last executing test programs: 1m31.492928167s ago: executing program 1 (id=1632): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0) 1m31.270365571s ago: executing program 1 (id=1634): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000010000000000000000000000850000004100000085000000d000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 1m31.029451366s ago: executing program 1 (id=1635): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x81}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) connect$unix(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 1m29.887464968s ago: executing program 1 (id=1638): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3000046, &(0x7f0000000bc0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@nombcache}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]}) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) 1m28.484879375s ago: executing program 1 (id=1647): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000340)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x4) sendmsg$netlink(r5, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="100000ea140097af29bd7000fddbdf2596073cd6008f4509cd0700000000000000e0f84f3bf32c"], 0x10}], 0x1, 0x0, 0x0, 0x80}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4000001) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0) sendmmsg(r6, &(0x7f0000000180), 0x3ef, 0x0) 1m22.913964264s ago: executing program 1 (id=1671): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000000)=0x0) timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0xe0000000, 0x28014010, 0x2, 0x2, 0x0, 0xd, 0x0, 0x0, 0x20, 0x9}}, 0x50) syz_fuse_handle_req(r3, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x20c01, 0x0) dup3(r3, r5, 0x6700000000000000) close_range(r0, 0xffffffffffffffff, 0x0) 1m22.300627446s ago: executing program 32 (id=1671): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000000)=0x0) timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0xe0000000, 0x28014010, 0x2, 0x2, 0x0, 0xd, 0x0, 0x0, 0x20, 0x9}}, 0x50) syz_fuse_handle_req(r3, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x20c01, 0x0) dup3(r3, r5, 0x6700000000000000) close_range(r0, 0xffffffffffffffff, 0x0) 5.701166319s ago: executing program 4 (id=1942): syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x446, &(0x7f0000000680)={[{@min_batch_time={'min_batch_time', 0x3d, 0x9}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@errors_continue}, {@noquota}, {@noquota}, {@noblock_validity}, {@delalloc}, {@noauto_da_alloc}, {@nouid32}, {@user_xattr}, {@nodioread_nolock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") chdir(&(0x7f0000000000)='./file0\x00') lseek(0xffffffffffffffff, 0x5caa, 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x40) getdents64(0xffffffffffffffff, 0x0, 0x0) 5.256917358s ago: executing program 4 (id=1948): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000340)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) close(0x3) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000b98bc2c900000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 5.018702532s ago: executing program 4 (id=1950): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000340)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$netlink(0x10, 0x3, 0x4) sendmsg$netlink(r4, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="100000ea140097af29bd7000fddbdf2596073cd6008f4509cd0700000000000000e0f84f3bf32c"], 0x10}], 0x1, 0x0, 0x0, 0x80}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4000001) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0) sendmmsg(r5, &(0x7f0000000180), 0x3ef, 0x0) 3.837693115s ago: executing program 4 (id=1955): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) ptrace(0x10, r0) ptrace$peeksig(0x4209, r0, &(0x7f0000000140)={0x0, 0x0, 0x2}, &(0x7f0000000180)=[{}, {}]) 3.442362073s ago: executing program 3 (id=1959): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xfff2}, {}, {0x5, 0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x1, 0xffe0}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8848}, 0x4000010) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) 3.194068577s ago: executing program 3 (id=1962): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x2018886, &(0x7f0000000680)=ANY=[@ANYBLOB="666c7573682c73686f72746e616d653d6c6f7765722c696f636861727365743d69736f383835392d332c74696d655f6f66667365743d30786666666666666630303030303000303030303030303030303030353433312c6e6f6e756d7461696c3d302c7379735f696d6d757461626c652c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c0000000000000000000000000000000000e155d1b4cee927a357abb4d115bb79f910607ea652aefc1cd7dc2712f7c9a4ce522ed223fbdf4beca0b19d00f56e0ec4bbc241d324493c8b478ea8ad5d8051584e32b269a1fe9b1003a9bafe8b3ce7b1834b7cca2892d8df226ac47bfe676aa45bc26895ab164324ea01a44afa7fd6b06b33079fdbcc7bdcfbffffffffffffffb05676b683bc7484683a80a51e748562066c425fa05641170020747d688f6d07f909c7733dc72eee426108eb11c55856eb26f84c5685d36ab4ee2ea8690d6eebd49cd14c307502c340d35c6ee9fde1218cf45207255fe4653227f95cf9af08743251a892a0865a9ada9506076b264c28fed665666e3b1ba0f22203fbb755ebd70c75d1c894e2c9aa779d7929bd2109db905fc146840342400a12b2f9a910463ebb52402876002abe0dd081baee5d25f39725b8b79e7cf06e9c5b9feb9b"], 0x5, 0x337, &(0x7f0000001240)="$eJzs3U+IG1UYAPBvdrJJu1CzB6HoKXoTZWlXPOhpi1Qo9KBIUPFisOu/TSxsILBFmuYkHhUvgp689aDHnsWDiDcPXq0g/sGLx4rFkWRmM5NNulYxWxZ+v0P5+N735b2ZvG6y7O7LK1uxc2k1smHkaltPb8WtJNZjJdIidy2qVgIAON5uZVn8nuX+ufqDtaNYEwCwXJPX/9dPlYnGvVwNAHAU7vL7/2cXZi8vbVkAwBLNvf4/PDNcn62uTX8nAAA4vp5/KUvyqHUiovfuoD1ox1Pl+LnX4s3oxnaciWbcjsjfKOTvFsb/PnPh4vkzrbGf16M97hi0I3rDQTt/p3AunfQ34mw0Y73oz6b96bj/7KS/FRHXhpP5o5cM2quxVsz//Vpsx2Y04/65/ogLF89vtooHaPf2+4cRozixfxHj9W9EM759NS5HNy7FuLdc//RHHpX+wfXGpA4AAAAAAAAAAAAAAAAAAAAAAJZhozW1HieLZFae37OxURmvno/TzkuL84FG+flAWWP/dJ730oPnA82ezzNo13ySIAAAAAAAAAAAAAAAAAAAABT6e/XodLvbu/29KzvVYFjJvP31Z1+ejIM1b6VlJmr5w83UFLmodKUxbc+m7Vk6U1MEaURZfP3GdMXVmsb0Kubax0Fjbigp1tTpdk899OPHi7r+KjNpzN2W2SAp5q8M9e7LU4d03TnYLDOtiPnZb2ZZdqf2qx9NgqQ6FElEbe6J+z+Cr35644HH+6efmGS+KA59eOSx5gs3P/z0151ON4pb0+3Wd/u3s/88V1rZP0lxn5MFO2FxMCozo93+Xif97rcXH3z/mwPFablJ6sVDj4eyfPbJVTx6yE74/GCmngfJomdwQbC6YPMvDl7+c7p7Dyte8L/pnbhy+pOtzo2rP/xyt3e+8kViJWL/+QQAAAAAAAAAAAAAAAAAAJan8rfi/8KTzy1vRQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw9MrP/68Eo0qmHn9kudma+aAxjPmhxvZu/15fIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B0AAP//DW5orQ==") mount$tmpfs(0x0, 0x0, &(0x7f0000000f40), 0x89, &(0x7f0000000100)={[{@size={'size', 0x3d, [0x25]}}]}) 2.968461662s ago: executing program 3 (id=1964): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000ac0)={0x3, &(0x7f0000000a80)=[{0x40}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x16}]}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000003180)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000c00)="26f2d136", 0x4}], 0x1}}], 0x1, 0x0) 2.917245343s ago: executing program 2 (id=1965): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000340)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x4) sendmsg$netlink(r5, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="100000ea140097af29bd7000fddbdf2596073cd6008f4509cd0700000000000000e0f84f3bf32c"], 0x10}], 0x1, 0x0, 0x0, 0x80}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x4000001) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0) sendmmsg(r6, &(0x7f0000000180), 0x3ef, 0x0) 2.638365409s ago: executing program 3 (id=1966): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) ioctl$TIOCL_PASTESEL(r1, 0x541c, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0xff) 2.369152384s ago: executing program 4 (id=1967): mkdir(0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_emit_ethernet(0xfffffffffffffc98, 0x0, 0x0) 2.007448231s ago: executing program 0 (id=1968): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af60, &(0x7f00000002c0)={0x1}) 1.852555424s ago: executing program 2 (id=1969): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffc}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) 1.726384886s ago: executing program 0 (id=1970): socket$nl_generic(0x10, 0x3, 0x10) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x842, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000340)='./file1\x00', 0x1804810, &(0x7f0000000180)=ANY=[], 0x76, 0x682, &(0x7f0000000640)="$eJzs3c1vHGcdB/DvbDZrb1qCmyZtQJVqNRIgIhI7VgrmQkAI5RChqhw4W4nbWN2kxXGRWyHq8HrtoX9AOeSCOCFxj1Q4cIFbb8jHSkhceqk5LZrZWXttr93dvNhO+Xyi8fM888w883t+szP7pmgD/N+6ej7N+yly9fy11bK9fm+us35v7la/nmQiyVrSTNJIUnzW7XY/Sq4kxeYwxY5ylw+W5l/9+NP1T3qtZr1U2zf222+Heru1HavXqqXbaxxLMj3q/Idb6x+jHOf6Q49XbEZ+Jcm5uoRDdzxJd5uf/f3pzZ4B7WF7Tx5IjMDjVfSeN3eZSk7UF3r5OqD/zNs42OhGNzHidjtfQQAAAMCTZpT3wF/eyEZWi5MHEA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8Iaxt/f5/US+Nfn06Rf/3/1v1utT1o+XF8Ta//7jiAAAAAAAAAIAD9OJGNrKak/12t6i+83+papyu/j6Vt3Mni1nOhaxmIStZyXJmk0wNDNRaXVhZWZ4dYc9LQ/e89DmBTtRl+9HMGwAAAAAAAAC+YH6Vq1vf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFFQJMd6RYq7A6un0mgmmUzSKlesJf/s159k9w87AAAAADgAE8lGVnOy3+4WOZ3kueozgMm8ndtZyVJW0sliblSfC/Te9TfW78111u/N3SqX3eN+/z9jhVGNmN5nD8OPfLbaop3XslStuZDreTOd3Eij2rN0to6nP+pAXJNJ7pYxFd+rjRjZjbosZ/5+Xe7y3liT3cuYH6ZMVRk5vpmRmTq2MhvP9M/MsDM0dArjHGk2jc1gT+84Uiv5rNtTdk88SM5PDAT6u90BXxs3/od3vC53ZuLSwKPvuf1yXvr6X/7005m6PvY5OGTH6rI6qWnvzsTcQCaeHyUTNzvlmHfOP2mZ2GWmysSZzfbV/Cg/yflM55UsZyk/z0JWspjp/LCqLdQnvxi45PfI1JVtrVc+L5JW/QjtnazxYnqp2vdklvLjvJkbWczL1b9Lmc23czmXMz9whs/sf4arO21jj6u++6WhwZ/7Rl1pJ/l9XR4NZV6fGcjr4D13quobXLOVpVMjZGnMe2Pzq3WlPMav6/Jo2JmJ2YFMPLszE5Pbdv1DdVu507n9xvLNhbdGO9yp9+tKeR39Npk+3BtJa0f9VHmyqtb2R0fZ9+zQvtmq7/RmX2NX35nNvv5c97pSW/VruN0jXar6nh/aN1f1nR3oG/Z6C4Aj78Q3T7Ta/27/o/1h+zftm+1rkz+Y+M7EC60c/+vx7zZnjn2t8ULx53yYX269/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7cnXfefWOh01lc7lVaSapKt9t9b3vXuJVmfYQH3P0hKpn+11PlkYd09X/O7ADj+crTycHN/ahW/tvtdus1xR7b/PFvRyZR9Q8Zdo9E6satbDya4A/vngQcjIsrt966eOedd7+1dGvh9cXXF2/PX748PzN/+eW5i68tdRZnen8PO0rgcdh60j/sSAAAAAAAAAAAAIBRHcR/SzjsOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPtqvn07yfIrMzF2bK9vq9uU659OtbWzaTNJIUv0iKj5J2v2NqYLhir+N8sDT/6sefrn+yNVazv31jv/1Gs1YvmU5yrFfefVTjXa/LfRX7TaHYnOGVJOfqEg7d/wIAAP//7lANsg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x101) utimensat(r3, &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000300)={{0x0, 0xea60}}, 0x100) 1.672477278s ago: executing program 2 (id=1971): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x17, &(0x7f0000000080)=0x1, 0x4) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff003, 0x4, 0x7f, 0x1}, 0x48) io_setup(0x201, 0x0) io_submit(0x0, 0x0, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) io_submit(0x0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x7, 0xe, r7, &(0x7f00000007c0)="23ab8d6ff8d64ba36462fde71bd3bbd782c5520762cceecdb5369d550b3d5ca55845cafcc0265ee853fa1cda9091fde7271e68bc1f2e1e794e57785646f0f78ef812f7c8fe4f6304a79d031e49992d6a8817bf4714236e48bf43c00868e7555c5ef88be18edfa081211868a1cd9c0c53f013217ec0349d1894039606715c044b6973b9e76d2784b700bbcf75b153f1b96667d1a3d63073ab9f75a077796e4c68817cb70e73d1fde5206bf50aabcc031b5e6f541b75add8936da769c551e7ab271ce50fa2cd4f8f45f1b0f4f600b512e2f5b4ed5fc957bbec85ef6308d4392842053cfba1d5d4008855239cf379f8989963a41cd4c4f6d08351c746bff199fdacebc5c30cbef4cdd05b5167a8266d6628b629d6e1870d03b3183bf0f5cd0aa327ce78358ccc5bc0f3df151ec9cca432f84968cb194eb19f29b54182c2b47b2f90374beb54a4a9c7e5d300724b483154d8bab93e2478fa17112b24518abace4f71680b6e06bba00f5d365af012004fccbf1220cd0190acdff8b85d3856ffa7a02b4e88bba02159702510a35e8b87cc69748b459cf00eba20c955abfd131300dd890654e4e866e6ebdb5947362afe07a7c1cfc98ca73e999e788ca2dbdd260a35c39f3dfd32d0cbc418ef7500b7992d9e0ffd8fddce175dee3e2212264395bfa927aaa6cb0bb2c08a492dbcd11f418a0bf85b6e71fcd7c2ada4612f78a59157431e2af270532e10d3c158a6d93a92408b3c22fbc7efd813825af8c00fa08f8b2d168646937cd14f73c7cec93b8fbeb71986d283f390d4ad4c0244706ea963ed8c509a7c6ffd8e207c5b9ee20eb94d2b1c3696bcdac5b4dbc4a7825013514396e67884482837fbc39d7b73280c6d5e75a6d237ba13d1d3a96dc493d3b0fb4f5cf42505dd1c8d28ee9532f2d537c9e7fd8ec74ab745dbcf40d2be7c89faa47c7f5b6286830e9a3f72bfc86658ca47ad416b66a0c59cf80cd42faa1e19509e11546406ba5aaa1a86df1abf91f444a979335d25d6c1bcbd676ee4581b857b72149e780782b7774bf69c15effaf287d7968779108e7c49a13c266b2abfce334a8d8ef28c74127de4cdd5a8cd10573a24719572a28e7e0de50106a34169c26b2a223d68a721319d943f6758730aedb70f56a16e23ca73a55cd38c3cf9b631d110c9e7fa1fc2ce24c864d535a226e063e7a1fb86f0f4b65033f35fa4cd22e5a200524ad807fb59c998b981ab1ff8e9f939beaabf9ca15b29b044fe77b6b7631dd977019d754a6d47df2c949d4cdab29d7ca081553e8dd0f76b3ec7174a747598eb44178dc512350cea849626a6bfefd543d6d157151cc5a786945783eaedb7e38415fdb3d3720fcc57991b3166050f2c50eede147726875c3ac766d8d31cca4b4350195eacae9262dd17d793f4fc7a11033e7e13044d1ea7860516656a9af8069bd874107f657365b0882701c571f5f83252354fc25500babc7d6b4e356feb35612ea75812df8bb1deb1c51e93b669790557c04c6636ff00b5f22ea57b8631304cceffc919c9957f581d5ed569b58750139ad4df558e34cafc8b117a97d29e86f43fe51ab0e2640a7e43c720fc74fc203540dd87fb03c349a1ac3cdca4e0088989c5ebc045e235d7fa00b8c6457ff3f3dc9090876ff83efd1c8d7997e2bd495b00692cd2efbafccd858bbb23b62d822ee517604d2482edfac0c6483da8f7d24018d9bc49dc5d44fca34a31d3f613f92441fabccfea8e85e09f0106e0c539b50a7bade2031954431584295c98cba854933241dfe1a963f36d321dea96107ef61e8e8299e19a875bb9e7f8c4dfcbc3653fb3dc43dab144016b7185b7d120dfc2940a86b63b0a1c001b419c982adf29b394ae948ccc2fd49c49184c951e3a1932dc8ea4d0c8cf1dae4bf651081da06e0e08c7d3471058951337bb7e89899437e9d2dea28d6154680b1897d234df8aef0dc2f889b287a82fef4a0b85e7088abee0264372a984a82ca058890804b0e6919717df2b340f8bb98792ab873cb17c775003bdc38bb04a3d1d0761f1c21bbdc32031fdfcf01cc7a60a30c1e52f89469cd082812ff068497d4b86b44271683691f10cffc39959eb3787f540a2c2e78a5a31d29c4297321a58d5650d349f52ba78d732aafd022090e94baf534b41a70c404040d74acea5f4de6fdef2c8439156005439f55fdaaffe5f2ee24d3f7bafcc83a6ea55b08f164dc11059048cb71dd72f0b1382e89a2d6291793ae2a7746b47a975f7e5c8f3387ac1367960efe08a1ab42b351b0db7d415eec534500db673b89874a9e13be4c675cbfac3bfe2804efa8a301b2414f24fb65522c7960220694e76246ef19fe2c56733e0cefcd0a47bbef438e67e04bf0fbba82c554bb7ae803618c1e3e5dff44ed82039e0af0a5da66604c8649d92a3e03e7e071a93736b5aed5c491571e216a1ff2cb0897488062bfd42bd05c35eb6eb6b0cc7ec32f11e16483f1b7ad2eb83de3c200f82f5f86808677d4e0d632cca062a5855f1f286cb820f04d3d79cd7cff2db8db7d13a0e6ff7d58f6f25573898f327e2d92fa43a06ec8829406c13b2a8b60d425bd22d7f1272c2c6a8e8e411807aa4d3a1b05b0b6c7d578d3a86c065ebb482a6a6fd643f4040149c3da839c4aa9c9c6e2f69974b86f00911d3b9b7b5ee525b71a7ac2c15ec82361ed727862416960b77376c4977b4a12dbd1f3aa2db50fc6cb67064632e2dff93020bd2037e6b1199037df81a92efde94f0d0c68a4ecc8f2d6af323a753d54eee452188b72df04de4ec58f45f3993f2de50d6a6062af3f7494a979fecc752f649fb1e419f2369bed0ef76bb0e5c9090eade6801786de35f180c6550f437a105a7df56fba507fa0e98c4b3bb0931aae480b7810bd1eedd14444860b7e3b5a188453035d0d38df49698e5bd78b66a98b594a512f05548a1e17172688e7216a33d7e7a363f2fac0b94ee94379c74f0679dccf498442b7b449ad27a38afe4fa5e27f52ec0e484c2867c9dcd56fa49a5e64c8054dc15f208699e7b0b4c2131dbdcdcf05d4ac8199264ecb18a53f5eba8c4b905dd082cd8153b63571cd03cf800958cd138d0a2233c08b38ee5f1530bd89a75a908faf09bf7b6e5d3d07ddde8fb1d0993c026ebd44223e27ef29e43305dc68ee662ee02c49bf46519dfb018d7e0878e7c0e6cfbbaf87aaa4c6c122da10c30a16c6e6910e081e9d0f2b0bd738cb2d74f8422c4e705387c9f074561b008a3b7d81d69c23cdb9a55d32fd1a463c667d711e9481c1f9d75cf1b934c62f32a4e0f8fe48f45a6b3ea2ef3c2496e3100bc9695f752abd54e0c330cee385f9a7f902ceb7c99f5082bb38b47b5fe172d95dcf8ce1b1a02fc71f5826ef3276c2b35af7d6e2bc9055cbc53b56109549f9109b89cbbdcef7a344d8afb9081553bf15c38c8640631ca5d7bc248722f0c5c8174fe1a877faec5ec3e5890e036f9cc2b47657dec1a0bbf90070ff08a5935e355924b18ae11e6b033b445935354023a14296feb261a6679dea0c3957f53269ecb591de0fdacbe8a7527da32ffdc504bf98f8c81b44c9c480ed60af4e661bdd0765ccf0cc4a477416d8e4b9383d370a9d8067b916c4054e94f35d2c8a909fa680904ddf1a61d3ef27a69cbe739bf88c6039c5959b561c0ee2249916d18662aeb4ebb7d45598a03d0e5ca1ca9fee239047d8d914d80745f532342326b4c19538953d12095d4cad3959b0f25c2230b68b9215e3fc178869c26d3eb4e0ac7b654df4fe0d738c29e6199d9e9b0ea4e47c7cc56fba16d3161eee0d07cee6c6c03e9e4ad07ff7646df3c71fa098756370767a9d071db9ce67b18f2f06882f2625a6fa8b126a58d721bdaf044538d8b8e58b02f2dfa79989903edfba23b1ee40f5ea1246bf0054cdc84652f937005b04609a71b8a731dd6e5dbb4ea628b633e891cad8c43f9251953ed1c3e6c4bdfbd83cc5310db4ef644b5cc9f67dc6445316653504e91d32385252c6740bd9259b4469ba83e9866ca6bd8090c41b6165e30001870a09ee323e8d6c3cdbba91bc43bb98478578d5beb1eb1c7f414b166b3ed9cae9fad913064e0d1a23947595cbfd173917a0491f789f9b33d8d0f703665f8f2f5b0cc7f883550aac0a2bbc349bb6a9d131947099ef0671c51e4074dc317a3ad97b6f8cd13913765830cc42fdcb0fb5aa46283633e34eaf3dfd4449cad95ce0b351e943ead6aaab7017d1463e6ebf1e68ac69ade60a413b83b2136ac9709ef95e3f84139e6973575897d21492d37ae65649a9280a4b86a520e4ec2ab55b977e053662890888da55694a1a129ba1b437483e8d9d4a97712335eadad467b3c6917b8afa9a32767a5559c7dd31c21f79886698e657700bf4aa08ba645e18027d8076c3a7397b546c8189793816890485e0d516369302b65d834720cdc91b410aa9c7755eeb45c67b0c3290961a2fdf936c10c5777b30cc1d121268b887c2b2469db6ef984086fe92f16f22f08793b1d9eb87abcb368d9e1eab16aafc50554b6d3d0c8fe670287e349f22022c9d16a6c1686e79c33855e6011abc5d730076148fc14ae2eb65584d408b5c6757054c170b9da74ee40f37d6ee33054275100b2f1b2a83a69167bb69866b21ad5fb205d8257365caf4e3cdb54c99663694e9e3899a3b24e49489a7f1bfe498e7f48cc32abf07e47fc379a6c2474216f869109acad7e9ee32b9a007a36e92d0d4ff101d406cac2c7e8dda31dc001a843981f0f3a0607f7278ef9567c4c9cce05bb39b5e7306ee2af88c4e7b58c2ca3cc81f60ccbced27abbdea7635545b8c651b1782771729376f088303daaa01d7c6290e5c5e82f608a125ae94bd692e6fd8866481bd6df6a0583ac92ead3dbc2392233e51ed76c1eb7281a5b978cc2b8ae7f2659e0ca907058481f8cc3eea69511e635d330855708c526942d63ea3f31b4e40c308cc733bc8d8fb2bfadde7e874543d6e5a6b9ba62ae8a406ec828cd18a4d210eb9abb1c8fc5c18273b46b1db5b8972222be38012feeec547c61cd12b94da228982b4e34f44715d2ad86ce6a0ede1ed31cf66100b7259ddc3ae40516dc769e84ea78f59d9408657e0afaa48eef254f44fc890ac39cadba0921c33b52358a2664e14d46e96b6c92ba0e9e0ee69faa1cc8668f6e5f10c148d7184d755be3c0446eabb1280f43556395b351da67781774fff8f363da8a4c26992b58a550f6b9f935ad07bd80b5ca1877d1ea0a203272a4cd48c943aee7d73ff74447319bf359cda39c7666367a701b924a86fd65f72abb5bb70df0742de7ae37d3e82b9e69be1a48d7d12abb18151c9d473a24bc60573f6d895cb0300f2a8713bb2f960e9479754b4f21c45873dc6b3ea848aa137f8353971640518fec57c42984fb98b50fd6db61f38c2b4e87168a1fdadbc1dfbe7e24d230fa734b48a275cb27325ad720d5538e28de671bdb2b14ddcfb852e846309ef0849c69a745ce727bf9c0930b4109fa4a65590b61faf85d0945fc1705e999f474031ae6e99bbab5da548eba0d2f2e2a6594983b5fdd58be80728471ea7c5347d678575ea6ad2781fd952d87c39586666600ccfa2e9d5234033d4918a6f839511944e70dc478dc5812ce4d37a6ee382edd832ffab190965f04dffad45e3fc0dbc3b0684539b0364ec2f5a0cbb52c48dc3383287f84eb1d6fdf757e89481bcb4f000dbf008b462a6f06e91ecc0bbae8be88895f3b1b3593d719fe8e0a5847b6ac5b69278ee30f9cf7c6d6350b63c1fea9ad78e0d0c1e83577", 0xff0, 0x1000, 0x0, 0x1, r0}]) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r6, &(0x7f0000000140), 0x0}, 0x20) 1.642484078s ago: executing program 0 (id=1972): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201}) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x389, @any, 0xe, 0x2}, 0xe) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x40400, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) open(&(0x7f0000000080)='./file0\x00', 0x551083, 0x28) r6 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) unlinkat(r6, &(0x7f0000000040)='./file0\x00', 0x200) ioctl$TIOCGICOUNT(r2, 0x545d, 0x0) 1.590432229s ago: executing program 5 (id=1973): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)=r1}, 0x20) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10) 1.49944479s ago: executing program 5 (id=1974): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x2018886, &(0x7f0000000680)=ANY=[@ANYBLOB="666c7573682c73686f72746e616d653d6c6f7765722c696f636861727365743d69736f383835392d332c74696d655f6f66667365743d30786666666666666630303030303000303030303030303030303030353433312c6e6f6e756d7461696c3d302c7379735f696d6d757461626c652c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c0000000000000000000000000000000000e155d1b4cee927a357abb4d115bb79f910607ea652aefc1cd7dc2712f7c9a4ce522ed223fbdf4beca0b19d00f56e0ec4bbc241d324493c8b478ea8ad5d8051584e32b269a1fe9b1003a9bafe8b3ce7b1834b7cca2892d8df226ac47bfe676aa45bc26895ab164324ea01a44afa7fd6b06b33079fdbcc7bdcfbffffffffffffffb05676b683bc7484683a80a51e748562066c425fa05641170020747d688f6d07f909c7733dc72eee426108eb11c55856eb26f84c5685d36ab4ee2ea8690d6eebd49cd14c307502c340d35c6ee9fde1218cf45207255fe4653227f95cf9af08743251a892a0865a9ada9506076b264c28fed665666e3b1ba0f22203fbb755ebd70c75d1c894e2c9aa779d7929bd2109db905fc146840342400a12b2f9a910463ebb52402876002abe0dd081baee5d25f39725b8b79e7cf06e9c5b9feb9b"], 0x5, 0x337, &(0x7f0000001240)="$eJzs3U+IG1UYAPBvdrJJu1CzB6HoKXoTZWlXPOhpi1Qo9KBIUPFisOu/TSxsILBFmuYkHhUvgp689aDHnsWDiDcPXq0g/sGLx4rFkWRmM5NNulYxWxZ+v0P5+N735b2ZvG6y7O7LK1uxc2k1smHkaltPb8WtJNZjJdIidy2qVgIAON5uZVn8nuX+ufqDtaNYEwCwXJPX/9dPlYnGvVwNAHAU7vL7/2cXZi8vbVkAwBLNvf4/PDNcn62uTX8nAAA4vp5/KUvyqHUiovfuoD1ox1Pl+LnX4s3oxnaciWbcjsjfKOTvFsb/PnPh4vkzrbGf16M97hi0I3rDQTt/p3AunfQ34mw0Y73oz6b96bj/7KS/FRHXhpP5o5cM2quxVsz//Vpsx2Y04/65/ogLF89vtooHaPf2+4cRozixfxHj9W9EM759NS5HNy7FuLdc//RHHpX+wfXGpA4AAAAAAAAAAAAAAAAAAAAAAJZhozW1HieLZFae37OxURmvno/TzkuL84FG+flAWWP/dJ730oPnA82ezzNo13ySIAAAAAAAAAAAAAAAAAAAABT6e/XodLvbu/29KzvVYFjJvP31Z1+ejIM1b6VlJmr5w83UFLmodKUxbc+m7Vk6U1MEaURZfP3GdMXVmsb0Kubax0Fjbigp1tTpdk899OPHi7r+KjNpzN2W2SAp5q8M9e7LU4d03TnYLDOtiPnZb2ZZdqf2qx9NgqQ6FElEbe6J+z+Cr35644HH+6efmGS+KA59eOSx5gs3P/z0151ON4pb0+3Wd/u3s/88V1rZP0lxn5MFO2FxMCozo93+Xif97rcXH3z/mwPFablJ6sVDj4eyfPbJVTx6yE74/GCmngfJomdwQbC6YPMvDl7+c7p7Dyte8L/pnbhy+pOtzo2rP/xyt3e+8kViJWL/+QQAAAAAAAAAAAAAAAAAAJan8rfi/8KTzy1vRQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw9MrP/68Eo0qmHn9kudma+aAxjPmhxvZu/15fIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B0AAP//DW5orQ==") mount$tmpfs(0x0, 0x0, &(0x7f0000000f40), 0x89, &(0x7f0000000100)={[{@size={'size', 0x3d, [0x25]}}]}) 1.313148114s ago: executing program 3 (id=1975): socket$netlink(0x10, 0x3, 0x3) 795.590554ms ago: executing program 5 (id=1976): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000ac0)={0x3, &(0x7f0000000a80)=[{0x40}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x16}]}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000003180)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000c00)="26f2d136", 0x4}], 0x1}}], 0x1, 0x0) 622.024328ms ago: executing program 2 (id=1977): r0 = fsopen(&(0x7f0000000100)='9p\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) 595.860628ms ago: executing program 4 (id=1978): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x81}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) connect$unix(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) 422.339572ms ago: executing program 0 (id=1979): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000012850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000084000000b70000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b807200500000000", &(0x7f00000004c0)=""/18, 0x1004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x23) 407.860122ms ago: executing program 3 (id=1980): syz_usb_connect(0x3, 0x2d, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x24, &(0x7f0000004200)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x550c, 0x0) 383.449012ms ago: executing program 5 (id=1981): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffc}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000", @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r2, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) 233.216795ms ago: executing program 2 (id=1982): socket$nl_generic(0x10, 0x3, 0x10) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x842, 0x0) syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000340)='./file1\x00', 0x1804810, &(0x7f0000000180)=ANY=[], 0x76, 0x682, &(0x7f0000000640)="$eJzs3c1vHGcdB/DvbDZrb1qCmyZtQJVqNRIgIhI7VgrmQkAI5RChqhw4W4nbWN2kxXGRWyHq8HrtoX9AOeSCOCFxj1Q4cIFbb8jHSkhceqk5LZrZWXttr93dvNhO+Xyi8fM888w883t+szP7pmgD/N+6ej7N+yly9fy11bK9fm+us35v7la/nmQiyVrSTNJIUnzW7XY/Sq4kxeYwxY5ylw+W5l/9+NP1T3qtZr1U2zf222+Heru1HavXqqXbaxxLMj3q/Idb6x+jHOf6Q49XbEZ+Jcm5uoRDdzxJd5uf/f3pzZ4B7WF7Tx5IjMDjVfSeN3eZSk7UF3r5OqD/zNs42OhGNzHidjtfQQAAAMCTZpT3wF/eyEZWi5MHEA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8Iaxt/f5/US+Nfn06Rf/3/1v1utT1o+XF8Ta//7jiAAAAAAAAAIAD9OJGNrKak/12t6i+83+papyu/j6Vt3Mni1nOhaxmIStZyXJmk0wNDNRaXVhZWZ4dYc9LQ/e89DmBTtRl+9HMGwAAAAAAAAC+YH6Vq1vf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFFQJMd6RYq7A6un0mgmmUzSKlesJf/s159k9w87AAAAADgAE8lGVnOy3+4WOZ3kueozgMm8ndtZyVJW0sliblSfC/Te9TfW78111u/N3SqX3eN+/z9jhVGNmN5nD8OPfLbaop3XslStuZDreTOd3Eij2rN0to6nP+pAXJNJ7pYxFd+rjRjZjbosZ/5+Xe7y3liT3cuYH6ZMVRk5vpmRmTq2MhvP9M/MsDM0dArjHGk2jc1gT+84Uiv5rNtTdk88SM5PDAT6u90BXxs3/od3vC53ZuLSwKPvuf1yXvr6X/7005m6PvY5OGTH6rI6qWnvzsTcQCaeHyUTNzvlmHfOP2mZ2GWmysSZzfbV/Cg/yflM55UsZyk/z0JWspjp/LCqLdQnvxi45PfI1JVtrVc+L5JW/QjtnazxYnqp2vdklvLjvJkbWczL1b9Lmc23czmXMz9whs/sf4arO21jj6u++6WhwZ/7Rl1pJ/l9XR4NZV6fGcjr4D13quobXLOVpVMjZGnMe2Pzq3WlPMav6/Jo2JmJ2YFMPLszE5Pbdv1DdVu507n9xvLNhbdGO9yp9+tKeR39Npk+3BtJa0f9VHmyqtb2R0fZ9+zQvtmq7/RmX2NX35nNvv5c97pSW/VruN0jXar6nh/aN1f1nR3oG/Z6C4Aj78Q3T7Ta/27/o/1h+zftm+1rkz+Y+M7EC60c/+vx7zZnjn2t8ULx53yYX269/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7cnXfefWOh01lc7lVaSapKt9t9b3vXuJVmfYQH3P0hKpn+11PlkYd09X/O7ADj+crTycHN/ahW/tvtdus1xR7b/PFvRyZR9Q8Zdo9E6satbDya4A/vngQcjIsrt966eOedd7+1dGvh9cXXF2/PX748PzN/+eW5i68tdRZnen8PO0rgcdh60j/sSAAAAAAAAAAAAIBRHcR/SzjsOQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPtqvn07yfIrMzF2bK9vq9uU659OtbWzaTNJIUv0iKj5J2v2NqYLhir+N8sDT/6sefrn+yNVazv31jv/1Gs1YvmU5yrFfefVTjXa/LfRX7TaHYnOGVJOfqEg7d/wIAAP//7lANsg==") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x101) utimensat(r3, &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000300)={{0x0, 0xea60}}, 0x100) 232.976245ms ago: executing program 0 (id=1983): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000010000000000000000000000850000004100000085000000d0000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 232.852245ms ago: executing program 5 (id=1984): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)=r1}, 0x20) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10) 34.373379ms ago: executing program 5 (id=1985): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0xffffffff, 0xfffffff9, 0x7fff, 0x16, "0062ba7d00000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) ioctl$TIOCL_PASTESEL(r1, 0x541c, 0x0) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0xff) 15.69923ms ago: executing program 2 (id=1986): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x2018886, &(0x7f0000000680)=ANY=[@ANYBLOB="666c7573682c73686f72746e616d653d6c6f7765722c696f636861727365743d69736f383835392d332c74696d655f6f66667365743d30786666666666666630303030303000303030303030303030303030353433312c6e6f6e756d7461696c3d302c7379735f696d6d757461626c652c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c0000000000000000000000000000000000e155d1b4cee927a357abb4d115bb79f910607ea652aefc1cd7dc2712f7c9a4ce522ed223fbdf4beca0b19d00f56e0ec4bbc241d324493c8b478ea8ad5d8051584e32b269a1fe9b1003a9bafe8b3ce7b1834b7cca2892d8df226ac47bfe676aa45bc26895ab164324ea01a44afa7fd6b06b33079fdbcc7bdcfbffffffffffffffb05676b683bc7484683a80a51e748562066c425fa05641170020747d688f6d07f909c7733dc72eee426108eb11c55856eb26f84c5685d36ab4ee2ea8690d6eebd49cd14c307502c340d35c6ee9fde1218cf45207255fe4653227f95cf9af08743251a892a0865a9ada9506076b264c28fed665666e3b1ba0f22203fbb755ebd70c75d1c894e2c9aa779d7929bd2109db905fc146840342400a12b2f9a910463ebb52402876002abe0dd081baee5d25f39725b8b79e7cf06e9c5b9feb9b"], 0x5, 0x337, &(0x7f0000001240)="$eJzs3U+IG1UYAPBvdrJJu1CzB6HoKXoTZWlXPOhpi1Qo9KBIUPFisOu/TSxsILBFmuYkHhUvgp689aDHnsWDiDcPXq0g/sGLx4rFkWRmM5NNulYxWxZ+v0P5+N735b2ZvG6y7O7LK1uxc2k1smHkaltPb8WtJNZjJdIidy2qVgIAON5uZVn8nuX+ufqDtaNYEwCwXJPX/9dPlYnGvVwNAHAU7vL7/2cXZi8vbVkAwBLNvf4/PDNcn62uTX8nAAA4vp5/KUvyqHUiovfuoD1ox1Pl+LnX4s3oxnaciWbcjsjfKOTvFsb/PnPh4vkzrbGf16M97hi0I3rDQTt/p3AunfQ34mw0Y73oz6b96bj/7KS/FRHXhpP5o5cM2quxVsz//Vpsx2Y04/65/ogLF89vtooHaPf2+4cRozixfxHj9W9EM759NS5HNy7FuLdc//RHHpX+wfXGpA4AAAAAAAAAAAAAAAAAAAAAAJZhozW1HieLZFae37OxURmvno/TzkuL84FG+flAWWP/dJ730oPnA82ezzNo13ySIAAAAAAAAAAAAAAAAAAAABT6e/XodLvbu/29KzvVYFjJvP31Z1+ejIM1b6VlJmr5w83UFLmodKUxbc+m7Vk6U1MEaURZfP3GdMXVmsb0Kubax0Fjbigp1tTpdk899OPHi7r+KjNpzN2W2SAp5q8M9e7LU4d03TnYLDOtiPnZb2ZZdqf2qx9NgqQ6FElEbe6J+z+Cr35644HH+6efmGS+KA59eOSx5gs3P/z0151ON4pb0+3Wd/u3s/88V1rZP0lxn5MFO2FxMCozo93+Xif97rcXH3z/mwPFablJ6sVDj4eyfPbJVTx6yE74/GCmngfJomdwQbC6YPMvDl7+c7p7Dyte8L/pnbhy+pOtzo2rP/xyt3e+8kViJWL/+QQAAAAAAAAAAAAAAAAAAJan8rfi/8KTzy1vRQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw9MrP/68Eo0qmHn9kudma+aAxjPmhxvZu/15fIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B0AAP//DW5orQ==") mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x89, &(0x7f0000000100)={[{@size={'size', 0x3d, [0x25]}}]}) 0s ago: executing program 0 (id=1987): add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0x20, &(0x7f0000000880)={&(0x7f0000000700)=""/196, 0xc4, 0x0, &(0x7f0000000800)=""/102, 0x66}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x48}, [@ldst={0x6, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x73, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r0}, 0x94) epoll_create1(0x80000) epoll_create1(0x80000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() iopl(0x3) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400000, 0x0, 0x0, 0x100) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): sses unique to avoid problems! [ 77.119904][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.139130][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.150704][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.161959][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.172015][ T4265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.182588][ T4265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.195951][ T4265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.218716][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.244834][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.264005][ T4265] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.278379][ T4265] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.287488][ T4265] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.296547][ T4265] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.320012][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.350855][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.402464][ T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.415938][ T4382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.425486][ T4382] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.448546][ T4382] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.523305][ T4382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.565970][ T4382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.596876][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.609174][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.611651][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.695672][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.940451][ T4283] Bluetooth: hci2: command 0x0419 tx timeout [ 77.946554][ T4283] Bluetooth: hci0: command 0x0419 tx timeout [ 77.954135][ T4284] Bluetooth: hci1: command 0x0419 tx timeout [ 78.023854][ T4283] Bluetooth: hci3: command 0x0419 tx timeout [ 78.029943][ T4283] Bluetooth: hci4: command 0x0419 tx timeout [ 78.409672][ T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 78.599714][ T7] usb 1-1: Using ep0 maxpacket: 32 [ 78.607508][ T7] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 78.620370][ T7] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 78.639633][ T7] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 78.647841][ T7] usb 1-1: Product: syz [ 78.652283][ T7] usb 1-1: Manufacturer: syz [ 78.656912][ T7] usb 1-1: SerialNumber: syz [ 78.685659][ T7] usb 1-1: config 0 descriptor?? [ 78.706362][ T4425] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 78.733653][ T7] hub 1-1:0.0: bad descriptor, ignoring hub [ 78.763969][ T7] hub: probe of 1-1:0.0 failed with error -5 [ 79.449716][ T4425] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 79.664337][ T4425] usb 1-1: device firmware changed [ 79.689323][ T4336] usb 1-1: USB disconnect, device number 2 [ 79.870321][ T4336] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 80.059800][ T4336] usb 1-1: Using ep0 maxpacket: 32 [ 80.067645][ T4336] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 80.102330][ T4336] usb 1-1: string descriptor 0 read error: -22 [ 80.108611][ T4336] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 80.139498][ T4336] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 80.167193][ T4336] usb 1-1: config 0 descriptor?? [ 80.192939][ T4448] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 80.202676][ T4336] hub 1-1:0.0: bad descriptor, ignoring hub [ 80.219569][ T4336] hub: probe of 1-1:0.0 failed with error -5 [ 80.569901][ T127] usb 1-1: USB disconnect, device number 3 [ 81.397060][ T32] cfg80211: failed to load regulatory.db [ 82.393360][ T4587] netlink: 28 bytes leftover after parsing attributes in process `syz.3.75'. [ 82.480041][ T4591] netlink: 28 bytes leftover after parsing attributes in process `syz.3.75'. [ 84.683088][ T4681] netlink: 28 bytes leftover after parsing attributes in process `syz.2.111'. [ 84.775129][ T4683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.111'. [ 85.774067][ T4724] netlink: 72 bytes leftover after parsing attributes in process `syz.4.126'. [ 85.791678][ T4725] binder_alloc: 4722: binder_alloc_buf, no vma [ 85.851322][ T4728] netlink: 72 bytes leftover after parsing attributes in process `syz.4.126'. [ 86.636233][ T4765] binder_alloc: 4764: binder_alloc_buf, no vma [ 87.979588][ T4336] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 88.179601][ T4336] usb 2-1: Using ep0 maxpacket: 32 [ 88.188100][ T4336] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 88.213681][ T4336] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 88.231949][ T4336] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 88.249398][ T4336] usb 2-1: Product: syz [ 88.259880][ T4336] usb 2-1: Manufacturer: syz [ 88.269126][ T4336] usb 2-1: SerialNumber: syz [ 88.306688][ T4336] usb 2-1: config 0 descriptor?? [ 88.329241][ T4804] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 88.341376][ T4336] hub 2-1:0.0: bad descriptor, ignoring hub [ 88.354322][ T4336] hub: probe of 2-1:0.0 failed with error -5 [ 88.733647][ T4823] netlink: 72 bytes leftover after parsing attributes in process `syz.0.161'. [ 88.764287][ T4823] netlink: 72 bytes leftover after parsing attributes in process `syz.0.161'. [ 89.058551][ T4833] 9pnet_fd: Insufficient options for proto=fd [ 90.019129][ T4868] netlink: 48 bytes leftover after parsing attributes in process `syz.0.177'. [ 90.060911][ T4868] netlink: 48 bytes leftover after parsing attributes in process `syz.0.177'. [ 90.817209][ T4894] netlink: 48 bytes leftover after parsing attributes in process `syz.3.188'. [ 90.899918][ T4343] usb 2-1: USB disconnect, device number 2 [ 90.915130][ T4898] netlink: 48 bytes leftover after parsing attributes in process `syz.3.188'. [ 91.609703][ T1175] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 91.799759][ T1175] usb 4-1: Using ep0 maxpacket: 32 [ 91.806710][ T1175] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 91.825306][ T1175] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 91.835307][ T1175] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 91.843750][ T1175] usb 4-1: Product: syz [ 91.848128][ T1175] usb 4-1: Manufacturer: syz [ 91.852889][ T1175] usb 4-1: SerialNumber: syz [ 91.859670][ T1175] usb 4-1: config 0 descriptor?? [ 91.865288][ T4923] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 91.875366][ T1175] hub 4-1:0.0: bad descriptor, ignoring hub [ 91.881525][ T1175] hub: probe of 4-1:0.0 failed with error -5 [ 92.503240][ T4963] input: syz0 as /devices/virtual/input/input5 [ 92.733896][ T4968] 9pnet_fd: Insufficient options for proto=fd [ 94.576587][ T4315] usb 4-1: USB disconnect, device number 2 [ 94.805435][ T5041] 9pnet_fd: Insufficient options for proto=fd [ 95.138890][ T5024] syz.4.233 (5024) used greatest stack depth: 20680 bytes left [ 95.829697][ T5074] Zero length message leads to an empty skb [ 95.939590][ T4336] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 96.147720][ T4336] usb 4-1: Using ep0 maxpacket: 32 [ 96.155295][ T4336] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 96.217925][ T4336] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 96.249796][ T4336] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 96.282932][ T4336] usb 4-1: Product: syz [ 96.297492][ T4336] usb 4-1: Manufacturer: syz [ 96.302152][ T4336] usb 4-1: SerialNumber: syz [ 96.339401][ T4336] usb 4-1: config 0 descriptor?? [ 96.361036][ T5068] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 96.385330][ T4336] hub 4-1:0.0: bad descriptor, ignoring hub [ 96.426503][ T4336] hub: probe of 4-1:0.0 failed with error -5 [ 96.816851][ T5114] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 99.063043][ T32] usb 4-1: USB disconnect, device number 3 [ 99.347143][ T5202] netlink: 'syz.1.288': attribute type 6 has an invalid length. [ 100.705346][ T5263] 9pnet_fd: Insufficient options for proto=fd [ 102.452746][ T5329] capability: warning: `syz.0.331' uses deprecated v2 capabilities in a way that may be insecure [ 102.593792][ T5337] 9pnet_fd: Insufficient options for proto=fd [ 103.160757][ T32] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 103.390024][ T32] usb 5-1: Using ep0 maxpacket: 8 [ 103.419290][ T32] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 103.434123][ T32] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 103.727905][ T127] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 103.773210][ T32] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 103.788943][ T32] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 103.798980][ T32] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 103.812476][ T32] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 103.821659][ T32] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.951922][ T127] usb 1-1: Using ep0 maxpacket: 32 [ 103.968991][ T127] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 104.019413][ T127] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 104.048386][ T127] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 104.056617][ T127] usb 1-1: Product: syz [ 104.067533][ T127] usb 1-1: Manufacturer: syz [ 104.105132][ T127] usb 1-1: SerialNumber: syz [ 104.121815][ T127] usb 1-1: config 0 descriptor?? [ 104.130795][ T5362] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 104.145348][ T127] hub 1-1:0.0: bad descriptor, ignoring hub [ 104.151299][ T127] hub: probe of 1-1:0.0 failed with error -5 [ 104.378866][ T5362] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90 [ 104.540595][ T127] usb 1-1: USB disconnect, device number 4 [ 104.569765][ T5389] 9pnet_fd: Insufficient options for proto=fd [ 104.662404][ T5393] usbtmc 5-1:16.0: simple control status returned 10 [ 104.878478][ T127] usb 5-1: USB disconnect, device number 2 [ 106.229107][ T32] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 106.459110][ T32] usb 4-1: Using ep0 maxpacket: 32 [ 106.481272][ T32] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 106.512108][ T32] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 106.556335][ T32] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 106.571533][ T32] usb 4-1: Product: syz [ 106.576149][ T32] usb 4-1: Manufacturer: syz [ 106.586955][ T32] usb 4-1: SerialNumber: syz [ 106.608615][ T32] usb 4-1: config 0 descriptor?? [ 106.614235][ T5439] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 106.625506][ T32] hub 4-1:0.0: bad descriptor, ignoring hub [ 106.633309][ T32] hub: probe of 4-1:0.0 failed with error -5 [ 109.271385][ T5575] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.408011][ T5575] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.502877][ T5575] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.623949][ T5575] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.785612][ T5575] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.818488][ T5575] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.879248][ T5575] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.904462][ T5575] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.604751][ T5620] tipc: Started in network mode [ 110.610006][ T5620] tipc: Node identity 027ac612184, cluster identity 4711 [ 110.617941][ T5620] tipc: Enabled bearer , priority 0 [ 110.625994][ T5620] device syzkaller0 entered promiscuous mode [ 110.692652][ T5620] tipc: Resetting bearer [ 110.726704][ T5619] tipc: Resetting bearer [ 110.759217][ T5619] tipc: Disabling bearer [ 111.389057][ T32] usb 4-1: USB disconnect, device number 4 [ 112.082546][ T5656] sp0: Synchronizing with TNC [ 112.120356][ T5653] [U] è [ 112.900071][ T4343] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 113.135629][ T4343] usb 1-1: Using ep0 maxpacket: 32 [ 113.146843][ T4343] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 113.180019][ T4343] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 113.215756][ T4343] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 113.241305][ T4343] usb 1-1: Product: syz [ 113.252103][ T4343] usb 1-1: Manufacturer: syz [ 113.266450][ T4343] usb 1-1: SerialNumber: syz [ 113.283636][ T4343] usb 1-1: config 0 descriptor?? [ 113.304566][ T5694] netlink: 'syz.1.475': attribute type 1 has an invalid length. [ 113.317729][ T5671] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 113.333453][ T4343] hub 1-1:0.0: bad descriptor, ignoring hub [ 113.358011][ T4343] hub: probe of 1-1:0.0 failed with error -5 [ 113.392885][ T5694] 8021q: adding VLAN 0 to HW filter on device bond1 [ 113.419507][ T5696] bond1: (slave wlan0): Opening slave failed [ 113.502357][ T5694] bond1: (slave vlan2): making interface the new active one [ 113.522809][ T5694] bond1: (slave vlan2): Enslaving as an active interface with an up link [ 113.531864][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready [ 113.792775][ T5714] binder: 5712:5714 ioctl 4018620d 0 returned -22 [ 114.097341][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.105724][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.114055][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.122352][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 114.130638][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 114.139334][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 114.147612][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 114.155891][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 114.164174][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 114.172448][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 114.605247][ T5743] syz.1.494 uses obsolete (PF_INET,SOCK_PACKET) [ 114.693705][ T5745] binder: 5744:5745 ioctl 4018620d 0 returned -22 [ 115.649488][ T5783] binder: BINDER_SET_CONTEXT_MGR already set [ 115.679631][ T5783] binder: 5782:5783 ioctl 4018620d 200000004a80 returned -16 [ 116.327250][ T5821] tipc: Started in network mode [ 116.332511][ T5821] tipc: Node identity 4a60ae086cc8, cluster identity 4711 [ 116.339811][ T5821] tipc: Enabled bearer , priority 0 [ 116.348349][ T5821] device syzkaller0 entered promiscuous mode [ 116.378520][ T5821] tipc: Resetting bearer [ 116.388931][ T5820] tipc: Resetting bearer [ 116.412236][ T5820] tipc: Disabling bearer [ 116.520579][ T5823] binder: BINDER_SET_CONTEXT_MGR already set [ 116.526784][ T5823] binder: 5822:5823 ioctl 4018620d 200000004a80 returned -16 [ 116.535037][ T4336] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 116.748769][ T4336] usb 3-1: Using ep0 maxpacket: 16 [ 116.755857][ T4336] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 116.785046][ T4336] usb 3-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 116.819947][ T4336] usb 3-1: config 0 interface 0 has no altsetting 0 [ 116.830334][ T4336] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 116.867025][ T4336] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.875080][ T4336] usb 3-1: Product: syz [ 116.880162][ T4336] usb 3-1: Manufacturer: syz [ 116.900506][ T4336] usb 3-1: SerialNumber: syz [ 116.917590][ T4336] usb 3-1: config 0 descriptor?? [ 117.150191][ T4336] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6 [ 117.379712][ T4336] usb 3-1: USB disconnect, device number 2 [ 117.610754][ T5857] binder: BINDER_SET_CONTEXT_MGR already set [ 117.633713][ T5857] binder: 5856:5857 ioctl 4018620d 200000004a80 returned -16 [ 118.031049][ T5874] tipc: Started in network mode [ 118.036108][ T5874] tipc: Node identity 925d6c98d5f3, cluster identity 4711 [ 118.044003][ T5874] tipc: Enabled bearer , priority 0 [ 118.051959][ T5874] device syzkaller0 entered promiscuous mode [ 118.084392][ T5874] tipc: Resetting bearer [ 118.093366][ T5873] tipc: Resetting bearer [ 118.124053][ T5873] tipc: Disabling bearer [ 118.133220][ T4343] usb 1-1: USB disconnect, device number 5 [ 118.215587][ T5879] netlink: 16 bytes leftover after parsing attributes in process `syz.0.544'. [ 118.489834][ T5892] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 118.905027][ T5911] bond0: (slave caif0): Error: Device type is different from other slaves [ 119.100460][ T4322] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 119.146022][ T5922] binder: 5921:5922 ioctl c0306201 200000000000 returned -14 [ 119.324958][ T4322] usb 4-1: Using ep0 maxpacket: 32 [ 119.331988][ T4322] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 119.355153][ T4322] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 119.375270][ T4322] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 119.395765][ T4322] usb 4-1: Product: syz [ 119.400319][ T4322] usb 4-1: Manufacturer: syz [ 119.404932][ T4322] usb 4-1: SerialNumber: syz [ 119.429753][ T4322] usb 4-1: config 0 descriptor?? [ 119.443835][ T5906] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 119.451603][ T5931] tipc: Started in network mode [ 119.457191][ T5931] tipc: Node identity 7e73a25526e2, cluster identity 4711 [ 119.465825][ T4322] hub 4-1:0.0: bad descriptor, ignoring hub [ 119.471775][ T4322] hub: probe of 4-1:0.0 failed with error -5 [ 119.485421][ T5931] tipc: Enabled bearer , priority 0 [ 119.510226][ T5936] device syzkaller0 entered promiscuous mode [ 119.607811][ T5930] tipc: Resetting bearer [ 119.624181][ T5928] tipc: Resetting bearer [ 119.689316][ T5928] tipc: Disabling bearer [ 119.743264][ T5948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.787062][ T5948] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.795613][ T4283] Bluetooth: hci5: command 0x1003 tx timeout [ 119.795950][ T4284] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 121.847923][ T32] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 122.061823][ T32] usb 3-1: Using ep0 maxpacket: 8 [ 122.073829][ T32] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 122.092833][ T32] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 122.115199][ T32] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 122.125069][ T32] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 122.146080][ T32] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 122.179959][ T32] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 122.215301][ T32] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.292027][ T4343] usb 4-1: USB disconnect, device number 5 [ 122.671459][ T4343] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 122.880595][ T4343] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 122.898111][ T4343] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 122.916390][ T4343] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 122.937232][ T4343] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 122.995335][ T4343] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 123.017478][ T4343] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 123.038837][ T4343] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 123.057576][ T4343] usb 4-1: Product: syz [ 123.062026][ T4343] usb 4-1: Manufacturer: syz [ 123.073464][ T6061] usbtmc 3-1:16.0: simple control status returned 10 [ 123.101635][ T4343] cdc_wdm 4-1:1.0: skipping garbage [ 123.107016][ T4343] cdc_wdm 4-1:1.0: skipping garbage [ 123.123019][ T4343] cdc_wdm 4-1:1.0: cdc-wdm1: USB WDM device [ 123.129128][ T4343] cdc_wdm 4-1:1.0: Unknown control protocol [ 123.292093][ T4343] usb 3-1: USB disconnect, device number 3 [ 124.178489][ T4322] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 124.381642][ T4322] usb 1-1: Using ep0 maxpacket: 16 [ 124.390908][ T4322] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 124.409280][ T4322] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.426437][ T4322] usb 1-1: Product: syz [ 124.430646][ T4322] usb 1-1: Manufacturer: syz [ 124.447691][ T4322] usb 1-1: SerialNumber: syz [ 124.461623][ T4322] usb 1-1: config 0 descriptor?? [ 124.921127][ T4322] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 124.970346][ T4322] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 124.981468][ T4322] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 124.989944][ T4322] usb 1-1: media controller created [ 125.017782][ T4322] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 125.136494][ T4322] zl10353_read_register: readreg error (reg=127, ret==0) [ 125.162398][ T4322] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 125.179247][ T4322] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 125.220363][ T4322] usb 1-1: USB disconnect, device number 6 [ 125.273682][ T4322] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 125.625101][ T4322] usb 4-1: USB disconnect, device number 6 [ 126.126404][ T6135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.637'. [ 126.162508][ T4322] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 126.402193][ T4322] usb 4-1: Using ep0 maxpacket: 8 [ 126.416964][ T4322] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 126.435767][ T4322] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 126.455632][ T4322] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 126.476527][ T4322] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 126.487846][ T4322] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 126.507964][ T4322] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 126.519415][ T4322] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.729809][ T6165] kvm: MWAIT instruction emulated as NOP! [ 127.323200][ T6189] fuse: Bad value for 'fd' [ 127.360320][ T6190] usbtmc 4-1:16.0: simple control status returned 10 [ 127.576068][ T4376] usb 4-1: USB disconnect, device number 7 [ 128.177062][ T4283] Bluetooth: hci5: command 0x1003 tx timeout [ 128.183423][ T4284] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 129.200570][ T6266] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 129.916565][ T6304] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 131.386808][ T6378] binder: 6377:6378 ioctl 4018620d 0 returned -22 [ 131.449399][ T129] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 131.684464][ T129] usb 3-1: Using ep0 maxpacket: 32 [ 131.692285][ T129] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 131.721482][ T129] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 131.762566][ T129] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 131.799912][ T129] usb 3-1: Product: syz [ 131.811242][ T129] usb 3-1: Manufacturer: syz [ 131.816150][ T129] usb 3-1: SerialNumber: syz [ 131.845015][ T129] usb 3-1: config 0 descriptor?? [ 131.852341][ T6364] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 131.884913][ T129] hub 3-1:0.0: bad descriptor, ignoring hub [ 131.892985][ T129] hub: probe of 3-1:0.0 failed with error -5 [ 132.137417][ T6414] binder: 6412:6414 ioctl 4018620d 0 returned -22 [ 132.239364][ T32] usb 3-1: USB disconnect, device number 4 [ 132.592033][ T4376] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 132.618196][ T32] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 132.784630][ T4376] usb 1-1: Using ep0 maxpacket: 8 [ 132.792883][ T4376] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 132.807522][ T4376] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 132.822776][ T4376] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 132.837982][ T32] usb 3-1: Using ep0 maxpacket: 32 [ 132.843134][ T4376] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 132.850019][ T32] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 132.853696][ T4376] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 132.883933][ T4376] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 132.896551][ T4376] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.905561][ T32] usb 3-1: string descriptor 0 read error: -22 [ 132.927211][ T32] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 132.955656][ T32] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 132.985766][ T32] usb 3-1: config 0 descriptor?? [ 133.002838][ T6364] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 133.018335][ T32] hub 3-1:0.0: bad descriptor, ignoring hub [ 133.024340][ T32] hub: probe of 3-1:0.0 failed with error -5 [ 133.149900][ T4376] usb 1-1: usb_control_msg returned -32 [ 133.157995][ T4376] usbtmc 1-1:16.0: can't read capabilities [ 133.290917][ T6448] binder: 6447:6448 ioctl 4018620d 0 returned -22 [ 133.383274][ T129] usb 3-1: USB disconnect, device number 5 [ 133.883055][ T6468] binder_alloc: 6467: binder_alloc_buf, no vma [ 134.132972][ T6482] binder: 6481:6482 ioctl c0306201 0 returned -14 [ 134.936228][ T6512] binder_alloc: 6511: binder_alloc_buf, no vma [ 135.106551][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 135.113013][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.395551][ T6525] binder: 6524:6525 ioctl c0306201 0 returned -14 [ 135.594802][ T1175] usb 1-1: USB disconnect, device number 7 [ 135.744499][ T6541] binder_alloc: 6540: binder_alloc_buf, no vma [ 136.211276][ T56] Bluetooth: hci5: Frame reassembly failed (-84) [ 136.232276][ T6557] Bluetooth: hci5: Frame reassembly failed (-84) [ 136.253311][ T6559] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 136.740099][ T1175] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 136.957843][ T1175] usb 2-1: Using ep0 maxpacket: 8 [ 136.966642][ T1175] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 136.986900][ T1175] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 137.014483][ T1175] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 137.038930][ T1175] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 137.065011][ T1175] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 137.103443][ T1175] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 137.123027][ T1175] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.354424][ T4283] Bluetooth: hci5: command 0x1003 tx timeout [ 138.354626][ T4284] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 139.705523][ T4376] usb 2-1: USB disconnect, device number 3 [ 139.934273][ T6674] 9pnet_fd: Insufficient options for proto=fd [ 140.264418][ T6691] netlink: 8 bytes leftover after parsing attributes in process `syz.1.851'. [ 140.674217][ T1175] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 140.877251][ T1175] usb 5-1: Using ep0 maxpacket: 8 [ 140.884261][ T1175] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 140.916393][ T1175] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 140.940891][ T1175] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 140.967741][ T1175] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 140.978322][ T6719] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000007 [ 140.987559][ T1175] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 141.001349][ T1175] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 141.015991][ T1175] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.528837][ T6748] misc userio: Invalid payload size [ 141.533283][ T6750] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90 [ 141.535480][ T6748] misc userio: No port type given on /dev/userio [ 141.841336][ T6763] overlayfs: failed to resolve './file1': -2 [ 142.053333][ T32] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 142.229767][ T6782] misc userio: Invalid payload size [ 142.236055][ T6782] misc userio: No port type given on /dev/userio [ 142.259966][ T32] usb 4-1: unable to get BOS descriptor or descriptor too short [ 142.270304][ T32] usb 4-1: config 1 interface 0 altsetting 12 bulk endpoint 0x82 has invalid maxpacket 520 [ 142.305296][ T32] usb 4-1: config 1 interface 0 altsetting 12 bulk endpoint 0x3 has invalid maxpacket 32 [ 142.335049][ T32] usb 4-1: config 1 interface 0 has no altsetting 0 [ 142.357910][ T32] usb 4-1: string descriptor 0 read error: -22 [ 142.382423][ T32] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 142.404538][ T32] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.423273][ T6750] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 142.444861][ T6750] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 142.539300][ T6790] overlayfs: failed to resolve './file1': -2 [ 142.685696][ T32] cdc_ether: probe of 4-1:1.0 failed with error -71 [ 142.714548][ T32] usb 4-1: USB disconnect, device number 8 [ 142.939591][ T6806] netlink: 'syz.0.897': attribute type 1 has an invalid length. [ 142.947660][ T6806] netlink: 16 bytes leftover after parsing attributes in process `syz.0.897'. [ 143.290264][ T6816] misc userio: Invalid payload size [ 143.296356][ T6816] misc userio: No port type given on /dev/userio [ 143.661148][ T32] usb 5-1: USB disconnect, device number 3 [ 143.930657][ T6846] misc userio: Invalid payload size [ 144.103349][ T6854] tmpfs: Unknown parameter 'usrquota' [ 144.287548][ T32] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 144.420918][ T6865] tmpfs: Unknown parameter 'usrquota' [ 144.524934][ T32] usb 5-1: unable to get BOS descriptor or descriptor too short [ 144.549106][ T32] usb 5-1: config 1 interface 0 altsetting 12 bulk endpoint 0x82 has invalid maxpacket 520 [ 144.580937][ T32] usb 5-1: config 1 interface 0 altsetting 12 bulk endpoint 0x3 has invalid maxpacket 32 [ 144.610269][ T32] usb 5-1: config 1 interface 0 has no altsetting 0 [ 144.623575][ T6873] misc userio: Invalid payload size [ 144.633347][ T32] usb 5-1: string descriptor 0 read error: -22 [ 144.641410][ T32] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 144.660951][ T32] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.700476][ T6841] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 144.715730][ T6841] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 144.955786][ T32] cdc_ether: probe of 5-1:1.0 failed with error -71 [ 144.977154][ T32] usb 5-1: USB disconnect, device number 4 [ 145.103137][ T6887] netlink: 16 bytes leftover after parsing attributes in process `syz.2.929'. [ 145.290597][ T6894] binder: 6893:6894 ioctl c0306201 0 returned -14 [ 146.124142][ T6930] binder: 6929:6930 ioctl c0306201 0 returned -14 [ 147.084447][ T6962] process 'syz.4.954' launched './file0' with NULL argv: empty string added [ 147.360909][ T6970] binder: 6969:6970 ioctl c0306201 0 returned -14 [ 148.913704][ T7023] netlink: 4 bytes leftover after parsing attributes in process `syz.0.979'. [ 151.286119][ T7078] sched: RT throttling activated [ 152.129991][ T7108] overlayfs: failed to set xattr on upper [ 152.165485][ T7108] overlayfs: ...falling back to index=off,metacopy=off. [ 153.547143][ T7159] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1031'. [ 153.836233][ T7165] kvm [7164]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 153.844622][ T7165] kvm [7164]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 154.374826][ T7190] binder: 7189:7190 ioctl 4018620d 0 returned -22 [ 154.593968][ T7197] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1047'. [ 155.079705][ T4284] block nbd4: Receive control failed (result -32) [ 155.091809][ T7183] block nbd4: shutting down sockets [ 155.477989][ T7219] binder: 7218:7219 ioctl 4018620d 0 returned -22 [ 155.538549][ T4376] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 155.737200][ T4376] usb 2-1: Using ep0 maxpacket: 8 [ 155.744212][ T4376] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.769244][ T4376] usb 2-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 155.779231][ T4376] usb 2-1: config 0 interface 0 has no altsetting 0 [ 155.801364][ T4376] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 155.833483][ T4376] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.844590][ T4376] usb 2-1: config 0 descriptor?? [ 156.029021][ T7224] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1058'. [ 156.290567][ T4376] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 156.320199][ T4376] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 156.341160][ T4376] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 156.367895][ T4376] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 156.375027][ T4376] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 156.397741][ T4376] mcp2221 0003:04D8:00DD.0001: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 156.534274][ T7245] binder: 7244:7245 ioctl 4018620d 0 returned -22 [ 156.550389][ T4376] usb 2-1: USB disconnect, device number 4 [ 156.827742][ T4284] Bluetooth: hci5: command 0x1003 tx timeout [ 156.832675][ T4283] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 156.879579][ T7241] 9pnet_virtio: no channels available for device syz [ 160.163203][ T4282] Bluetooth: hci5: command 0x1003 tx timeout [ 160.170679][ T4283] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 161.309123][ T7325] kvm [7324]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00 [ 161.327382][ T7325] kvm [7324]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00 [ 162.090244][ T7352] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1113'. [ 162.953589][ T7380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1125'. [ 163.140864][ T7386] binder: 7385:7386 ioctl c0306201 0 returned -14 [ 163.241998][ T4283] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 163.755909][ T7408] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1137'. [ 163.798949][ T4343] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 163.929532][ T7415] binder: 7414:7415 ioctl c0306201 0 returned -14 [ 163.969010][ T4343] usb 5-1: device descriptor read/64, error -71 [ 164.257596][ T4343] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 164.428641][ T4343] usb 5-1: device descriptor read/64, error -71 [ 164.529114][ T7442] binder: 7440:7442 ioctl c0306201 0 returned -14 [ 164.557499][ T4343] usb usb5-port1: attempt power cycle [ 165.006986][ T4343] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 165.070986][ T4343] usb 5-1: device descriptor read/8, error -71 [ 165.369417][ T4343] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 165.412806][ T4343] usb 5-1: device descriptor read/8, error -71 [ 165.540655][ T4343] usb usb5-port1: unable to enumerate USB device [ 166.321010][ T4284] Bluetooth: hci5: command 0x1003 tx timeout [ 166.321115][ T4283] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 166.475676][ T7515] autofs4:pid:7515:autofs_fill_super: called with bogus options [ 167.128376][ T7542] autofs4:pid:7542:autofs_fill_super: called with bogus options [ 168.301717][ T7576] autofs4:pid:7576:autofs_fill_super: called with bogus options [ 171.621717][ T7661] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1243'. [ 172.358907][ T7692] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1257'. [ 172.524448][ T7699] fuse: Bad value for 'fd' [ 173.447392][ T7733] fuse: Bad value for 'fd' [ 179.769668][ T129] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 179.998795][ T129] usb 4-1: Using ep0 maxpacket: 8 [ 180.022802][ T129] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 180.042351][ T129] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 180.063372][ T129] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 180.079800][ T129] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 180.100804][ T129] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 180.115999][ T32] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 180.148843][ T129] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 180.170470][ T129] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.293570][ T32] usb 5-1: device descriptor read/64, error -71 [ 180.407392][ T129] usb 4-1: GET_CAPABILITIES returned 10 [ 180.413387][ T129] usbtmc 4-1:16.0: can't read capabilities [ 180.661198][ T7843] Illegal XDP return value 4294967274 on prog (id 113) dev syz_tun, expect packet loss! [ 180.797161][ T129] usb 4-1: USB disconnect, device number 9 [ 180.860221][ T32] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 181.031194][ T32] usb 5-1: device descriptor read/64, error -71 [ 181.170577][ T32] usb usb5-port1: attempt power cycle [ 181.768873][ T32] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 181.830044][ T32] usb 5-1: device descriptor read/8, error -71 [ 182.212200][ T32] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 182.282767][ T32] usb 5-1: device descriptor read/8, error -71 [ 182.410377][ T32] usb usb5-port1: unable to enumerate USB device [ 182.714102][ T7875] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1328'. [ 182.940566][ T7887] loop0: detected capacity change from 0 to 512 [ 183.060752][ T7887] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 183.207280][ T7887] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 183.426481][ T26] audit: type=1800 audit(1759483926.612:2): pid=7887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1334" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 183.522126][ T32] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 183.746649][ T32] usb 4-1: Using ep0 maxpacket: 8 [ 183.755948][ T32] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 183.858015][ T32] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 183.911170][ T32] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 183.954641][ T32] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 184.024204][ T32] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 184.046020][ T32] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 184.055254][ T32] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.190197][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 184.295156][ T32] usb 4-1: GET_CAPABILITIES returned 10 [ 184.300781][ T32] usbtmc 4-1:16.0: can't read capabilities [ 184.480153][ T7905] loop0: detected capacity change from 0 to 164 [ 184.512828][ T32] usb 4-1: USB disconnect, device number 10 [ 186.111419][ T129] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 186.130744][ T4315] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 186.301685][ T4315] usb 5-1: device descriptor read/64, error -71 [ 186.334112][ T129] usb 4-1: Using ep0 maxpacket: 16 [ 186.341389][ T129] usb 4-1: config 0 has no interfaces? [ 186.354179][ T129] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 186.374440][ T129] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.385235][ T129] usb 4-1: Product: syz [ 186.393300][ T129] usb 4-1: Manufacturer: syz [ 186.400458][ T129] usb 4-1: SerialNumber: syz [ 186.417225][ T129] usb 4-1: config 0 descriptor?? [ 186.676058][ T4315] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 186.858236][ T4315] usb 5-1: device descriptor read/64, error -71 [ 187.001746][ T4315] usb usb5-port1: attempt power cycle [ 187.519304][ T4315] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 187.581815][ T4315] usb 5-1: device descriptor read/8, error -71 [ 187.658290][ T7941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 187.674822][ T7941] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 187.877391][ T4315] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 187.917433][ T4315] usb 5-1: device descriptor read/8, error -71 [ 188.044420][ T4315] usb usb5-port1: unable to enumerate USB device [ 188.418429][ T4315] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 188.621584][ T4315] usb 2-1: Using ep0 maxpacket: 8 [ 188.630887][ T4315] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 188.651431][ T4315] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 188.661594][ T4315] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 188.671770][ T4315] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 188.682024][ T4315] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 188.695171][ T4315] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 188.704252][ T4315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.931004][ T4315] usb 2-1: GET_CAPABILITIES returned 10 [ 188.939081][ T4315] usbtmc 2-1:16.0: can't read capabilities [ 189.081245][ T129] usb 4-1: USB disconnect, device number 11 [ 189.150603][ T32] usb 2-1: USB disconnect, device number 5 [ 189.640814][ T7969] loop3: detected capacity change from 0 to 512 [ 189.768323][ T7969] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 189.896994][ T7969] Quota error (device loop3): do_check_range: Getting dqdh_next_free 196613 out of range 0-5 [ 189.921251][ T7969] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 189.969422][ T7969] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.1362: Failed to acquire dquot type 1 [ 190.018724][ T7976] loop2: detected capacity change from 0 to 256 [ 190.029436][ T7969] Quota error (device loop3): do_check_range: Getting dqdh_next_free 196613 out of range 0-5 [ 190.161251][ T7969] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 190.171281][ T7969] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.1362: Failed to acquire dquot type 1 [ 190.228320][ T26] audit: type=1800 audit(1759483932.982:3): pid=7976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1363" name="file1" dev="loop2" ino=1048595 res=0 errno=0 [ 191.033089][ T7969] Quota error (device loop3): do_check_range: Getting dqdh_next_free 196613 out of range 0-5 [ 191.044585][ T7969] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 191.074433][ T7969] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.1362: Failed to acquire dquot type 1 [ 191.111219][ T7969] EXT4-fs (loop3): 1 orphan inode deleted [ 191.121029][ T7969] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 191.142703][ T7969] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 191.281013][ T7982] FAT-fs (loop2): error, clusters badly computed (0 != 128) [ 191.289105][ T7982] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 191.408149][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 192.150078][ T129] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 192.373997][ T129] usb 5-1: Using ep0 maxpacket: 32 [ 192.389954][ T129] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 192.421862][ T129] usb 5-1: config 0 has no interfaces? [ 192.436409][ T129] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 192.469226][ T129] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 192.571004][ T129] usb 5-1: Product: syz [ 192.597016][ T129] usb 5-1: Manufacturer: syz [ 192.716386][ T129] usb 5-1: SerialNumber: syz [ 192.879077][ T129] usb 5-1: config 0 descriptor?? [ 193.200468][ T4322] usb 5-1: USB disconnect, device number 17 [ 193.413748][ T8016] loop3: detected capacity change from 0 to 512 [ 193.425426][ T8016] EXT4-fs: Ignoring removed i_version option [ 193.619850][ T8016] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 193.629005][ T8016] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 194.557777][ T4322] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 194.602641][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 194.620099][ T8035] capability: warning: `syz.2.1381' uses 32-bit capabilities (legacy support in use) [ 195.132090][ T1175] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 195.216708][ T8040] autofs4:pid:8040:autofs_fill_super: called with bogus options [ 195.348109][ T1175] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.364272][ T1175] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.374544][ T1175] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 195.393159][ T1175] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 195.413434][ T1175] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.434526][ T1175] usb 2-1: config 0 descriptor?? [ 195.628603][ T8054] autofs4:pid:8054:autofs_fill_super: called with bogus options [ 196.604386][ T1175] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 196.635385][ T1175] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 196.993375][ C1] plantronics 0003:047F:FFFF.0002: hid_field_extract() called with n (132) > 32! (kworker/u4:11) [ 197.072606][ T8078] loop3: detected capacity change from 0 to 512 [ 197.107335][ T8078] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 197.120667][ T4322] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 197.169250][ T8078] EXT4-fs (loop3): 1 truncate cleaned up [ 197.175687][ T8078] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 197.216089][ T8036] loop1: detected capacity change from 0 to 128 [ 197.231030][ T8081] loop0: detected capacity change from 0 to 16 [ 197.260025][ T8081] erofs: (device loop0): mounted with root inode @ nid 36. [ 197.284097][ T8078] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.3.1397: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 197.309699][ T8036] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 197.315478][ T8081] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 197.328559][ T8078] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 197.337558][ T4322] usb 5-1: Using ep0 maxpacket: 32 [ 197.345876][ T8078] EXT4-fs warning (device loop3): ext4_rename_delete:3778: inode #2: comm syz.3.1397: Deleting old file: nlink 4, error=-117 [ 197.359397][ T4322] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 197.370635][ T8036] ext4 filesystem being mounted at /304/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 197.383645][ T8081] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 197.392625][ T4322] usb 5-1: config 0 has no interfaces? [ 197.402229][ T4322] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 197.411886][ T4322] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 197.420265][ T4322] usb 5-1: Product: syz [ 197.424560][ T4322] usb 5-1: Manufacturer: syz [ 197.429315][ T4322] usb 5-1: SerialNumber: syz [ 197.436077][ T4322] usb 5-1: config 0 descriptor?? [ 197.486581][ T8078] VFS: Lookup of 'file0' in ext4 loop3 would have caused loop [ 197.549865][ T1175] usb 2-1: USB disconnect, device number 6 [ 197.672866][ T4322] usb 5-1: USB disconnect, device number 19 [ 197.765432][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 197.829580][ T8088] autofs4:pid:8088:autofs_fill_super: called with bogus options [ 198.288455][ T4322] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 198.575015][ T4322] usb 5-1: Using ep0 maxpacket: 32 [ 198.601179][ T4322] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 198.780425][ T4322] usb 5-1: config 0 has no interfaces? [ 198.802145][ T4322] usb 5-1: string descriptor 0 read error: -22 [ 198.808553][ T4322] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 198.829321][ T4322] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 198.885461][ T4322] usb 5-1: config 0 descriptor?? [ 198.907819][ T4276] EXT4-fs (loop1): unmounting filesystem. [ 198.940552][ T8100] loop3: detected capacity change from 0 to 256 [ 198.975800][ T26] audit: type=1800 audit(1759483941.167:4): pid=8100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1405" name="file1" dev="loop3" ino=1048597 res=0 errno=0 [ 199.123689][ T1175] usb 5-1: USB disconnect, device number 20 [ 199.609474][ T8108] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 199.714199][ T8100] FAT-fs (loop3): error, clusters badly computed (0 != 128) [ 199.721720][ T8100] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 200.114367][ T8121] autofs4:pid:8121:autofs_fill_super: called with bogus options [ 200.680570][ T1175] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 200.792845][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.811705][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 201.439694][ T4343] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 201.450352][ T8142] loop2: detected capacity change from 0 to 128 [ 201.457736][ T8142] FAT-fs (loop2): Unrecognized mount option "uni_xl%PB^°cwiet" or missing value [ 201.486714][ T7844] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 201.587066][ T1175] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.631990][ T4343] usb 5-1: Using ep0 maxpacket: 8 [ 201.653541][ T1175] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.672756][ T4343] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 201.692554][ T8145] binder: BINDER_SET_CONTEXT_MGR already set [ 201.709539][ T4343] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 201.722187][ T1175] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 201.725889][ T8145] binder: 8144:8145 ioctl 4018620d 200000000040 returned -16 [ 201.784071][ T4343] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 201.847446][ T1175] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 201.885282][ T4343] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 201.912893][ T1175] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.005345][ T4343] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 202.133209][ T4343] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 202.213099][ T4343] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.354614][ T1175] usb 4-1: config 0 descriptor?? [ 202.567896][ T8154] loop1: detected capacity change from 0 to 8192 [ 202.596101][ T8154] ======================================================= [ 202.596101][ T8154] WARNING: The mand mount option has been deprecated and [ 202.596101][ T8154] and is ignored by this kernel. Remove the mand [ 202.596101][ T8154] option from the mount to silence this warning. [ 202.596101][ T8154] ======================================================= [ 202.646926][ T8154] FAT-fs (loop1): Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÀ¿½ÚA²Ÿ¬hŠ†œÙüœ'õë4C<à™Úûab†wà#E¾³3ë–(?ôr¢mšcæƒ"&$NÒÇzX_tŒLû£ªî@Bª›ƒ@l æ-UM`À%Ó5çì_&[þ.M»ª5€9oZNߘêðkx;~òoSè ž¨¼ŸføÉÅ£ [ 202.646926][ T8154] ‹ [ 202.646926][ T8154] Æc§‡uî9ŸøPOÂqu¢+¦~×ÿ¿‡cïÅÛà©[¶…Š;² ©ìWkT”ʶ" or missing value [ 202.833223][ T1175] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 202.872963][ T1175] plantronics 0003:047F:FFFF.0003: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 202.881345][ T8160] loop0: detected capacity change from 0 to 1024 [ 203.222230][ T8168] usbtmc 5-1:16.0: simple usb_control_msg returned 0 [ 203.447183][ T129] usb 5-1: USB disconnect, device number 21 [ 203.748354][ T8177] loop3: detected capacity change from 0 to 128 [ 203.848515][ T8177] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 203.861508][ T8177] ext4 filesystem being mounted at /221/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 204.250531][ T8187] binder: BINDER_SET_CONTEXT_MGR already set [ 204.256655][ T8187] binder: 8186:8187 ioctl 4018620d 200000000040 returned -16 [ 204.334058][ T8190] usb usb8: usbfs: process 8190 (syz.4.1436) did not claim interface 0 before use [ 204.401147][ T4343] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 204.558738][ T8196] loop4: detected capacity change from 0 to 1024 [ 204.603969][ T4343] usb 3-1: Using ep0 maxpacket: 32 [ 204.615734][ T4343] usb 3-1: config 0 has an invalid interface number: 254 but max is 0 [ 204.634098][ T4343] usb 3-1: config 0 has no interface number 0 [ 204.651772][ T4343] usb 3-1: New USB device found, idVendor=5215, idProduct=1103, bcdDevice=e3.da [ 204.671722][ T4343] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 204.688883][ T4343] usb 3-1: Product: syz [ 204.698915][ T4343] usb 3-1: Manufacturer: syz [ 204.705233][ T4343] usb 3-1: SerialNumber: syz [ 204.712793][ T4343] usb 3-1: config 0 descriptor?? [ 204.737434][ T4343] usb-storage 3-1:0.254: USB Mass Storage device detected [ 204.895899][ T8196] EXT4-fs: Ignoring removed i_version option [ 204.902028][ T8196] EXT4-fs: inline encryption not supported [ 204.925979][ T8196] EXT4-fs (loop4): Test dummy encryption mode enabled [ 204.939951][ T8196] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 204.971006][ T4343] usb 3-1: USB disconnect, device number 6 [ 205.115783][ T8208] 9pnet_fd: p9_fd_create_tcp (8208): problem connecting socket to 127.0.0.1 [ 205.151347][ T4376] usb 4-1: USB disconnect, device number 12 [ 205.188130][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 205.433986][ T8196] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 205.476944][ T8207] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 205.528147][ T8233] loop1: detected capacity change from 0 to 1024 [ 205.593836][ T8233] hfsplus: unable to parse mount options [ 205.884037][ T4265] EXT4-fs (loop4): unmounting filesystem. [ 206.014616][ T8238] loop1: detected capacity change from 0 to 128 [ 206.133648][ T8238] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 206.158752][ T8238] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 206.823957][ T8256] loop3: detected capacity change from 0 to 2048 [ 206.876004][ T8256] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 206.888269][ T8256] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 208.536940][ T8269] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1456'. [ 208.538135][ T8255] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 209.603957][ T8275] 9pnet_fd: Insufficient options for proto=fd [ 209.770846][ T8282] loop1: detected capacity change from 0 to 164 [ 209.847500][ T8283] loop3: detected capacity change from 0 to 512 [ 209.916325][ T8283] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 210.045194][ T8283] EXT4-fs (loop3): 1 truncate cleaned up [ 210.461956][ T8283] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 210.744723][ T8277] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.3.1457: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 210.811881][ T8277] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 210.821599][ T8277] EXT4-fs warning (device loop3): ext4_rename_delete:3778: inode #2: comm syz.3.1457: Deleting old file: nlink 4, error=-117 [ 211.031182][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 212.163720][ T8325] 9pnet_fd: Insufficient options for proto=fd [ 212.733775][ T129] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 212.833214][ T8345] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 212.987324][ T129] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 213.056600][ T129] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.389143][ T129] usb 3-1: config 0 descriptor?? [ 213.558836][ T129] cp210x 3-1:0.0: cp210x converter detected [ 213.866786][ T8360] binder: 8359:8360 unknown command 0 [ 213.894816][ T8360] binder: 8359:8360 ioctl c0306201 200000000080 returned -22 [ 213.958748][ T129] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 214.195576][ T129] cp210x 3-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 214.211293][ T129] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 214.277157][ T129] usb 3-1: cp210x converter now attached to ttyUSB0 [ 214.576733][ T129] usb 3-1: USB disconnect, device number 7 [ 214.893190][ T129] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 214.916108][ T129] cp210x 3-1:0.0: device disconnected [ 215.301914][ T8393] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1498'. [ 215.337596][ T4343] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 215.344694][ T8395] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 215.551328][ T4343] usb 4-1: Using ep0 maxpacket: 8 [ 215.564606][ T4343] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 215.585815][ T4343] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 215.612535][ T4343] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 215.646586][ T4343] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 215.686979][ T4343] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 215.713879][ T4343] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 215.723629][ T4343] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.132518][ T8413] loop4: detected capacity change from 0 to 256 [ 216.159680][ T8413] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 216.172440][ T8413] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 217.844493][ T8420] usbtmc 4-1:16.0: simple control status returned 10 [ 217.859637][ T8413] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 218.057588][ T1175] usb 4-1: USB disconnect, device number 13 [ 218.178083][ T8424] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1510'. [ 219.430532][ T8444] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 219.491561][ T8447] loop4: detected capacity change from 0 to 1024 [ 219.516306][ T8447] EXT4-fs: Ignoring removed bh option [ 219.538030][ T8447] EXT4-fs: Mount option(s) incompatible with ext3 [ 221.101437][ T8452] loop3: detected capacity change from 0 to 8 [ 221.158351][ T8455] loop2: detected capacity change from 0 to 1024 [ 221.302471][ T8455] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 221.898347][ T8470] loop0: detected capacity change from 0 to 2048 [ 221.939387][ T8470] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 222.003360][ T8470] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 222.819698][ T129] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 223.066918][ T129] usb 1-1: Using ep0 maxpacket: 8 [ 223.074233][ T129] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 223.101551][ T129] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 223.134216][ T129] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 223.165491][ T129] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 223.200075][ T129] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 223.256465][ T129] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 223.289495][ T129] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.438888][ T8498] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1534'. [ 223.453996][ T4264] EXT4-fs (loop2): unmounting filesystem. [ 223.621799][ T8499] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 223.675380][ T8505] loop3: detected capacity change from 0 to 512 [ 223.690267][ T8507] loop4: detected capacity change from 0 to 8 [ 223.710414][ T8505] EXT4-fs: Ignoring removed mblk_io_submit option [ 223.730541][ T8505] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 223.750662][ T8505] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e04ce028, mo2=0002] [ 223.777294][ T8505] System zones: 0-1, 15-15, 18-18, 34-34 [ 223.794827][ T8505] EXT4-fs (loop3): orphan cleanup on readonly fs [ 223.801383][ T8505] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 223.864700][ T8505] EXT4-fs warning (device loop3): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 223.887921][ T8505] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 223.906157][ T8505] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1536: bg 0: block 40: padding at end of block bitmap is not set [ 223.949642][ T8505] EXT4-fs (loop3): Remounting filesystem read-only [ 223.963356][ T8505] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 223.989295][ T8505] EXT4-fs (loop3): Remounting filesystem read-only [ 223.998285][ T8505] EXT4-fs (loop3): 1 truncate cleaned up [ 224.004029][ T8505] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 224.587083][ T8518] usbtmc 1-1:16.0: simple usb_control_msg returned 0 [ 224.760239][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 224.802054][ T4376] usb 1-1: USB disconnect, device number 8 [ 224.954205][ T8527] loop2: detected capacity change from 0 to 256 [ 224.969015][ T8526] loop1: detected capacity change from 0 to 256 [ 224.993416][ T8527] exfat: Deprecated parameter 'utf8' [ 225.041293][ T8527] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 225.294676][ T8539] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1547'. [ 225.454534][ T1175] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 225.670269][ T1175] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 225.681400][ T1175] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 225.708307][ T1175] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 225.717557][ T1175] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 225.725736][ T1175] usb 3-1: SerialNumber: syz [ 226.603582][ T8558] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 226.644798][ T1175] usb 3-1: 0:2 : does not exist [ 226.683845][ T1175] usb 3-1: unit 5: unexpected type 0x0d [ 226.742905][ T1175] usb 3-1: USB disconnect, device number 8 [ 227.036608][ T7844] udevd[7844]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 227.310991][ T7] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 227.514012][ T7] usb 1-1: Using ep0 maxpacket: 16 [ 227.520888][ T7] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 227.545457][ T7] usb 1-1: config 0 has no interfaces? [ 227.555337][ T7] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 227.565607][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.568014][ T8575] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1560'. [ 227.582155][ T7] usb 1-1: config 0 descriptor?? [ 227.799364][ T4315] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 228.028098][ T8583] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1562'. [ 228.794847][ T4376] usb 1-1: USB disconnect, device number 9 [ 228.840006][ T4315] usb 4-1: Using ep0 maxpacket: 8 [ 228.857748][ T4315] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 228.867186][ T4315] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 228.877081][ T4315] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 228.887032][ T4315] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 228.897078][ T4315] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 228.910291][ T4315] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 228.920973][ T4315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.270143][ T8591] loop1: detected capacity change from 0 to 128 [ 229.366420][ T8591] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1565'. [ 229.483453][ T8591] loop1: detected capacity change from 0 to 256 [ 231.037626][ T8591] FAT-fs (loop1): Directory bread(block 64) failed [ 231.058179][ T8591] FAT-fs (loop1): Directory bread(block 65) failed [ 231.091397][ T8603] loop0: detected capacity change from 0 to 128 [ 231.105921][ T129] usb 4-1: USB disconnect, device number 14 [ 231.113849][ T8591] FAT-fs (loop1): Directory bread(block 66) failed [ 231.145527][ T8591] FAT-fs (loop1): Directory bread(block 67) failed [ 231.205979][ T8591] FAT-fs (loop1): Directory bread(block 68) failed [ 231.212580][ T8591] FAT-fs (loop1): Directory bread(block 69) failed [ 231.279236][ T8591] FAT-fs (loop1): Directory bread(block 70) failed [ 231.290772][ T8591] FAT-fs (loop1): Directory bread(block 71) failed [ 231.297395][ T8591] FAT-fs (loop1): Directory bread(block 72) failed [ 231.343203][ T8591] FAT-fs (loop1): Directory bread(block 73) failed [ 231.555191][ T8613] loop3: detected capacity change from 0 to 256 [ 231.572428][ T8615] loop0: detected capacity change from 0 to 8 [ 231.577548][ T8613] exfat: Deprecated parameter 'utf8' [ 231.670889][ T8613] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 231.768833][ T26] audit: type=1800 audit(1759483971.838:5): pid=8613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1575" name="file2" dev="loop3" ino=1048608 res=0 errno=0 [ 231.862393][ T8620] autofs4:pid:8620:autofs_fill_super: called with bogus options [ 232.053072][ T8627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1582'. [ 232.637012][ T8633] loop0: detected capacity change from 0 to 512 [ 232.749317][ T8633] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 233.000197][ T8638] loop2: detected capacity change from 0 to 1024 [ 233.036515][ T8633] EXT4-fs (loop0): 1 truncate cleaned up [ 233.094534][ T8633] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 233.110506][ T8638] hfsplus: failed to load root directory [ 233.572441][ T4270] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 233.613292][ T8662] loop1: detected capacity change from 0 to 8 [ 233.616609][ T8661] loop4: detected capacity change from 0 to 1024 [ 233.648649][ T4270] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 233.677213][ T8661] EXT4-fs: Ignoring removed nobh option [ 233.730465][ T8661] EXT4-fs: Ignoring removed bh option [ 233.757595][ T8661] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 233.777904][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 233.886095][ T8665] autofs4:pid:8665:autofs_fill_super: called with bogus options [ 233.932355][ T8661] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 234.074593][ T8671] Disabled LAPIC found during irq injection [ 234.877318][ T8679] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3836: comm syz.4.1591: Allocating blocks 385-513 which overlap fs metadata [ 234.957004][ T8679] EXT4-fs (loop4): pa ffff888073a928c0: logic 16, phys. 129, len 24 [ 234.965447][ T8679] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8 [ 235.269623][ T4265] EXT4-fs (loop4): unmounting filesystem. [ 235.304729][ T8687] fuse: Unknown parameter 'group_i00000000000000000000' [ 235.445532][ T8689] loop4: detected capacity change from 0 to 128 [ 235.457278][ T4336] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 235.495455][ T8689] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 235.521855][ T8689] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 235.564979][ T8239] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 235.683531][ T4336] usb 2-1: New USB device found, idVendor=05ac, idProduct=029f, bcdDevice= 0.00 [ 235.704962][ T4336] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.727461][ T4336] usb 2-1: config 0 descriptor?? [ 235.895082][ T8707] loop4: detected capacity change from 0 to 512 [ 235.923223][ T8704] autofs4:pid:8704:autofs_fill_super: called with bogus options [ 235.931987][ T8705] loop2: detected capacity change from 0 to 512 [ 235.939788][ T8707] EXT4-fs: Ignoring removed mblk_io_submit option [ 235.953172][ T8707] EXT4-fs: Ignoring removed bh option [ 235.958644][ T8707] EXT4-fs: Ignoring removed nobh option [ 235.976509][ T8705] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 236.009129][ T8707] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 236.054841][ T8707] EXT4-fs (loop4): invalid journal inode [ 236.079525][ T8705] EXT4-fs (loop2): 1 truncate cleaned up [ 236.085285][ T8705] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 236.182138][ T4336] apple 0003:05AC:029F.0005: unbalanced delimiter at end of report description [ 236.224153][ T4336] apple 0003:05AC:029F.0005: parse failed [ 236.256111][ T4336] apple: probe of 0003:05AC:029F.0005 failed with error -22 [ 236.396535][ T4336] usb 2-1: USB disconnect, device number 7 [ 236.462558][ T4264] EXT4-fs (loop2): unmounting filesystem. [ 236.567921][ T8718] loop2: detected capacity change from 0 to 128 [ 237.624195][ T8730] fuse: Unknown parameter 'group_i00000000000000000000' [ 237.643176][ T8731] loop4: detected capacity change from 0 to 256 [ 237.650478][ T8731] exfat: Bad value for 'uid' [ 237.689078][ T8733] loop2: detected capacity change from 0 to 512 [ 237.810564][ T8733] EXT4-fs (loop2): Test dummy encryption mode enabled [ 237.817441][ T8733] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 237.924520][ T8733] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.1612: bad orphan inode 131083 [ 238.116260][ T8733] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 239.135023][ T8746] loop1: detected capacity change from 0 to 2048 [ 239.159261][ T8746] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 239.170075][ T8746] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 239.285335][ T8748] fscrypt (loop2): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))") [ 239.296934][ T8745] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.1612: iget: bad extra_isize 1312 (inode size 256) [ 239.484912][ T4286] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 239.526480][ T4264] EXT4-fs (loop2): unmounting filesystem. [ 239.705673][ T8761] loop0: detected capacity change from 0 to 512 [ 239.764003][ T8761] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 239.797715][ T8766] loop2: detected capacity change from 0 to 256 [ 239.860448][ T8761] EXT4-fs (loop0): 1 truncate cleaned up [ 239.868609][ T8761] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 240.040264][ T26] audit: type=1326 audit(1759483979.574:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b2598eec9 code=0x7ffc0000 [ 240.115791][ T8764] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.0.1619: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 240.353417][ T26] audit: type=1326 audit(1759483979.855:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f7b2598eec9 code=0x7ffc0000 [ 240.375633][ C0] vkms_vblank_simulate: vblank timer overrun [ 240.700888][ T26] audit: type=1326 audit(1759483979.864:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1624" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b2598eec9 code=0x7ffc0000 [ 240.791266][ T8764] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem [ 240.811694][ T8764] EXT4-fs warning (device loop0): ext4_rename_delete:3778: inode #2: comm syz.0.1619: Deleting old file: nlink 4, error=-117 [ 240.913518][ T129] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 241.295163][ T8785] mmap: syz.4.1627 (8785) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 242.300684][ T129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 242.335570][ T129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.368600][ T129] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 242.410212][ T129] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 242.445614][ T129] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.465990][ T129] usb 3-1: config 0 descriptor?? [ 242.539256][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 242.660169][ T8800] loop0: detected capacity change from 0 to 512 [ 242.760226][ T8800] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1633: casefold flag without casefold feature [ 242.828638][ T8800] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1633: couldn't read orphan inode 15 (err -117) [ 242.840895][ T8800] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 242.911986][ T26] audit: type=1800 audit(1759483982.268:9): pid=8800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1633" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 242.927329][ T129] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 242.968809][ T129] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 243.242037][ T129] usb 3-1: USB disconnect, device number 9 [ 243.389194][ T8810] fido_id[8810]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 244.122460][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 244.130036][ T8816] loop4: detected capacity change from 0 to 512 [ 244.137595][ T8816] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 244.214721][ T8819] loop1: detected capacity change from 0 to 1024 [ 244.257085][ T8819] EXT4-fs: inline encryption not supported [ 244.278965][ T8819] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 244.368397][ T8819] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 244.769339][ T8819] loop1: detected capacity change from 1024 to 64 [ 245.498088][ T8843] loop0: detected capacity change from 0 to 512 [ 245.512956][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.545714][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.570390][ T8843] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 245.614507][ T8847] fuse: Unknown parameter 'group_id00000000000000000000' [ 245.635448][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.649445][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.689174][ T8843] EXT4-fs (loop0): 1 truncate cleaned up [ 245.694884][ T8843] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 245.756012][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.769743][ T8843] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.0.1643: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 245.808919][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.845044][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.896700][ T8843] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem [ 245.899980][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 245.918103][ T8843] EXT4-fs warning (device loop0): ext4_rename_delete:3778: inode #2: comm syz.0.1643: Deleting old file: nlink 4, error=-117 [ 245.942248][ T8853] loop4: detected capacity change from 0 to 8 [ 245.974750][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 246.035859][ T4276] EXT4-fs warning (device loop1): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 246.411928][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 246.448948][ T8867] device wlan1 entered promiscuous mode [ 246.746273][ T8878] binder: 8864:8878 ioctl c0306201 0 returned -14 [ 246.754273][ T4376] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 247.002993][ T4376] usb 5-1: Using ep0 maxpacket: 32 [ 247.041692][ T4376] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 247.329301][ T4376] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 247.377144][ T4376] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 247.409968][ T8881] loop0: detected capacity change from 0 to 128 [ 247.604285][ T4376] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.645034][ T4376] usb 5-1: config 0 descriptor?? [ 247.668728][ T4376] hub 5-1:0.0: USB hub found [ 247.692107][ T8885] fuse: Bad value for 'user_id' [ 247.899770][ T41] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.258185][ T4376] hub 5-1:0.0: config failed, can't read hub descriptor (err -22) [ 248.343659][ T8897] loop0: detected capacity change from 0 to 8 [ 248.368913][ T41] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.499802][ T4270] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 248.509015][ C0] raw-gadget.0 gadget.4: ignoring, device is not running [ 248.516586][ C0] raw-gadget.0 gadget.4: ignoring, device is not running [ 248.524441][ T4376] usbhid 5-1:0.0: can't add hid device: -32 [ 248.530459][ T4376] usbhid: probe of 5-1:0.0 failed with error -32 [ 248.608399][ T4376] usb 5-1: USB disconnect, device number 22 [ 248.617679][ T41] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.791036][ T41] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.820274][ T4270] usb 4-1: Using ep0 maxpacket: 8 [ 248.827264][ T4270] usb 4-1: config 0 has an invalid interface number: 176 but max is 1 [ 248.852716][ T4270] usb 4-1: config 0 has no interface number 1 [ 248.858963][ T4270] usb 4-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 248.889198][ T4270] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 248.986598][ T8906] loop0: detected capacity change from 0 to 1024 [ 248.998761][ T8906] EXT4-fs: Ignoring removed orlov option [ 249.004645][ T8906] EXT4-fs: Ignoring removed nomblk_io_submit option [ 249.249710][ T8906] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 249.434499][ T4270] usb 4-1: config 0 descriptor?? [ 249.495038][ T4382] kworker/u4:6: attempt to access beyond end of device [ 249.495038][ T4382] loop1: rw=1, sector=226, nr_sectors = 2 limit=64 [ 249.533163][ T4382] Buffer I/O error on device loop1, logical block 113 [ 249.612287][ T4276] EXT4-fs (loop1): unmounting filesystem. [ 249.612519][ T4270] qmi_wwan: probe of 4-1:0.0 failed with error -22 [ 249.649505][ T4270] usb 4-1: unknown number of interfaces: 2 [ 249.660298][ T8823] kmmpd-loop1: attempt to access beyond end of device [ 249.660298][ T8823] loop1: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 249.687405][ T4277] EXT4-fs (loop0): unmounting filesystem. [ 251.045363][ T8823] Buffer I/O error on dev loop1, logical block 64, lost sync page write [ 251.074247][ T4270] usb 4-1: USB disconnect, device number 15 [ 251.231184][ T41] tipc: Left network mode [ 251.273267][ T8920] loop2: detected capacity change from 0 to 512 [ 251.317001][ T8920] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 251.458256][ T8920] EXT4-fs (loop2): 1 truncate cleaned up [ 251.539037][ T8920] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 251.684169][ T8920] EXT4-fs error (device loop2): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.2.1668: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 251.782507][ T8929] loop0: detected capacity change from 0 to 256 [ 251.822444][ T8929] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d) [ 251.850896][ T8920] EXT4-fs error (device loop2) in ext4_delete_entry:2800: Corrupt filesystem [ 251.914777][ T8920] EXT4-fs warning (device loop2): ext4_rename_delete:3778: inode #2: comm syz.2.1668: Deleting old file: nlink 4, error=-117 [ 251.973009][ T26] audit: type=1800 audit(1759483990.733:10): pid=8929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1674" name="file1" dev="loop0" ino=1048615 res=0 errno=0 [ 252.346414][ T8946] loop0: detected capacity change from 0 to 8 [ 252.593961][ T4282] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 252.604310][ T4282] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 252.615505][ T4282] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 252.623430][ T4282] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 252.631810][ T4282] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 252.639352][ T4284] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 252.652590][ T4264] EXT4-fs (loop2): unmounting filesystem. [ 252.701390][ T4283] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 252.722585][ T4283] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 252.731627][ T4283] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 252.752311][ T4283] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 252.763572][ T4283] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 252.771112][ T4283] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 253.136429][ T8967] loop4: detected capacity change from 0 to 1024 [ 253.226543][ T8967] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 254.029871][ T8967] EXT4-fs error (device loop4): ext4_xattr_ibody_get:603: inode #15: comm syz.4.1679: corrupted in-inode xattr [ 254.184721][ T8967] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm syz.4.1679: corrupted in-inode xattr [ 254.267555][ T8967] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 1803188595: comm syz.4.1679: lblock 0 mapped to illegal pblock 1803188595 (length 1) [ 254.372127][ T8967] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 254.399232][ T8990] loop0: detected capacity change from 0 to 8 [ 254.419956][ T41] device hsr_slave_0 left promiscuous mode [ 254.431143][ T8967] EXT4-fs (loop4): This should not happen!! Data will be lost [ 254.431143][ T8967] [ 254.461044][ T41] device hsr_slave_1 left promiscuous mode [ 254.493886][ T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 254.530302][ T41] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 254.558251][ T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 254.580052][ T41] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 254.598860][ T41] device bridge_slave_1 left promiscuous mode [ 254.622679][ T4382] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm kworker/u4:6: corrupted in-inode xattr [ 254.647339][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.701099][ T4382] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2195: inode #15: comm kworker/u4:6: corrupted in-inode xattr [ 254.729227][ T41] device bridge_slave_0 left promiscuous mode [ 254.739524][ T4265] EXT4-fs (loop4): Inode 15 (ffff888058d82820): i_reserved_data_blocks (1) not cleared! [ 254.747072][ T8997] Bluetooth: MGMT ver 1.22 [ 254.753778][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.773893][ T4265] EXT4-fs (loop4): unmounting filesystem. [ 254.791103][ T8997] loop0: detected capacity change from 0 to 256 [ 254.813057][ T8997] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 254.867605][ T8997] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 254.909207][ T8997] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 254.977714][ T41] device veth1_macvtap left promiscuous mode [ 255.006473][ T41] device veth0_macvtap left promiscuous mode [ 255.021305][ T4283] Bluetooth: hci3: command 0x0409 tx timeout [ 255.047095][ T41] device veth1_vlan left promiscuous mode [ 255.110366][ T41] device veth0_vlan left promiscuous mode [ 255.158302][ T9008] autofs4:pid:9008:autofs_fill_super: called with bogus options [ 255.674703][ T9028] loop0: detected capacity change from 0 to 128 [ 255.830068][ T7844] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 256.709510][ T9036] loop3: detected capacity change from 0 to 256 [ 256.750708][ T41] bond1 (unregistering): (slave vlan2): Releasing active interface [ 256.763047][ T26] audit: type=1800 audit(1759483995.214:11): pid=9036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1695" name="file1" dev="loop3" ino=1048616 res=0 errno=0 [ 257.233826][ T4283] Bluetooth: hci3: command 0x041b tx timeout [ 257.460155][ T41] bond1 (unregistering): Released all slaves [ 257.688034][ T9036] FAT-fs (loop3): error, clusters badly computed (0 != 128) [ 257.695415][ T9036] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 257.739036][ T9051] loop2: detected capacity change from 0 to 1024 [ 258.421154][ T9051] EXT4-fs: Ignoring removed bh option [ 258.438406][ T9051] EXT4-fs: Mount option(s) incompatible with ext3 [ 259.724891][ T4283] Bluetooth: hci3: command 0x040f tx timeout [ 259.868712][ T9057] autofs4:pid:9057:autofs_fill_super: called with bogus options [ 260.103024][ T9060] kernel profiling enabled (shift: 9) [ 260.381239][ T41] team0 (unregistering): Port device team_slave_1 removed [ 260.421123][ T41] team0 (unregistering): Port device team_slave_0 removed [ 260.461340][ T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 260.506508][ T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 261.015277][ T41] bond0 (unregistering): Released all slaves [ 261.949588][ T8950] chnl_net:caif_netlink_parms(): no params data found [ 261.959177][ T4283] Bluetooth: hci3: command 0x0419 tx timeout [ 262.454115][ T8950] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.508007][ T8950] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.526261][ T8950] device bridge_slave_0 entered promiscuous mode [ 262.544119][ T8950] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.560529][ T8950] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.595956][ T9094] autofs4:pid:9094:autofs_fill_super: called with bogus options [ 262.606957][ T8950] device bridge_slave_1 entered promiscuous mode [ 262.697713][ T8950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.755907][ T8950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.949339][ T9113] loop4: detected capacity change from 0 to 256 [ 263.021720][ T8950] team0: Port device team_slave_0 added [ 263.056133][ T8950] team0: Port device team_slave_1 added [ 263.242559][ T9113] FAT-fs (loop4): Directory bread(block 64) failed [ 263.295820][ T9113] FAT-fs (loop4): Directory bread(block 65) failed [ 263.306286][ T9113] FAT-fs (loop4): Directory bread(block 66) failed [ 263.584473][ T9113] FAT-fs (loop4): Directory bread(block 67) failed [ 263.603149][ T8950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 263.685482][ T9113] FAT-fs (loop4): Directory bread(block 68) failed [ 263.840495][ T8950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.906403][ T9113] FAT-fs (loop4): Directory bread(block 69) failed [ 263.913061][ T9113] FAT-fs (loop4): Directory bread(block 70) failed [ 263.919711][ T9113] FAT-fs (loop4): Directory bread(block 71) failed [ 263.926370][ T9113] FAT-fs (loop4): Directory bread(block 72) failed [ 263.932914][ T9113] FAT-fs (loop4): Directory bread(block 73) failed [ 263.947812][ T8950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 263.960773][ T8950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 263.967746][ T8950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.993761][ T8950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 265.298912][ T8950] device hsr_slave_0 entered promiscuous mode [ 265.369209][ T8950] device hsr_slave_1 entered promiscuous mode [ 265.399639][ T8950] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 265.423298][ T8950] Cannot create hsr debugfs directory [ 265.843107][ T9155] autofs4:pid:9155:autofs_fill_super: called with bogus options [ 265.870062][ T8950] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 265.947357][ T8950] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 265.981576][ T8950] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 266.044485][ T8950] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 266.472953][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.480586][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 267.025166][ T9185] loop2: detected capacity change from 0 to 1024 [ 267.120627][ T8950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 267.185936][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 267.194152][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 267.218190][ T8950] 8021q: adding VLAN 0 to HW filter on device team0 [ 267.284373][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 267.338600][ T9185] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 267.390657][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 267.399176][ T4459] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.406323][ T4459] bridge0: port 1(bridge_slave_0) entered forwarding state [ 267.510315][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 267.544779][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 267.551409][ T9199] loop3: detected capacity change from 0 to 512 [ 267.584936][ T4459] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.592151][ T4459] bridge0: port 2(bridge_slave_1) entered forwarding state [ 267.604665][ T4264] EXT4-fs (loop2): unmounting filesystem. [ 267.653190][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 267.699984][ T9199] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 267.709046][ T9199] EXT4-fs (loop3): orphan cleanup on readonly fs [ 267.726111][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 267.745682][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 267.759337][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 267.771416][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 267.780014][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 267.790282][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 267.801741][ T9199] Quota error (device loop3): dq_insert_tree: Quota tree root isn't allocated! [ 267.822833][ T8950] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 267.836916][ T9199] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota [ 267.848706][ T8950] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 267.859396][ T9199] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.1734: Failed to acquire dquot type 1 [ 267.876397][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 267.890636][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 267.908236][ T9199] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1734: bg 0: block 40: padding at end of block bitmap is not set [ 267.929049][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 267.947122][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 267.968568][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 267.976424][ T9199] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 267.997185][ T9199] EXT4-fs (loop3): 1 truncate cleaned up [ 268.015662][ T4459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 268.025084][ T9199] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 268.083097][ T9199] EXT4-fs error (device loop3): ext4_get_link:104: inode #16: comm syz.3.1734: bad symlink. [ 268.132625][ T9199] EXT4-fs error (device loop3): ext4_get_link:104: inode #16: comm syz.3.1734: bad symlink. [ 268.292665][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 268.502390][ T9221] autofs4:pid:9221:autofs_fill_super: called with bogus options [ 268.968837][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 268.983001][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 268.997426][ T8950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 270.302102][ T4336] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 270.362288][ T9266] loop0: detected capacity change from 0 to 256 [ 271.828166][ T4336] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 271.858834][ T4336] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 271.882562][ T4336] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 271.913718][ T4336] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.955228][ T4336] usb 3-1: Product: syz [ 271.959450][ T4336] usb 3-1: Manufacturer: syz [ 271.964089][ T4336] usb 3-1: SerialNumber: syz [ 272.290385][ T9280] autofs4:pid:9280:autofs_fill_super: called with bogus options [ 272.450957][ T4336] usb 3-1: cannot find UAC_HEADER [ 272.501665][ T4336] snd-usb-audio: probe of 3-1:1.0 failed with error -22 [ 272.569785][ T7844] udevd[7844]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 272.765066][ T14] usb 3-1: USB disconnect, device number 10 [ 273.566655][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 273.575534][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 273.761666][ T8240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 273.827436][ T8240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 273.849694][ T8950] device veth0_vlan entered promiscuous mode [ 273.865860][ T8240] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 273.892712][ T8240] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 274.110540][ T8950] device veth1_vlan entered promiscuous mode [ 274.613617][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 274.631737][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 274.684221][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 274.757663][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 274.869876][ T8950] device veth0_macvtap entered promiscuous mode [ 274.893389][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 274.963459][ T8950] device veth1_macvtap entered promiscuous mode [ 275.140080][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 275.206479][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.260849][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 275.326193][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.386043][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 275.455119][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.518820][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 275.529797][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.543429][ T8950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 275.565895][ T4382] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 275.594936][ T4382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 275.676893][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.705646][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.777116][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.790815][ T9324] loop2: detected capacity change from 0 to 2048 [ 275.813803][ T9324] EXT4-fs: Ignoring removed nobh option [ 275.820821][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.831110][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.842057][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.852171][ T8950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 275.863376][ T8950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 275.879693][ T8950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 275.887001][ T6463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 275.924513][ T9324] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 275.942555][ T9324] ext4 filesystem being mounted at /339/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 275.961049][ T6463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 276.064197][ T9329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1759'. [ 276.268785][ T26] audit: type=1804 audit(1759484013.464:12): pid=9330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1759" name="/newroot/339/file0/file1" dev="loop2" ino=15 res=1 errno=0 [ 276.444098][ T8950] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.504017][ T8950] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.601338][ T8950] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.614786][ T9333] loop3: detected capacity change from 0 to 1024 [ 276.619561][ T8950] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.715769][ T9333] EXT4-fs: Ignoring removed bh option [ 276.742214][ T9333] EXT4-fs: Mount option(s) incompatible with ext3 [ 278.251030][ T4264] EXT4-fs (loop2): unmounting filesystem. [ 278.366302][ T8012] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.408029][ T8012] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.640502][ T7911] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 278.671184][ T4382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.697418][ T4382] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.037407][ T9350] __vm_enough_memory: pid: 9350, comm: syz.4.1763, no enough memory for the allocation [ 279.142472][ T8012] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 280.409399][ T9369] loop5: detected capacity change from 0 to 1024 [ 280.627365][ T9369] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 280.699472][ T9378] usb usb9: usbfs: interface 0 claimed by hub while 'syz.0.1770' sets config #7 [ 280.737955][ T9378] usb usb9: usbfs: interface 0 claimed by hub while 'syz.0.1770' sets config #1 [ 280.815523][ T8950] EXT4-fs (loop5): unmounting filesystem. [ 282.891110][ T9432] loop5: detected capacity change from 0 to 1024 [ 282.907219][ T9434] loop3: detected capacity change from 0 to 1024 [ 282.982060][ T9432] EXT4-fs: Ignoring removed bh option [ 283.026496][ T9432] EXT4-fs: Mount option(s) incompatible with ext3 [ 283.946558][ T9448] loop3: detected capacity change from 0 to 2048 [ 284.019670][ T9448] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 284.080843][ T9452] xt_hashlimit: max too large, truncated to 1048576 [ 284.100686][ T9448] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 284.109845][ T9452] xt_hashlimit: overflow, try lower: 0/0 [ 289.208930][ T9510] loop5: detected capacity change from 0 to 2048 [ 289.243869][ T9510] EXT4-fs: Ignoring removed nobh option [ 289.335211][ T9510] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 289.352271][ T9510] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.493218][ T9518] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1784'. [ 289.999372][ T8950] EXT4-fs (loop5): unmounting filesystem. [ 290.871283][ T9524] loop4: detected capacity change from 0 to 1024 [ 290.920044][ T9524] EXT4-fs (loop4): unsupported inode size: 4096 [ 290.926348][ T9524] EXT4-fs (loop4): blocksize: 1024 [ 292.858028][ T9543] loop5: detected capacity change from 0 to 512 [ 292.897721][ T4376] usb 5-1: new full-speed USB device number 23 using dummy_hcd [ 292.936141][ T9543] EXT4-fs: Mount option(s) incompatible with ext3 [ 293.968540][ T4376] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 294.013537][ T4376] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 294.102473][ T4376] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 294.158292][ T4376] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.201927][ T4376] usb 5-1: Product: syz [ 294.206380][ T4376] usb 5-1: Manufacturer: syz [ 294.232711][ T4376] usb 5-1: SerialNumber: syz [ 294.723551][ T9561] loop3: detected capacity change from 0 to 2048 [ 294.894138][ T9561] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 294.905436][ T9561] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 294.983481][ T4286] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 295.108898][ T4376] usb 5-1: cannot find UAC_HEADER [ 295.213088][ T4376] snd-usb-audio: probe of 5-1:1.0 failed with error -22 [ 295.264429][ T4376] usb 5-1: USB disconnect, device number 23 [ 295.529096][ T7844] udevd[7844]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 295.820953][ T9584] loop3: detected capacity change from 0 to 128 [ 296.016579][ T9584] loop3: detected capacity change from 128 to 0 [ 296.411944][ T9599] loop2: detected capacity change from 0 to 128 [ 298.032347][ T9605] loop4: detected capacity change from 0 to 2048 [ 298.052394][ T9605] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 298.072870][ T9605] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 298.525121][ T9613] loop4: detected capacity change from 0 to 1024 [ 300.031955][ T9613] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 300.492829][ T4265] EXT4-fs (loop4): unmounting filesystem. [ 301.336352][ T9642] loop2: detected capacity change from 0 to 1024 [ 301.557272][ T7844] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 301.931415][ T1175] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 302.177502][ T1175] usb 3-1: Using ep0 maxpacket: 8 [ 302.185321][ T1175] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 302.261835][ T1175] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 302.290367][ T1175] usb 3-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 302.335231][ T1175] usb 3-1: config 0 interface 0 has no altsetting 0 [ 302.355837][ T1175] usb 3-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 302.384472][ T1175] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.435395][ T1175] usb 3-1: config 0 descriptor?? [ 303.241569][ T9668] loop0: detected capacity change from 0 to 2048 [ 303.402615][ T1175] uclogic 0003:5543:0042.0007: unknown main item tag 0x4 [ 303.424195][ T9668] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 303.439157][ T9668] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 303.441601][ T9671] loop3: detected capacity change from 0 to 256 [ 303.471042][ T1175] uclogic 0003:5543:0042.0007: unknown main item tag 0x0 [ 303.505820][ T1175] uclogic 0003:5543:0042.0007: No inputs registered, leaving [ 303.576465][ T1175] uclogic 0003:5543:0042.0007: hidraw0: USB HID v0.07 Device [HID 5543:0042] on usb-dummy_hcd.2-1/input0 [ 303.595257][ T9671] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 303.607366][ T9671] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 303.663289][ T1175] usb 3-1: USB disconnect, device number 11 [ 303.770848][ T9671] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 304.060869][ T9678] fido_id[9678]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 304.455692][ T9693] exFAT-fs (loop3): hint_cluster is invalid (17) [ 305.013918][ T9707] loop4: detected capacity change from 0 to 256 [ 306.731428][ T4322] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 306.929603][ T4322] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 306.942168][ T4322] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 188, setting to 64 [ 306.965292][ T4322] usb 1-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=94.47 [ 306.976205][ T4322] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.770354][ T4322] usb 1-1: Product: syz [ 307.774567][ T4322] usb 1-1: Manufacturer: syz [ 307.802650][ T9718] binder: BINDER_SET_CONTEXT_MGR already set [ 307.844679][ T4322] usb 1-1: SerialNumber: syz [ 307.864508][ T9718] binder: 9717:9718 ioctl 4018620d 200000000040 returned -16 [ 307.879215][ T4322] usb 1-1: config 0 descriptor?? [ 307.888159][ T9708] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 308.165195][ T4322] usb 1-1: USB disconnect, device number 10 [ 309.110997][ T9743] loop2: detected capacity change from 0 to 1024 [ 312.360751][ T9737] Bluetooth: MGMT ver 1.22 [ 313.463659][ T9814] loop4: detected capacity change from 0 to 512 [ 313.556080][ T9814] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 313.589434][ T9821] loop5: detected capacity change from 0 to 512 [ 313.733456][ T9814] EXT4-fs (loop4): 1 truncate cleaned up [ 313.739285][ T9814] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 313.739295][ T9821] EXT4-fs: Ignoring removed nomblk_io_submit option [ 313.739358][ T9821] EXT4-fs: Ignoring removed oldalloc option [ 314.228346][ T9821] EXT4-fs: Ignoring removed orlov option [ 314.302435][ T9814] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.4.1864: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 314.363887][ T9821] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a803c018, mo2=0082] [ 314.421019][ T9821] System zones: 0-2, 18-18, 34-35 [ 314.443618][ T9814] EXT4-fs error (device loop4) in ext4_delete_entry:2800: Corrupt filesystem [ 314.458546][ T9814] EXT4-fs warning (device loop4): ext4_rename_delete:3778: inode #2: comm syz.4.1864: Deleting old file: nlink 4, error=-117 [ 314.478938][ T9821] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1870: bad orphan inode 11862016 [ 314.500686][ T9821] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 314.510010][ T9821] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 314.813838][ T8950] EXT4-fs (loop5): unmounting filesystem. [ 315.563769][ T4265] EXT4-fs (loop4): unmounting filesystem. [ 315.716962][ T9859] loop3: detected capacity change from 0 to 128 [ 315.856965][ T9859] loop3: detected capacity change from 0 to 256 [ 316.031542][ T9859] FAT-fs (loop3): Directory bread(block 64) failed [ 316.073203][ T9859] FAT-fs (loop3): Directory bread(block 65) failed [ 316.107954][ T9859] FAT-fs (loop3): Directory bread(block 66) failed [ 316.138488][ T9859] FAT-fs (loop3): Directory bread(block 67) failed [ 316.590660][ T9859] FAT-fs (loop3): Directory bread(block 68) failed [ 316.597261][ T9859] FAT-fs (loop3): Directory bread(block 69) failed [ 316.606532][ T9859] FAT-fs (loop3): Directory bread(block 70) failed [ 316.620306][ T9859] FAT-fs (loop3): Directory bread(block 71) failed [ 316.627187][ T9859] FAT-fs (loop3): Directory bread(block 72) failed [ 316.648526][ T9859] FAT-fs (loop3): Directory bread(block 73) failed [ 316.818043][ T9886] loop4: detected capacity change from 0 to 1024 [ 316.863828][ T9886] EXT4-fs: Ignoring removed nomblk_io_submit option [ 316.909916][ T9886] EXT4-fs: Ignoring removed nobh option [ 316.955917][ T9886] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 317.052156][ T9894] loop2: detected capacity change from 0 to 256 [ 317.087264][ T9886] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 317.132674][ T9894] exfat: Unknown parameter 'ÿÿÿÿÿÿÿÿ0xffffffffffffffffÊZ›O ã8¿ôs+2DåG m®ÙÛÕC“E¹éV@s_type->i_mutex_key#12){+.+.}-{3:3}, at: process_measurement+0x33c/0x1a10 [ 334.442082][T10226] [ 334.442082][T10226] but task is already holding lock: [ 334.449471][T10226] ffff8880743cae58 (&mm->mmap_lock){++++}-{3:3}, at: __se_sys_remap_file_pages+0x17d/0x770 [ 334.459544][T10226] [ 334.459544][T10226] which lock already depends on the new lock. [ 334.459544][T10226] [ 334.469962][T10226] [ 334.469962][T10226] the existing dependency chain (in reverse order) is: [ 334.478984][T10226] [ 334.478984][T10226] -> #1 (&mm->mmap_lock){++++}-{3:3}: [ 334.486563][T10226] down_read_killable+0x4c/0x340 [ 334.492062][T10226] mmap_read_lock_killable+0x1d/0x60 [ 334.497905][T10226] lock_mm_and_find_vma+0x2b1/0x2f0 [ 334.503658][T10226] do_user_addr_fault+0x2db/0xb10 [ 334.509221][T10226] exc_page_fault+0x60/0x100 [ 334.514356][T10226] asm_exc_page_fault+0x22/0x30 [ 334.519744][T10226] fault_in_readable+0x13e/0x1f0 [ 334.525225][T10226] fault_in_iov_iter_readable+0xbb/0x2e0 [ 334.531403][T10226] generic_perform_write+0x3da/0x560 [ 334.537241][T10226] __generic_file_write_iter+0x172/0x430 [ 334.543421][T10226] generic_file_write_iter+0xab/0x2e0 [ 334.549339][T10226] vfs_write+0x44c/0x960 [ 334.554138][T10226] ksys_write+0x143/0x240 [ 334.559019][T10226] do_syscall_64+0x4c/0xa0 [ 334.563979][T10226] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 334.570413][T10226] [ 334.570413][T10226] -> #0 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}: [ 334.579126][T10226] __lock_acquire+0x2cf8/0x7c50 [ 334.584520][T10226] lock_acquire+0x1b4/0x490 [ 334.589569][T10226] down_write+0x36/0x60 [ 334.594272][T10226] process_measurement+0x33c/0x1a10 [ 334.600017][T10226] ima_file_mmap+0x104/0x150 [ 334.605156][T10226] __se_sys_remap_file_pages+0x53e/0x770 [ 334.611371][T10226] do_syscall_64+0x4c/0xa0 [ 334.616335][T10226] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 334.622878][T10226] [ 334.622878][T10226] other info that might help us debug this: [ 334.622878][T10226] [ 334.633118][T10226] Possible unsafe locking scenario: [ 334.633118][T10226] [ 334.640579][T10226] CPU0 CPU1 [ 334.645971][T10226] ---- ---- [ 334.651348][T10226] lock(&mm->mmap_lock); [ 334.655706][T10226] lock(&sb->s_type->i_mutex_key#12); [ 334.663708][T10226] lock(&mm->mmap_lock); [ 334.670659][T10226] lock(&sb->s_type->i_mutex_key#12); [ 334.676141][T10226] [ 334.676141][T10226] *** DEADLOCK *** [ 334.676141][T10226] [ 334.684304][T10226] 1 lock held by syz.0.1987/10226: [ 334.689425][T10226] #0: ffff8880743cae58 (&mm->mmap_lock){++++}-{3:3}, at: __se_sys_remap_file_pages+0x17d/0x770 [ 334.699908][T10226] [ 334.699908][T10226] stack backtrace: [ 334.705828][T10226] CPU: 0 PID: 10226 Comm: syz.0.1987 Not tainted syzkaller #0 [ 334.713309][T10226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 334.723380][T10226] Call Trace: [ 334.726676][T10226] [ 334.729629][T10226] dump_stack_lvl+0x168/0x22e [ 334.734332][T10226] ? load_image+0x3b0/0x3b0 [ 334.738877][T10226] ? show_regs_print_info+0x12/0x12 [ 334.744100][T10226] ? print_circular_bug+0x12b/0x1a0 [ 334.749344][T10226] check_noncircular+0x274/0x310 [ 334.754322][T10226] ? add_chain_block+0x940/0x940 [ 334.759286][T10226] ? lockdep_lock+0xdc/0x1e0 [ 334.763906][T10226] ? _find_first_zero_bit+0xcf/0x100 [ 334.769226][T10226] __lock_acquire+0x2cf8/0x7c50 [ 334.774107][T10226] ? verify_lock_unused+0x140/0x140 [ 334.779336][T10226] ? ima_match_policy+0x104/0x2100 [ 334.784480][T10226] ? verify_lock_unused+0x140/0x140 [ 334.789706][T10226] ? ima_match_policy+0x207a/0x2100 [ 334.794947][T10226] lock_acquire+0x1b4/0x490 [ 334.799518][T10226] ? process_measurement+0x33c/0x1a10 [ 334.804930][T10226] ? __might_sleep+0xd0/0xd0 [ 334.809543][T10226] ? __schedule+0x137c/0x40b0 [ 334.814246][T10226] ? read_lock_is_recursive+0x10/0x10 [ 334.819645][T10226] ? ima_get_action+0x71/0xa0 [ 334.824364][T10226] down_write+0x36/0x60 [ 334.828547][T10226] ? process_measurement+0x33c/0x1a10 [ 334.833951][T10226] process_measurement+0x33c/0x1a10 [ 334.839193][T10226] ? ima_file_mmap+0x150/0x150 [ 334.844000][T10226] ? aa_file_perm+0x117/0xec0 [ 334.848719][T10226] ? mtree_load+0xeb/0xa40 [ 334.853150][T10226] ? mtree_load+0x90a/0xa40 [ 334.857671][T10226] ? aa_get_current_label+0x110/0x1d0 [ 334.863068][T10226] ? apparmor_current_getsecid_subj+0xb1/0x110 [ 334.869247][T10226] ima_file_mmap+0x104/0x150 [ 334.873864][T10226] ? ima_file_free+0x3e0/0x3e0 [ 334.878651][T10226] ? common_file_perm+0x171/0x1c0 [ 334.883703][T10226] ? bpf_lsm_mmap_file+0x5/0x10 [ 334.888585][T10226] ? security_mmap_file+0x11b/0x180 [ 334.893810][T10226] __se_sys_remap_file_pages+0x53e/0x770 [ 334.899489][T10226] ? __x64_sys_remap_file_pages+0xc0/0xc0 [ 334.905233][T10226] ? lock_chain_count+0x20/0x20 [ 334.910110][T10226] ? lockdep_hardirqs_on+0x94/0x140 [ 334.915330][T10226] ? __x64_sys_remap_file_pages+0x1c/0xc0 [ 334.921080][T10226] do_syscall_64+0x4c/0xa0 [ 334.925526][T10226] ? clear_bhb_loop+0x60/0xb0 [ 334.930227][T10226] ? clear_bhb_loop+0x60/0xb0 [ 334.934934][T10226] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 334.940842][T10226] RIP: 0033:0x7f08cc78eec9 [ 334.945267][T10226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.964890][T10226] RSP: 002b:00007f08cd6a0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8 [ 334.973410][T10226] RAX: ffffffffffffffda RBX: 00007f08cc9e6090 RCX: 00007f08cc78eec9 [ 334.981398][T10226] RDX: 0000000000000000 RSI: 0000000000400000 RDI: 000020000051c000 [ 334.989394][T10226] RBP: 00007f08cc811f91 R08: 0000000000000100 R09: 0000000000000000 [ 334.997379][T10226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.005361][T10226] R13: 00007f08cc9e6128 R14: 00007f08cc9e6090 R15: 00007ffe35770d38 [ 335.013352][T10226] [ 335.371554][ T4343] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 335.542584][ T4343] usb 4-1: device descriptor read/64, error -71 [ 335.841884][ T4343] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 336.002297][ T4343] usb 4-1: device descriptor read/64, error -71 [ 336.132129][ T4343] usb usb4-port1: attempt power cycle [ 336.568783][ T4343] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 336.601864][ T4343] usb 4-1: device descriptor read/8, error -71 [ 336.889612][ T4343] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 337.124734][ T4343] usb 4-1: device not accepting address 19, error -71 [ 337.133023][ T4343] usb usb4-port1: unable to enumerate USB device