696][T15098] Rebooting in 86400 seconds..