last executing test programs: 11m24.823188818s ago: executing program 0 (id=255): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ftruncate(r0, 0x8008976) mmap(&(0x7f000052d000/0x3000)=nil, 0x3000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) fstat(r0, &(0x7f00000000c0)) 11m23.86225127s ago: executing program 0 (id=260): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000300)=@abs={0x1, 0x0, 0x4e20}, 0x6e) listen(r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x4) write(r1, &(0x7f00000000c0)="29000000140005b7ff000000040860eb0101b6ff02159f02c26ed638eeb738256e06a40e07fff0797e", 0x140) 11m22.882092049s ago: executing program 0 (id=263): r0 = socket$igmp6(0xa, 0x3, 0x2) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'geneve1\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x0, 0x400, 0xb7, 0xc20022, r2}) sendto$packet(r1, 0x0, 0x0, 0x44801, &(0x7f00000002c0)={0x11, 0x9, r2, 0x1, 0x5, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}}, 0x28) 11m22.071559554s ago: executing program 0 (id=266): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x0, &(0x7f0000000000), 0x0, 0x248, &(0x7f0000000940)="$eJzs3T9oFFkcB/DfzO5eLsly5O6ag4O7g+M47gIh1x3YxEYhICGICCpERGyURIgJdomVjYXWKqlsgtgZrdMEG0Ww8k+K2AgaLAwWWqzsTiLRbDBxN7uS+Xxg2JnZee/3hp3v221mNoDc6omIgYgoRERvRJQiIll/wB/Z0rO6OdO5MBJRqRx8ndSOy7Yza+26I2I6Iv6PiPk0idPFiMm5o0tvH+//+9JE6a8bc0c6W3qSq5aXFg+sXB+6eHvwv8kHj14OJTEQ5U/Oq/mSOvuKScRPO1HsG5EU2z0CtmL4/K0n1dz/HBF/1vJfijSyD+/y+Hfzpfj32mZtr7x6+Gsrxwo0X6VSqn4HTleA3EkjohxJ2hcR2Xqa9vVlv+GfFrrSM2Pj53pPjU2Mnmz3TAU0Szlicd/djjvdn+X/RSHLP7B7VfN/aHj2WXV9pdDu0QCtVM1/7/Gpf0L+IXfkH/JL/iG/5B/yS/4hv+Qf8kv+Ydf4frsN5B/yS/4hv+Qf8mt9/gGAfKl0tPsOZKBd2j3/AAAAAAAAAAAAAAAAAAAAG810LoysLa2qee9qxPLeiCjWq1+o/R/x2qNNu94k1cM+SrJmDTn2e4MdNOjmDt59vZVHuv3wfOfqb8X935rZW3nbLaZGI6YvRER/sbjx+ktWr7+v9+MX3i+daLBAg/Ycbm/997Otq1Wqs2+wkmQr/fXmnzR+qb3Wn3/Km/S5HWffNdgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALfMhAAD//+M2bGo=") mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0) 11m20.337693295s ago: executing program 0 (id=270): syz_mount_image$hfsplus(&(0x7f0000000800), &(0x7f0000000600)='./file0\x00', 0xa00010, &(0x7f0000000840)=ANY=[], 0x6, 0x646, &(0x7f0000002a80)="$eJzs3c9rHOf9B/D3rFZryV9wlMRO/C2BihjSUlFbP1Ba5RK3lKJDKCE99FiELcfCayVISlFCKepv6KmH/AHpQbeeCr0b0nN7y1XHQKGXnHQoqMzsrLSWVop+xSu1r5d59nlmnplnnvnszLMzuxYT4H/W/ESaT1JkfuKt9XJ6a3OmvbU5c6Wubicpy42kmQyXs4rlpPg0uZtOyv+XM+vli8O28/HS3DuffbH1eWeqWadq+cZR6x3PRp0ynmSozvdp/eEk7Q13CmU79/q3dwLF7h6WAbvVDRwM2s4BGydZ/YznLXARFJ3PzQPGkqtJRurrgNSjQ+PZ9u78nWiUAwAAgEvque1sZz3XBt0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuEzq5/8XdWp0y+Mpus//b9XzUpcvtSeD7gAAAAAAAAAAnNUbyde3s531XOvO2imq3/xfrSauV6//lw+ymsWs5HbWs5C1rGUlU0nGetpqrS+sra1MHWPN6b5rTj+bXQYAAAAAAACA/1K/yvze7/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBIQ3VedIpFna53y2NpNJOMJGmVy20k/+iWL4mi38wnz74fAAAAcCYjp1jnue1sZz3XutM7RXXP/1J1vzySD7KctSxlLe0s5n59D13e9Te2NmfaW5szj8t0sN3v/etE3aha3P0aot+Wb1ZLjOZBlqo5t3Ov6sz9NKo1Sze7/enfr1+WfSrerB2zZ/frvNzYHw/7FmEgxqqIDO9GZLLuWxmN54+OxJe+O80jtzSVxu43P9e/gphfrfNyf353MWPeSBWJ6Z6j76WjI5F8469//snD9vKjhw9WJy7OLp3S/mNipicSL1/qSDRPuPxkFYkbu9Pz+WF+nImM5+2sZCk/y0LWspidun6hPp7L17GjI3X3qam3v6wnrfp96Yyix+nTeH5QlRbyarXutSylyHu5n8W8Xv2bzlS+k9nMZq7nHb5xaL+rfavO+sbJzvpb36wLo0l+X+eD1vlILeP6fE9ce8fcsaqud85elF44/7Gx+bW6UG7j13V+MeyPxFRPJF48OhJ/qs6N1fbyo5WHC+8f0v7GvunX6rw84n6771PipwMdVcrj5YWM1CPJ00dHWffi7ijzdLxa9S8unbrGgbobVV1RdM/UHx16prbqa7iDLU1XdS/3rZup6m721D11vZX30t69HgLgArv6raut0X+O/n30k9HfjD4cfWvk+1e+e+WVVob/NvxGc3LotcYrxV/ySX6xd/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc3uqHHz1aaLcXV/oXGodXnW+hqB/k8yy2pXDMwr93Os695e5DBM/c4N2LEajLXBhK0q+qfotO83BR4FK4s/b4/TurH3707aXHC+8uvru4PDw7Ozc5N/v6zJ0HS+3Fyc7roHsJfBX2PvT71xcX6jHMAAAAAAAAAAAAQI739zY79f//O/VfGgx6HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDLbX4izScpMjV5e7Kc3tqcaZepW95bspmk0UiKnyfFp8nddFLGepor3jxkOx8vzb3z2Rdbn++11ayWLxut8zPYqFPGkwzV+Xm1d+/M7RW7e1gG7FY3cDBo/wkAAP//7swGBw==") munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f00000000c0)=""/59, 0x3b) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 11m19.142528188s ago: executing program 0 (id=274): socket$kcm(0x2, 0xa, 0x73) socket$kcm(0x2, 0xa, 0x73) socket$kcm(0x2, 0xa, 0x2) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00') preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000000140)=""/197, 0xc5}], 0x1, 0x70, 0x0) 11m15.591800513s ago: executing program 32 (id=274): socket$kcm(0x2, 0xa, 0x73) socket$kcm(0x2, 0xa, 0x73) socket$kcm(0x2, 0xa, 0x2) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00') preadv(r0, &(0x7f00000006c0)=[{&(0x7f0000000140)=""/197, 0xc5}], 0x1, 0x70, 0x0) 6m39.79863502s ago: executing program 2 (id=1229): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) recvmmsg(r1, &(0x7f0000000780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60010000, 0x0) 6m38.329837433s ago: executing program 2 (id=1234): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0xbfb, 0x2) r1 = dup2(r0, r0) r2 = openat$vim2m(0xffffff9c, &(0x7f0000000b00), 0x2, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r2, 0xc0f8565c, &(0x7f0000000000)={0x0, 0xbd5, 0x2, {0x2, @raw_data="f91fd2868ba3d9189024fc40809db9e19479c0b5fce2c721330d5771dbf9dbfa9e2ad24622489141b4803cfeb0b70909e75715a13fada32fef53473eb9ce014fbe3929ea41fdeb0ff177dfb9d3227f213a6451b667d35b03b25618d20cea1f072990b86d463a0de7513744a2bb3bf4fb6049e30f7c533837beba9566c9fd8721c48fad424a5fb17bc1419fb85e5e7dce382ba5a1ce182b419becd67c18f0ba055b8d72225df5a5e7917f8a87a52b8c2516745c462e944b0c22a7e71ecf492a0ef916598abba0e732"}}) ioctl$vim2m_VIDIOC_QBUF(r2, 0xc04c560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x400, 0x1, {}, {0x0, 0xc, 0x0, 0x0, 0x0, 0x0, "5c0a0551"}, 0x0, 0x1, {0x0}, 0x2, 0x20000000, r1}) 6m37.498903681s ago: executing program 2 (id=1239): r0 = fsopen(&(0x7f00000000c0)='proc\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0xf) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000040)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 6m36.734915194s ago: executing program 2 (id=1241): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, 0x0, 0x0, 0x8b101a, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 6m35.61096837s ago: executing program 2 (id=1246): socket$inet_udplite(0x2, 0x2, 0x88) syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0xc, 0x288}, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) syz_usb_connect$uac1(0x2, 0xdc, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r0, @ANYRES8=r0, @ANYRESDEC], 0x0) 6m34.133113006s ago: executing program 2 (id=1251): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="13", 0x1}], 0x1}, 0x4051) recvmsg(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2101) sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000001ec0)="f9", 0x1}], 0x1}, 0x2080) close(r0) 6m31.596186236s ago: executing program 33 (id=1251): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="13", 0x1}], 0x1}, 0x4051) recvmsg(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2101) sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000001ec0)="f9", 0x1}], 0x1}, 0x2080) close(r0) 5m53.851158747s ago: executing program 5 (id=1362): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10) setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000040)='X', 0x1) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x11c, 0x33, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000080), 0x4) 5m52.506564852s ago: executing program 5 (id=1367): r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdd860600, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xec, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0xb}, [@IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0xb0, 0x2, 0x0, 0x1, {0x9, 0x1, 0x0, 0x1, [{0xc}, {0x8}, {0x1b}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x9, 0xd}, {0x8, 0x0, 0x0, 0x0, 0x38}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_MPLS={0x4}]}]}, 0xec}}, 0x0) 5m51.291885021s ago: executing program 5 (id=1371): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) io_uring_setup(0x1009, &(0x7f0000000040)={0x0, 0x9f3, 0x400, 0x0, 0x4}) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) connect(r1, &(0x7f00000004c0)=@rc={0x1f, @any, 0x4}, 0x80) close_range(r0, 0xffffffffffffffff, 0x0) 5m50.547818942s ago: executing program 5 (id=1372): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 5m49.3773963s ago: executing program 5 (id=1377): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2}) ioctl$UFFDIO_MOVE(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f0000193000/0x1000)=nil, &(0x7f00002da000/0x3000)=nil, 0x1000}) 5m48.679832308s ago: executing program 5 (id=1380): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c00, 0x20) fdatasync(r0) 5m45.060272174s ago: executing program 34 (id=1380): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@workdir={'workdir', 0x3d, './file0'}}], [], 0x2c}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c00, 0x20) fdatasync(r0) 5m45.042244476s ago: executing program 1 (id=1382): openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = syz_io_uring_setup(0xcc8, &(0x7f0000000300)={0x0, 0x24c1, 0x10, 0x1, 0x310}, &(0x7f00000001c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0xc, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x842a}}) io_uring_enter(r0, 0xdb4, 0xd44a, 0x5, 0x0, 0x0) 5m43.148499295s ago: executing program 1 (id=1389): syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x1001) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_pwait(r1, &(0x7f0000000000)=[{}], 0x1, 0x3, 0x0, 0x0) 5m41.848030702s ago: executing program 1 (id=1393): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_RMFB(r0, 0xc00464af, &(0x7f000001f500)=r2) 5m40.843672675s ago: executing program 1 (id=1394): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000fc0)={[{@nouid32}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v") r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000100)='.\x00', 0x940004a3) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) 5m39.207458763s ago: executing program 1 (id=1397): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x48c}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) syz_open_dev$evdev(&(0x7f0000000040), 0x6, 0x190000) 5m37.814128991s ago: executing program 1 (id=1400): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='debugfs\x00', 0x1000016, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000040)=0xc) mount$bpf(0x0, &(0x7f00000023c0)='./file0\x00', 0x0, 0x958028, &(0x7f0000000400)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r1]) 5m33.929380869s ago: executing program 35 (id=1400): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040)='debugfs\x00', 0x1000016, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000040)=0xc) mount$bpf(0x0, &(0x7f00000023c0)='./file0\x00', 0x0, 0x958028, &(0x7f0000000400)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r1]) 9.802726763s ago: executing program 6 (id=2354): syz_mount_image$minix(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x42, &(0x7f0000000540)=ANY=[], 0xd, 0x1a8, &(0x7f0000000280)="$eJzs28tuElEYwPFvLjKANxR1YUwkcaEbGUAlcaePgjAS4qBG3EBY0L5An6HvVxZNN12VZq5NZxhoKTDTzP+36EznO5fvHDjJF5IRALn1TWqiiCKq88+bYuWoqqSdEoA9WfjXiwWA/NHOvWst7UQA7Nn8u7i1/8nptCtaIawLgjsnPgviqhGrH+YHIq91P64UpRStL45F3gf9lXK0+5nzpBzGH0bCBXf8D++C+R/JY3kiT6Uiz+S5VP35e2H/V7ctf+ILAgAgBxSpr4snNHjg/i3Jz4FtNdyWET8+u62ceDNx/IIbb62Ma2+T8zMqTv9694/dW7kOAHHqxuffo4Xnfzl9zfkHkJ7RePKrY9vWvwzcFK/nszBEdjipccPGqmRlfzJ1Y8S2Rd/KyKXE0KEsCzlfmm2ua+ofjN3u4Sz6xKmm0/xMdW92zU+D38WAHDD/D/+ao/Hk42DY6Vt963er0fja/vKp2W6ZbmVvrq7vAdxfV2VA2pkAAAAAAAAAAAAAAIBNvZCXaacAAAAAYE/WvhgkutfwDi8Ypb1GAAAy5zIAAP//MzgNAg==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0xc17a) write$UHID_INPUT(r0, &(0x7f0000001480)={0x8, {"29b0847be6960c3dad844e1027bd1b1e0cdd04ecb1c8105ddf0e78e4a3a6ac91d5b24b674ad5a3e20908b8117c94026d075a62514787d9e356caa9bdcfe041a19e9c80e1ad9cd1bc28776e9814b5e878469c4080b4c582c019332583cd99453db6558794da69b40081d3b540df1825d553998bc1627d7cd9ad85d9629e9d907cbb6677432b69bfc5c87bd11534c8d70c06a2b0e8b41cb48ba0fa759af89ea5fb45e9f0c9b5ae33994e29a095eca6fe4181461bcc0f284d0de29ef93674aa4dfa567c87ceb3b699d6f034d4d3aeff67f89588867796b5ade84273b13601147288fbc932309e01fa71569e1a9bb6c2931ee0cc8e2b6dc651c64cb7ee99fb5066c566492993f3a5d800b8233808bd8109d626c0490ee18563af08180f0342e3ad7b4e2e431cd88ab8fca071491d33f06d71b97f7557a961f3d72c93c1299dd247d7407b56c048deac3490d5897205de13640121c651066427f3c89b1339470b30e923ef56248231cdc8035cafc17ac23e641ed40dc46c37a1959c63be2f9fc2a0e5ded9fb652d2d335d821ec2c3314ef3ec6155ca5182a73abc940fc196a173826e493772aa1d98216e82589664a4cf30e6d256918e6721f18fdfe0e8fa56c252025d8e4db2ae0984e36c9c070de9dcfeded5f34628f1272dcfcb10c328487455af8fe25ed543b8924b05fdb6b677f7a3430b7049d354b1b39925beecf63c9aefe89264c4945bb973dc01c2956808ad711a12aea47cd50df87429ddf258660ea0a84bdfea93efc1991afa8f2a13da63eacd6a8a0d8b2b3f27dce1e98731a743d2fe6262fd71bb3ff8d92a7c82c88766e28e6dc15151d26c79b7c3f56091a1bb103d14859cade713a2d57817ac3af7632a3cc728db07ed938facd77c405268265313166a3b58991019ab9e55743ac3a130a840412b42ec061089282cdc91a472f09288e13677ed5464633403a7d54b8aecc90a8ab8266f9f583ba1a7db63fee90de63b59eb6bf81b2272629521c7137c98a59ce950af302ae3316846ffa5ab7a59b9454c367192b1ecf64a9c25f8f01f815c523fcb13f2f84433467a98ae551cf2e92dfc39fe82874b02c2c554d99c3bdc712fad31d4bda8c6557afaf8091356a8c7979a7c58326ee3e9a8feb1a157cd073630d15680489daadc8dacc52b274cece5979dbaab8c26b07d7afb853ef43b61b3caf18e6b380d05449118157d18ed2b48d8965444f7ab6c31dbfbfd1d12ab9237fd5e947e324bc2aaed881aee1da5df786b0b44b492a68f301e20997343d6980d938cc1e5b98de8453f607f120c0a79702396017421993ba15eb19ee170b8d7f1b34f333ddc15482cfe473defe17b7310b861af3a583d685c97506956263c4e2bbb491d57a29ab1bfd521c4c08ab362767f974e7edc648866502b0931f49f66ba0f0f9eb919cc6d81060c32c66b728ecb93c4eae8ab1366c78bdcdf3d7e8502c440be8ba12073162ae3aac0aa9cef3e39007c60dfdd418c33f18108e1e611347ebadec26e7f603daef96c26fa16ad7d96188fa79a38dbe9afda44623c22cb90f756e1710e5d40bfd63b67f2c2d8e424f3188f85e924abe9070626801e2b8a083ef67d122a51ef1f960fce53632bb353dd17e7f18440cc66bd39179bf45208734a02789670f4b9827119a65141b716d5fb6f91fd7d24b26712c1c1290678ef98e63174e8d4e09a50ff96be433f9d80f6eb7750fc1b507eeac043aa8134530bb83b3894699ccee8e93fd8d8a3d27c7a506495f7a2b768bc464f154a5b8762bb5ca2b7aada3b84ededb0922cbdaea4e531ef9c45878c0d7d2fa185ade27e50583c99554ceb5988044f086e6640dd268b6c3e1d2b2a83bc43e679bf0472d3273495da23502c9109c172f579f127b45c40cb79caf150551f6c57884a1f641619980ad0d6e4a399937d0e2f2a72f2b85914b4bef48fdff396a842829c90418efdb55553a149634292eb006401fe309374d351a0d873d5459835d9c895c070ab3132e984af6e683a21eba9f369ff43c2413eed0ae7bc232297a436fd6c9ee5457c19c9a0ecfdfc358a29f6f92ad73e41f4a438717d86b8df7f4dcb2cfa94dc56ea2fb8f44a0ccf2f661229d7485d999ed9328323467d48fb425d180860714ce7a91587e3f057dc5b45500285b0955c6892db2b7f39b91efbd4c08e4c62300e2d667bd6e53ed08263a156a92ee8c29dc3fac468f4fa04874496f060e659d8bc661975b727883b83cd1e6e02bc9a84c5fd8689aa147171ce09f59227c32083231b53c2fbda8869aa69228dee5d947de6d089a8639d94c0cd4eadfa449a0b0aaf713e5cd9f47d7f300067acd3262d5c3bdd7d3bee56d0012840841f1ef2e50ae017a5a9510b7e9be155a5d6e3d234bcba8659afc902145709a1160a9b8338cc3c668ed23644eb59ca8163577b72655f61be29a00ce22f72e721e07430fc1fabf569cbfde22fee90b10acf9fe4dafa4ef807093e0dcfdc3c9010fbcccf63efe452eba64d7d859cddee3cb4c5ce32afb2b203fd7e10f775eed5000eac62c446d99bd4582ac25df4218dff9525bf240ba570acae5d674e353bebd3e28c16edd96af6f1cfb300a18864a1552c803038befdaa39e06ad94d1f2af3eb8a64bd1806f60b28b8e22b62bf4cad53f6e342baefdd31c70084b1982010f5b8e6512e730b76fc3728c641b9ea801a5552fc02b3004be7d6fcaa9af720a703ed434e26922ba02f6211121612a7fd923201f61497e30dbf3c5870231cfdcef001c1fd5f2ef298d3d41f637fa0e6b7f09c1e243ac5f62a84967a43902ad4cb4d6029a5d91702a6ed5e737ff4ae2b92b57a0ce1d832fb503f6a3d1d9dbaa2c3d54a3fa867799b6afa293af3c3bc3d4477b2fba5c0396232a7932a94576542c0ff85e1eac33bd194f82e1cc71ffdf571235f2a04a58d9b851b9079909c3fe4ad010c4c6151bab9e7fb5bdc6651b15a056a52e60b645f4b7208d02352d6461ed15fe4b2458990a90ae4544f674dcaa5fb86393c8ce96dad635f9d03e462641bde478214852fa5eafe0a9843d76af069a373970e90801736a83af6fb91bb3bbe71c5b146b3e35b8bbdb2014cb4d22233a474215b460ac017f09db6ecbc278783760688c529b9351b072912ff544bac86a737138eb05af3acd8695c7c82011461b3069e9663be45cfa69cc2f254380da905ccb40dfdcc07733d846b9a62d5c5af54d339992ad3be3ddb68e4138f291c5684187b20237b9c3555f153d904f5d71346e58dbc9628f8059f98356660d943be0d4162dc5c5d289a325221cf29a94e6fdc9204d45b01c53890efe68d5bbf8ad095b7d0ac303b4c09b1ef059ae9362dedeb15661fb66e53449d5eaf1da0d873230c0d14a9817838435c0ee2d2605fc2b97afc94e59f5030464838b7c8c6425686a8dddda7d3aa3b4a5baab9f5aa269f2b54765624257d59812d9a09a9fb3244a05fc6f13176eba15936f7926b2602f14d278ffe85195e11b622185699171fe7d431c9fd6b08e3a9134dce2997b1ec6bbc7b601e64bc24666aa80f9123be3beb957b09599b9916bf91b77d996c8d4b58b4acf210023390f7a7a3a0967eb0747dc24287d430aec2b7ccfc18c05537ac26ea4785da787f526d35082a10b758a4dc8f04e303b2f65c1e2389351378f68aad0f0b6e6b08b5735fcf8891c5a1c4d7d5e025569ee5ad8dfc1678fb2d042b16624ea5dff77814a9d6b703da2af85da67471649d100be0efd186eb31884475051b332391eeff6dbd49cc3b8b2aa9f15d5434dcda26988b2cebb561d9b1476505260387b5293ef98e632246b7861f475c81a596a75c628885c8cc89fdbd5c80425115ff437937ba0795ac3d8a47fab9f0a7ecd360cc8b6f860b7416c01c3afb7c3bc51bb3de829badcea71ee6120101a1550e30136faee5d45a0fa49f0a22def9fa5c5a2d4f0c7ef5a27d44b8c94d3fb07efc29ce4d560df4a7e845598c53a538f8f3c9cb4cfeeae3ddbef50f1714a0e332ce225a148bd373ff459e65a793b96c069095a37a66703c2cc5c04b2867b00334b2dbc07b68d4bce79c53f32c28778a872ab35ef0c8b96bcbd87e5c0ebc2d476ce66721001af3b0df2ca957b42eee35baba56f259a734d9f4711f2197e81db9c42874866e4a5c96577c1f5d5b545340cd31c6e1ae819a51657ca548670c07efd5bcbb5761597a459714124c516f55744a6cbafdc712d0dcc9652a391b5e35f3665d2214edfaaff24af1ba205da7597ba921e967466bdb9fcd54accd89e27c5202e4a2f95ab22cd6f82952d7dbbc28a1cdaa858637942b3e5587a9ae480655229a59234c5ec6f8204ed975d624ef4f30fda58c285367b51eabc9009bf2a4728d0c29bdc63754e194f62a8d1fa6c9010b9fae2e41bed1af39dea754308865cfa4018299ef3f137d30cee34259b8b6b309b8e1a4ebc3aff8cc648b3de972dd9cf44dcab1888f9e8b7037c7f13fb245695432b36c4199806d60e5e856ba0f0cd3cbc4be9e5aa4500353fd7da7329a8e73cac8d096df8f23bebb65e00ee4fe1f2c2820f28865c75b0f9767de77d24d9223693d7b9bb2cf750350fd9bef3c45af16c9e5af09cb09a802a263b597b37e916450268aef11135bb7f9bf857de5c94f04aeb086fc0f00d198c7552f2e5d15eee8a3568a99cc3754408ff93ee1d8f62319a9466452e2e8c019f40adf85660ac949a637999d9c8319cd8dcd8c63bcd1dde0f71dd00558b4c3eec092c18a1dd6ee20ad5228dc9b48d301af3c14109f20a86a561acfc29eefa4a50a4882465f53675fc9015cafe9fbbe0920ae129c0ba6f7663105e2aff242d0a39fb4a9e4c93c171594e71695fe877981682f2cd6095452299c22550d80cd6cf36ca5844efe4dc879d95b5a6218c1158d2f18bdc9cf9a4b92a87ca490124764e0a658b9d33a0d76aab353d451782e80c7da70e63a868f7bda9050a49c9bcdc226e37da6f3a36a33e4d0843ca163723d81f61382d72f9c9b4a29789b105d5c6ff10f76dee2d8391d8fd2df7768aa919a23fe44fb78956a1ddebe5f11e1fb25b199d8a40b8b32484c976416016119f4b99de3593518a1c53fbcaf045aae8b96330c187f87acc1632b598a1806384bc49063bb153f8e140053402391f421374d75aaf9d98eecec5c494938019f56fa321be2fa92f1308f65a889f92324a80daff3df57f924e8c1fbf62764d7920b0359f7ee4e69b544d76dafa522bea4dccd53680d7893bd4b7dd2555ec84a5196cc517ca5d114f9b4d6631c6c7b5bf549a12c3e465b135b1681854e554b89219054c23f30453195a34517a96af77e055de017b9f1ffa16126edccf8cf0c43bce6361c3b230ccbd46002b03efea88f239746b475917f74bab571bd0f6613f90f7aa0811b2b56ef84c3e1f86546b0c568dc2f06a0318bdcbccdc5288d861b39fbc4b171290296749348d0e15e167d1320cc6ac1f75c0198f1e896322a8fe33af36cc1e64e2dcb9dfc6d761068d909111415381d5d57b9eb439ca402e8f696ad2bc1598b8e05a338ba67e20f76f2909c53813fbb4c0fedd918583b58af4ec193c1c02b277c81ace45de0ba9edbed4534ddebc0c647b8810ff3d21bc58e5df74b9b4025a05518498da35c6c253dac79980cef8671f687ee545b59073dc2e56ed70ade4560355ff46daf67bd79ec805b2e3914d32465dee4ee165fdf5d2d3e520d1303e45a9922212c786b7a40f594f262513cb3a210a8c89019d2adca29185a02f13b585b41a5a93d3e8a50bd4fb7e3b88922c20462c18410c3bfd057a2199985", 0x1000}}, 0x1006) fsync(r0) 8.234905302s ago: executing program 6 (id=2358): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000010140)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) cachestat(r0, &(0x7f0000000000)={0x3, 0xffffffffffffffff}, &(0x7f00000000c0), 0x0) 7.41318145s ago: executing program 7 (id=2362): r0 = socket$unix(0x1, 0x1, 0x0) r1 = syz_io_uring_setup(0x114, &(0x7f0000000440)={0x0, 0x4000000, 0x0, 0x7, 0x48}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000300)=0xfffffffc, 0x0, 0x4) unshare(0x20000400) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x48, 0x0, r0, 0x0, 0x0}) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 7.051941599s ago: executing program 6 (id=2363): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0) r1 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) close(0x3) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) syz_usb_disconnect(r1) writev(r0, &(0x7f00000017c0)=[{&(0x7f0000000000)='W', 0x1}], 0x1) 6.910184239s ago: executing program 8 (id=2366): socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) unshare(0x2040400) bpf$BPF_MAP_GET_FD_BY_ID(0x9, &(0x7f0000000100)={0x0, 0x7, 0x10}, 0xc) 6.275537483s ago: executing program 4 (id=2367): r0 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) mkdir(&(0x7f0000000140)='./control\x00', 0x0) pivot_root(&(0x7f0000000000)='./control\x00', &(0x7f0000000040)='./control\x00') 6.275077407s ago: executing program 7 (id=2368): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000200)) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000) preadv2(r0, &(0x7f0000000380)=[{0x0}, {&(0x7f00000005c0)=""/216, 0xd8}], 0x2, 0x4, 0x58c8, 0x16) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000040)=0x1) 5.910882964s ago: executing program 8 (id=2370): r0 = fsopen(&(0x7f0000001140)='hugetlbfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) pwritev2(r2, 0x0, 0x0, 0x5405, 0x0, 0x0) 5.086912194s ago: executing program 4 (id=2371): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000000000)={@val={0x0, 0x6558}, @void, @x25={0x2, 0x5, 0xff, "4e5f28bdf171da23ff89068f"}}, 0x13) 5.086477443s ago: executing program 7 (id=2372): r0 = socket(0x2d, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000440)={0x2d, 0x0, 0x1}, 0xc) bind$xdp(r0, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10) r1 = socket(0x2d, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000440)={0x2d, 0x0, 0x1}, 0xc) bind$xdp(r1, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10) 4.68437841s ago: executing program 8 (id=2373): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r0, 0x0) mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=unix']) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$FUSE(r1, &(0x7f0000004140)={0x2020}, 0x2020) 4.596911264s ago: executing program 3 (id=2374): rt_sigprocmask(0x0, &(0x7f0000001480)={[0xffffffffffffffff]}, 0x0, 0x8) r0 = getpgrp(0x0) r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0x1d, &(0x7f00000000c0)={0x24, 0x8000006, 0x1}) r2 = syz_io_uring_setup(0xec4, &(0x7f00000003c0)={0x0, 0xffffff7e, 0x2, 0x3, 0x34b}, &(0x7f0000000500), &(0x7f0000000600)) io_uring_enter(r2, 0x4, 0xe876, 0x3, &(0x7f0000000000)={[0x3]}, 0x8) 3.841651881s ago: executing program 7 (id=2375): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000001a80)=0x5, 0x8) close(0x3) 3.460071253s ago: executing program 3 (id=2376): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000580)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0) sendfile(r1, r0, &(0x7f0000000240)=0x8b, 0x100000500) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) 3.233409576s ago: executing program 4 (id=2377): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1ec) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0xa0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) 3.030499843s ago: executing program 6 (id=2378): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x7c8}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) madvise(&(0x7f00000ee000/0x2000)=nil, 0x2000, 0x8) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000280)=[{&(0x7f0000000140)=""/13, 0xd}, {&(0x7f0000000180)=""/15, 0x13}], 0x1d) 2.77234307s ago: executing program 8 (id=2379): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x3) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0) syz_emit_ethernet(0x86, &(0x7f0000000140)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x66, 0x0, 0x81, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x19, 0x4, 0xc6, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x50000000, 0xfbc}, @exp_smc={0xfe, 0x6}, @exp_smc={0xfe, 0x6}, @timestamp={0x8, 0xa, 0x1, 0x8a}, @exp_fastopen={0xfe, 0x13, 0xf989, "444e38caa511b9096239c28c183b3f"}, @exp_fastopen={0xfe, 0x8, 0xf989, "00fcc691"}, @md5sig={0x13, 0x12, "0c39e122bd2f7556512830127a3fa7b7"}]}}}}}}}, 0x0) 2.494891744s ago: executing program 3 (id=2380): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000080), 0x12) write$cgroup_pid(r1, &(0x7f0000000c40), 0x12) 2.031239873s ago: executing program 7 (id=2381): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1, 0x2, {0x1, 0x0, 0x2}}, 0x18) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[], 0x28}}, 0x44001) syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r0) 2.030339884s ago: executing program 4 (id=2382): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000480)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab4", 0xffffffffffffffca, 0x840, 0x0, 0x0) 1.753350103s ago: executing program 8 (id=2383): syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_submit(r2, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='m', 0xfffffdfc}]) io_destroy(r2) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0) 1.716765029s ago: executing program 3 (id=2384): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x80) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r0, r2, 0x25, 0x4, @val=@tcx}, 0x1c) syz_emit_ethernet(0x46, &(0x7f0000000100)=ANY=[], 0x0) syz_extract_tcp_res(0x0, 0x8, 0x5) 1.406215621s ago: executing program 6 (id=2385): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000640)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8c, 0x1, 0x0, 0x3}, 0xe) shutdown(r0, 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x41dc, 0x4) recvmmsg(r0, &(0x7f0000000840)=[{{0x0, 0x41, 0x0}}], 0x414, 0x406, 0x0) 1.2574694s ago: executing program 4 (id=2386): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r0, r1, 0x26, 0x0, @void}, 0x10) close(0x3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000400000000000000050000007201300000003b3f95"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc3cb}, 0x94) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r2, r0, 0x4, r0}, 0x6) 892.332077ms ago: executing program 3 (id=2387): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xe8) getdents(r2, 0x0, 0xbb) 795.447655ms ago: executing program 7 (id=2388): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000240)="660f388084000072baf80c66b860b4498c66efbafc0c66b80e00000066ef64f30fc7b000100f850100f30fc7b1030066b96f0a000066b8e100000066ba000000000f300f326635000400000f30d2bc0a000f23c80f21f86635040040000f23f8b8f4008ee0", 0x65}], 0x1, 0x48, 0x0, 0x0) syz_clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x69) r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000100)={[0x3ffffffe]}, 0x8, 0x80000) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0xe, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) readv(r0, &(0x7f0000000140)=[{0x0}], 0x1) 152.880197ms ago: executing program 6 (id=2389): r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0) write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0x20) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r2 = fanotify_init(0x200, 0x0) fanotify_mark(r2, 0x1, 0x40001019, r1, 0x0) splice(r0, &(0x7f0000000040)=0x2, r1, 0x0, 0x889, 0x8) 113.005772ms ago: executing program 4 (id=2390): syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab120400000000000001090224"], 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x8000, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 109.0514ms ago: executing program 8 (id=2391): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500f0e66f1500000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r1], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) r2 = socket(0x400000000010, 0x3, 0x0) write(r2, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c0400070080000300", 0x33a) 0s ago: executing program 3 (id=2392): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private1, 0x16bf5125}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x400, 0x0, @private2}, 0x1c) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x3}, 0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, &(0x7f0000000180)=0x8) kernel console output (not intermixed with test programs): : 32 [ 568.712483][ T5840] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 568.724674][ T5840] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 568.735101][ T5840] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 568.744705][ T5840] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 568.869263][ T5840] usb 3-1: config 0 descriptor?? [ 569.477166][ T5840] savu 0003:1E7D:2D5A.0013: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 569.724328][ T1966] usb 3-1: USB disconnect, device number 11 [ 570.414998][ T9083] fido_id[9083]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 571.121913][ T9090] input: syz0 as /devices/virtual/input/input14 [ 571.465877][ T9096] loop5: detected capacity change from 0 to 512 [ 571.594192][ T9096] EXT4-fs (loop5): Test dummy encryption mode enabled [ 571.601968][ T9096] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 571.740144][ T9096] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.1131: bad orphan inode 131083 [ 571.770788][ T9096] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 572.380837][ T6724] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.990095][ T9113] input: syz1 as /devices/virtual/input/input15 [ 574.405629][ T9126] sctp: [Deprecated]: syz.5.1143 (pid 9126) Use of int in max_burst socket option deprecated. [ 574.405629][ T9126] Use struct sctp_assoc_value instead [ 574.440771][ T9126] net_ratelimit: 2 callbacks suppressed [ 574.440872][ T9126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.473935][ T9126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.485230][ T9126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.496572][ T9126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.507141][ T9126] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.623344][ T9125] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 574.905518][ T1966] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 575.141405][ T1966] usb 2-1: Using ep0 maxpacket: 16 [ 575.211898][ T1966] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 575.221979][ T1966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 575.230744][ T1966] usb 2-1: Product: syz [ 575.235144][ T1966] usb 2-1: Manufacturer: syz [ 575.240201][ T1966] usb 2-1: SerialNumber: syz [ 575.325261][ T1966] usb 2-1: config 0 descriptor?? [ 575.837850][ T1966] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 575.880309][ T1966] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 575.904382][ T1966] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 575.953437][ T1966] usb 2-1: media controller created [ 576.221054][ T1966] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 576.530400][ T1966] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 576.548639][ T1966] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 576.774475][ T1966] usb 2-1: USB disconnect, device number 10 [ 577.248600][ T1966] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 577.306709][ T9155] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1154'. [ 578.154324][ T9164] loop1: detected capacity change from 0 to 512 [ 578.260399][ T9164] FAT-fs (loop1): error, corrupted file size (i_pos 51, 9216) [ 578.300278][ T9164] FAT-fs (loop1): error, corrupted file size (i_pos 51, 8960) [ 578.357326][ T9164] FAT-fs (loop1): error, corrupted file size (i_pos 51, 8960) [ 580.364782][ T9188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1168'. [ 580.928184][ T9190] loop4: detected capacity change from 0 to 512 [ 580.987733][ T9190] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 581.086682][ T9190] EXT4-fs (loop4): 1 truncate cleaned up [ 581.110194][ T9190] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 581.628760][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.133698][ T9200] loop5: detected capacity change from 0 to 1764 [ 582.965523][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1179'. [ 583.166525][ T9211] team_slave_0: entered promiscuous mode [ 583.172704][ T9211] team_slave_1: entered promiscuous mode [ 583.215297][ T9211] macsec1: entered promiscuous mode [ 583.221057][ T9211] team0: entered promiscuous mode [ 583.230322][ T9211] macsec1: entered allmulticast mode [ 583.235911][ T9211] team0: entered allmulticast mode [ 583.241498][ T9211] team_slave_0: entered allmulticast mode [ 583.247577][ T9211] team_slave_1: entered allmulticast mode [ 583.304239][ T9211] team0: left allmulticast mode [ 583.309671][ T9211] team_slave_0: left allmulticast mode [ 583.315635][ T9211] team_slave_1: left allmulticast mode [ 583.321712][ T9211] team0: left promiscuous mode [ 583.330667][ T9211] team_slave_0: left promiscuous mode [ 583.336494][ T9211] team_slave_1: left promiscuous mode [ 584.732695][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.740977][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.748970][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.756990][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.764708][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.773123][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.780957][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.788845][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.796802][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.798978][ T9229] loop4: detected capacity change from 0 to 128 [ 584.804476][ T5840] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0 [ 584.867551][ T5840] hid-generic 0003:0004:0000.0014: hidraw0: USB HID v0.00 Device [syz0] on syz0 [ 584.982396][ T9229] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 585.111299][ T9229] ext4 filesystem being mounted at /228/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 585.771170][ T9236] fido_id[9236]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 585.862688][ T5793] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 585.883482][ T5784] Bluetooth: hci1: command 0x0406 tx timeout [ 585.908864][ T9240] loop1: detected capacity change from 0 to 1024 [ 586.272329][ T9245] netlink: 'syz.2.1194': attribute type 1 has an invalid length. [ 586.280768][ T9245] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1194'. [ 587.297902][ T5784] Bluetooth: hci3: unexpected event for opcode 0x040d [ 587.679727][ T9261] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 587.939084][ T9261] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 588.252071][ T9269] loop2: detected capacity change from 0 to 128 [ 588.478885][ T9269] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 588.530324][ T9269] ext4 filesystem being mounted at /227/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 589.121149][ T5782] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 590.025550][ T9284] loop5: detected capacity change from 0 to 128 [ 590.098163][ T9284] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 591.369171][ T9302] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 591.380958][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 592.072686][ T9308] input: syz0 as /devices/virtual/input/input17 [ 593.277933][ T9323] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1226'. [ 594.188343][ T9335] loop5: detected capacity change from 0 to 512 [ 594.222389][ T9335] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 594.289680][ T9335] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.1231: bad orphan inode 131083 [ 594.331166][ T9335] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 595.319388][ T6724] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.834943][ T9349] loop4: detected capacity change from 0 to 256 [ 596.147644][ T9349] FAT-fs (loop4): Directory bread(block 64) failed [ 596.168433][ T9349] FAT-fs (loop4): Directory bread(block 65) failed [ 596.178230][ T9349] FAT-fs (loop4): Directory bread(block 66) failed [ 596.218392][ T9349] FAT-fs (loop4): Directory bread(block 67) failed [ 596.250797][ T9349] FAT-fs (loop4): Directory bread(block 68) failed [ 596.307320][ T9349] FAT-fs (loop4): Directory bread(block 69) failed [ 596.314427][ T9349] FAT-fs (loop4): Directory bread(block 70) failed [ 596.365212][ T9349] FAT-fs (loop4): Directory bread(block 71) failed [ 596.396029][ T9349] FAT-fs (loop4): Directory bread(block 72) failed [ 596.443571][ T9349] FAT-fs (loop4): Directory bread(block 73) failed [ 597.000944][ T9360] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1240'. [ 597.133414][ T9364] syz_tun: entered promiscuous mode [ 597.241115][ T9364] team0: Port device syz_tun added [ 597.437452][ T9365] team0: Port device syz_tun removed [ 597.686982][ T9365] bridge_slave_0: left allmulticast mode [ 597.692896][ T9365] bridge_slave_0: left promiscuous mode [ 597.701166][ T9365] bridge0: port 1(bridge_slave_0) entered disabled state [ 597.832941][ T9365] bridge_slave_1: left allmulticast mode [ 597.839405][ T9365] bridge_slave_1: left promiscuous mode [ 597.846508][ T9365] bridge0: port 2(bridge_slave_1) entered disabled state [ 598.101679][ T9365] bond0: (slave bond_slave_0): Releasing backup interface [ 598.116072][ T9371] input: syz1 as /devices/virtual/input/input18 [ 598.240868][ T9365] bond0: (slave bond_slave_1): Releasing backup interface [ 598.474252][ T9365] team0: Port device team_slave_0 removed [ 598.606056][ T9365] team0: Port device team_slave_1 removed [ 598.650097][ T9365] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 598.674016][ T9365] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 598.682349][ T9365] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 598.730948][ T9365] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 598.914690][ T1966] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 599.119737][ T1966] usb 2-1: Using ep0 maxpacket: 32 [ 599.159262][ T59] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.163290][ T1966] usb 2-1: config 1 has an invalid interface number: 242 but max is 0 [ 599.187838][ T1966] usb 2-1: config 1 has no interface number 0 [ 599.246818][ T1966] usb 2-1: config 1 interface 242 has no altsetting 0 [ 599.317059][ T1966] usb 2-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice= 7.df [ 599.326667][ T1966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 599.334958][ T1966] usb 2-1: Product: syz [ 599.339508][ T1966] usb 2-1: Manufacturer: syz [ 599.344313][ T1966] usb 2-1: SerialNumber: syz [ 599.404730][ T9377] loop3: detected capacity change from 0 to 64 [ 599.465439][ T59] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.757937][ T1966] aqc111 2-1:1.242: probe with driver aqc111 failed with error -22 [ 599.784355][ T59] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.812618][ T1966] usb 2-1: USB disconnect, device number 11 [ 600.110526][ T59] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 600.738807][ T59] bridge_slave_1: left allmulticast mode [ 600.744721][ T59] bridge_slave_1: left promiscuous mode [ 600.751806][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 600.783812][ T59] bridge_slave_0: left allmulticast mode [ 600.790074][ T59] bridge_slave_0: left promiscuous mode [ 600.797008][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 601.603054][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 601.665087][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 601.681829][ T59] bond0 (unregistering): Released all slaves [ 603.103912][ T59] hsr_slave_0: left promiscuous mode [ 603.129586][ T59] hsr_slave_1: left promiscuous mode [ 603.178938][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 603.188453][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 603.207051][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 603.214739][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 603.306672][ T1966] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 603.341575][ T5789] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 603.353533][ T5789] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 603.369168][ T5789] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 603.370806][ T59] veth1_macvtap: left promiscuous mode [ 603.402931][ T5789] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 603.408514][ T59] veth0_macvtap: left promiscuous mode [ 603.441481][ T59] veth1_vlan: left promiscuous mode [ 603.459834][ T5789] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 603.482475][ T59] veth0_vlan: left promiscuous mode [ 603.536895][ T1966] usb 2-1: Using ep0 maxpacket: 16 [ 603.583743][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.665106][ T1966] usb 2-1: config 0 interface 0 has no altsetting 0 [ 603.678486][ T1966] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 603.690148][ T1966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.809212][ T1966] usb 2-1: config 0 descriptor?? [ 604.758569][ T1966] usb 2-1: USB disconnect, device number 12 [ 605.556958][ T5789] Bluetooth: hci0: command tx timeout [ 605.930744][ T59] team0 (unregistering): Port device team_slave_1 removed [ 605.971621][ T9420] loop5: detected capacity change from 0 to 256 [ 606.004440][ T9420] exfat: Deprecated parameter 'namecase' [ 606.045486][ T59] team0 (unregistering): Port device team_slave_0 removed [ 606.077364][ T9420] exfat: Deprecated parameter 'utf8' [ 606.191453][ T9420] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 607.203299][ T9428] loop5: detected capacity change from 0 to 512 [ 607.343733][ T9428] EXT4-fs: Ignoring removed i_version option [ 607.350360][ T9428] EXT4-fs: Ignoring removed nobh option [ 607.429288][ T9428] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 607.609409][ T9428] EXT4-fs (loop5): 1 truncate cleaned up [ 607.636969][ T5789] Bluetooth: hci0: command tx timeout [ 607.653705][ T9428] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 608.300980][ T6724] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 608.678202][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 609.092249][ T5789] Bluetooth: hci2: unexpected event for opcode 0x0c13 [ 609.154924][ T30] audit: type=1326 audit(1769159027.931:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9446 comm="syz.5.1270" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f72539 code=0x0 [ 609.475512][ T9398] chnl_net:caif_netlink_parms(): no params data found [ 609.726803][ T5789] Bluetooth: hci0: command tx timeout [ 610.187646][ T9460] Invalid ELF header magic: != ELF [ 611.380154][ T9398] bridge0: port 1(bridge_slave_0) entered blocking state [ 611.387955][ T9398] bridge0: port 1(bridge_slave_0) entered disabled state [ 611.417196][ T9398] bridge_slave_0: entered allmulticast mode [ 611.441734][ T9398] bridge_slave_0: entered promiscuous mode [ 611.510062][ T9398] bridge0: port 2(bridge_slave_1) entered blocking state [ 611.517975][ T9398] bridge0: port 2(bridge_slave_1) entered disabled state [ 611.552662][ T9398] bridge_slave_1: entered allmulticast mode [ 611.589441][ T9476] loop4: detected capacity change from 0 to 2048 [ 611.601765][ T9398] bridge_slave_1: entered promiscuous mode [ 611.686190][ T9474] loop3: detected capacity change from 0 to 4096 [ 611.744418][ T9474] EXT4-fs (loop3): Test dummy encryption mode enabled [ 611.752695][ T9476] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 611.796711][ T5789] Bluetooth: hci0: command tx timeout [ 611.838229][ T9474] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103] [ 611.947998][ T9474] System zones: 0-5 [ 612.048407][ T9474] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 612.390286][ T9398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 612.521892][ T9398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 612.625502][ T9488] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1281'. [ 612.868068][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.168592][ T9398] team0: Port device team_slave_0 added [ 613.278517][ T9398] team0: Port device team_slave_1 added [ 613.785044][ T9398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 613.793006][ T9398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 613.830917][ T9398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 614.044257][ T9398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 614.051796][ T9398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 614.078546][ T9398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 614.881918][ T9398] hsr_slave_0: entered promiscuous mode [ 614.937066][ T9398] hsr_slave_1: entered promiscuous mode [ 614.954539][ T9398] debugfs: 'hsr0' already exists in 'hsr' [ 614.960903][ T9398] Cannot create hsr debugfs directory [ 615.362108][ T9514] loop5: detected capacity change from 0 to 512 [ 617.357877][ T9398] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 617.458986][ T9398] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 617.588496][ T9398] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 617.690102][ T9398] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 618.280937][ T9531] loop5: detected capacity change from 0 to 4096 [ 619.799838][ T9398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 620.153100][ T9398] 8021q: adding VLAN 0 to HW filter on device team0 [ 620.296821][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 620.304536][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 620.654523][ T7748] bridge0: port 2(bridge_slave_1) entered blocking state [ 620.662272][ T7748] bridge0: port 2(bridge_slave_1) entered forwarding state [ 622.289684][ T1966] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 622.526597][ T1966] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 622.536058][ T1966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 622.662078][ T1966] usb 4-1: config 0 descriptor?? [ 622.734799][ T1966] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 622.825081][ T9579] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 623.691321][ T1966] gspca_stv06xx: I2C: Read error writing address: -71 [ 623.759124][ T1966] usb 4-1: USB disconnect, device number 11 [ 624.074444][ T9591] loop1: detected capacity change from 0 to 512 [ 624.184374][ T9594] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 624.235983][ T9591] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 625.161598][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 625.423646][ T9398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 626.369807][ T9620] loop3: detected capacity change from 0 to 128 [ 626.454756][ T9620] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 626.523381][ T5840] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 626.779693][ T5840] usb 6-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 626.790268][ T5840] usb 6-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 626.802051][ T5840] usb 6-1: config 1 interface 0 has no altsetting 0 [ 626.904724][ T5840] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 626.914607][ T5840] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 626.923099][ T5840] usb 6-1: Product: syz [ 626.927591][ T5840] usb 6-1: Manufacturer: syz [ 626.932407][ T5840] usb 6-1: SerialNumber: syz [ 627.058349][ T9618] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 627.126962][ T9618] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 628.275482][ T5840] (unnamed net_device) (uninitialized): Assigned a random MAC address: 4e:2b:29:25:ee:c6 [ 628.309737][ T9623] loop1: detected capacity change from 0 to 4096 [ 628.351305][ T9623] EXT4-fs: inline encryption not supported [ 628.358893][ T9623] EXT4-fs: Ignoring removed mblk_io_submit option [ 628.436821][ T9623] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 628.445631][ T9623] EXT4-fs (loop1): Test dummy encryption mode enabled [ 628.458177][ T5840] rtl8150 6-1:1.0: eth9: rtl8150 is detected [ 628.508471][ T5840] usb 6-1: USB disconnect, device number 10 [ 628.568064][ T9623] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c098, mo2=0002] [ 628.648243][ T9623] System zones: 0-5 [ 628.753424][ T9623] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 629.412068][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 630.649859][ T9398] veth0_vlan: entered promiscuous mode [ 630.848705][ T9398] veth1_vlan: entered promiscuous mode [ 631.473737][ T9398] veth0_macvtap: entered promiscuous mode [ 631.587592][ T9665] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1337'. [ 631.591368][ T9398] veth1_macvtap: entered promiscuous mode [ 631.923195][ T9398] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 632.118799][ T9398] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 632.323481][ T9671] loop4: detected capacity change from 0 to 1024 [ 632.332291][ T7753] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 632.523921][ T7754] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 632.578580][ T7754] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 632.641948][ T7754] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 632.798804][ T30] audit: type=1800 audit(1769159051.611:45): pid=9671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1339" name="bus" dev="loop4" ino=26 res=0 errno=0 [ 633.182037][ T9674] loop1: detected capacity change from 0 to 4096 [ 633.293073][ T59] hfsplus: b-tree write err: -5, ino 4 [ 633.850359][ T9687] loop5: detected capacity change from 0 to 256 [ 633.933944][ T9687] exfat: Deprecated parameter 'namecase' [ 634.160801][ T9687] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 636.010803][ T9708] sctp: [Deprecated]: syz.3.1350 (pid 9708) Use of struct sctp_assoc_value in delayed_ack socket option. [ 636.010803][ T9708] Use struct sctp_sack_info instead [ 637.691593][ T30] audit: type=1804 audit(1769159056.501:46): pid=9727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1355" name="/newroot/267/file1" dev="tmpfs" ino=1425 res=1 errno=0 [ 638.918121][ T9742] loop3: detected capacity change from 0 to 512 [ 638.931388][ T9739] loop4: detected capacity change from 0 to 2048 [ 638.975373][ T9742] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 639.088722][ T9742] EXT4-fs (loop3): 1 truncate cleaned up [ 639.198415][ T9742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 639.230350][ T9739] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 639.909456][ T9751] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 639.919451][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 640.515588][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.961848][ T7754] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 640.970233][ T7754] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 641.299367][ T7754] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 641.308061][ T7754] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 641.390509][ T9767] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1367'. [ 641.451271][ T9767] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1367'. [ 642.032537][ T9771] loop3: detected capacity change from 0 to 164 [ 642.704371][ T9766] loop1: detected capacity change from 0 to 8192 [ 644.286879][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 644.486843][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 644.545111][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 644.657584][ T10] usb 7-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 644.667337][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 644.675684][ T10] usb 7-1: Product: syz [ 644.681182][ T10] usb 7-1: Manufacturer: syz [ 644.686004][ T10] usb 7-1: SerialNumber: syz [ 644.698311][ T7735] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 644.796963][ T10] usb 7-1: config 0 descriptor?? [ 644.915614][ T7735] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 645.321965][ T7735] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 645.539187][ T10] gs_usb 7-1:0.0: Configuring for 82 interfaces [ 645.581021][ T7735] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.172461][ T10] gs_usb 7-1:0.0: Couldn't get bit timing const for channel 1 (-EPROTO) [ 646.480792][ T10] gs_usb 7-1:0.0: probe with driver gs_usb failed with error -71 [ 646.737264][ T10] usb 7-1: USB disconnect, device number 2 [ 647.631146][ T7735] bond0 (unregistering): Released all slaves [ 648.291508][ T7735] hsr_slave_0: left promiscuous mode [ 648.324477][ T7735] hsr_slave_1: left promiscuous mode [ 648.403939][ T7735] veth1_macvtap: left promiscuous mode [ 648.424276][ T7735] veth0_macvtap: left promiscuous mode [ 648.443556][ T7735] veth1_vlan: left promiscuous mode [ 648.463442][ T7735] veth0_vlan: left promiscuous mode [ 648.779691][ T9823] loop4: detected capacity change from 0 to 512 [ 649.060227][ T9823] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 649.127640][ T9823] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 649.652550][ T5784] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 649.688382][ T5784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 649.699562][ T5784] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 649.728457][ T5784] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 649.756017][ T5784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 649.935704][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 650.357341][ T30] audit: type=1326 audit(1769159069.151:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9835 comm="syz.6.1386" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f06539 code=0x0 [ 651.876790][ T5784] Bluetooth: hci1: command tx timeout [ 653.011468][ T9862] loop1: detected capacity change from 0 to 512 [ 653.051033][ T9862] EXT4-fs: Ignoring removed bh option [ 653.110871][ T9862] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 653.261157][ T9862] EXT4-fs (loop1): 1 truncate cleaned up [ 653.349818][ T9862] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 653.596093][ T9862] overlayfs: upper fs needs to support d_type. [ 653.956668][ T5784] Bluetooth: hci1: command tx timeout [ 654.181358][ T5787] EXT4-fs error (device loop1): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39 [ 654.221189][ T5787] EXT4-fs error (device loop1): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39 [ 654.845765][ T9831] chnl_net:caif_netlink_parms(): no params data found [ 655.270723][ T5787] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.994426][ T9882] loop6: detected capacity change from 0 to 4096 [ 656.037469][ T5784] Bluetooth: hci1: command tx timeout [ 656.587053][ T3515] bridge_slave_1: left allmulticast mode [ 656.592962][ T3515] bridge_slave_1: left promiscuous mode [ 656.600112][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state [ 656.789318][ T3515] bridge_slave_0: left allmulticast mode [ 656.795246][ T3515] bridge_slave_0: left promiscuous mode [ 656.802412][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state [ 658.108330][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 658.117464][ T5784] Bluetooth: hci1: command tx timeout [ 658.182502][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 658.230310][ T3515] bond0 (unregistering): Released all slaves [ 658.879774][ T9831] bridge0: port 1(bridge_slave_0) entered blocking state [ 658.887787][ T9831] bridge0: port 1(bridge_slave_0) entered disabled state [ 658.947252][ T9831] bridge_slave_0: entered allmulticast mode [ 658.961235][ T9831] bridge_slave_0: entered promiscuous mode [ 659.112873][ T9831] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.120783][ T9831] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.189038][ T9831] bridge_slave_1: entered allmulticast mode [ 659.211931][ T9831] bridge_slave_1: entered promiscuous mode [ 659.384571][ T3515] hsr_slave_0: left promiscuous mode [ 659.411084][ T3515] hsr_slave_1: left promiscuous mode [ 659.423916][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 659.463488][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 659.709781][ T30] audit: type=1326 audit(1769159078.521:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="syz.3.1404" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73dd539 code=0x0 [ 660.535390][ T5789] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 660.555846][ T5789] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 660.565803][ T5789] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 660.575351][ T9915] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1406'. [ 660.585466][ T9915] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1406'. [ 660.602096][ T5789] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 660.635530][ T5789] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 660.660824][ T3515] team0 (unregistering): Port device team_slave_1 removed [ 660.742613][ T3515] team0 (unregistering): Port device team_slave_0 removed [ 661.750590][ T9831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 661.922406][ T9831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 662.549036][ T9831] team0: Port device team_slave_0 added [ 662.604434][ T3515] IPVS: stop unused estimator thread 0... [ 662.659701][ T9831] team0: Port device team_slave_1 added [ 662.677124][ T5784] Bluetooth: hci2: command tx timeout [ 663.120652][ T9936] loop3: detected capacity change from 0 to 16 [ 663.207797][ T9936] erofs (device loop3): mounted with root inode @ nid 36. [ 663.257535][ T9831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 663.264712][ T9831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 663.296233][ T9831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 663.349949][ T30] audit: type=1800 audit(1769159082.161:49): pid=9936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1413" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 663.422210][ T9831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 663.429521][ T9831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 663.456712][ T9831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 664.278988][ T9941] loop5: detected capacity change from 0 to 2640 [ 664.316836][ T6357] Buffer I/O error on dev loop5, logical block 0, async page read [ 664.344628][ T6357] Buffer I/O error on dev loop5, logical block 0, async page read [ 664.360210][ T6357] Buffer I/O error on dev loop5, logical block 0, async page read [ 664.401119][ T6357] Buffer I/O error on dev loop5, logical block 0, async page read [ 664.447308][ T6357] Buffer I/O error on dev loop5, logical block 0, async page read [ 664.507691][ T9944] Buffer I/O error on dev loop5, logical block 0, lost async page write [ 664.519623][ T6357] loop5: unable to read partition table [ 664.546502][ T9831] hsr_slave_0: entered promiscuous mode [ 664.557124][ T9941] Buffer I/O error on dev loop5, logical block 1, lost async page write [ 664.578059][ T9941] Buffer I/O error on dev loop5, logical block 2, lost async page write [ 664.614953][ T9831] hsr_slave_1: entered promiscuous mode [ 664.626161][ T9941] Buffer I/O error on dev loop5, logical block 3, lost async page write [ 664.690081][ T9944] Buffer I/O error on dev loop5, logical block 4, lost async page write [ 664.761031][ T5784] Bluetooth: hci2: command tx timeout [ 664.990287][ T9941] ldm_validate_partition_table(): Disk read failed. [ 665.036468][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 665.037160][ T9941] Dev loop5: unable to read RDB block 0 [ 665.049796][ T9941] loop5: unable to read partition table [ 665.056849][ T9941] loop_reread_partitions: partition scan of loop5 (3„ ¾‚³˜) failed (rc=-5) [ 665.897069][ T9957] capability: warning: `syz.6.1417' uses deprecated v2 capabilities in a way that may be insecure [ 666.253591][ T9911] chnl_net:caif_netlink_parms(): no params data found [ 666.838994][ T5784] Bluetooth: hci2: command tx timeout [ 667.281450][ T9970] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 668.157882][ T9831] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 668.275348][ T9831] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 668.376695][ T9831] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 668.513814][ T9831] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 668.916916][ T5784] Bluetooth: hci2: command tx timeout [ 669.155797][ T9911] bridge0: port 1(bridge_slave_0) entered blocking state [ 669.163803][ T9911] bridge0: port 1(bridge_slave_0) entered disabled state [ 669.202212][ T9911] bridge_slave_0: entered allmulticast mode [ 669.256017][ T9911] bridge_slave_0: entered promiscuous mode [ 669.315622][ T9911] bridge0: port 2(bridge_slave_1) entered blocking state [ 669.324082][ T9911] bridge0: port 2(bridge_slave_1) entered disabled state [ 669.353638][ T9911] bridge_slave_1: entered allmulticast mode [ 669.389762][ T9911] bridge_slave_1: entered promiscuous mode [ 669.814435][ T30] audit: type=1326 audit(1769159088.621:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9996 comm="syz.3.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000 [ 669.914118][ T30] audit: type=1326 audit(1769159088.661:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9996 comm="syz.3.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf73dd539 code=0x7ffc0000 [ 669.939405][ T30] audit: type=1326 audit(1769159088.661:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9996 comm="syz.3.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000 [ 669.982286][ T9911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 670.065680][ T9911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 670.708998][ T9911] team0: Port device team_slave_0 added [ 670.786745][ T9911] team0: Port device team_slave_1 added [ 671.161921][ T9911] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 671.169396][ T9911] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 671.196731][ T9911] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 671.324453][ T9911] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 671.332135][ T9911] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 671.361014][ T9911] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 671.410013][T10014] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1434'. [ 672.297500][ T9911] hsr_slave_0: entered promiscuous mode [ 672.328228][ T9911] hsr_slave_1: entered promiscuous mode [ 672.369913][ T9911] debugfs: 'hsr0' already exists in 'hsr' [ 672.375887][ T9911] Cannot create hsr debugfs directory [ 672.593975][T10021] loop3: detected capacity change from 0 to 256 [ 672.643330][T10021] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 672.823233][ T9831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 672.850553][T10021] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 673.793485][ T9831] 8021q: adding VLAN 0 to HW filter on device team0 [ 674.179205][ T7754] bridge0: port 1(bridge_slave_0) entered blocking state [ 674.187053][ T7754] bridge0: port 1(bridge_slave_0) entered forwarding state [ 674.295875][ T5836] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 674.509888][ T5836] usb 5-1: Using ep0 maxpacket: 32 [ 674.579513][ T5836] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 674.589329][ T5836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 674.598972][ T5836] usb 5-1: Product: syz [ 674.603373][ T5836] usb 5-1: Manufacturer: syz [ 674.608461][ T5836] usb 5-1: SerialNumber: syz [ 674.653611][ T5836] usb 5-1: config 0 descriptor?? [ 674.688143][ T7735] bridge0: port 2(bridge_slave_1) entered blocking state [ 674.695863][ T7735] bridge0: port 2(bridge_slave_1) entered forwarding state [ 674.781384][T10040] loop3: detected capacity change from 0 to 512 [ 674.853570][T10040] EXT4-fs: Ignoring removed nomblk_io_submit option [ 674.981010][T10040] EXT4-fs (loop3): 1 truncate cleaned up [ 675.109573][T10040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 675.155559][ T5836] airspy 5-1:0.0: Board ID: 00 [ 675.160864][ T5836] airspy 5-1:0.0: Firmware version: [ 675.390882][ T5836] airspy 5-1:0.0: usb_control_msg() failed -71 request 11 [ 675.448171][ T5836] airspy 5-1:0.0: Registered as swradio24 [ 675.460414][ T5836] airspy 5-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 675.548395][ T5836] usb 5-1: USB disconnect, device number 10 [ 675.814801][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 676.224749][ T9911] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 676.348560][ T9911] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 676.608461][ T9911] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 676.764383][ T9911] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 676.950750][T10052] loop3: detected capacity change from 0 to 256 [ 677.169176][T10052] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 679.321447][ T9911] 8021q: adding VLAN 0 to HW filter on device bond0 [ 679.492875][ T9831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 679.736943][ T9911] 8021q: adding VLAN 0 to HW filter on device team0 [ 679.886832][ T7758] bridge0: port 1(bridge_slave_0) entered blocking state [ 679.894654][ T7758] bridge0: port 1(bridge_slave_0) entered forwarding state [ 680.093673][ T7754] bridge0: port 2(bridge_slave_1) entered blocking state [ 680.101401][ T7754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 680.400752][T10084] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22) [ 680.967391][T10088] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size. [ 683.227764][T10106] loop6: detected capacity change from 0 to 512 [ 683.267949][T10098] loop4: detected capacity change from 0 to 4096 [ 683.324483][T10098] EXT4-fs: Ignoring removed bh option [ 683.395367][T10098] EXT4-fs (loop4): Test dummy encryption mode enabled [ 683.402542][T10106] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.1455: corrupted in-inode xattr: e_name out of bounds [ 683.415577][T10106] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.1455: couldn't read orphan inode 15 (err -117) [ 683.501204][T10098] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a84ec018, mo2=0003] [ 683.550342][T10106] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 683.585879][T10098] System zones: 0-5 [ 683.708102][T10098] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 684.024698][ T9831] veth0_vlan: entered promiscuous mode [ 684.255959][ T9911] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 684.358686][ T9398] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 684.474015][ T9831] veth1_vlan: entered promiscuous mode [ 684.591081][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 685.413338][ T9831] veth0_macvtap: entered promiscuous mode [ 685.585977][ T9831] veth1_macvtap: entered promiscuous mode [ 686.024008][ T9831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 686.163708][ T9831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 686.401057][ T3515] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 686.612957][ T7750] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 686.678823][ T7750] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 686.737409][ T7750] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.372396][ T9911] veth0_vlan: entered promiscuous mode [ 688.531719][ T9911] veth1_vlan: entered promiscuous mode [ 688.575132][T10155] loop6: detected capacity change from 0 to 128 [ 688.693881][T10155] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 688.737546][T10155] hpfs: filesystem error: improperly stopped [ 688.743920][T10155] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 688.752114][T10155] hpfs: You really don't want any checks? You are crazy... [ 688.849960][T10155] hpfs: hpfs_map_sector(): read error [ 688.855555][T10155] hpfs: code page support is disabled [ 688.934381][T10155] hpfs: hpfs_map_4sectors(): unaligned read [ 688.998054][T10155] hpfs: hpfs_map_4sectors(): unaligned read [ 689.004190][T10155] hpfs: filesystem error: unable to find root dir [ 689.203533][T10155] hpfs: hpfs_map_4sectors(): unaligned read [ 689.316418][ T9911] veth0_macvtap: entered promiscuous mode [ 689.523262][ T9911] veth1_macvtap: entered promiscuous mode [ 690.097420][ T9911] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 690.252930][ T9911] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 690.501210][ T7739] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 690.715212][ T7754] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 690.926189][ T3515] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.075714][ T3515] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 695.057365][ T9811] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 695.286928][ T9811] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 695.300197][ T9811] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 695.410110][ T9811] usb 4-1: config 0 descriptor?? [ 695.499344][ T9811] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 695.941591][ T9811] cpia1 4-1:0.0: unexpected state after lo power cmd: 00 [ 696.380124][ T9811] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 696.621056][ T9860] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 696.698277][ T2142] usb 4-1: USB disconnect, device number 12 [ 696.844544][ T9860] usb 7-1: Using ep0 maxpacket: 32 [ 696.910741][ T9860] usb 7-1: config 0 has an invalid interface number: 67 but max is 0 [ 696.921574][ T9860] usb 7-1: config 0 has no interface number 0 [ 697.009029][ T9860] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 697.018901][ T9860] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 697.027460][ T9860] usb 7-1: Product: syz [ 697.031856][ T9860] usb 7-1: Manufacturer: syz [ 697.036807][ T9860] usb 7-1: SerialNumber: syz [ 697.039146][ T7724] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 697.050455][ T7724] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 697.256538][ T9860] usb 7-1: config 0 descriptor?? [ 697.312354][ T9860] smsc95xx v2.0.0 [ 697.433446][ T7727] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 697.442239][ T7727] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 698.320963][ T9860] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 698.549488][ T9860] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 698.588450][ T9860] smsc95xx 7-1:0.67: probe with driver smsc95xx failed with error -71 [ 698.725715][ T9860] usb 7-1: USB disconnect, device number 3 [ 700.668060][T10270] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1490'. [ 700.679465][T10270] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1490'. [ 700.784117][ T1327] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 700.792569][ T1327] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 701.265052][ T3515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 701.273415][ T3515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 702.421721][T10287] netlink: 6664 bytes leftover after parsing attributes in process `syz.4.1496'. [ 702.431812][T10287] netlink: 6664 bytes leftover after parsing attributes in process `syz.4.1496'. [ 703.054193][T10295] loop8: detected capacity change from 0 to 256 [ 703.319192][T10295] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 703.558182][T10295] exFAT-fs (loop8): valid_size(150994954) is greater than size(10) [ 705.499149][T10303] loop6: detected capacity change from 0 to 8192 [ 708.609168][ T9860] IPVS: starting estimator thread 0... [ 708.731054][T10343] IPVS: using max 192 ests per chain, 9600 per kthread [ 709.036543][ T30] audit: type=1326 audit(1769159127.811:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.191646][ T30] audit: type=1326 audit(1769159127.891:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.214643][ T30] audit: type=1326 audit(1769159127.891:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.237617][ T30] audit: type=1326 audit(1769159127.891:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.267752][ T30] audit: type=1326 audit(1769159127.951:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.291542][ T30] audit: type=1326 audit(1769159127.951:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.301407][T10349] loop4: detected capacity change from 0 to 512 [ 709.314067][ T30] audit: type=1326 audit(1769159127.981:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf720572b code=0x7ffc0000 [ 709.587246][T10349] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 709.714870][T10349] EXT4-fs (loop4): 1 truncate cleaned up [ 709.737527][ T30] audit: type=1326 audit(1769159128.051:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.764323][ T30] audit: type=1326 audit(1769159128.101:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf720572b code=0x7ffc0000 [ 709.780429][T10349] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 709.787843][ T30] audit: type=1326 audit(1769159128.101:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10347 comm="syz.4.1516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf749d539 code=0x7ffc0000 [ 709.918342][T10360] loop7: detected capacity change from 0 to 256 [ 710.710435][ T5793] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 713.013632][T10389] loop4: detected capacity change from 0 to 512 [ 713.117724][T10390] loop6: detected capacity change from 0 to 256 [ 713.214354][T10394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1529'. [ 713.438395][T10394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1529'. [ 713.534897][T10394] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1529'. [ 713.553300][T10394] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1529'. [ 713.591186][T10390] FAT-fs (loop6): Directory bread(block 64) failed [ 713.638460][T10390] FAT-fs (loop6): Directory bread(block 65) failed [ 713.695568][T10390] FAT-fs (loop6): Directory bread(block 66) failed [ 713.727271][T10390] FAT-fs (loop6): Directory bread(block 67) failed [ 713.777269][T10390] FAT-fs (loop6): Directory bread(block 68) failed [ 713.784096][T10390] FAT-fs (loop6): Directory bread(block 69) failed [ 713.878383][T10390] FAT-fs (loop6): Directory bread(block 70) failed [ 713.923080][T10390] FAT-fs (loop6): Directory bread(block 71) failed [ 713.965322][T10390] FAT-fs (loop6): Directory bread(block 72) failed [ 714.018162][T10390] FAT-fs (loop6): Directory bread(block 73) failed [ 715.871880][T10408] loop6: detected capacity change from 0 to 1024 [ 715.931316][T10408] EXT4-fs: inline encryption not supported [ 716.189521][T10408] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 717.107002][ T9860] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 717.348207][ T9860] usb 5-1: Using ep0 maxpacket: 32 [ 717.365473][ T9398] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 717.400128][ T9860] usb 5-1: config 0 has an invalid interface number: 188 but max is 0 [ 717.409444][ T9860] usb 5-1: config 0 has no interface number 0 [ 717.447602][ T9860] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 717.618587][ T9860] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 717.628317][ T9860] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 717.637060][ T9860] usb 5-1: Product: syz [ 717.644459][ T9860] usb 5-1: Manufacturer: syz [ 717.650321][ T9860] usb 5-1: SerialNumber: syz [ 717.833022][ T9860] usb 5-1: config 0 descriptor?? [ 717.897977][T10423] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 718.219346][T10423] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 718.617054][ T9811] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 718.709426][T10437] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1544'. [ 718.752400][T10438] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1543'. [ 718.894999][ T9811] usb 7-1: Using ep0 maxpacket: 32 [ 718.919570][ T9811] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 718.931356][ T9811] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 718.941722][ T9811] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 718.951251][ T9811] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 719.005043][ T9860] asix 5-1:0.188 (unnamed net_device) (uninitialized): invalid hw address, using random [ 719.147182][ T9811] usb 7-1: config 0 descriptor?? [ 719.220200][ T9860] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 719.231021][ T9860] asix 5-1:0.188 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 719.380346][ T9860] asix 5-1:0.188: probe with driver asix failed with error -71 [ 719.528465][ T9860] usb 5-1: USB disconnect, device number 11 [ 719.815964][ T9811] savu 0003:1E7D:2D5A.0016: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0 [ 720.061646][ T9811] usb 7-1: USB disconnect, device number 4 [ 720.539703][T10445] gretap0: entered promiscuous mode [ 720.643732][T10448] loop3: detected capacity change from 0 to 1024 [ 721.356025][T10453] loop4: detected capacity change from 0 to 64 [ 721.402108][T10451] fido_id[10451]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 721.800728][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 721.800816][ T30] audit: type=1800 audit(1769159140.611:77): pid=10453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1549" name="file1" dev="loop4" ino=22 res=0 errno=0 [ 721.833905][T10453] hfs: request for non-existent node 3584 in B*Tree [ 721.847085][T10453] hfs: request for non-existent node 3584 in B*Tree [ 722.123052][T10458] loop8: detected capacity change from 0 to 7 [ 722.221652][T10458] Dev loop8: unable to read RDB block 7 [ 722.228997][T10458] loop8: unable to read partition table [ 722.307146][T10458] loop8: partition table beyond EOD, truncated [ 722.313835][T10458] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 722.719037][ T1327] hfs: request for non-existent node 1280 in B*Tree [ 722.719128][ T1327] hfs: request for non-existent node 1280 in B*Tree [ 724.565018][T10481] sg_write: process 40 (syz.7.1559) changed security contexts after opening file descriptor, this is not allowed. [ 726.399271][T10500] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1565'. [ 726.477984][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 728.522867][ T5784] Bluetooth: hci0: command 0x0406 tx timeout [ 728.554121][T10519] loop8: detected capacity change from 0 to 512 [ 728.567985][T10519] EXT4-fs: Ignoring removed orlov option [ 728.591398][T10519] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 728.642875][T10519] EXT4-fs (loop8): orphan cleanup on readonly fs [ 728.710397][T10519] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.1571: bg 0: block 248: padding at end of block bitmap is not set [ 728.815513][T10519] Quota error (device loop8): write_blk: dquota write failed [ 728.823875][T10519] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota [ 728.834400][T10519] EXT4-fs error (device loop8): ext4_acquire_dquot:6986: comm syz.8.1571: Failed to acquire dquot type 1 [ 729.043396][T10519] EXT4-fs (loop8): 1 truncate cleaned up [ 729.091778][T10519] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 730.259270][T10519] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended [ 730.467455][T10519] EXT4-fs error (device loop8): __ext4_remount:6789: comm syz.8.1571: Abort forced by user [ 730.541424][T10519] EXT4-fs (loop8): Remounting filesystem read-only [ 730.551993][T10519] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 730.623315][T10532] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000. [ 730.710207][T10532] ext4 filesystem being remounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 731.330698][ T9911] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 733.472050][T10560] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1585'. [ 733.871988][T10560] nbd: socks must be embedded in a SOCK_ITEM attr [ 734.370356][ T5961] udevd[5961]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 734.984286][ T5961] udevd[5961]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 739.911406][T10635] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1606'. [ 740.363356][T10644] loop7: detected capacity change from 0 to 8 [ 741.221904][T10651] loop4: detected capacity change from 0 to 256 [ 741.278952][T10651] exfat: Deprecated parameter 'namecase' [ 741.451431][T10651] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 741.728175][T10656] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1613'. [ 741.881437][T10660] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1613'. [ 742.019638][T10657] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1613'. [ 743.051391][T10664] loop8: detected capacity change from 0 to 1024 [ 743.299523][T10664] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 743.391608][ T5836] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 743.642128][T10675] netlink: 'syz.6.1618': attribute type 3 has an invalid length. [ 743.654624][T10675] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1618'. [ 743.695511][ T5836] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 743.707758][ T5836] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 743.722410][ T5836] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 743.733567][ T5836] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 743.747113][ T5836] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 743.762113][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 744.149028][ T9911] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 744.174692][ T5836] usb 5-1: config 0 descriptor?? [ 744.952254][ T5836] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 745.744118][ T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 746.024479][ T24] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 746.034268][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 746.174770][ T24] usb 7-1: config 0 descriptor?? [ 746.263170][ T24] cp210x 7-1:0.0: cp210x converter detected [ 746.743660][ T24] cp210x 7-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 746.880935][ T24] usb 7-1: cp210x converter now attached to ttyUSB0 [ 746.889590][ T5840] usb 5-1: USB disconnect, device number 12 [ 747.051922][ T5836] usb 7-1: USB disconnect, device number 5 [ 747.199028][ T5836] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 747.306475][ T5836] cp210x 7-1:0.0: device disconnected [ 748.930717][T10703] loop4: detected capacity change from 0 to 4096 [ 750.329914][T10723] cgroup: fork rejected by pids controller in /syz7 [ 752.640529][ T7739] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.964553][ T7739] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.195591][ T7739] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.475064][ T7739] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 753.643132][T10756] loop3: detected capacity change from 0 to 1024 [ 753.988670][T10756] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 754.527295][ T7739] bridge_slave_1: left allmulticast mode [ 754.533209][ T7739] bridge_slave_1: left promiscuous mode [ 754.540373][ T7739] bridge0: port 2(bridge_slave_1) entered disabled state [ 754.658342][ T7739] bridge_slave_0: left allmulticast mode [ 754.664262][ T7739] bridge_slave_0: left promiscuous mode [ 754.671914][ T7739] bridge0: port 1(bridge_slave_0) entered disabled state [ 754.940762][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 756.128357][ T7739] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 756.178865][ T7739] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 756.219071][ T7739] bond0 (unregistering): Released all slaves [ 757.336638][ T7739] hsr_slave_0: left promiscuous mode [ 757.405685][ T7739] hsr_slave_1: left promiscuous mode [ 757.427692][ T7739] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 757.435451][ T7739] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 757.480736][ T30] audit: type=1326 audit(1769159184.292:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10773 comm="syz.8.1646" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd539 code=0x7fc00000 [ 757.584728][ T7739] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 757.592827][ T7739] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 757.743572][ T5789] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 757.754086][ T5789] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 757.765288][ T5789] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 757.820549][ T5789] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 757.822104][ T7739] veth1_macvtap: left promiscuous mode [ 757.850755][ T5789] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 757.927077][ T7739] veth0_macvtap: left promiscuous mode [ 757.933083][ T7739] veth1_vlan: left promiscuous mode [ 757.939015][ T7739] veth0_vlan: left promiscuous mode [ 758.445631][T10787] loop6: detected capacity change from 0 to 512 [ 758.468211][T10793] Bluetooth: MGMT ver 1.23 [ 758.618524][T10787] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 758.899207][T10787] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 759.030209][T10787] ext4 filesystem being mounted at /61/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 759.369300][ T30] audit: type=1800 audit(1769159186.182:79): pid=10787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1651" name="bus" dev="loop6" ino=18 res=0 errno=0 [ 759.739741][T10804] loop4: detected capacity change from 0 to 1024 [ 759.853462][T10804] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 759.898287][ T9398] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 759.907409][T10804] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 759.919087][T10804] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869) [ 759.957523][ T5789] Bluetooth: hci1: command tx timeout [ 760.034599][T10804] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 760.049687][T10804] EXT4-fs error (device loop4): ext4_get_journal_inode:5849: comm syz.4.1654: inode #1: comm syz.4.1654: iget: illegal inode # [ 760.157851][T10804] EXT4-fs (loop4): Remounting filesystem read-only [ 760.164852][T10804] EXT4-fs (loop4): no journal found [ 761.323769][ T7739] team0 (unregistering): Port device team_slave_1 removed [ 761.434826][ T7739] team0 (unregistering): Port device team_slave_0 removed [ 762.037065][ T5789] Bluetooth: hci1: command tx timeout [ 763.563369][ T7739] IPVS: stop unused estimator thread 0... [ 764.127183][ T5789] Bluetooth: hci1: command tx timeout [ 765.140034][T10852] netlink: 68 bytes leftover after parsing attributes in process `syz.8.1670'. [ 765.314209][T10783] chnl_net:caif_netlink_parms(): no params data found [ 765.827440][T10856] bridge0: entered allmulticast mode [ 766.197446][ T5789] Bluetooth: hci1: command tx timeout [ 766.320814][T10862] pim6reg: entered allmulticast mode [ 768.310288][T10783] bridge0: port 1(bridge_slave_0) entered blocking state [ 768.318189][T10783] bridge0: port 1(bridge_slave_0) entered disabled state [ 768.384428][T10783] bridge_slave_0: entered allmulticast mode [ 768.450963][T10783] bridge_slave_0: entered promiscuous mode [ 768.598153][T10783] bridge0: port 2(bridge_slave_1) entered blocking state [ 768.605851][T10783] bridge0: port 2(bridge_slave_1) entered disabled state [ 768.674775][T10783] bridge_slave_1: entered allmulticast mode [ 768.718859][T10783] bridge_slave_1: entered promiscuous mode [ 769.460151][T10783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 769.538302][T10889] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 769.600995][T10783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 769.802159][T10897] loop3: detected capacity change from 0 to 2048 [ 770.010651][T10897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 770.347492][ T24] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 770.422082][T10783] team0: Port device team_slave_0 added [ 770.577140][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 770.577590][T10783] team0: Port device team_slave_1 added [ 770.616925][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 770.635351][ T24] usb 5-1: config 232 has an invalid interface number: 126 but max is 0 [ 770.644644][ T24] usb 5-1: config 232 has no interface number 0 [ 770.657772][ T24] usb 5-1: config 232 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 770.671245][ T24] usb 5-1: config 232 interface 126 altsetting 16 endpoint 0x82 has invalid wMaxPacketSize 0 [ 770.682179][ T24] usb 5-1: config 232 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 0 [ 770.696052][ T24] usb 5-1: config 232 interface 126 has no altsetting 0 [ 770.930400][ T24] usb 5-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 770.940017][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 770.948516][ T24] usb 5-1: Product: syz [ 770.952892][ T24] usb 5-1: Manufacturer: syz [ 770.957916][ T24] usb 5-1: SerialNumber: syz [ 771.073561][T10904] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 771.126995][ T9860] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 771.174181][T10783] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 771.182019][T10783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 771.212837][T10783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 771.361386][ T9860] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 771.373140][ T9860] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 771.383727][ T9860] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 771.397515][ T9860] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 771.409754][ T9860] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 771.521216][T10783] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 771.528773][ T9860] usb 9-1: config 0 descriptor?? [ 771.534105][T10783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 771.561129][T10783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 771.593527][ T24] ir_usb 5-1:232.126: IR Dongle converter detected [ 771.841104][ T24] usb 5-1: IR Dongle converter now attached to ttyUSB0 [ 772.046057][T10676] usb 5-1: USB disconnect, device number 13 [ 772.130538][T10676] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 772.209834][T10676] ir_usb 5-1:232.126: device disconnected [ 772.250557][ T9860] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 772.640235][T10783] hsr_slave_0: entered promiscuous mode [ 772.657753][ T9860] usb 9-1: USB disconnect, device number 2 [ 772.691466][T10783] hsr_slave_1: entered promiscuous mode [ 773.806169][T10924] fido_id[10924]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 775.571799][T10942] netlink: 'syz.6.1695': attribute type 4 has an invalid length. [ 775.914609][T10949] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1697'. [ 776.035008][T10949] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1697'. [ 776.122589][T10951] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1697'. [ 777.124835][T10783] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 777.191028][T10961] netlink: 'syz.3.1700': attribute type 1 has an invalid length. [ 777.758776][T10961] 8021q: adding VLAN 0 to HW filter on device bond1 [ 777.867528][T10783] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 777.940528][T10783] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 778.235683][T10965] bond1: (slave geneve2): making interface the new active one [ 778.316001][T10965] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 778.382327][T10783] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 779.464605][T10990] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1706'. [ 779.841639][T10992] input: syz1 as /devices/virtual/input/input20 [ 780.556837][T10783] 8021q: adding VLAN 0 to HW filter on device bond0 [ 780.998334][T10783] 8021q: adding VLAN 0 to HW filter on device team0 [ 781.150441][ T7721] bridge0: port 1(bridge_slave_0) entered blocking state [ 781.158221][ T7721] bridge0: port 1(bridge_slave_0) entered forwarding state [ 781.399459][ T7721] bridge0: port 2(bridge_slave_1) entered blocking state [ 781.407320][ T7721] bridge0: port 2(bridge_slave_1) entered forwarding state [ 782.582588][T10783] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 784.024622][T11023] loop6: detected capacity change from 0 to 128 [ 784.320362][T11023] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 784.416048][T11023] ext4 filesystem being mounted at /77/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 784.729013][T11023] syz.6.1718 (pid 11023) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 784.837195][ T5784] Bluetooth: hci2: command 0x0406 tx timeout [ 785.477652][ T9398] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 785.904179][T10783] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 786.668203][T11056] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1727'. [ 787.994058][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 790.766747][ T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 790.985050][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 790.996699][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 791.007017][ T24] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 791.016424][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 791.119997][ T24] usb 5-1: config 0 descriptor?? [ 792.184720][ T24] hid-led 0003:27B8:01ED.0019: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.4-1/input0 [ 792.253018][T10783] veth0_vlan: entered promiscuous mode [ 792.297362][T11160] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1737'. [ 792.437976][ T24] hid-led 0003:27B8:01ED.0019: ThingM blink(1) initialized [ 792.533031][ T24] usb 5-1: USB disconnect, device number 14 [ 792.541503][T10783] veth1_vlan: entered promiscuous mode [ 793.354128][T11164] fido_id[11164]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 793.393922][T10783] veth0_macvtap: entered promiscuous mode [ 793.634116][T10783] veth1_macvtap: entered promiscuous mode [ 794.028918][T10783] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 794.259415][T10783] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 794.414477][T11179] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1741'. [ 794.469431][T11141] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.576766][T11109] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.627098][T11109] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.698538][T11121] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.811213][T11183] loop6: detected capacity change from 0 to 1024 [ 795.180564][ T30] audit: type=1800 audit(1769159222.994:80): pid=11183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1743" name="file1" dev="loop6" ino=20 res=0 errno=0 [ 796.148905][T11128] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 796.442965][T11128] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 796.684232][T11128] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 796.938788][T11128] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.846816][T11128] bridge_slave_1: left allmulticast mode [ 797.852851][T11128] bridge_slave_1: left promiscuous mode [ 797.859965][T11128] bridge0: port 2(bridge_slave_1) entered disabled state [ 797.979574][T11128] bridge_slave_0: left allmulticast mode [ 797.985604][T11128] bridge_slave_0: left promiscuous mode [ 797.993389][T11128] bridge0: port 1(bridge_slave_0) entered disabled state [ 799.036167][T11128] bond1 (unregistering): (slave geneve2): Releasing active interface [ 799.223501][T11128] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 799.288443][T11128] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 799.321874][T11128] bond0 (unregistering): Released all slaves [ 799.372696][T11128] bond1 (unregistering): Released all slaves [ 800.185201][T11128] hsr_slave_0: left promiscuous mode [ 800.199856][T11128] hsr_slave_1: left promiscuous mode [ 800.227683][T11128] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 800.235284][T11128] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 800.271415][T11128] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 800.283112][T11128] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 800.361399][T11128] veth1_macvtap: left promiscuous mode [ 800.397281][T11128] veth0_macvtap: left promiscuous mode [ 800.403282][T11128] veth1_vlan: left promiscuous mode [ 800.422548][T11128] veth0_vlan: left promiscuous mode [ 801.491684][T11229] loop4: detected capacity change from 0 to 4096 [ 801.699593][T11235] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 802.124970][ T5784] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 802.157382][ T5784] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 802.167981][ T5784] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 802.191604][ T5784] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 802.204290][ T5784] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 803.260259][T11128] team0 (unregistering): Port device team_slave_1 removed [ 803.440345][T11128] team0 (unregistering): Port device team_slave_0 removed [ 804.367668][ T5784] Bluetooth: hci4: command tx timeout [ 806.191862][T11128] IPVS: stop unused estimator thread 0... [ 806.440212][ T5784] Bluetooth: hci4: command tx timeout [ 807.370058][T11240] chnl_net:caif_netlink_parms(): no params data found [ 808.517336][ T5784] Bluetooth: hci4: command tx timeout [ 808.681749][T11296] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1767'. [ 809.657762][T11109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 809.665845][T11109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 809.962562][T11240] bridge0: port 1(bridge_slave_0) entered blocking state [ 809.970961][T11240] bridge0: port 1(bridge_slave_0) entered disabled state [ 810.032351][T11240] bridge_slave_0: entered allmulticast mode [ 810.101845][T11240] bridge_slave_0: entered promiscuous mode [ 810.241867][T11240] bridge0: port 2(bridge_slave_1) entered blocking state [ 810.250196][T11240] bridge0: port 2(bridge_slave_1) entered disabled state [ 810.325269][T11240] bridge_slave_1: entered allmulticast mode [ 810.353099][T11240] bridge_slave_1: entered promiscuous mode [ 810.441110][ T1966] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 810.597527][ T5784] Bluetooth: hci4: command tx timeout [ 810.626005][T11112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 810.634928][T11112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 810.652199][ T1966] usb 5-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 810.661866][ T1966] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 810.688540][T11240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 810.734156][ T1966] usb 5-1: config 0 descriptor?? [ 810.862462][T11240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 811.067870][ T1966] kaweth 5-1:0.0: Firmware present in device. [ 811.257481][ T1966] kaweth 5-1:0.0: Statistics collection: 0 [ 811.263665][ T1966] kaweth 5-1:0.0: Multicast filter limit: 0 [ 811.270820][ T1966] kaweth 5-1:0.0: MTU: 0 [ 811.275274][ T1966] kaweth 5-1:0.0: Read MAC address 00:00:00:00:00:00 [ 811.366588][T11240] team0: Port device team_slave_0 added [ 811.640384][T11240] team0: Port device team_slave_1 added [ 811.884325][ T1966] kaweth 5-1:0.0: Error setting receive filter [ 811.912918][ T1966] kaweth 5-1:0.0: probe with driver kaweth failed with error -5 [ 812.010975][ T1966] usb 5-1: USB disconnect, device number 15 [ 812.287896][T11240] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 812.295238][T11240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 812.322553][T11240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 812.500719][T11240] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 812.508020][T11240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 812.534814][T11240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 813.649050][T11240] hsr_slave_0: entered promiscuous mode [ 813.700354][T11240] hsr_slave_1: entered promiscuous mode [ 813.737055][T11240] debugfs: 'hsr0' already exists in 'hsr' [ 813.743143][T11240] Cannot create hsr debugfs directory [ 813.846909][ T1966] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 814.035029][ T1966] usb 8-1: Using ep0 maxpacket: 8 [ 814.074008][ T1966] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 814.097231][T11344] fuse: Bad value for 'fd' [ 814.140645][ T1966] usb 8-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 814.150616][ T1966] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 814.159117][ T1966] usb 8-1: Product: syz [ 814.163589][ T1966] usb 8-1: Manufacturer: syz [ 814.168617][ T1966] usb 8-1: SerialNumber: syz [ 814.212918][T11344] overlayfs: failed to clone upperpath [ 814.313298][ T1966] usb 8-1: config 0 descriptor?? [ 814.375014][ T1966] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 815.260846][ T1966] gspca_zc3xx: reg_w_i err -71 [ 815.856727][ T1966] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 815.863825][ T1966] gspca_zc3xx 8-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 815.951976][ T1966] usb 8-1: USB disconnect, device number 2 [ 817.235057][T11240] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 817.353013][T11240] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 817.484812][T11240] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 817.687648][T11240] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 817.858143][ T30] audit: type=1326 audit(1769159245.674:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.6.1783" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06539 code=0x7fc00000 [ 819.866140][T11396] netlink: 'syz.8.1793': attribute type 6 has an invalid length. [ 819.919637][T11240] 8021q: adding VLAN 0 to HW filter on device bond0 [ 820.255003][T11240] 8021q: adding VLAN 0 to HW filter on device team0 [ 820.442127][T11123] bridge0: port 1(bridge_slave_0) entered blocking state [ 820.449883][T11123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 820.738906][T11134] bridge0: port 2(bridge_slave_1) entered blocking state [ 820.746641][T11134] bridge0: port 2(bridge_slave_1) entered forwarding state [ 822.606982][T11416] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms [ 822.653542][T11417] netlink: 'syz.8.1799': attribute type 10 has an invalid length. [ 822.717933][T11417] bridge0: port 2(bridge_slave_1) entered disabled state [ 822.728678][T11417] bridge0: port 1(bridge_slave_0) entered disabled state [ 822.994556][T11417] bridge0: port 2(bridge_slave_1) entered blocking state [ 823.002734][T11417] bridge0: port 2(bridge_slave_1) entered forwarding state [ 823.012096][T11417] bridge0: port 1(bridge_slave_0) entered blocking state [ 823.019945][T11417] bridge0: port 1(bridge_slave_0) entered forwarding state [ 823.198485][T11417] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 823.220017][T11128] bond0: (slave bridge0): link status definitely up, 0 Mbps full duplex [ 823.799595][T11426] netlink: 204 bytes leftover after parsing attributes in process `syz.6.1802'. [ 824.615772][T11436] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 824.702393][T11240] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 825.528205][T11440] netlink: 'syz.7.1807': attribute type 83 has an invalid length. [ 825.628232][T11240] veth0_vlan: entered promiscuous mode [ 825.677747][ T5784] Bluetooth: hci0: unexpected event for opcode 0x2043 [ 825.890014][T11240] veth1_vlan: entered promiscuous mode [ 826.651928][T11240] veth0_macvtap: entered promiscuous mode [ 826.798567][T11240] veth1_macvtap: entered promiscuous mode [ 827.145665][T11240] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 827.282129][T11240] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 827.561932][ T7754] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.605941][ T7754] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.703411][T11099] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.806786][ T7754] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 829.719558][ T5784] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 829.728358][ T5784] Bluetooth: hci0: Injecting HCI hardware error event [ 829.736009][ T5784] Bluetooth: hci0: hardware error 0x00 [ 831.796636][ T5784] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 831.996767][T11502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1821'. [ 833.644569][T11523] overlayfs: failed to clone upperpath [ 834.679207][T11538] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1830'. [ 834.737811][T11538] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1830'. [ 835.346005][T11544] loop6: detected capacity change from 0 to 128 [ 835.487976][T11544] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 835.669129][T11544] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 836.012868][T11549] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 836.592872][ T7754] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 836.601263][ T7754] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 837.094195][ T7740] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 837.102925][ T7740] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 837.289928][T11131] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 838.594815][T11570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1747'. [ 841.538869][T11584] Invalid ELF header magic: != ELF [ 842.651004][T11599] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 844.293081][T11615] loop4: detected capacity change from 0 to 128 [ 844.580394][T11615] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 844.631642][T11615] ext4 filesystem being mounted at /389/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 845.479292][T11630] input: syz1 as /devices/virtual/input/input21 [ 845.814796][ T5793] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 849.458267][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 851.611176][T11721] loop7: detected capacity change from 0 to 1024 [ 851.838200][T11721] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 851.969662][T11721] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 852.199723][ T30] audit: type=1800 audit(1769159280.014:82): pid=11721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1872" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 852.337497][ T30] audit: type=1800 audit(1769159280.034:83): pid=11721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1872" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 852.392438][T11731] EXT4-fs error (device loop7): ext4_free_blocks:6728: comm syz.7.1872: Freeing blocks not in datazone - block = 0, count = 16 [ 853.357048][T11110] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 112: padding at end of block bitmap is not set [ 853.427509][T11110] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 853.443129][T11110] EXT4-fs (loop7): This should not happen!! Data will be lost [ 853.443129][T11110] [ 853.461490][T11110] EXT4-fs (loop7): Total free blocks count 0 [ 853.468807][T11110] EXT4-fs (loop7): Free/Dirty block details [ 853.474907][T11110] EXT4-fs (loop7): free_blocks=16 [ 853.480372][T11110] EXT4-fs (loop7): dirty_blocks=16 [ 853.485672][T11110] EXT4-fs (loop7): Block reservation details [ 853.492071][T11110] EXT4-fs (loop7): i_reserved_data_blocks=1 [ 853.810926][T10783] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 854.621019][T11749] loop7: detected capacity change from 0 to 512 [ 854.736769][T11749] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 854.864481][T11749] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.1880: bad orphan inode 131083 [ 854.951661][T11749] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 855.192655][T11749] EXT4-fs (loop7): shut down requested (2) [ 855.453792][ T30] audit: type=1326 audit(1769159283.264:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.8.1885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 855.589473][ T30] audit: type=1326 audit(1769159283.264:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.8.1885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 855.612203][ T30] audit: type=1326 audit(1769159283.254:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11753 comm="syz.8.1885" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 855.662189][T10783] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 855.946395][T11758] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1886'. [ 856.273537][T11765] netlink: 'syz.7.1888': attribute type 6 has an invalid length. [ 857.988982][T11776] loop3: detected capacity change from 0 to 1024 [ 858.209384][T11776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 858.380879][T11776] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 858.500435][ T30] audit: type=1800 audit(1769159286.314:87): pid=11776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1892" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 858.597190][ T30] audit: type=1800 audit(1769159286.334:88): pid=11776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1892" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 858.811107][T11787] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.1892: Freeing blocks not in datazone - block = 0, count = 16 [ 858.825441][ T9860] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 859.044657][ T9860] usb 7-1: Using ep0 maxpacket: 8 [ 859.075818][ T9860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 859.087654][ T9860] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 859.097253][ T9860] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 859.176782][ T9860] usb 7-1: config 0 descriptor?? [ 859.218918][T11792] Illegal XDP return value 4294967274 on prog (id 71) dev N/A, expect packet loss! [ 859.538083][ T9860] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 859.580870][T11140] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:37: bg 0: block 112: padding at end of block bitmap is not set [ 859.659398][T11140] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 859.673905][T11140] EXT4-fs (loop3): This should not happen!! Data will be lost [ 859.673905][T11140] [ 859.685396][T11140] EXT4-fs (loop3): Total free blocks count 0 [ 859.692248][T11140] EXT4-fs (loop3): Free/Dirty block details [ 859.698589][T11140] EXT4-fs (loop3): free_blocks=16 [ 859.703834][T11140] EXT4-fs (loop3): dirty_blocks=16 [ 859.709475][T11140] EXT4-fs (loop3): Block reservation details [ 859.715656][T11140] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 859.980392][T11240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 860.028911][ T9921] usb 7-1: USB disconnect, device number 6 [ 861.258457][T11807] loop8: detected capacity change from 0 to 7 [ 861.340299][T11807] Dev loop8: unable to read RDB block 7 [ 861.346510][T11807] loop8: unable to read partition table [ 861.433115][T11807] loop8: partition table beyond EOD, truncated [ 861.440155][T11807] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5) [ 862.462296][T11817] loop7: detected capacity change from 0 to 512 [ 862.530886][T11817] EXT4-fs: Ignoring removed mblk_io_submit option [ 862.689683][T11817] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -13 [ 862.738627][T11817] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #13: comm syz.7.1908: attempt to clear invalid blocks 2 len 1 [ 862.795049][T11823] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1910'. [ 862.860652][T11817] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 862.995929][T11817] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.1908: invalid indirect mapped block 1819239214 (level 0) [ 863.018600][T11817] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.1908: invalid indirect mapped block 1819239214 (level 1) [ 863.039221][T11817] EXT4-fs (loop7): 1 truncate cleaned up [ 863.048100][T11817] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 863.613534][T10783] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 864.350404][T11837] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1916'. [ 865.416862][ T1966] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 865.586671][ T1966] usb 4-1: Using ep0 maxpacket: 8 [ 865.682286][ T1966] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 865.691952][ T1966] usb 4-1: config 179 has no interface number 0 [ 865.719694][ T1966] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 865.732680][ T1966] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 865.745268][ T1966] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 865.757110][ T1966] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 865.769044][ T1966] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 865.782792][ T1966] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 865.792260][ T1966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 866.200371][T11844] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 867.048999][ T9860] usb 4-1: USB disconnect, device number 13 [ 867.049113][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 867.063750][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 867.482382][T11861] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1925'. [ 867.529788][T11861] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1925'. [ 867.536777][ T9921] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 867.746871][ T9921] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 867.757281][ T9921] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 867.775152][ T9921] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 867.788797][ T9921] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 868.236130][ T9921] usb 8-1: usb_control_msg returned -32 [ 868.242334][ T9921] usbtmc 8-1:16.0: can't read capabilities [ 868.540468][T11871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1928'. [ 869.901431][T11883] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1932'. [ 870.389395][ T9860] usb 8-1: USB disconnect, device number 3 [ 871.711827][T11903] loop6: detected capacity change from 0 to 64 [ 871.922614][T11903] Trying to free block not in datazone [ 874.934797][T11932] loop3: detected capacity change from 0 to 512 [ 875.019636][T11932] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 875.262272][T11932] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 875.351390][T11932] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 875.497801][ T30] audit: type=1800 audit(1769159303.314:89): pid=11932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1950" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 876.192714][T11240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 878.109660][T11962] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1961'. [ 878.121875][T11962] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1961'. [ 879.169745][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 880.129746][T11985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1972'. [ 881.900958][T12005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1980'. [ 881.965318][T12005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1980'. [ 881.997327][ T9860] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 882.117032][ T5789] Bluetooth: hci1: command 0x0406 tx timeout [ 882.233761][ T9860] usb 5-1: Using ep0 maxpacket: 32 [ 882.259239][ T9860] usb 5-1: config 0 has no interfaces? [ 882.282461][ T9860] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 882.292188][ T9860] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 882.302936][ T9860] usb 5-1: SerialNumber: syz [ 882.370958][ T9860] usb 5-1: config 0 descriptor?? [ 882.699245][T12012] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1982'. [ 882.702333][ T9921] usb 5-1: USB disconnect, device number 16 [ 885.758794][T12045] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1997'. [ 888.523014][T12075] bridge0: entered allmulticast mode [ 888.612535][T12075] pim6reg: entered allmulticast mode [ 889.384484][T12082] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2011'. [ 890.889168][T12099] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2020'. [ 892.323880][T12111] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2024'. [ 892.393043][T12110] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2026'. [ 893.652489][T12124] tmpfs: Too small a size for current use [ 893.960936][T12128] netlink: 'syz.8.2034': attribute type 12 has an invalid length. [ 893.969341][T12128] netlink: 'syz.8.2034': attribute type 29 has an invalid length. [ 893.978611][T12128] netlink: 148 bytes leftover after parsing attributes in process `syz.8.2034'. [ 893.989789][T12128] netlink: 'syz.8.2034': attribute type 1 has an invalid length. [ 893.998063][T12128] netlink: 'syz.8.2034': attribute type 2 has an invalid length. [ 894.005985][T12128] netlink: 39 bytes leftover after parsing attributes in process `syz.8.2034'. [ 894.656097][T12135] loop7: detected capacity change from 0 to 512 [ 894.749149][T12135] EXT4-fs: Ignoring removed orlov option [ 894.838702][T12135] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 895.024291][T12135] EXT4-fs (loop7): 1 orphan inode deleted [ 895.030796][T12135] EXT4-fs (loop7): 1 truncate cleaned up [ 895.126757][T12135] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 895.484918][T12145] netlink: 'syz.3.2040': attribute type 12 has an invalid length. [ 895.493318][T12145] netlink: 'syz.3.2040': attribute type 29 has an invalid length. [ 895.502305][T12145] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2040'. [ 895.512416][T12145] netlink: 'syz.3.2040': attribute type 2 has an invalid length. [ 895.521958][T12145] netlink: 'syz.3.2040': attribute type 3 has an invalid length. [ 895.530477][T12145] netlink: 15 bytes leftover after parsing attributes in process `syz.3.2040'. [ 895.689888][T10783] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 897.121781][T12160] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2044'. [ 899.616050][T12181] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2054'. [ 899.628180][T12181] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2054'. [ 901.579520][T12189] loop3: detected capacity change from 0 to 32768 [ 901.784656][T12189] JBD2: Ignoring recovery information on journal [ 902.050271][T12189] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 902.431395][T11240] ocfs2: Unmounting device (7,3) on (node local) [ 904.579405][ T9860] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 904.791379][ T9860] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 904.802706][ T9860] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 904.813024][ T9860] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 904.822449][ T9860] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 905.022111][ T9860] usb 4-1: config 0 descriptor?? [ 906.410971][ T9860] uclogic 0003:256C:006D.001A: failed retrieving string descriptor #100: -71 [ 906.420426][ T9860] uclogic 0003:256C:006D.001A: failed retrieving pen parameters: -71 [ 906.429045][ T9860] uclogic 0003:256C:006D.001A: failed probing pen v1 parameters: -71 [ 906.437806][ T9860] uclogic 0003:256C:006D.001A: failed probing parameters: -71 [ 906.445940][ T9860] uclogic 0003:256C:006D.001A: probe with driver uclogic failed with error -71 [ 906.609862][ T9860] usb 4-1: USB disconnect, device number 14 [ 909.955110][T12264] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2089'. [ 910.794220][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 916.456683][ T9860] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 916.654473][ T9860] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 916.665050][ T9860] usb 4-1: config 0 interface 0 has no altsetting 0 [ 916.672115][ T9860] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 916.681541][ T9860] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 916.829107][ T9860] usb 4-1: config 0 descriptor?? [ 917.364437][ T9860] kye 0003:0458:5010.001B: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 917.450894][ T30] audit: type=1326 audit(1769159345.264:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12337 comm="syz.8.2127" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 917.505043][ T9860] kye 0003:0458:5010.001B: hidraw0: USB HID v0.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0 [ 917.516777][ T9860] kye 0003:0458:5010.001B: tablet-enabling feature report not found [ 917.525005][ T9860] kye 0003:0458:5010.001B: tablet enabling failed [ 917.583158][ T30] audit: type=1326 audit(1769159345.304:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12337 comm="syz.8.2127" exe="/root/syz-executor" sig=0 arch=40000003 syscall=304 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 917.606027][ T30] audit: type=1326 audit(1769159345.304:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12337 comm="syz.8.2127" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 917.632341][ T30] audit: type=1326 audit(1769159345.304:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12337 comm="syz.8.2127" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 917.658896][ T30] audit: type=1326 audit(1769159345.314:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12337 comm="syz.8.2127" exe="/root/syz-executor" sig=0 arch=40000003 syscall=305 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 917.682409][ T30] audit: type=1326 audit(1769159345.324:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12337 comm="syz.8.2127" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 917.704909][ T30] audit: type=1326 audit(1769159345.324:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12337 comm="syz.8.2127" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd539 code=0x7ffc0000 [ 917.859392][ T9860] usb 4-1: USB disconnect, device number 15 [ 918.623823][T12342] fido_id[12342]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 919.307068][T12347] loop4: detected capacity change from 0 to 4096 [ 920.166845][T12365] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2125'. [ 920.384313][T12366] loop3: detected capacity change from 0 to 1024 [ 922.242796][T12377] loop3: detected capacity change from 0 to 512 [ 924.588720][T12402] loop3: detected capacity change from 0 to 128 [ 924.701086][T12402] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 924.889459][T12402] ext4 filesystem being mounted at /59/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 925.809759][T11240] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 926.476136][ T9921] IPVS: starting estimator thread 0... [ 926.577036][T12426] IPVS: using max 192 ests per chain, 9600 per kthread [ 927.215827][T12429] loop4: detected capacity change from 0 to 128 [ 927.441174][T12429] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 927.537963][T12429] ext4 filesystem being mounted at /451/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 928.192243][ T5793] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 928.223216][ T5784] Bluetooth: hci4: command 0x0406 tx timeout [ 928.461734][T12439] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 929.050851][T12446] loop4: detected capacity change from 0 to 256 [ 929.375251][T12446] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 931.584181][T12472] loop3: detected capacity change from 0 to 512 [ 932.172519][T12469] loop4: detected capacity change from 0 to 4096 [ 934.008202][ T75] ntfs3(loop4): ino=5, mi_enum_attr [ 934.101810][T12480] loop6: detected capacity change from 0 to 8192 [ 937.865595][T12521] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2180'. [ 938.025490][T12521] vxlan0: entered promiscuous mode [ 938.069274][T12523] input: syz1 as /devices/virtual/input/input22 [ 938.086648][ T7758] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 938.170282][ T7758] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 938.208176][ T7758] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 938.290760][ T7758] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 940.388584][T12536] openvswitch: netlink: VXLAN extension message has 249 unknown bytes. [ 941.449639][T12544] loop6: detected capacity change from 0 to 512 [ 941.494860][T12544] EXT4-fs: inline encryption not supported [ 941.530936][T12544] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 941.613597][T12544] EXT4-fs (loop6): 1 truncate cleaned up [ 941.630320][T12544] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 942.373910][ T9398] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 945.708607][T12588] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2211'. [ 945.718138][T12588] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2211'. [ 946.149992][T12594] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2213'. [ 946.181493][T12589] loop3: detected capacity change from 0 to 4096 [ 946.224672][T12589] EXT4-fs: inline encryption not supported [ 946.231339][T12589] EXT4-fs: Ignoring removed mblk_io_submit option [ 946.323288][T12589] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 946.332467][T12589] EXT4-fs (loop3): Test dummy encryption mode enabled [ 946.424093][T12589] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c098, mo2=0002] [ 946.454111][T12589] System zones: 0-5 [ 946.664607][T12589] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 947.210420][T11240] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 949.765220][T12629] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2226'. [ 949.964667][T12629] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 949.975712][T12629] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 950.187917][T12629] netdevsim netdevsim8 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 950.199817][T12629] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 950.417362][T12629] netdevsim netdevsim8 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 950.428438][T12629] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 950.850078][T12629] netdevsim netdevsim8 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 950.861191][T12629] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 950.901858][T11110] Bluetooth: hci5: Frame reassembly failed (-84) [ 951.327361][T11140] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 951.337061][T11140] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 951.458304][T11110] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 951.467163][T11110] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 951.707980][T11138] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 951.730165][T11138] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 951.861836][T12641] loop6: detected capacity change from 0 to 1024 [ 951.877233][ T75] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 951.885736][ T75] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 952.917201][ T5784] Bluetooth: hci5: command 0x1003 tx timeout [ 952.923940][ T5789] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 953.715326][T12655] loop6: detected capacity change from 0 to 512 [ 953.915693][T12658] IPv4: Oversized IP packet from 127.202.26.0 [ 954.384712][T12660] evm: overlay not supported [ 955.499649][T12670] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2243'. [ 955.632454][T12673] loop4: detected capacity change from 0 to 8 [ 955.750810][T12670] team0 (unregistering): Port device team_slave_0 removed [ 955.818738][T12673] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2244'. [ 955.897409][T12670] team0 (unregistering): Port device team_slave_1 removed [ 955.902482][T12678] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2244'. [ 956.751112][T12682] macvlan2: entered promiscuous mode [ 956.758785][T12682] macvlan2: entered allmulticast mode [ 956.764510][T12682] gretap0: entered allmulticast mode [ 956.937984][ T9860] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 957.136399][ T9860] usb 7-1: Using ep0 maxpacket: 32 [ 957.171285][ T9860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 957.182868][ T9860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 957.194705][ T9860] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 957.204353][ T9860] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 957.336437][ T9860] usb 7-1: config 0 descriptor?? [ 957.405680][ T9860] hub 7-1:0.0: USB hub found [ 957.645487][ T9860] hub 7-1:0.0: 1 port detected [ 957.687541][T12692] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2252'. [ 957.833949][T12695] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2252'. [ 958.304123][ T9860] hub 7-1:0.0: activate --> -90 [ 958.575604][T12697] loop7: detected capacity change from 0 to 1024 [ 958.725149][T11172] usb 7-1: USB disconnect, device number 7 [ 958.869268][T12699] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2255'. [ 958.897989][T12699] netlink: 190 bytes leftover after parsing attributes in process `syz.3.2255'. [ 958.966936][ T9860] usb 7-1-port1: config error [ 958.980606][ T30] audit: type=1800 audit(1769159386.784:97): pid=12697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2254" name="file2" dev="loop7" ino=20 res=0 errno=0 [ 959.075124][T12697] hfsplus: request for non-existent node 33554434 in B*Tree [ 959.083618][T12697] hfsplus: request for non-existent node 33554434 in B*Tree [ 960.356057][T12709] input: syz0 as /devices/virtual/input/input23 [ 960.419713][ T30] audit: type=1326 audit(1769159388.234:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12708 comm="syz.7.2259" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73bd539 code=0x0 [ 961.960363][ C1] Dead loop on virtual device ipvlan1, fix it urgently! [ 963.216017][T12739] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode [ 963.297544][T12739] mac80211_hwsim hwsim14 wlan0: left promiscuous mode [ 965.116534][ T9921] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 965.316496][ T9921] usb 4-1: Using ep0 maxpacket: 32 [ 965.359108][ T9921] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 965.368129][ T9921] usb 4-1: config 0 has no interface number 0 [ 965.454577][ T9921] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 965.465486][ T9921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 965.474443][ T9921] usb 4-1: Product: syz [ 965.481059][ T9921] usb 4-1: Manufacturer: syz [ 965.486430][ T9921] usb 4-1: SerialNumber: syz [ 965.600002][ T9921] usb 4-1: config 0 descriptor?? [ 965.714741][ T9921] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 965.948542][ T9921] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 966.051661][ T9921] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 966.105809][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 6 [ 966.312088][ C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 966.313608][ T9860] usb 4-1: USB disconnect, device number 16 [ 966.408948][ T9860] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 966.543078][ T9860] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 966.691944][ T9860] quatech2 4-1:0.51: device disconnected [ 969.224257][ T9921] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 969.411776][ T9921] usb 7-1: Using ep0 maxpacket: 8 [ 969.461861][ T9921] usb 7-1: config 0 has an invalid interface number: 31 but max is 0 [ 969.471126][ T9921] usb 7-1: config 0 has no interface number 0 [ 969.522132][ T9921] usb 7-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 969.532155][ T9921] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 969.540786][ T9921] usb 7-1: Product: syz [ 969.545797][ T9921] usb 7-1: Manufacturer: syz [ 969.550804][ T9921] usb 7-1: SerialNumber: syz [ 969.668027][ T9921] usb 7-1: config 0 descriptor?? [ 969.930613][ T9921] uvcvideo 7-1:0.31: Found UVC 0.04 device syz (046d:08c3) [ 969.981619][ T9921] uvcvideo 7-1:0.31: No valid video chain found. [ 970.051140][ T9921] usb 7-1: USB disconnect, device number 8 [ 971.252060][T12812] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2304'. [ 971.262197][T12812] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2304'. [ 971.272104][T12812] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2304'. [ 971.413289][T12812] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2304'. [ 972.230845][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 972.638067][T12830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2309'. [ 977.816584][ T9921] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 977.933140][T12874] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1514) ! [ 978.038986][ T9921] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 978.042274][T12876] overlayfs: failed to clone upperpath [ 978.050742][ T9921] usb 7-1: config 0 has no interfaces? [ 978.050919][ T9921] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 978.051088][ T9921] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 978.120337][ T9921] usb 7-1: config 0 descriptor?? [ 978.363714][ T9921] usb 7-1: USB disconnect, device number 9 [ 978.937180][T12882] loop3: detected capacity change from 0 to 256 [ 979.043285][T12882] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 979.205937][ T30] audit: type=1804 audit(1769159407.014:99): pid=12889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2332" name="bus" dev="ramfs" ino=37399 res=1 errno=0 [ 980.357973][T12900] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2338'. [ 981.127341][T12908] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 981.135894][T12908] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 982.184642][T12920] loop4: detected capacity change from 0 to 512 [ 982.277595][T12920] EXT4-fs (loop4): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0 [ 982.287589][T12920] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 982.297104][T12920] EXT4-fs (loop4): Couldn't mount because of unsupported optional features (fffc1829) [ 982.307055][T12920] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 982.827428][T11172] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 983.059644][T11172] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 983.096417][T11172] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 230, changing to 7 [ 983.108024][T11172] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 24870, setting to 1024 [ 983.201741][T11172] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 983.211832][T11172] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 983.220264][T11172] usb 5-1: Product: syz [ 983.224662][T11172] usb 5-1: Manufacturer: syz [ 983.229583][T11172] usb 5-1: SerialNumber: syz [ 984.003340][T12938] loop6: detected capacity change from 0 to 47 [ 984.070421][T12940] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2353'. [ 984.178063][T12940] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2353'. [ 984.233294][T12938] syz.6.2354: attempt to access beyond end of device [ 984.233294][T12938] loop6: rw=8390657, sector=50, nr_sectors = 2 limit=47 [ 984.247623][T12938] buffer_io_error: 341 callbacks suppressed [ 984.247714][T12938] Buffer I/O error on dev loop6, logical block 25, lost async page write [ 984.363213][T12938] syz.6.2354: attempt to access beyond end of device [ 984.363213][T12938] loop6: rw=8390657, sector=52, nr_sectors = 2 limit=47 [ 984.377706][T12938] Buffer I/O error on dev loop6, logical block 26, lost async page write [ 984.462012][T11172] cdc_ncm 5-1:1.0: bind() failure [ 984.493861][T12938] syz.6.2354: attempt to access beyond end of device [ 984.493861][T12938] loop6: rw=8390657, sector=54, nr_sectors = 2 limit=47 [ 984.510204][T12938] Buffer I/O error on dev loop6, logical block 27, lost async page write [ 984.513491][T11172] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71 [ 984.593724][T11172] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71 [ 984.706552][T11172] usbtest 5-1:1.1: probe with driver usbtest failed with error -71 [ 984.819553][T11172] usb 5-1: USB disconnect, device number 17 [ 984.899122][ T5961] udevd[5961]: setting mode of /dev/bus/usb/005/017 to 020664 failed: No such file or directory [ 984.955037][ T5961] udevd[5961]: setting owner of /dev/bus/usb/005/017 to uid=0, gid=0 failed: No such file or directory [ 986.957234][T11172] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 987.167883][T11172] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 987.181910][T11172] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 987.193149][T11172] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 987.202720][T11172] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 987.441619][T12960] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 987.546366][T11172] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 988.327132][T11172] usb 7-1: USB disconnect, device number 10 [ 990.766826][T13000] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 990.775177][T13000] overlayfs: failed to set xattr on upper [ 990.782040][T13000] overlayfs: ...falling back to redirect_dir=nofollow. [ 990.789763][T13000] overlayfs: ...falling back to index=off. [ 990.795758][T13000] overlayfs: ...falling back to uuid=null. [ 990.802003][T13000] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 993.750937][T13042] Dead loop on virtual device ipvlan1, fix it urgently! [ 993.759042][T13042] ===================================================== [ 993.766754][T13042] BUG: KMSAN: uninit-value in __schedule+0x8fb/0x81a0 [ 993.773730][T13042] __schedule+0x8fb/0x81a0 [ 993.778772][T13042] schedule+0x17c/0x3c0 [ 993.783125][T13042] exit_to_user_mode_loop+0xa0/0x1b20 [ 993.789057][T13042] __do_fast_syscall_32+0x237/0x310 [ 993.794511][T13042] do_fast_syscall_32+0x37/0x80 [ 993.800034][T13042] do_SYSENTER_32+0x1f/0x30 [ 993.804785][T13042] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 993.811726][T13042] [ 993.814788][T13042] Local variable acpar created at: [ 993.820190][T13042] ip6t_do_table+0x70/0x2280 [ 993.826750][T13042] nf_hook_slow+0xe1/0x3d0 [ 993.831507][T13042] [ 993.833973][T13042] CPU: 0 UID: 0 PID: 13042 Comm: syz.3.2392 Tainted: G L syzkaller #0 PREEMPT(voluntary) [ 993.846099][T13042] Tainted: [L]=SOFTLOCKUP [ 993.850679][T13042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 993.861108][T13042] ===================================================== [ 993.868376][T13042] Disabling lock debugging due to kernel taint [ 993.874654][T13042] Kernel panic - not syncing: kmsan.panic set ... [ 993.881239][T13042] CPU: 0 UID: 0 PID: 13042 Comm: syz.3.2392 Tainted: G B L syzkaller #0 PREEMPT(voluntary) [ 993.892890][T13042] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP [ 993.898573][T13042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 993.908799][T13042] Call Trace: [ 993.912206][T13042] [ 993.915253][T13042] __dump_stack+0x26/0x30 [ 993.919825][T13042] dump_stack_lvl+0x50/0x1c0 [ 993.924638][T13042] ? dump_stack+0x12/0x25 [ 993.929194][T13042] dump_stack+0x1e/0x25 [ 993.933586][T13042] vpanic+0x435/0xd40 [ 993.937829][T13042] panic+0x15d/0x160 [ 993.942014][T13042] kmsan_report+0x31a/0x320 [ 993.946784][T13042] ? __msan_warning+0x1b/0x30 [ 993.951696][T13042] ? __schedule+0x8fb/0x81a0 [ 993.956488][T13042] ? schedule+0x17c/0x3c0 [ 993.961008][T13042] ? exit_to_user_mode_loop+0xa0/0x1b20 [ 993.966821][T13042] ? __do_fast_syscall_32+0x237/0x310 [ 993.972533][T13042] ? do_fast_syscall_32+0x37/0x80 [ 993.977804][T13042] ? do_SYSENTER_32+0x1f/0x30 [ 993.982723][T13042] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 993.989479][T13042] ? sctp_do_sm+0x9477/0x9b90 [ 993.994422][T13042] ? kmsan_get_metadata+0xf1/0x160 [ 993.999822][T13042] ? kmsan_get_metadata+0xf1/0x160 [ 994.005207][T13042] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 994.011313][T13042] ? is_mmconf_reserved+0x761/0x7a0 [ 994.016736][T13042] ? filter_irq_stacks+0x49/0x190 [ 994.022014][T13042] ? stack_depot_save_flags+0x35/0x790 [ 994.027697][T13042] ? kmsan_get_metadata+0xf1/0x160 [ 994.033077][T13042] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 994.039659][T13042] ? kmsan_get_metadata+0xf1/0x160 [ 994.045033][T13042] __msan_warning+0x1b/0x30 [ 994.049763][T13042] __schedule+0x8fb/0x81a0 [ 994.054389][T13042] ? __pfx_autoremove_wake_function+0x10/0x10 [ 994.060679][T13042] ? kmsan_get_metadata+0xf1/0x160 [ 994.066043][T13042] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 994.072624][T13042] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 994.078929][T13042] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 994.085020][T13042] ? kmsan_get_metadata+0xf1/0x160 [ 994.090390][T13042] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 994.096994][T13042] schedule+0x17c/0x3c0 [ 994.101338][T13042] ? __sys_connect+0x448/0x680 [ 994.106310][T13042] exit_to_user_mode_loop+0xa0/0x1b20 [ 994.111939][T13042] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 994.118248][T13042] ? kmsan_get_metadata+0xf1/0x160 [ 994.123606][T13042] ? __pfx_sctp_inet_connect+0x10/0x10 [ 994.129341][T13042] ? __ia32_sys_connect+0x95/0x100 [ 994.134680][T13042] __do_fast_syscall_32+0x237/0x310 [ 994.140140][T13042] do_fast_syscall_32+0x37/0x80 [ 994.145228][T13042] do_SYSENTER_32+0x1f/0x30 [ 994.150057][T13042] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 994.156612][T13042] RIP: 0023:0xf7f74539 [ 994.160815][T13042] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 994.180632][T13042] RSP: 002b:00000000f543650c EFLAGS: 00000206 ORIG_RAX: 000000000000016a [ 994.189328][T13042] RAX: ffffffffffffff8d RBX: 0000000000000003 RCX: 0000000080000140 [ 994.197462][T13042] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000 [ 994.205595][T13042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 994.213704][T13042] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 994.221831][T13042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 994.230011][T13042] [ 994.233859][T13042] Kernel Offset: disabled [ 994.238253][T13042] Rebooting in 86400 seconds..