last executing test programs: 14m56.062838869s ago: executing program 32 (id=719): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) fcntl$setlease(r0, 0x400, 0x2) 14m49.671828121s ago: executing program 33 (id=750): syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x2000000b}) 14m47.95649241s ago: executing program 34 (id=747): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000004000000000000000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) unshare(0x20000400) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080)=r0, 0x4) getsockopt$sock_buf(r1, 0x1, 0x1a, 0x0, &(0x7f0000000b00)) 14m21.465249613s ago: executing program 35 (id=820): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101842, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0x4) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000000)=0x2) close_range(r1, 0xffffffffffffffff, 0x0) 12m27.506737312s ago: executing program 36 (id=1537): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x7002}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000600)={'pim6reg1\x00', @link_local}) pread64(r0, &(0x7f0000002200)=""/89, 0x59, 0x10000) 11m30.376280723s ago: executing program 7 (id=1872): syz_mount_image$hfsplus(&(0x7f0000000a40), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2010410, &(0x7f0000000000)=ANY=[], 0x1, 0x684, &(0x7f0000001780)="$eJzs3c9vHFcdAPDvrNdrbwip2yZtQJVqNRIgLBI7lgvmQkCALNFDVQ6crcRpVtmkxd4it0J0+X3toX9AOfiAxAmJe6Ry4QK3HnrxsRISl14wp0UzO7O/191Nmuym+Xyi2fdm3sz78Z15O7trRRPAE2tnLcr3IomdtVcO0/Xjo8368dHmnSIfEUsR0YwoR0QpIpL/tlqtDyOuRSSdapKBNGKxv533a9uvffTp8SfttXK+ZPuX+o67L818idWIWMjTz6u+6w9cX9IZ4bWIuJSnMHPpNG31+fk/zrZLKn07VkcdvfxoOgk8VEn7vjlkJeJMPtHTzwHtu2L7nv1Ya866AwAAAPAIPHUSJ3GYnJt1PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBx0ew+/z/Jl1KRX42keP5/Jd8WeX6+vDjd7vceVj8AAAAAAAAA4H4tTX/IiydxEodxrlhvJdnf/F/KVs5nr1+Kt+Ig9mI/Lsdh7EYjGrEfGxGx0lNR5XC30djfmODIqyOPvDrh2KpDJcNbAAAAAAAAAODJ85vY6f79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5kESsdBOsuV8kV+JUjkiliOiku7XjPhXkX+c3Zt1BwAAAODBVUdtXOrJP3USJ3EY54r1VpJ9538u+96/HG/F3WhELRpRj724kf0W0P7WXzo+2qwfH23eSZfhNr7/n6n6mdUY7d8eRrd8MdujGjejlm25HNfjjajHjShlR6Yu5v0pah3o16/TPiXfy03Ysxt5mo78vTwd8u5Ugx3n9B9Tbi/nmYU8XckistiJyHretzQaTxdnZvQZKs7O4mQdG2xpI0qdzp4faGlgEN2YL0/WVupMnqbj+cO4mM9EXySyEXWvvudOj3nE1//2l5/dqt+9fevmwdr8DGkyxUXXyl6rw9fEZk8knv8iR2LIehaJC531nfhx/DTWYjVejf2oxS9iNxqxF6vxwyy3m1/PSc+UHxOpa31rr47pQOfNu5Jfoe2TNV2fXsqOPRe1zpvCy9m/q7ER346t2IrtnjN84fQznM360ph32taXR47i0jfyTHrP+uO4e9dMpHF9uohrEn3vuStZWe+WbpSemSBKU96Pyl/N52Daxm/zdD4MRmKjJxLPnh6JP2VDOqjfvb1/a/fNyZp75r08k86j38/VXaKSz6Fy9tp/daTX0rMjyzaysvOdstJQ2YVOWXumNuONuBF7I2ZqJf8MN1zT1azs+ZFlm1nZxZ6yUZ+3AJh7Z755plL9d/Wf1Q+qv6veqr6y/IOl7yy9UInFvy9+t7y+8LXSC8lf44P4VfcjJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcP8O3n7n9m69vrffl2nWW63WuyOLHjTz8cd/zh7w9PnXPEmmeJzZI2z0K2cjPnPnszOJxgNnkmTSnf/XarXyLcmcdP6UTCs3L/2ZRWa270vAw3elcefNKwdvv/Ot2p3d1/de37u7vbW1vb699fLmlZu1+t56+3XwqCme6QrMre5Nf0Thygw6BAAAAAAAAAAAAHymR/HfCWY9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODxtrMW5XuRxMb65fV0/fhos54uRb67ZzkiShGR/DIi+TDiWrSXWOmpLhnXzvu17dc++vT4k25d5WL/0ojjfjTdKJr5EqsRsZCnhZ9MVEV5bH3XB0unlnRGmAbsUhE4mLX/BwAA//84GAvn") openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x101042, 0xb0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) linkat(r0, &(0x7f0000000180)='./file1\x00', r0, &(0x7f0000000640)='./bus\x00', 0x0) unlink(&(0x7f0000000180)='./file1\x00') 11m29.784779605s ago: executing program 7 (id=1877): syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$udf(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x14444, &(0x7f0000000e80)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c766f6c756d653d3030303030303030303030300000000063686f723d30303030303030303030303030303030303030342c6e6f6164696e6963622c6769643d69676e6f72652c7569643d6967ee6f7200006769643dc7865530221d5cf1ffa33f314577d414dd0f02989f344aa1daf1517b816480770a92f1eaeab3d78957fc83df545faf189820845d1a3ae48728ee6ed8684b4f3acff28b7d51848813c91e8e6278a3cfa72eec120ebbc7baaaf78c062300000000000000", @ANYRES64, @ANYRESDEC], 0xfe, 0xc17, &(0x7f0000001180)="$eJzs3UFsHNd9B+D/Gy1FSm4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkI22ZXnroIUBR9JATgdYokKKB0RRBj2zrAsnFhyKnnogWNoKiB7YIkJPBYGbfikuKsmRTpEj7+2zqNzv73ux7b9YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN97+dKZ59KjbgUAsJ+ujH/1zFn3fwD4RLnq//8BAAAAAAAAAAAAAOCgS1HE45Fi/sp6mqxedwxcbs/euj0xMrpztWOpqnmkKl/+DDx39tz5Lz0/fKGbH1z/YXsyXh2/eqn+0tzN+YXW4mJruj4x256am2498BF2W3+7oWoA6jdfuzV9/fpi/eyz57a8fXvwvf7HTg5eHH769FPdshMjo6PjPWVqfR/50+9yrxkeR6OI05Hime/9JDUjoojdj8V9vjt77VjViaGqExMjo1VHZtrN2aXyzbHuQBQR9Z5Kje4Y7cO52JVGxHLZ/LLBQ2X3xuebC81rM636WHNhqb3UnpsdS53Wlv2pRxEXUsRKRKz13324viiiFim+c2I9XYuII91x+GI1Mfje7Sj2sI8PoGxnvS9ipTgE5+wA648iXokUP327iKlyzPJPfCHilTJ/EPFmmS9GpPKLcT7i3R2+RxxOtSjiL8rzf3E9TVfXg+515fLX6l+ZvT7XU7Z7XTn094f9dMCvTQNRRLO64q+nj/6bHQAAAAAAAAAAAAAAAAAetmNRxJOR4uX/+KNqXnFU89JPXBz+/cFf7J0z/sR9jlOWfTYilosHm5N7NE8hHktjKT3iucSfZANRxB/n+X/fetSNAQAAAAAAAAAAAAAAAAAA+EQr4seR4oV3TqWV6F1TvD17o361eW2msypsd+3f7prpGxsbG/XUyUbOyZzLOVdyruZcyxlFrp+zkXMy53LOlZyrOddyxpFcP2cj52TO5ZwrOVdzruWMWq6fs5FzMudyzpWcqznXcsYBWbsXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODjpIgi3o8U3/7GeooUEY2Iyejkan+3DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKPWnIr4fKep/0LizrxYRqfq341T5y/loHC3z09EYLvPFaFzK2ayy1vjWI2g/u9OXivhRpOgfeOvOCc/nv6/z6s7XIN785uarX6l18kj3zcH3+h87eeLi8OivPXGv7bRTA4Yut2dv3a5PjIyOjvfsruVP/3TPvsH8ucXD6ToRsfj6G681Z2ZaCzY+GRu1zkYtDkh79msjX6/ioLRn+0bjYDRjc+MRX5jYF+X9/91I8dvv/Gf3ht+9//9C59WdO3z87E827/8vbD/QHt3/H+/Z90L+3UhfLWJg6eZ838mIgcXX3zjdvtm80brRmj1/5syXh4e/fO5M39GIgevtmVbP1q6HCgAAAAAAAAAAAAAAAGB/pSJ+N1I0f7Se6hFxu5qvNXhx+OnTTx2JI9V8qy3ztl4dv3qp/tLczfmF1uJia7o+MduemptuPejHDVTTvSZGRvekM/d1bI/bf2zgpbn51xfaN/5wacf3jw9cura4tNCc2vntOBZFRKN3z1DV4ImR0arRM+3mbFV1bMfJdB9eXyrivyLF1Pl6+nzel+f/bZ/hv2X+//L2A+3R/L9P9ewrPzOlIn4WKX7rL5+Iz1ftPB53jVku97eRYujC53K5OFqW67ah81yBzszAsuz/RYp/fH9r2e58yMc3yz73wAN7SJTn/0Sk+P6ffzd+Pe/b+vyHnc//8e0H2qPz/5mefce3PK9g110nn//TkeLFx9+K38j7Puj5H0VsbGz8acSpXPjO8zn26Px/tmffYHQ+9zcfXvcBAAAAAAAAAAAOrb5UxN9FiqdGa+n5vO9B/v7f9PYD7dHf//rlnn3T+7Re0a4HFQAAAAAOiL5UxI8jxY2lt+7Mod46/7tn/ufvbK69PpK2vVv9Od8vVc8NeJh//tdrMH/u5O67DQAAAAAAAAAAAAAAAAAAAAdKSkU8n9dTn7zPeuqrkeLl/3kml0sny3LddeAHq18HrszNnr40MzM31VxqXptp1cfnm1Otsu5nIsX633wu1y2q9dW768131ngf2Oiuxb4QKUb/vlu2sxZ7d23yznrgnbXYy7KfihT//Q9by3bXsf7sZtmzZdm/jhRf/+edy57cLHuuLPvdSPHDr9e7ZY+XZbvPR+08k3SgFjOtZ6fmZu56FCoAAAAAAAAAAAAAAAAAAAB8WH2piD+LFP97cyWW87T/vP5/dwX+Wrfsm9/sWe9/m9vVOv+D1fr/99r+KOv/Dz60ngIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOGRoog3IsX8lfW02l++7hi43J69dXtiZHTnasdSVfNIVb78GXju7LnzX3p++EI3P7j+w/ZkvDp+9VL9pbmb8wutxcXWdH1itj01N9164CPstv7m0HUMVQNQv/narenr1xfrZ589t+Xt24Pv9T92cvDi8NOnn+qWnRgZHR3vKVPr+xCf/qEat+loFPFXkeKZ7/0k/Ut/RBG7H4v7fHf22rGqE0NVJyZGRquOzLSbs0vlm2PdgSgi6j2VGt0x2odzsSuNiOWy+WWDh8rujc83F5rXZlr1sebCUnupPTc7ljqtLftTjyIupIiViFjrv/twfVHEa5HiOyfW07/2RxzpjsMXr4x/9czZe7ej2MM+PoCynfW+iJXiEJyzA6w/ivinSPHTt0/Fv/VH1KLzE1+IeKXMH0S8WeaLEan8YpyPeHeH7xGHUy2K+P/y/F9cT2/3l9eD7nXl8tfqX5m9PtdTtntdOfT3h/10wK9NA1HED6sr/nr6d/9dAwAAAAAAAAAAAAAAABwgRfxqpHjhnVOpmh98Z05xe/ZG/Wrz2kxnWl937l93zvTGxsZGPXWykXMy53LOlZyrOddyRpHr52zknMy5nHMl52rOtZxxJNfP2cg5mXM550rO1ZxrOaOW6+ds5JzMuZxzJedqzrWccUDm7gEAAAAAAAAAAAAAAAAAAB8vRfVPim9/Yz1t9HfWl56MTq5aD/Rj7+cBAAD//1vO/Qs=") mkdir(&(0x7f0000000000)='./file0\x00', 0x2) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 11m28.141482573s ago: executing program 7 (id=1887): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0x10000, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRESDEC], 0xfe, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0xffffffffffffffff, 0x15) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) 11m27.210112347s ago: executing program 7 (id=1893): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r1, 0x4068aea3, &(0x7f0000000480)={0xed, 0x0, 0x4}) 11m25.758959861s ago: executing program 37 (id=1893): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r1, 0x4068aea3, &(0x7f0000000480)={0xed, 0x0, 0x4}) 8m53.204532962s ago: executing program 9 (id=2828): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) sendmsg$tipc(r1, &(0x7f0000000000)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x8050) 8m52.954225901s ago: executing program 9 (id=2829): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000006080)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x20010080, &(0x7f0000000480)=ANY=[@ANYBLOB='allow_utime=00000000000000000000007,dmask=00000000000000001,iocharset=macroman,allow_utime=00000000000000000000002,uid=', @ANYRES64=r3, @ANYRESOCT=r1, @ANYBLOB="2a3a6dc4d70cd8504afe4f20df34ad3cf37d706dd73fd000", @ANYRESDEC=r3, @ANYRESHEX=r2], 0x1, 0x14ee, &(0x7f0000002400)="$eJzs3Au0jtX2MPA511qPW9Kb5L7mmg9v2lgkSS5JckmSJElyS0iSJAmJTW5JSELuSe4hucVO7vdb7klyJEkSEpKsb+ic89ep842+b5y+z/8/9vyNscZecz97rneud77jfZ/n2WPvbzsOrlq/WqW6zAz/Efz7l1QAyAQA/QDgGgCIAKBU9lLZLx3PrDH1P3sQ8dd6aNqVrkBcSdL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2dnudaGel3yP3/9Ew+/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0Tfqfvkn/hUjPrvT95/85I+M/nrErXcdfO67wy08IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghRDpxLlxmAOCf8ytdlxBCCCGEEEIIIf46IeOVrkAIIYQQQgghhBD/7yEo0GAgggyQETJBZsgCV0FWuBqywTWQgGshO1wHOeB6yAm5IDfkgbyQD/KDBQIHDDEUgIKQhBugENwIKVAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6Ai3AmV4C6oDFWgKlSDu6E63AM14F6oCfdBLbgfzpX5e5V14SGoBw9DfXgEGsCj0BAaQWNoAk1/n48I8Jv82vAA1IEHf5f/InSFl6AbdIdU6AE94WXoBb2hD/SFfvAK9IdXYQC8BgNhEAyG12EIvAFD4U0YBsNhBLwFI2EUjIYxMBbGwXh4GybAOzAR3oVJMBmmwFSYBtNhBrwHM2EWzIb3YQ58AHNhHsyHBbAQPoRFsBjS4CNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+AS2wXbYATthF+yGPfAp7IXPYB98Dvvhi//L/LO/y++EgIAKFRo0mAEzYCbMhFkwC2bFrJgNs2ECE5gds//XiyU35sa8mBfzY34kJGRkLIAFMIlJLISFMAVTsAgWQY8ei2NxLIE3Y0ksiaWwFJbG0lgGy2JZLI/lsQJWwIpYESthJayMlbEqVsW78W68B2tgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xqbYFJthM2yOzbEltsRW2ApbY2tsg22wLbbFdtgO22N77IAdsCN2xE7YGTvji/givoQvYXesrHpgT+yJvbAX9sG+2Bdfwf74Kr6Kr+FAHISD8XV8Hd/AoXgGh+FwHIEjsIIahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/B9nIMf4Ac4D+fhAlyIC3ERLsY0TMMleBaX4jJcjitwJa7ClbgG1+IaXI8bcD1uwk24BbfgJ/gJbsftuBN34m7cjZ/ip/gZfoYDcT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f9ut7uwusGgrrEKKMyqAwqk8qksqgsKqvKqrKpbCqhEiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaxKqAKqKRKqkKqkEpRKaqIKqK88qq4Kq5KqBKqpCqpSqlbVWl1myqjyqoWvrwqryqolr6iulNVUpVUZVVFVVXVVDVVXVVXNVQNVVPVVLVULVVbPaDqqB7YBx9SlzpTXw3CBmowNlSNVGPVRL2Bj6lmaig2Vy1US/WEGo7DsLVq5tuop1VbNRrbqWfVGHxOdVDjsKN6QXVSnVUX9aLqqpr7bqq7moQ9VE81FXup3qqP6qtmYhV1qWNV1WtqoBqkBqvX1QJ8Qw1Vb6phargaod5SI9UoNVqNUWPVODVeva0mqHfURPWumqQmqylqqpqmpqsZ6j01U81Ss9X7ao76QM1V89R8tUAtVB+qRWqxSlMfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VX2itqntaofaqXap3WqP+lTtVZ+pfepztV99oQ4oTAX4Uh1SX6nD6mt1RH2jjqpv1TH1nTquvlcn1El1Sv2gTqsf1Zlf3xsBQP2sLqhf1EUVFGjUSmttdKQz6Iw6k86ss+irdFZ9tc6mr9EJfa3Orq/TOfT1OqfOpXPrPDqvzqfza6tJO8061gV0QZ3UN+hC+kadogvrIrqo9rqYLq5v0iX0zbqkvkWX0rfq0vo2XUaX1eV0eX27rqDv0BX1nbqSvktX1lV0VV1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU8/rOvrR3QD/ahuqBvpxrqJbqof083047q5bqFb6id0K/2kbq2f0m3007qtfka308/q9vo53UE/rzvqF3Qn3Vl30b/oizrobrq7TtU9dE/9su6le+s+uq/up1/R/fWreoB+TQ/Ug/Rg/boeot/QQ/Wbepgerkfot/RIPUqP1mP0WD1Oj9dv6wn6HT1Rv6sn6cl6ip6qp+npus8/Vpr9f5D/zr/JH/Dro2/RW/UnepvernfonXqX3q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6J/2DPq1/1Gf0WX1W/6TP6/P6wj+eAzBolNHGmMhkMBlNJpPZZDFXmazmapPNXGMS5lqT3VxncpjrTU6Ty+Q2eUxek8/kN9aQcYZNbAqYgiZpbjCFzI0mxRQ2RUxR400xU9zc9B/n/1l9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEGWKMkVZoixR1ihrlC3KFiWiRJQ9yh7liK6Pcka5otxRnihvlC/KH9mIIhdxFEcFooJRMrohKhTdGKVEhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv6l64dwJtfjvpvtblNtD9vTvmx72d62j+1r+9lXbH/7qh1gX7MD7SA72L5uh9g37FD7ph1mh9sR9i070o6yo+0YO9aOs+Pt23aCfcdOtO/aSXaynWKn2ml2up1h37Mz7Sw7275v59gP7Fw7z863C+xC+6FdZBfbNPuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Sd2m91ud9iddpfdbffYT+1e+5ndZz+3++0X9oD9m1XwpT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sn9pY93MmQoA2WgTJSJslAWykpZKRtlowQlKDtlpxyUg3JSTspNuSkv5aX8lJ8uYWIqQAUoSUkqRIUohVKoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qA76U66i+6iKlSFqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVAml9llcVe5rO5ql81d434f53Z5XF6Xz+V31uV0uf4lJudciivsiriizrtirri76Q9xGVfWlXPl3e2ugrvDVfxDXN3d42q4e11Nd5+r5u7+l7iWu9/Vdo+4Ou5RV9c1cvVcE1ffPeIauEddQ9fINXZNXCv3pGvtnnJt3NOurXvmD/Eit9itdevcerfB7XWfuXPuJ3fUfevOu59dN9fd9XOvuP7uVTfAveYGukF/iEe4t9xIN8qNdmPcWDfuD/EUN9VNc9PdDPeem+lm/SFe6D50c1yam+vmufluwa/xpZrS3EduifvYLXXL3HK3wq10q9xqt+a/al3hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJyJM3MWvoqz8tWcja/hBF/L2fk6zsHXc07Oxbk5D+flfJyfLRM7Zo65ABfkJN/AhfhGTuHCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EV+U6uxHdxZa7CVbka383V+R6uwfdyTb6Pa/H9XJsf4Dr8INflh7geP8z1+RFuwI9yQ27EjbkJN+XHuBk/zs25BbfkJ7gVP8mt+Sluw09zW36G2/Gz3J6f4w78PHfkF7gTd+Yu/CJ35Ze4G3fnVO7BPfll7sW9uQ/35X78CvfnV3kAv8YDeRAP5td5CL/BQ/lNHsbDeQS/xSN5FI/mMTyWx/F4fpsn8Ds8kd/lSTyZp/BUnsbTeQa/xzN5Fs/m93kOf8BzeR7P5wW8kD/kRbyY0/gjXsIf81Jexst5Ba/kVbya1/BaXsfreQNv5E28mbfwVv6Et/F23sE7eRfv5j38Ke/lz3gff877+Qs+wH/jg/wlH+Kv+DB/zUf4Gz7K3/Ix/o6P8/d8gk/yKf6BT/OPfIbP8jn+ic/zz3yBf+GLHBhijFWsYxNHcYY4Y5wpzhxnia+Ks8ZXx9nia+JEfG2cPb4uzhFfH+eMc8W54zxx3jhfnD+2McUu5jiOC8QF42R8Q1wovjFOiQvHReKisY+LxcXjm+IS8c1xyfiWuFR8a1w6vi0uE5eNH7mvfHx7XCG+I64Y3xlXiu+KK8dV4qpxtfjuuHp8T1wjvjeuGd8Xl4zvj2vHD8R14gfjuvFDcb344bh+/EjcIH40bhg3ihvHTeKm8WNxs/jxuHncIm4ZPxG3ip+MW8dPxW3ip+O28TN/ejw17hH3jF+OX45DuFfPTy5ILkx+mFyUXJxMS36UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGUK1jODRK6+98ZHP4DP6TD6zz+Kv8ln91T6bv8Yn/LU+u7/O5/DX+5w+l8/t8/i8Pp/P760n7zz72BfwBX3S3+AL+Rt9ii/si/ii3vtivrhv4pv6pr6Zf9w39y18S/+Ef8I/6Z/0T/mn/NO+rX/Gt/PP+vb+Od/BP++f9y/4Tr6z7+Jf9F39S76b7+5Tfarv6Xv6Xr6X7xOB7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5KXP8XD/Xz/fz/UK/0C/yi3yaT/NL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/lD/uv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zv/kz/uf/QX/i7/ogx+feDsxIfFOYmLi3cSkzJMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoR82+JQIBQMyXBDKBRuDCmhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwsHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3Dx179Z636lbqILIYQQQvyPkfonx3v8m++pf4xLegLA1dvzHP7tcQ0AG3P+fd5b5W2VAICnu3d86J+jcuXU1H8+7lINUcF5AJC4nJ8BLsfLoCU8CW2gBZSAf/766rd6q87n+U/WT94KkOU3OZngcnx5/Zv/7f57q1Fz/nT9eQApBS/nZIbL8eX1S/5v1s/V7E/Wz/zleIDmv8nJCpfjy+sXh8fhGWjzLz8phBBCCCGEEEL8XW9Vrv2fXd9euj7Pay7nZITL8W+vz4UQQgghhBBCCPHf03Oduzz1WJs2LdrL5L/jZLe0SSZXZnKF35iEEEIIIYQQf7nLJ/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+v/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA///apiom") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) 8m52.296623202s ago: executing program 9 (id=2831): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x37724106) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000280)={0x1, r1}) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000200)={0x1, r1}) 8m51.825612704s ago: executing program 9 (id=2835): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80), 0xde, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000040)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x101000, 0x80) 8m51.247800227s ago: executing program 9 (id=2841): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x2010}) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f041}) 8m50.432398874s ago: executing program 9 (id=2846): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x2c000010) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x7}}, 0xb8}}, 0x10) 8m48.743198708s ago: executing program 38 (id=2846): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x2c000010) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x7}}, 0xb8}}, 0x10) 7m38.427960254s ago: executing program 4 (id=3294): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x18) r1 = socket$inet_tcp(0x2, 0x1, 0x0) socket$key(0xf, 0x3, 0x2) close_range(r1, 0xffffffffffffffff, 0x0) 7m37.863566955s ago: executing program 4 (id=3300): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000980), 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x38, r0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xf4, 0x2e}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x177f}], @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]]}, 0x38}, 0x1, 0x0, 0x0, 0xd37697ff280d3c0e}, 0x0) 7m37.454458929s ago: executing program 4 (id=3303): syz_read_part_table(0x1052, &(0x7f0000000000)="$eJzsz9GpwmAMBeDT2/b23h1cRXAENxAnsS+O6QwuIET6a8EJ1Ifve0kIyYGEjxoepapqHXXPem3dT5Lpr/9dJpekzzAu7a4t9hnXozn5z3Crl+yqU4vdtONMba2qS+bkkGzPx/2b3gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr3YPAAD//70zEzw=") r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000100)={0x2, 0x1, 0x7, 0x1, r2}, 0x10) 7m36.365771444s ago: executing program 4 (id=3308): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000100)='./file0\x00') setxattr$incfs_size(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x2) 7m35.612706396s ago: executing program 4 (id=3312): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000002c0)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a40)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r2, {0x0, 0x4}, {0xfff1, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x5, '\x00', 0x2, 0x1, 0xc, 0x63f1}}}}]}, 0x48}}, 0x0) 7m34.934056442s ago: executing program 4 (id=3318): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x911, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x68}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000000}, 0x0) 7m33.137490247s ago: executing program 39 (id=3318): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x911, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x68}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000000}, 0x0) 6m55.442040729s ago: executing program 1 (id=3501): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1) sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000040200f2c8dc1b"], 0x38}, 0x1, 0x0, 0x0, 0x24044844}, 0x0) 6m54.452293352s ago: executing program 1 (id=3507): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3200009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x1) open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000f8000000eafffffffb"], 0x98300) 6m53.531605867s ago: executing program 1 (id=3513): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000003c0)={0x6, "030000000000000023000000debd12ffff00000000000000000020000400", 0xffffffffffffffff}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x10000001}) close(0x3) 6m52.426173595s ago: executing program 1 (id=3520): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) chdir(&(0x7f00000001c0)='./file0\x00') r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x42000, 0x0) getdents64(r0, &(0x7f0000000c80)=""/135, 0x87) 6m50.52707886s ago: executing program 1 (id=3528): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a300000000040000000030a09020000000000000000020000000900010073797a30000000000900030073797a3200000000140004800800014000000000080002400000000014000000110001"], 0x88}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x4}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x7}, @NFTA_EXTHDR_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000240)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x3, 0x8, 0x24, 0x67, 0x0, 0x3, 0x21, 0x0, @multicast1, @empty}, {{0x4e22, 0x4e21, 0x4, 0x1, 0x3, 0x0, 0x0, 0x9, 0x5, "446013", 0x9, "6d0e4c"}}}}}}, 0x0) 6m47.486654482s ago: executing program 1 (id=3540): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66) 6m46.52601139s ago: executing program 40 (id=3540): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66) 6m27.267766882s ago: executing program 8 (id=3619): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001640)={0x2, 0x1, 0x0, 0x9, 0x8, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}}]}, 0x40}}, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001ec0)=ANY=[@ANYBLOB="020100030a0000000000000000000000020010000000000200000000000000000300050000000000020000009d1414000000000000000000030006000000000002000000ac14"], 0x50}}, 0x0) sendmsg$key(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000980)=ANY=[@ANYBLOB="020902090900000029bd7000fbdbdf25070019"], 0x48}}, 0x400e004) 6m26.840769797s ago: executing program 8 (id=3622): socket$alg(0x26, 0x5, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x48d, &(0x7f0000001480)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x47f, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x46b, 0x0, @opaque="057524bf940373e8bca4359799dad4c66d4a5658b040df1d2517265a0c1d8acd8e312762f7827ddc8a82f57fb99fd49860a9b2b97f8f69d8c9052f3da84310bacdec015b6792bff069f9fae4218e682b2f6a31ffc13c14027c2ab5372fb93b6d953233ff9123eea24e957c0f41d3067375e3b9056ff206387787d860bb602c81c838cff2175342ef213faa446049d0dd131c63f032a7216aa043e00626a82feb075317c57adfafd7f59c665342b228ab17b0502735b6bd02dfed9b339a945a8f1f162e30b81a28ed61d6b437058a2e0fbfb7a56cb721e40a0dfb70943158992ec710db60f53e8e675258fcbda7da57005df331652f19e38648948714daa6c51fe2bd1d5235c3b028141d91cbea29754cfcb9b070b0780da49295e8c490a6735ec0cd077e84cbfd2620b113e58e84c328edbf71b46e360727ce60f4f8e182253abf8cbf568e1bd4f61c2981f470e224cc1b81c66494c8e6468b48499672e3d144e1a9242c8b9f98c04bb0f0ba9c9407633bccce9bea286e2b52404f305e107932d9d098737114b5f888a01cc1e3c2b3c562e1d1dbd5033837df20944dc2ed3c57e64e24b7b908d63e3626d88c150c4d2f4dc507d6f44927fb06b0a9303db34ab3032d62cc2d5b8602f9f95b73943ba6dc17429735dc7a5630ea0c7711adb5429a82456e1f4dc32dc9a3418cc393badf2f3ebcc3d935efb695f8d520f6fb9e0752a301ec8b6076f62fb9bcf1c14c17acb12b9ecb9890548710c3af38c2c1b97c8bcc9b9041f352f0d28634438660ad103bef85f6847e1333b095f18330446f0dbbb4f65e769d422cf6ae472ab4ddf1cec78007783fc267a3303b9eb7ca33636e2a4240405a6807b0a2ebc0e0e37047a93f8f3701d56c6abdbed8720bfdd827619695622ec61e6804f8ad48bf08cf33a8dadb8c8a1702daed7ffdb8ddc404f47d81b1633d396e95f4a231da05b5dc2a186cc1174ee5f3cd0b5368eb5e07455179e36181c498f9e2eb769083c0ea044326c096bd33d1bf3394fe89d25916d3c1bc6f15e634af891e69786f9551d85a7e9355b7e635a0c66f2dce0d8348b26cc3a5e78255813eb8e4c6ac315e2863a824491f03f42822421e78d61d54ef8c55a6a6cbc85ace84b2b941e8e677e73e4cefc93b4272074763d75cfdcef6c975defadcd74bcae6ebc30d7a860891af2b0b9b706baee65c8e8f80c9748b365b045aa210b1859e5aae03738fb84ecd6aa1f4a9b06ae3f2b0f0d376ac4238d4857189e4a56a0c96b686a06a91dd70ec5799819b4f4f5507179cfc258fd359a240a18bf56d68669be21933d7d009a97fad4ea729c1990278c8d10154db7feb7a707798ad6ffa15e544d9858c8e560359a6fb9b4cb5b5af301cafc1680e3eb7e0b31ffa7d75ff912e30a4e6742b1c9ea6943dd987871e50e7c10ab3c255499803e214c597d579a3dc9deea99dae64f4e50f5ebfbaf2f3ac892c7587e0e0cd5cda8f6516f3d74d4c65c0567dc82072cf79c884c7fc83bd0e608faafe09e92bf55e8995f48e8a4c81b191550b90a1ff3f5bb95c2fbe291a930fa41bda7aa2735b2988aaca12ee146c9a71"}}}}}, 0x0) recvmmsg(r0, &(0x7f0000002a40)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000013c0)=""/49, 0x94}, {0x0}], 0x2}, 0x5}], 0x1, 0x40000000, 0x0) 6m25.625370435s ago: executing program 8 (id=3631): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast}) writev(r0, &(0x7f0000001580)=[{&(0x7f0000000080)="2e9b020007e03dd65193dfb6c575963f88fb", 0x12}, {&(0x7f00000014c0)="fa45c57dc712", 0x6}], 0x2) 6m24.11512191s ago: executing program 8 (id=3636): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) chroot(&(0x7f0000000100)='./file0\x00') setxattr$incfs_size(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x2) 6m23.370897188s ago: executing program 8 (id=3641): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x48, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x400000000000009}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x48}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 6m22.692863962s ago: executing program 8 (id=3644): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804) 6m20.457212132s ago: executing program 41 (id=3644): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804) 23.323589473s ago: executing program 6 (id=5697): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000002c0)={0x38, r2, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x38}}, 0x20000000) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x1c, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x400c000) 22.588568086s ago: executing program 6 (id=5702): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x28241, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x3) ioctl$SNDCTL_DSP_RESET(r0, 0x5000, 0x0) 21.403607426s ago: executing program 6 (id=5709): write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff01"], 0x15) r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_driver={0x232, 0xffffff01, 0x0}) 20.701114702s ago: executing program 6 (id=5713): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000240)='./file0\x00') 20.322447721s ago: executing program 6 (id=5715): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB='&'], 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) close_range(r2, 0xffffffffffffffff, 0x0) 19.652679389s ago: executing program 6 (id=5719): r0 = userfaultfd(0x1) mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x100}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x5}) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000140)={&(0x7f0000ff7000/0x9000)=nil, 0x9000}) 18.553784061s ago: executing program 42 (id=5719): r0 = userfaultfd(0x1) mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x100}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x5}) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000140)={&(0x7f0000ff7000/0x9000)=nil, 0x9000}) 4.561958514s ago: executing program 2 (id=5782): r0 = creat(&(0x7f0000000000)='./file1\x00', 0x28) r1 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x65, 0x62, 0x62, 0x86cc4097e8288a3a, 0x31, 0x66, 0x34, 0x34, 0x30, 0x62, 0x0, 0x0, 0x64, 0x61, 0x3f]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00", 0x16}, 0x48, 0xfffffffffffffffe) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x1d) close_range(r0, 0xffffffffffffffff, 0x0) 4.424776874s ago: executing program 3 (id=5784): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6e84}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000900)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 4.051097463s ago: executing program 2 (id=5786): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x2100, 0x4) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000000)) 3.98159162s ago: executing program 5 (id=5787): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xffffb000) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x0, r0) write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2) readv(r1, &(0x7f0000000180)=[{&(0x7f00000015c0)=""/4096, 0x1000}], 0x1) 3.777477487s ago: executing program 3 (id=5788): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffeffffffffff}, {0x0, 0x0, 0x40000000000000, 0x9}}}, 0xb4}}, 0x0) syz_emit_ethernet(0x46, &(0x7f00000009c0)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra}}}}}, 0x0) 3.668612426s ago: executing program 0 (id=5789): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000100000000000000000095"], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x41100}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='block_bio_remap\x00', r0}, 0x10) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000023c0)={r1, 0x58}, 0x10) 3.619200825s ago: executing program 5 (id=5790): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8004) sendmsg$kcm(r1, &(0x7f0000000680)={0x0, 0x61, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e1406ca000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 3.079951883s ago: executing program 5 (id=5791): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x1000) ppoll(&(0x7f0000000040)=[{r0, 0x9620}], 0x1, 0x0, 0x0, 0x0) mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x1000009, 0x11, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x10000) 2.872139731s ago: executing program 2 (id=5792): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0x2, 0x4) sendmmsg$inet6(r0, &(0x7f0000000380)=[{{&(0x7f0000000b00)={0xa, 0x4e23, 0x0, @local}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/127, 0xffffffffffffff02}, 0xdb30}], 0x1, 0x40002040, 0x0) 2.869697601s ago: executing program 3 (id=5793): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000094000000060a010400000000000000000100000008000b40000000006c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000340001800c0001007060796c6f61640024000280080003400000002f080005400000000f0800024000000002080004400000008709"], 0x108}, 0x1, 0x0, 0x0, 0x80}, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4) 2.690099835s ago: executing program 0 (id=5794): r0 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000340)=ANY=[@ANYBLOB="00020401", @ANYBLOB="78d97a"], 0x18) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0x2, @mcast1, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001840), 0x3b, 0x0) 2.251887655s ago: executing program 3 (id=5795): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x1, 0x7fffffff, 0x0, 0x32}, 0x9c) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x0, 0x0, 0x54, 0x6}, 0x9c) 2.184301803s ago: executing program 2 (id=5796): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000740)='./bus\x00', 0x283016, 0x0, 0x11, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000140), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@xino_on}, {@nfs_export_on}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') read$FUSE(r0, &(0x7f0000000980)={0x2020}, 0x2020) 1.942566932s ago: executing program 0 (id=5797): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800704, &(0x7f0000000000), 0xff, 0x4b3, &(0x7f0000000380)="$eJzs3EtoXFUfAPD/vXn03eTrV6utrUarWHwkTfqwCxcqCi4UBF3UZUzSWjttJIlgS9AoUpdScC8uBZeu3LnxtRDBrYJLKRQNQlNXkTv33nSazKRJmmTazO8Hkznn3jNzzv/ecyZn7pmZAFpWT/YnidgeEb9FRFeevblAT343Mz05dH16ciiJ2dnX/kqq5a5NTw6VRcvHbSsyh9KI9OMknk0W1jt+4eLZwUplZKzI902ce6dv/MLFp86cGzw9cnrk/MCJE0eP9D99fODYsmPaUmdbFte1fe+P7t/70huXXxk6efnNH7/KmrXnQL6/No5bul4noDp6sqP292zV/H2PLrmyu8OOmnTS3sSGsCxtEZGdro7q+O+Ktrhx8rrixY+a2jhgTWX/mzY13j01C2xgSTS7BUBzlP/os/e/5W2dph53hKvPRXQW6ZnpyaGZufjbIy22d6xh/T0RcXLq38+zWyz3OgQAwApU5zZP1pv/pbGnep+vdews1lC6I+J/EbErIv4fEbsj4p6Iatl7I+K+/MGzXXXqSr9fuK1nXn7h/Ce9UrfNqySb/z1TM/ebqYm/uOtuK3I7qvF3JKfOVEYOF8fkUHRsyvL9i9Tx7Qu/ftpoX+38L7tl9ZdzwaIBV9rzC3TlNDWGBycGV+sgXP0wYl97vfiTuZWArAfsjYh9y3vqnWXizONf7m9U6NbxL2IV1plmv4h4LD//UzEv/lLSYH0y6+PHB471bY7KyOG+slcs9NMvl15tVP9txb8KsvO/9eb+P69E1z9Jvl7bEZXKyNj48uu49PsnDd/TLKP/z8n6f2fyenXN+ue38m3vDU5MjPVHdCYvV/PlYKluH7jx2DJfls/iP3Sw/vjfVTwmi//+iMg68YGInQ9ExINF2x+KiIcj4uAi8f/w/CNvLxJ/Ekk09fwP1339m+v/3Untev0KEm1nv/um0Yr50s7/0Ziqvtbmqq9/t7DUBt7m4QMAAIC7QhoR2yNJe/N0z/ZI097e/DP8u2NrWhkdn3ji1Oi754fz7wh0R0daXunqqrke2p9MFc+Y5weKa8Xl/iPFdePP2rZU871Do5XhJscOrW7bzeM/yvGf+bOt2a0D1lzjdbSalZfO9WkLsL7mj/+0Se0A1t9SPkfjvQBsTHXGf73f0AA2IL/XAq2r3vj/YF5+wfzfDAE2hIXj/486P1kHbETm/9C6jH9oXcY/tKTb+V7/yhPllwVW/jybl/wN/1ZJlJ/PXMu6tsSNLZE2KNwRd8DRWKVERHx9BzRjZCwbMetbqU/8AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG8N/AQAA//8+H+Ua") r0 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0) pwrite64(r0, &(0x7f0000000080)="8e", 0x1, 0x709c) r1 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000dc0)=ANY=[@ANYBLOB="0700000000000000acc6f2"]) 1.729194959s ago: executing program 3 (id=5798): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x0, 0x401}]}) readahead(0xffffffffffffffff, 0x22, 0x4) fcntl$setown(r0, 0x8, 0x0) 1.5673075s ago: executing program 5 (id=5799): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = eventfd2(0x1, 0x1) unshare(0x20400) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1}) 1.531621918s ago: executing program 2 (id=5800): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = fsopen(&(0x7f0000000280)='proc\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x1) clock_adjtime(0xffffffd3, &(0x7f0000000280)={0x10000, 0x7, 0x2, 0x0, 0x7, 0xb, 0x651, 0xfffffffffffffff9, 0x8000009657, 0x1, 0x7fffffff, 0x0, 0x10, 0xb, 0x80000000000000, 0xcc0, 0x1, 0x1, 0x94d6, 0x0, 0x0, 0x809, 0x0, 0xfffffffffffffffa, 0x3, 0x2000000000006}) 1.217232694s ago: executing program 0 (id=5801): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x4, {0x0, 0x1}, 0xa5a150b929f034a7}, 0x18) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) sendmsg$can_j1939(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x1d, r2, 0x2, {0x1, 0xff, 0x5}, 0xfd}, 0x18, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x10) 950.873071ms ago: executing program 2 (id=5802): r0 = socket$inet_sctp(0x2, 0x1, 0x84) close(r0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1c000000840000000200000006000400290000000e000002aa56"], 0x1c, 0x2400e044}, 0x6) 741.324119ms ago: executing program 5 (id=5803): rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r0 = gettid() r1 = getpid() rt_tgsigqueueinfo(r1, r0, 0x1f, &(0x7f0000000080)={0x11, 0x0, 0x2}) rt_sigtimedwait(&(0x7f0000000180)={[0x7fffffffffffffff]}, &(0x7f00000001c0), 0x0, 0x8) 660.032757ms ago: executing program 0 (id=5804): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000001640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10) getxattr(0x0, 0x0, 0x0, 0x0) 643.874184ms ago: executing program 7 (id=5722): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x8, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000000)="1c3513000000", &(0x7f00000001c0)=""/4103, 0x0, 0x10, 0x0, 0x0}) 492.352191ms ago: executing program 3 (id=5805): syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000a80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000c40)=ANY=[], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) renameat2(r1, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1) linkat(r0, &(0x7f0000000180)='./file1\x00', r0, &(0x7f0000000640)='./bus\x00', 0x0) 363.712771ms ago: executing program 5 (id=5806): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000440)={@val={0x8, 0x800}, @val={0x5, 0x0, 0x6, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x1c, 0x66, 0x0, 0xb, 0x89, 0x0, @rand_addr=0x64010102, @broadcast}, "3297e3ba0fa8a2e7"}}, 0x2a) 28.197915ms ago: executing program 7 (id=5807): io_setup(0x1, &(0x7f00000001c0)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x48) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) 0s ago: executing program 0 (id=5808): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2}) syz_clone(0x42080000, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): acity change from 0 to 136 [ 1002.683978][T16852] loop5: detected capacity change from 0 to 1764 [ 1002.879342][ T3726] Bluetooth: hci5: Frame reassembly failed (-84) [ 1002.896930][T16856] Bluetooth: hci5: Frame reassembly failed (-84) [ 1002.975358][T16859] netlink: 'syz.2.4464': attribute type 1 has an invalid length. [ 1002.987330][T16860] input: syz0 as /devices/virtual/input/input53 [ 1003.724142][T16870] loop8: detected capacity change from 0 to 8 [ 1003.742092][T16870] Dev loop8: unable to read RDB block 8 [ 1003.748076][T16870] loop8: unable to read partition table [ 1003.783236][T16870] loop8: partition table beyond EOD, truncated [ 1003.789764][T16870] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1003.851337][T16874] netlink: 212916 bytes leftover after parsing attributes in process `syz.0.4472'. [ 1004.881754][ T5811] Bluetooth: hci5: command 0x1003 tx timeout [ 1004.888402][T14564] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1005.235027][T16894] loop3: detected capacity change from 0 to 256 [ 1005.245720][T16894] exfat: Deprecated parameter 'namecase' [ 1005.253665][T16894] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 1005.304448][T16894] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 1005.581251][ T42] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 1005.741771][ T42] usb 7-1: Using ep0 maxpacket: 16 [ 1005.775358][ T42] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1005.786854][ T42] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1005.797036][ T42] usb 7-1: config 0 interface 0 has no altsetting 0 [ 1005.804274][ T42] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 1005.813778][ T42] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1006.048867][ T42] usb 7-1: config 0 descriptor?? [ 1006.569116][ T42] nzxt-smart2 0003:1E71:2009.0032: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.6-1/input0 [ 1006.782874][ T42] usb 7-1: USB disconnect, device number 18 [ 1007.129260][T16912] loop2: detected capacity change from 0 to 2048 [ 1007.272779][T16912] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1007.402617][T16905] loop3: detected capacity change from 0 to 65536 [ 1007.459413][T16905] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1007.631173][T16905] XFS (loop3): Ending clean mount [ 1007.747212][T14009] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1008.497131][T16932] loop8: detected capacity change from 0 to 8 [ 1008.507204][T16932] Dev loop8: unable to read RDB block 8 [ 1008.513294][T16932] loop8: unable to read partition table [ 1008.520390][T16932] loop8: partition table beyond EOD, truncated [ 1008.527853][T16932] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1009.249491][T16934] loop5: detected capacity change from 0 to 8192 [ 1009.316908][T16938] loop2: detected capacity change from 0 to 1024 [ 1009.343717][T16938] EXT4-fs: inline encryption not supported [ 1009.350333][T16938] EXT4-fs: Ignoring removed nobh option [ 1009.356420][T16938] EXT4-fs: Ignoring removed bh option [ 1009.394080][T16940] binder_alloc: binder_alloc_mmap_handler: 16939 80ffe000-81000000 already mapped failed -16 [ 1009.472491][T16938] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1009.913676][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1010.502958][T16953] loop2: detected capacity change from 0 to 1024 [ 1010.694367][T16953] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1010.922924][T16965] loop8: detected capacity change from 0 to 8 [ 1010.962577][T16965] Dev loop8: unable to read RDB block 8 [ 1010.968447][T16965] loop8: unable to read partition table [ 1010.982835][T16965] loop8: partition table beyond EOD, truncated [ 1010.989502][T16965] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1011.080518][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1011.598866][T16977] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4513'. [ 1011.608656][T16977] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4513'. [ 1011.665447][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 1011.745096][T16979] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4516'. [ 1011.754764][T16979] netlink: 220 bytes leftover after parsing attributes in process `syz.5.4516'. [ 1012.336957][T16990] loop2: detected capacity change from 0 to 1024 [ 1012.373390][T16990] EXT4-fs: Ignoring removed orlov option [ 1012.433992][T16989] loop5: detected capacity change from 0 to 1024 [ 1012.454899][T16990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1012.561953][T16989] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1012.575332][T16989] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1012.711571][T16989] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.4520: lblock 3 mapped to illegal pblock 3 (length 3) [ 1012.796535][T16989] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 1012.812058][T16989] EXT4-fs (loop5): This should not happen!! Data will be lost [ 1012.812058][T16989] [ 1012.825206][T17003] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm syz.5.4520: lblock 0 mapped to illegal pblock 0 (length 2) [ 1012.946314][T17003] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117 [ 1012.959309][T17003] EXT4-fs (loop5): This should not happen!! Data will be lost [ 1012.959309][T17003] [ 1012.981562][ T3814] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:17: lblock 8 mapped to illegal pblock 8 (length 8) [ 1013.023498][T16989] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #15: comm syz.5.4520: lblock 0 mapped to illegal pblock 0 (length 2) [ 1013.065156][ T3814] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 1013.079077][ T3814] EXT4-fs (loop5): This should not happen!! Data will be lost [ 1013.079077][ T3814] [ 1013.386289][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1013.401194][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1013.876427][T17019] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4530'. [ 1014.376279][T17025] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4535'. [ 1016.370163][T17045] nr0: (slave vlan3): Opening slave failed [ 1019.091255][ T42] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 1019.281856][ T42] usb 7-1: Using ep0 maxpacket: 8 [ 1019.397100][ T42] usb 7-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1019.407036][ T42] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1019.415413][ T42] usb 7-1: Product: syz [ 1019.419755][ T42] usb 7-1: Manufacturer: syz [ 1019.424668][ T42] usb 7-1: SerialNumber: syz [ 1019.532942][T17059] loop3: detected capacity change from 0 to 128 [ 1019.615531][ T42] usb 7-1: config 0 descriptor?? [ 1019.660153][ T30] audit: type=1800 audit(1764537992.910:349): pid=17059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4549" name="file2" dev="loop3" ino=1048763 res=0 errno=0 [ 1019.715652][ T42] gspca_main: sq905-2.14.0 probing 2770:9120 [ 1019.893211][T17059] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 1019.901650][T17059] FAT-fs (loop3): Filesystem has been set read-only [ 1020.151040][T17059] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 1020.160309][T17059] bio_check_eod: 1151 callbacks suppressed [ 1020.160442][T17059] syz.3.4549: attempt to access beyond end of device [ 1020.160442][T17059] loop3: rw=2049, sector=2065, nr_sectors = 8 limit=128 [ 1020.700378][ T42] gspca_sq905: sq905_command: usb_control_msg failed (-71) [ 1020.708574][ T42] sq905 7-1:0.0: probe with driver sq905 failed with error -71 [ 1020.738715][ T42] usb 7-1: USB disconnect, device number 19 [ 1021.180639][T17023] Set syz1 is full, maxelem 65536 reached [ 1021.877548][T17073] input: syz1 as /devices/virtual/input/input54 [ 1022.340152][T17078] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1022.428320][T17078] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1023.055659][T17086] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4560'. [ 1023.237154][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 1023.243953][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 1023.674050][T17094] input: syz1 as /devices/virtual/input/input55 [ 1023.680880][T17094] input: failed to attach handler leds to device input55, error: -6 [ 1026.869071][T17135] loop5: detected capacity change from 0 to 512 [ 1026.886345][T17135] EXT4-fs: Ignoring removed orlov option [ 1026.927942][T17135] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 1027.006196][T17135] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 1027.146802][T17135] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.4582: corrupted in-inode xattr: e_value size too large [ 1027.185311][T17145] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4585'. [ 1027.195485][T17135] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4582: couldn't read orphan inode 15 (err -117) [ 1027.235972][T17135] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1027.644058][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1027.923548][T17153] loop5: detected capacity change from 0 to 512 [ 1027.961731][T17153] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 1028.038457][T17153] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0102] [ 1028.116900][T17153] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.4590: corrupted in-inode xattr: e_value size too large [ 1028.183438][T17153] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4590: couldn't read orphan inode 15 (err -117) [ 1028.213851][T17153] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1028.239030][T17162] loop2: detected capacity change from 0 to 128 [ 1028.308433][T17153] EXT4-fs error (device loop5): ext4_check_dx_root:2203: inode #2: comm syz.5.4590: Corrupt dir, invalid name_len for '..', running e2fsck is recommended [ 1028.431382][T17162] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1028.508360][T17162] ext4 filesystem being mounted at /337/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1028.540409][ C1] vkms_vblank_simulate: vblank timer overrun [ 1028.597417][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1028.942835][T12886] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1029.240356][T17171] loop5: detected capacity change from 0 to 2048 [ 1031.062402][ T5865] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 1031.231344][ T5865] usb 1-1: Using ep0 maxpacket: 32 [ 1031.270181][ T5865] usb 1-1: config 0 has an invalid interface number: 188 but max is 0 [ 1031.278745][ T5865] usb 1-1: config 0 has no interface number 0 [ 1031.285562][ T5865] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 1031.387943][ T5865] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 1031.397498][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1031.406122][ T5865] usb 1-1: Product: syz [ 1031.410507][ T5865] usb 1-1: Manufacturer: syz [ 1031.415662][ T5865] usb 1-1: SerialNumber: syz [ 1031.471765][ T5865] usb 1-1: config 0 descriptor?? [ 1031.479500][T17199] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1031.767753][T17199] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1032.529003][ T5865] asix 1-1:0.188 (unnamed net_device) (uninitialized): invalid hw address, using random [ 1032.748171][T17224] loop5: detected capacity change from 0 to 512 [ 1032.763613][ T5865] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1032.774345][ T5865] asix 1-1:0.188 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1032.785806][ T5865] asix 1-1:0.188: probe with driver asix failed with error -71 [ 1032.806647][ T5865] usb 1-1: USB disconnect, device number 36 [ 1032.816861][T17224] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 1032.863270][T14535] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 1033.060310][T14535] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1033.072476][T14535] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1033.110574][T14535] usb 7-1: config 0 descriptor?? [ 1033.130959][T17224] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 1033.163591][T14535] cp210x 7-1:0.0: cp210x converter detected [ 1033.188776][T17224] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4620: bg 0: block 248: padding at end of block bitmap is not set [ 1033.284103][T17224] Quota error (device loop5): write_blk: dquota write failed [ 1033.292228][T17224] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 1033.303580][T17224] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.4620: Failed to acquire dquot type 1 [ 1033.355444][T17224] EXT4-fs (loop5): 1 truncate cleaned up [ 1033.365317][T17224] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 1033.444505][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1033.471081][T17224] EXT4-fs error (device loop5): ext4_lookup:1791: inode #2: comm syz.5.4620: deleted inode referenced: 12 [ 1033.507522][ T30] audit: type=1326 audit(1764538006.760:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d558 code=0x7ffc0000 [ 1033.531094][ T30] audit: type=1326 audit(1764538006.760:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d558 code=0x7ffc0000 [ 1033.554735][ T30] audit: type=1326 audit(1764538006.760:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d558 code=0x7ffc0000 [ 1033.579913][ T30] audit: type=1326 audit(1764538006.760:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d558 code=0x7ffc0000 [ 1033.605532][ T30] audit: type=1326 audit(1764538006.760:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d558 code=0x7ffc0000 [ 1033.628492][ T30] audit: type=1326 audit(1764538006.760:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d558 code=0x7ffc0000 [ 1033.721506][T14535] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1033.784416][ T30] audit: type=1326 audit(1764538006.910:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706d558 code=0x7ffc0000 [ 1033.807140][ T30] audit: type=1326 audit(1764538006.930:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17232 comm="syz.3.4622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000 [ 1033.942906][T14535] usb 7-1: cp210x converter now attached to ttyUSB0 [ 1033.997426][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 1034.015934][ T3481] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:10: Failed to release dquot type 1 [ 1034.145855][T14535] usb 7-1: USB disconnect, device number 20 [ 1034.168648][T14535] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1034.221870][T14535] cp210x 7-1:0.0: device disconnected [ 1036.021798][T14535] usb 7-1: new full-speed USB device number 21 using dummy_hcd [ 1036.222529][T14535] usb 7-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1036.236849][T14535] usb 7-1: config 1 interface 0 has no altsetting 0 [ 1036.308610][T14535] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1036.318189][T14535] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1036.328512][T14535] usb 7-1: SerialNumber: syz [ 1036.373455][T17257] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1036.653751][T14535] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71 [ 1036.687336][T14535] usb 7-1: USB disconnect, device number 21 [ 1037.063665][T17278] netlink: 'syz.3.4641': attribute type 1 has an invalid length. [ 1037.071816][T17278] netlink: 'syz.3.4641': attribute type 2 has an invalid length. [ 1037.785775][ T9771] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 1037.982844][ T9771] usb 4-1: Using ep0 maxpacket: 32 [ 1038.005285][ T9771] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1038.015457][ T9771] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1038.022497][ T9771] usb 4-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 1038.031979][ T9771] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1038.072891][T17294] syzkaller1: entered promiscuous mode [ 1038.078694][T17294] syzkaller1: entered allmulticast mode [ 1038.111219][ T9771] usb 4-1: config 0 descriptor?? [ 1038.631680][ T9771] magicmouse 0003:05AC:0265.0033: hidraw0: USB HID v0.07 Device [HID 05ac:0265] on usb-dummy_hcd.3-1/input0 [ 1038.790060][ T9771] usb 4-1: USB disconnect, device number 15 [ 1039.792370][T17317] loop2: detected capacity change from 0 to 7 [ 1039.857402][T17317] Dev loop2: unable to read RDB block 7 [ 1039.863652][T17317] loop2: unable to read partition table [ 1039.886729][T17317] loop2: partition table beyond EOD, truncated [ 1039.893311][T17317] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 1039.963888][T17324] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4660'. [ 1039.992863][T17324] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4660'. [ 1041.159999][T17340] loop6: detected capacity change from 0 to 128 [ 1041.254087][T17345] Invalid ELF header magic: != ELF [ 1042.222867][ T4146] Bluetooth: hci5: Frame reassembly failed (-84) [ 1042.571087][T14535] usb 6-1: new full-speed USB device number 11 using dummy_hcd [ 1042.739800][T14535] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1042.749811][T14535] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1042.760328][T14535] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4 [ 1042.858557][T14535] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1042.868216][T14535] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1042.876589][T14535] usb 6-1: Product: syz [ 1042.882964][T14535] usb 6-1: Manufacturer: syz [ 1042.887765][T14535] usb 6-1: SerialNumber: syz [ 1042.952005][T17366] loop2: detected capacity change from 0 to 128 [ 1043.133314][T17368] loop3: detected capacity change from 0 to 256 [ 1043.186175][T17368] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 1043.262352][T14535] usb 6-1: USB disconnect, device number 11 [ 1043.951178][ T30] kauditd_printk_skb: 332 callbacks suppressed [ 1043.951266][ T30] audit: type=1326 audit(1764538017.180:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17367 comm="syz.3.4679" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7fc00000 [ 1044.242380][ T5811] Bluetooth: hci5: command 0x1003 tx timeout [ 1044.242711][T14564] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1045.207668][T17395] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4689'. [ 1045.217137][T17395] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4689'. [ 1045.471734][T17402] loop3: detected capacity change from 0 to 128 [ 1045.507856][T17402] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1045.531010][T17402] hpfs: filesystem error: improperly stopped [ 1045.537361][T17402] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1045.545616][T17402] hpfs: You really don't want any checks? You are crazy... [ 1045.585390][T17402] hpfs: hpfs_map_sector(): read error [ 1045.591336][T17402] hpfs: code page support is disabled [ 1045.651856][T17402] hpfs: hpfs_map_4sectors(): unaligned read [ 1045.668094][T17402] hpfs: hpfs_map_4sectors(): unaligned read [ 1045.674529][T17402] hpfs: filesystem error: unable to find root dir [ 1045.757470][T17402] hpfs: hpfs_map_4sectors(): unaligned read [ 1046.945573][T17426] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4704'. [ 1046.955062][T17426] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4704'. [ 1048.232814][T17441] loop3: detected capacity change from 0 to 4096 [ 1048.555030][T17454] syzkaller1: entered promiscuous mode [ 1048.561122][T17454] syzkaller1: entered allmulticast mode [ 1048.662514][ T9771] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 1048.778631][ T30] audit: type=1800 audit(1764538022.030:690): pid=17441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4711" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 1048.852816][ T9771] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1048.862312][ T9771] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1048.891909][ T30] audit: type=1800 audit(1764538022.080:691): pid=17441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4711" name="file1" dev="loop3" ino=33 res=0 errno=0 [ 1048.898167][ T9771] usb 3-1: config 0 descriptor?? [ 1049.004899][ T9771] cp210x 3-1:0.0: cp210x converter detected [ 1049.437739][ T9771] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -71 [ 1049.463940][ T9771] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 1049.472168][ T9771] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 1049.501564][ T9771] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1049.524143][ T9771] usb 3-1: USB disconnect, device number 17 [ 1049.542597][ T9771] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1049.556307][ T9771] cp210x 3-1:0.0: device disconnected [ 1049.868953][T17472] loop3: detected capacity change from 0 to 2048 [ 1049.909402][T17472] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1049.956437][T17478] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1050.021417][T17472] NILFS (loop3): unable to set label with more than 80 bytes [ 1050.261300][ T9771] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1050.451804][ T9771] usb 6-1: Using ep0 maxpacket: 8 [ 1050.529924][ T9771] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1050.555452][ T9771] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 1050.565322][ T9771] usb 6-1: can't read configurations, error -71 [ 1051.322190][T14535] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 1051.502594][T14535] usb 7-1: Using ep0 maxpacket: 16 [ 1051.545801][T14535] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1051.557391][T14535] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1051.567126][T14535] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1051.644298][T14535] usb 7-1: config 0 descriptor?? [ 1052.146049][T14535] mcp2221 0003:04D8:00DD.0034: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0 [ 1052.209005][T17512] team_slave_0: entered promiscuous mode [ 1052.215110][T17512] team_slave_1: entered promiscuous mode [ 1052.221139][T17512] bridge1: entered promiscuous mode [ 1052.284092][T17512] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1052.303295][ T9771] usb 6-1: new full-speed USB device number 14 using dummy_hcd [ 1052.340531][T17498] i2c i2c-1: unsupported multi-msg i2c transaction [ 1052.375529][ T5854] usb 7-1: USB disconnect, device number 22 [ 1052.498903][ T9771] usb 6-1: config 0 interface 0 altsetting 10 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1052.512059][ T9771] usb 6-1: config 0 interface 0 altsetting 10 endpoint 0x2 has invalid maxpacket 1023, setting to 64 [ 1052.527095][ T9771] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1052.535245][ T9771] usb 6-1: New USB device found, idVendor=05ac, idProduct=0215, bcdDevice= 0.00 [ 1052.547438][ T9771] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1052.588099][ T9771] usb 6-1: config 0 descriptor?? [ 1052.599998][T17509] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 1053.097736][ T9771] apple 0003:05AC:0215.0035: hidraw0: USB HID v0.00 Device [HID 05ac:0215] on usb-dummy_hcd.5-1/input0 [ 1053.265177][ T9771] usb 6-1: USB disconnect, device number 14 [ 1054.287805][T17534] loop6: detected capacity change from 0 to 4096 [ 1055.492606][ T5865] usb 4-1: new full-speed USB device number 16 using dummy_hcd [ 1055.717038][ T5865] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1055.728846][ T5865] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 1055.740203][ T5865] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1055.749609][ T5865] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1055.789306][T17553] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1055.812081][T17553] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1055.837288][ T5865] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1056.097683][ T5865] usb 4-1: USB disconnect, device number 16 [ 1057.384058][T17585] input: syz0 as /devices/virtual/input/input56 [ 1057.860010][T17592] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4777'. [ 1058.867357][T17611] overlayfs: conflicting lowerdir path [ 1058.940128][T17611] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 1059.642922][ T5865] usb 7-1: new full-speed USB device number 23 using dummy_hcd [ 1059.715590][T17625] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0 [ 1059.725065][T17624] IPVS: stopping master sync thread 17625 ... [ 1059.810040][ T5865] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1059.819694][ T5865] usb 7-1: config 1 has no interface number 0 [ 1059.826273][ T5865] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1059.837702][ T5865] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 1059.848887][ T5865] usb 7-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 1059.858306][ T5865] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 1059.869503][ T5865] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 172, setting to 64 [ 1060.082329][ T5865] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1060.092148][ T5865] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1060.102853][ T5865] usb 7-1: Product: syz [ 1060.107224][ T5865] usb 7-1: Manufacturer: syz [ 1060.112889][ T5865] usb 7-1: SerialNumber: syz [ 1060.166657][T17618] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1060.446132][T17618] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1060.487849][T17618] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1060.739102][T17618] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1061.248169][T17618] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1061.260070][T17618] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1061.275145][ T5865] cdc_ncm 7-1:1.1: bind() failure [ 1061.507481][ T5865] usb 7-1: USB disconnect, device number 23 [ 1061.638483][T17647] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4801'. [ 1061.648185][T17647] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4801'. [ 1062.211520][ T9771] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 1062.278784][T17655] loop5: detected capacity change from 0 to 1024 [ 1062.293660][T17655] EXT4-fs: inline encryption not supported [ 1062.300050][T17655] EXT4-fs: Ignoring removed nobh option [ 1062.306097][T17655] EXT4-fs: Ignoring removed bh option [ 1062.399420][T17655] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1062.441363][ T9771] usb 4-1: Using ep0 maxpacket: 32 [ 1062.462578][ T9771] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 1062.472173][ T9771] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1062.486396][ T9771] usb 4-1: config 0 descriptor?? [ 1062.712182][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1062.753592][ T9771] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 1062.793530][ T9771] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1062.828321][ T9771] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 1062.839099][ T9771] usb 4-1: media controller created [ 1062.936171][ T9771] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1063.192780][ T5865] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 1063.240999][T17673] loop2: detected capacity change from 0 to 256 [ 1063.356533][T17673] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x19066d23, utbl_chksum : 0xe619d30d) [ 1063.412240][ T5865] usb 1-1: config 0 has an invalid interface number: 74 but max is 0 [ 1063.421525][ T5865] usb 1-1: config 0 has no interface number 0 [ 1063.427880][ T5865] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1063.437524][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1063.503293][ T5865] usb 1-1: config 0 descriptor?? [ 1063.514950][ T5865] cp210x 1-1:0.74: cp210x converter detected [ 1063.742198][ T9771] az6027: usb out operation failed. (-71) [ 1063.748220][ T9771] stb0899_attach: Driver disabled by Kconfig [ 1063.758209][ T9771] az6027: no front-end attached [ 1063.758209][ T9771] [ 1063.836201][ T9771] az6027: usb out operation failed. (-71) [ 1063.845467][ T9771] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 1063.857192][ T9771] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input57 [ 1063.892341][ T9771] dvb-usb: schedule remote query interval to 400 msecs. [ 1063.901314][ T9771] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 1063.934830][ T9771] usb 4-1: USB disconnect, device number 17 [ 1063.937886][ T5865] cp210x 1-1:0.74: failed to get vendor val 0x000e size 3: -32 [ 1064.156673][ T5865] cp210x 1-1:0.74: GPIO initialisation failed: -19 [ 1064.198720][ T5865] usb 1-1: cp210x converter now attached to ttyUSB0 [ 1064.216512][ T9771] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 1064.432940][ T5865] usb 1-1: USB disconnect, device number 37 [ 1064.452734][ T5865] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1064.463068][ T5865] cp210x 1-1:0.74: device disconnected [ 1064.806127][ T9771] IPVS: starting estimator thread 0... [ 1064.917399][T17692] IPVS: using max 192 ests per chain, 9600 per kthread [ 1065.092713][T17694] loop3: detected capacity change from 0 to 2048 [ 1065.133475][T17694] NILFS (loop3): invalid segment: Inconsistency found [ 1065.140646][T17694] NILFS (loop3): trying rollback from an earlier position [ 1065.296622][T17694] NILFS (loop3): recovery complete [ 1065.317081][T17702] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1065.388869][T17700] loop5: detected capacity change from 0 to 1024 [ 1065.398952][ T9771] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 1065.415369][T17700] ext4: Unknown parameter 'smackfshat' [ 1065.694058][ T9771] usb 3-1: Using ep0 maxpacket: 32 [ 1065.738574][ T9771] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 1065.748137][ T9771] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1065.759462][ T9771] usb 3-1: Product: syz [ 1065.763977][ T9771] usb 3-1: Manufacturer: syz [ 1065.768774][ T9771] usb 3-1: SerialNumber: syz [ 1065.845867][ T9771] usb 3-1: config 0 descriptor?? [ 1065.878745][ T9771] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 1066.895197][ T9771] gspca_ov534_9: reg_w failed -71 [ 1067.192424][ T9771] gspca_ov534_9: Unknown sensor 0000 [ 1067.192781][ T9771] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22 [ 1067.240640][ T9771] usb 3-1: USB disconnect, device number 18 [ 1069.252389][ T4276] Bluetooth: hci5: Frame reassembly failed (-84) [ 1071.288741][ T5811] Bluetooth: hci5: command 0x1003 tx timeout [ 1071.288825][T14564] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1073.031280][ T30] audit: type=1326 audit(1764538046.280:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.151137][ T30] audit: type=1326 audit(1764538046.310:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.174243][ T30] audit: type=1326 audit(1764538046.320:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.196907][ T30] audit: type=1326 audit(1764538046.320:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.222344][ T30] audit: type=1326 audit(1764538046.320:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.245742][ T30] audit: type=1326 audit(1764538046.320:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.268264][ T30] audit: type=1326 audit(1764538046.320:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.290987][ T30] audit: type=1326 audit(1764538046.330:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.315781][ T30] audit: type=1326 audit(1764538046.330:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.338867][ T30] audit: type=1326 audit(1764538046.360:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17814 comm="syz.5.4874" exe="/root/syz-executor" sig=0 arch=40000003 syscall=46 compat=1 ip=0xf703d539 code=0x7ffc0000 [ 1073.935865][ T5865] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 1074.091316][ T5865] usb 6-1: Using ep0 maxpacket: 16 [ 1074.130299][ T5865] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 1074.140157][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1074.149094][ T5865] usb 6-1: Product: syz [ 1074.153606][ T5865] usb 6-1: Manufacturer: syz [ 1074.158377][ T5865] usb 6-1: SerialNumber: syz [ 1074.212820][ T5865] usb 6-1: config 0 descriptor?? [ 1074.541234][T14535] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 1074.676131][ T5865] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 1074.699377][ T5865] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1074.733649][ T5865] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 1074.745804][ T5865] usb 6-1: media controller created [ 1074.753335][T14535] usb 4-1: Using ep0 maxpacket: 8 [ 1074.863793][ T5865] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1074.884630][T14535] usb 4-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1074.894341][T14535] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1074.902790][T14535] usb 4-1: Product: syz [ 1074.907124][T14535] usb 4-1: Manufacturer: syz [ 1074.912174][T14535] usb 4-1: SerialNumber: syz [ 1074.928316][T17823] dtv5100: wlen = 0, aborting. [ 1074.953052][T14535] usb 4-1: config 0 descriptor?? [ 1074.989403][T14535] gspca_main: sq905-2.14.0 probing 2770:9120 [ 1075.154966][ T5865] zl10353_read_register: readreg error (reg=127, ret==0) [ 1075.165579][ T5865] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 1075.173932][ T5865] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 1075.189189][ T5865] usb 6-1: USB disconnect, device number 15 [ 1075.508649][ T5865] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 1075.686221][T14535] gspca_sq905: sq905_command: usb_control_msg failed (-71) [ 1075.694145][T14535] sq905 4-1:0.0: probe with driver sq905 failed with error -71 [ 1075.819113][T14535] usb 4-1: USB disconnect, device number 18 [ 1076.810613][T17868] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4896'. [ 1076.888869][T17870] kernel profiling enabled (shift: 3) [ 1077.181335][ T5854] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 1077.378535][ T5854] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96 [ 1077.390683][ T5854] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1077.399108][ T5854] usb 1-1: Product: syz [ 1077.407438][ T5854] usb 1-1: Manufacturer: syz [ 1077.416294][ T5854] usb 1-1: SerialNumber: syz [ 1077.476786][ T5854] usb 1-1: config 0 descriptor?? [ 1077.489030][T17877] loop3: detected capacity change from 0 to 256 [ 1077.528505][T17877] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1077.702009][ T5854] peak_usb 1-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels) [ 1077.907426][ T5854] peak_usb 1-1:0.0 can0: sending command failure: -22 [ 1077.920231][ T5854] peak_usb 1-1:0.0 can0: sending command failure: -22 [ 1077.928876][ T5854] peak_usb 1-1:0.0 can0: sending command failure: -22 [ 1078.016615][T17881] netlink: 'syz.2.4903': attribute type 1 has an invalid length. [ 1078.038769][T17881] netlink: 'syz.2.4903': attribute type 2 has an invalid length. [ 1078.074607][ T5854] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -22 [ 1078.124875][T14535] usb 1-1: USB disconnect, device number 38 [ 1078.471285][ T5865] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 1078.703058][ T5865] usb 4-1: config 0 has an invalid interface number: 41 but max is 0 [ 1078.712142][ T5865] usb 4-1: config 0 has no interface number 0 [ 1078.718506][ T5865] usb 4-1: config 0 interface 41 has no altsetting 0 [ 1078.785430][ T5865] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 1078.796666][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1078.805315][ T5865] usb 4-1: Product: syz [ 1078.809673][ T5865] usb 4-1: Manufacturer: syz [ 1078.814842][ T5865] usb 4-1: SerialNumber: syz [ 1078.872616][ T5865] usb 4-1: config 0 descriptor?? [ 1079.077404][T17896] loop2: detected capacity change from 0 to 512 [ 1079.134931][T17896] EXT4-fs: Ignoring removed nobh option [ 1079.296541][T17896] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.4910: iget: bad i_size value: 38620345925642 [ 1079.318889][T17896] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4910: couldn't read orphan inode 15 (err -117) [ 1079.338213][T17900] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4912'. [ 1079.341769][T17896] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1079.679726][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1079.826567][T17905] loop6: detected capacity change from 0 to 128 [ 1079.877390][T17905] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1079.912480][T17905] ext4 filesystem being mounted at /227/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1079.976799][ T5865] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -71 [ 1080.006641][ T5865] usb 4-1: USB disconnect, device number 19 [ 1080.115046][T14873] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1080.802189][T17923] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4920'. [ 1081.526860][T17934] loop2: detected capacity change from 0 to 2048 [ 1081.611828][T17934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1081.627164][T17934] ext4 filesystem being mounted at /411/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1081.725504][T17934] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4924: bg 0: block 345: padding at end of block bitmap is not set [ 1081.746501][T17942] loop6: detected capacity change from 0 to 64 [ 1081.769877][T17934] EXT4-fs (loop2): Remounting filesystem read-only [ 1081.832845][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1081.832924][ T30] audit: type=1326 audit(1764538055.090:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21539 code=0x7ffc0000 [ 1081.862124][ T30] audit: type=1326 audit(1764538055.090:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21539 code=0x7ffc0000 [ 1082.027186][ T30] audit: type=1326 audit(1764538055.160:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f21558 code=0x7ffc0000 [ 1082.050340][ T30] audit: type=1326 audit(1764538055.170:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f21558 code=0x7ffc0000 [ 1082.073140][ T30] audit: type=1326 audit(1764538055.170:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f21558 code=0x7ffc0000 [ 1082.097405][ T30] audit: type=1326 audit(1764538055.170:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f21558 code=0x7ffc0000 [ 1082.122575][ T30] audit: type=1326 audit(1764538055.170:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21539 code=0x7ffc0000 [ 1082.145689][ T30] audit: type=1326 audit(1764538055.190:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f21558 code=0x7ffc0000 [ 1082.169529][ T30] audit: type=1326 audit(1764538055.190:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f21558 code=0x7ffc0000 [ 1082.192166][ T30] audit: type=1326 audit(1764538055.190:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17939 comm="syz.0.4929" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f21558 code=0x7ffc0000 [ 1082.258323][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1082.674573][T17954] loop6: detected capacity change from 0 to 16 [ 1082.881557][ T5854] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 1082.882240][T17954] erofs (device loop6): mounted with root inode @ nid 36. [ 1083.075922][ T5854] usb 6-1: Using ep0 maxpacket: 16 [ 1083.117039][ T5854] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 1083.126659][ T5854] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1083.140927][ T5854] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1083.200603][ T5854] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1083.210227][ T5854] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1083.221767][ T5854] usb 6-1: Product: syz [ 1083.226140][ T5854] usb 6-1: Manufacturer: syz [ 1083.231080][ T5854] usb 6-1: SerialNumber: syz [ 1084.201745][ T5854] usb 6-1: 0:2 : does not exist [ 1084.376852][T17964] loop2: detected capacity change from 0 to 1024 [ 1084.428146][T17964] EXT4-fs: inline encryption not supported [ 1084.434871][T17964] EXT4-fs: Ignoring removed nobh option [ 1084.440637][T17964] EXT4-fs: Ignoring removed bh option [ 1084.570114][T17964] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1084.680176][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 1084.687024][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 1084.764471][ T5854] usb 6-1: USB disconnect, device number 16 [ 1084.991770][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1085.286200][T17975] loop6: detected capacity change from 0 to 64 [ 1085.397172][T17977] input: syz0 as /devices/virtual/input/input58 [ 1085.871241][T17985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4944'. [ 1085.880471][T17985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4944'. [ 1086.052137][ T5865] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 1086.084972][T17988] loop6: detected capacity change from 0 to 64 [ 1086.104016][T17988] hfs: unable to locate alternate MDB [ 1086.113042][T17988] hfs: continuing without an alternate MDB [ 1086.222126][ T5865] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1086.262660][ T5865] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1086.272223][ T5865] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1086.280528][ T5865] usb 6-1: SerialNumber: syz [ 1086.900466][T17994] syzkaller1: entered promiscuous mode [ 1086.909151][T17994] syzkaller1: entered allmulticast mode [ 1087.090316][ T5865] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.5-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 1087.425373][ T5854] usb 6-1: USB disconnect, device number 17 [ 1087.434180][ T5854] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.5-1, CDC Ethernet Device [ 1087.527275][T18008] netlink: 'syz.3.4955': attribute type 1 has an invalid length. [ 1087.535528][T18008] netlink: 'syz.3.4955': attribute type 2 has an invalid length. [ 1087.546757][T18008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4955'. [ 1088.253023][T18016] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd [ 1088.418158][T18004] loop2: detected capacity change from 0 to 2048 [ 1088.577632][T18004] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1088.714301][T18026] loop6: detected capacity change from 0 to 512 [ 1088.915939][T18026] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1088.933241][T18026] ext4 filesystem being mounted at /238/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1089.006412][T18026] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.4962: corrupted inode contents [ 1089.030629][T18026] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.4962: mark_inode_dirty error [ 1089.048883][T18026] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.4962: corrupted inode contents [ 1089.104864][T18026] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.4962: mark_inode_dirty error [ 1089.124524][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1089.212980][T18036] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4964'. [ 1089.418611][T18035] loop3: detected capacity change from 0 to 2048 [ 1089.506492][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1089.573939][T18035] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1090.327366][T18049] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0000:7d01 with DS=0x3 [ 1090.591141][ T5865] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 1090.788435][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1090.800036][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1090.869840][ T5865] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1090.879504][ T5865] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 1090.887935][ T5865] usb 6-1: Manufacturer: syz [ 1090.898710][T14535] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 1090.983389][ T5865] usb 6-1: config 0 descriptor?? [ 1091.034824][T18061] loop6: detected capacity change from 0 to 8 [ 1091.092052][T14535] usb 3-1: Using ep0 maxpacket: 32 [ 1091.120674][T14535] usb 3-1: config 0 has an invalid interface number: 125 but max is 0 [ 1091.132082][T14535] usb 3-1: config 0 has no interface number 0 [ 1091.138395][T14535] usb 3-1: config 0 interface 125 has no altsetting 0 [ 1091.169735][T14535] usb 3-1: New USB device found, idVendor=1039, idProduct=2120, bcdDevice= 2.a7 [ 1091.179670][T14535] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1091.188189][T14535] usb 3-1: Product: syz [ 1091.192798][T14535] usb 3-1: Manufacturer: syz [ 1091.197805][T14535] usb 3-1: SerialNumber: syz [ 1091.249137][T14535] usb 3-1: config 0 descriptor?? [ 1091.546175][T14535] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2120) Rev (0X2A7): Eagle II [ 1091.668856][ T5865] uclogic 0003:256C:006D.0036: failed retrieving Huion firmware version: -71 [ 1091.678210][ T5865] uclogic 0003:256C:006D.0036: failed probing parameters: -71 [ 1091.689766][ T5865] uclogic 0003:256C:006D.0036: probe with driver uclogic failed with error -71 [ 1091.755342][ T5865] usb 6-1: USB disconnect, device number 18 [ 1091.758801][T18068] netlink: 276 bytes leftover after parsing attributes in process `syz.6.4980'. [ 1092.021581][T14535] usb 3-1: reset high-speed USB device number 19 using dummy_hcd [ 1092.067198][T18070] loop6: detected capacity change from 0 to 128 [ 1092.642269][T14535] ueagle-atm 3-1:0.125: usbatm_usb_probe: bind failed: -19! [ 1092.863000][T14535] usb 3-1: USB disconnect, device number 19 [ 1093.932537][T18090] loop6: detected capacity change from 0 to 4096 [ 1094.383730][T18090] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 1097.790013][T18194] loop2: detected capacity change from 0 to 128 [ 1097.932422][T18194] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1098.080546][T18151] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1098.448938][T18197] loop6: detected capacity change from 0 to 2048 [ 1098.586080][T18197] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1098.743563][T18182] loop5: detected capacity change from 0 to 65536 [ 1098.816047][T18182] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1099.026486][T18182] XFS (loop5): Ending clean mount [ 1099.062979][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1099.184207][T14576] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1102.371097][T14535] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 1102.596278][T14535] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1102.607327][T14535] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1102.658808][T14535] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1102.668335][T14535] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1102.676929][T14535] usb 6-1: Product: syz [ 1102.681611][T14535] usb 6-1: Manufacturer: syz [ 1102.686392][T14535] usb 6-1: SerialNumber: syz [ 1102.742495][T14535] usb 6-1: config 0 descriptor?? [ 1102.793691][T14535] usb 6-1: selecting invalid altsetting 0 [ 1102.893324][T18256] loop3: detected capacity change from 0 to 512 [ 1103.067706][T14535] usb 6-1: USB disconnect, device number 19 [ 1103.404136][ T5854] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 1103.584434][ T5854] usb 3-1: Using ep0 maxpacket: 16 [ 1103.605184][ T5854] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1103.619541][ T5854] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1103.633399][ T5854] usb 3-1: New USB device found, idVendor=046d, idProduct=c091, bcdDevice= 0.00 [ 1103.646780][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1103.677852][ T5854] usb 3-1: config 0 descriptor?? [ 1104.017698][T18140] Bluetooth: hci5: Frame reassembly failed (-84) [ 1104.109378][T18270] team_slave_0: entered promiscuous mode [ 1104.115555][T18270] team_slave_1: entered promiscuous mode [ 1104.133073][T18270] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1104.217223][ T5854] logitech-hidpp-device 0003:046D:C091.0037: item fetching failed at offset 1/5 [ 1104.269515][ T5854] logitech-hidpp-device 0003:046D:C091.0037: hidpp_probe:parse failed [ 1104.281609][ T5854] logitech-hidpp-device 0003:046D:C091.0037: probe with driver logitech-hidpp-device failed with error -22 [ 1104.403143][T14535] usb 3-1: USB disconnect, device number 20 [ 1105.924447][T18289] loop2: detected capacity change from 0 to 8192 [ 1106.092770][T14564] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1106.210465][T18302] loop6: detected capacity change from 0 to 16 [ 1106.224650][T18302] erofs (device loop6): mounted with root inode @ nid 36. [ 1106.574388][ T5854] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 1106.719349][T18310] loop2: detected capacity change from 0 to 256 [ 1106.745442][ T5854] usb 1-1: Using ep0 maxpacket: 32 [ 1106.774437][ T5854] usb 1-1: config 0 has an invalid interface number: 172 but max is 0 [ 1106.786136][ T5854] usb 1-1: config 0 has no interface number 0 [ 1106.795168][ T5854] usb 1-1: config 0 interface 172 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1106.857975][ T5854] usb 1-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39 [ 1106.868871][ T5854] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1106.877443][ T5854] usb 1-1: Product: syz [ 1106.885235][ T5854] usb 1-1: Manufacturer: syz [ 1106.890038][ T5854] usb 1-1: SerialNumber: syz [ 1106.923192][ T5854] usb 1-1: config 0 descriptor?? [ 1106.950582][ T5854] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b [ 1106.978817][T18310] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xa7bed01f, utbl_chksum : 0xe619d30d) [ 1107.773151][ T5854] input: gspca_pac7302 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input59 [ 1108.074961][ T5854] usb 1-1: USB disconnect, device number 39 [ 1109.047936][T18344] loop6: detected capacity change from 0 to 128 [ 1109.110430][T18344] syz.6.5061: attempt to access beyond end of device [ 1109.110430][T18344] loop6: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 1109.166117][T18344] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000819) [ 1109.174697][T18344] FAT-fs (loop6): Filesystem has been set read-only [ 1109.211026][T18344] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000819) [ 1109.223663][T18344] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000819) [ 1109.356830][ T5854] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 1109.552749][ T5854] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1109.568747][ T5854] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1109.596767][ T5854] usb 1-1: config 0 descriptor?? [ 1109.609455][ T5854] cp210x 1-1:0.0: cp210x converter detected [ 1110.123869][ T5854] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -71 [ 1110.187013][ T5854] cp210x 1-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 1110.198296][ T5854] cp210x 1-1:0.0: GPIO initialisation failed: -71 [ 1110.352341][ T5854] usb 1-1: cp210x converter now attached to ttyUSB0 [ 1110.407903][ T5854] usb 1-1: USB disconnect, device number 40 [ 1110.497359][ T5854] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1110.509595][ T5854] cp210x 1-1:0.0: device disconnected [ 1111.369589][T18354] loop5: detected capacity change from 0 to 65536 [ 1111.398982][T18354] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1111.437268][T18367] vlan2: entered promiscuous mode [ 1111.442712][T18367] bond0: entered promiscuous mode [ 1111.447914][T18367] bond_slave_0: entered promiscuous mode [ 1111.455100][T18367] bond_slave_1: entered promiscuous mode [ 1111.534208][T14535] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 1111.641920][T18354] XFS (loop5): Ending clean mount [ 1111.743748][T14535] usb 4-1: Using ep0 maxpacket: 16 [ 1111.757595][T14576] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1111.761981][T14535] usb 4-1: config 0 has no interfaces? [ 1111.785996][T14535] usb 4-1: New USB device found, idVendor=05a9, idProduct=264a, bcdDevice=e5.4c [ 1111.795713][T14535] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1111.804137][T14535] usb 4-1: Product: syz [ 1111.808480][T14535] usb 4-1: Manufacturer: syz [ 1111.815831][T14535] usb 4-1: SerialNumber: syz [ 1111.868629][T14535] usb 4-1: config 0 descriptor?? [ 1112.930665][T14535] usb 4-1: USB disconnect, device number 20 [ 1113.691800][T14535] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1114.021505][T14535] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1114.484724][T18407] loop5: detected capacity change from 0 to 512 [ 1114.642317][T18407] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1114.655706][T18407] ext4 filesystem being mounted at /291/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1114.667843][T18161] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1114.814140][T18412] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5089'. [ 1115.003523][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1115.684766][T18140] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1115.693774][T18140] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1115.821844][ T5865] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1115.901057][T14535] usb 4-1: new full-speed USB device number 21 using dummy_hcd [ 1116.084345][T14535] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 1116.094020][T14535] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1116.118664][T18435] loop6: detected capacity change from 0 to 512 [ 1116.136431][T14535] usb 4-1: config 0 descriptor?? [ 1116.287256][T18435] EXT4-fs error (device loop6): ext4_iget_extra_inode:5075: inode #12: comm syz.6.5098: corrupted in-inode xattr: bad e_name length [ 1116.396438][T18435] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.5098: couldn't read orphan inode 12 (err -117) [ 1116.472867][T18435] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1116.637259][T14535] elecom 0003:056E:010D.0038: unknown main item tag 0x0 [ 1116.648041][T14535] elecom 0003:056E:010D.0038: unknown main item tag 0x0 [ 1116.656106][T14535] elecom 0003:056E:010D.0038: unknown main item tag 0x0 [ 1116.663606][T14535] elecom 0003:056E:010D.0038: unknown main item tag 0x0 [ 1116.671015][T14535] elecom 0003:056E:010D.0038: unknown main item tag 0x0 [ 1116.678226][T14535] elecom 0003:056E:010D.0038: unknown main item tag 0x0 [ 1116.686136][T14535] elecom 0003:056E:010D.0038: unknown main item tag 0x0 [ 1116.786187][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1116.860342][T14535] elecom 0003:056E:010D.0038: hidraw0: USB HID v0.00 Device [HID 056e:010d] on usb-dummy_hcd.3-1/input0 [ 1116.923813][T14535] usb 4-1: USB disconnect, device number 21 [ 1117.021396][T18443] loop2: detected capacity change from 0 to 2048 [ 1117.064283][T18443] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1117.887155][T18455] gretap0: entered promiscuous mode [ 1118.270904][T18462] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5111'. [ 1118.280320][T18462] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5111'. [ 1118.297568][T18464] netlink: 304 bytes leftover after parsing attributes in process `syz.0.5109'. [ 1118.307032][T18464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5109'. [ 1118.703986][T18470] netlink: 80 bytes leftover after parsing attributes in process `syz.3.5113'. [ 1118.718011][T18470] netlink: 80 bytes leftover after parsing attributes in process `syz.3.5113'. [ 1119.428296][T18484] netlink: 'syz.5.5120': attribute type 2 has an invalid length. [ 1119.523191][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1121.042435][ T5854] kernel write not supported for file /i2c-0 (pid: 5854 comm: kworker/0:4) [ 1121.043782][ T5811] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 1121.571438][T18523] netlink: 'syz.3.5137': attribute type 29 has an invalid length. [ 1121.622019][T18523] netlink: 'syz.3.5137': attribute type 29 has an invalid length. [ 1121.646924][T18523] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5137'. [ 1122.122220][T18530] input: syz0 as /devices/virtual/input/input60 [ 1122.128905][T18530] input: failed to attach handler leds to device input60, error: -6 [ 1123.869948][T18561] loop6: detected capacity change from 0 to 512 [ 1123.921436][T18561] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 1123.972969][T18561] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 1124.033237][T18561] System zones: 1-12 [ 1124.084807][T18561] EXT4-fs error (device loop6): ext4_iget_extra_inode:5075: inode #15: comm syz.6.5155: corrupted in-inode xattr: e_value size too large [ 1124.087346][T18563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5156'. [ 1124.089781][T18561] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.5155: couldn't read orphan inode 15 (err -117) [ 1124.093491][T18561] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1124.494003][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1125.581363][T18588] loop5: detected capacity change from 0 to 256 [ 1125.614017][T18588] exfat: Deprecated parameter 'utf8' [ 1125.620392][T18588] exfat: Deprecated parameter 'utf8' [ 1126.835646][T18606] netlink: 7 bytes leftover after parsing attributes in process `syz.2.5173'. [ 1127.249388][T18599] loop6: detected capacity change from 0 to 8192 [ 1127.355895][T18599] Dev loop6: RDB in block 1 has bad checksum [ 1127.363263][T18599] Dev loop6: unable to read RDB block 8 [ 1127.369531][T18599] loop6: unable to read partition table [ 1127.408509][T18599] loop_reread_partitions: partition scan of loop6 () failed (rc=-5) [ 1127.521567][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1127.665901][ T5854] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 1127.703391][T18618] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5178'. [ 1127.713777][T18618] veth0_virt_wifi: entered promiscuous mode [ 1127.881125][ T5854] usb 4-1: Using ep0 maxpacket: 16 [ 1127.932172][ T5854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1127.943546][ T5854] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1127.955586][ T5854] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1128.005927][ T5854] usb 4-1: config 0 descriptor?? [ 1128.488015][ T5854] mcp2221 0003:04D8:00DD.0039: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 1128.878958][ T5860] usb 4-1: USB disconnect, device number 22 [ 1130.472585][T18653] loop5: detected capacity change from 0 to 256 [ 1130.529833][T18653] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1130.864165][ T5860] hid-generic 0000:0000:0000.003A: unknown main item tag 0x0 [ 1130.932361][ T5860] hid-generic 0000:0000:0000.003A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1131.014541][T18660] loop2: detected capacity change from 0 to 1024 [ 1131.343245][T18161] hfsplus: b-tree write err: -5, ino 4 [ 1131.436156][T18667] input: syz0 as /devices/virtual/input/input62 [ 1131.694566][ T5854] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 1131.861666][ T5854] usb 1-1: Using ep0 maxpacket: 32 [ 1131.896049][ T5854] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1131.911480][ T5854] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1131.922575][ T5854] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1131.934675][ T5854] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1132.011686][ T5854] usb 1-1: config 0 descriptor?? [ 1132.532066][ T5854] savu 0003:1E7D:2D5A.003B: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 1132.759675][ T5854] usb 1-1: USB disconnect, device number 41 [ 1133.641135][ T5854] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 1133.853698][ T5854] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 1133.865192][ T5854] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1133.881227][ T5854] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1133.891331][ T5854] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 1133.989962][ T5854] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 1134.000020][ T5854] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 1134.008407][ T5854] usb 7-1: Manufacturer: syz [ 1134.056915][ T5854] usb 7-1: config 0 descriptor?? [ 1134.525579][ T5854] appleir 0003:05AC:8243.003C: unknown main item tag 0x0 [ 1134.587379][ T5854] appleir 0003:05AC:8243.003C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0 [ 1134.824428][ T5854] usb 7-1: USB disconnect, device number 24 [ 1135.641495][T18730] loop3: detected capacity change from 0 to 1024 [ 1135.702910][T18719] loop2: detected capacity change from 0 to 8192 [ 1135.786540][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 1135.956160][ T30] kauditd_printk_skb: 405 callbacks suppressed [ 1135.956239][ T30] audit: type=1326 audit(1764538109.210:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18731 comm="syz.6.5231" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702d539 code=0x0 [ 1136.673318][ T5865] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 1136.890471][ T5865] usb 4-1: config 0 has no interfaces? [ 1136.947995][ T5865] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1136.958175][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1136.967279][ T5865] usb 4-1: Product: syz [ 1136.971792][ T5865] usb 4-1: Manufacturer: syz [ 1136.976590][ T5865] usb 4-1: SerialNumber: syz [ 1136.995645][ T5865] usb 4-1: config 0 descriptor?? [ 1137.275443][ T5865] usb 4-1: USB disconnect, device number 23 [ 1138.312197][T18767] loop6: detected capacity change from 0 to 512 [ 1138.462980][T18769] loop5: detected capacity change from 0 to 1024 [ 1138.495606][T18769] EXT4-fs: Ignoring removed oldalloc option [ 1138.502118][T18769] EXT4-fs: Ignoring removed bh option [ 1138.616201][T18769] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1138.644567][T18775] sctp: [Deprecated]: syz.3.5250 (pid 18775) Use of int in max_burst socket option deprecated. [ 1138.644567][T18775] Use struct sctp_assoc_value instead [ 1138.767926][T18780] loop2: detected capacity change from 0 to 256 [ 1138.811750][T18780] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x19755df0, utbl_chksum : 0xe619d30d) [ 1139.025739][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1140.973543][T18799] loop3: detected capacity change from 0 to 4096 [ 1141.000294][T18799] EXT4-fs: Ignoring removed mblk_io_submit option [ 1141.030425][T18799] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1141.103195][T18799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1141.265617][T18816] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5267'. [ 1141.312237][T18807] loop5: detected capacity change from 0 to 4096 [ 1141.392788][T18817] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1141.469064][T14009] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1141.939449][ T30] audit: type=1800 audit(1764538115.190:1119): pid=18823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5271" name="bus" dev="tmpfs" ino=6010 res=0 errno=0 [ 1141.944856][T18820] loop2: detected capacity change from 0 to 2048 [ 1142.044831][T18820] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1142.061182][ T5854] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 1142.231929][ T5854] usb 7-1: Using ep0 maxpacket: 32 [ 1142.241568][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1142.277828][ T5854] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1142.292696][ T5854] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1142.302897][ T5854] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1142.312261][ T5854] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1142.393996][ T5854] usb 7-1: config 0 descriptor?? [ 1142.421608][ T5854] hub 7-1:0.0: USB hub found [ 1142.458443][T18827] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1142.651581][ T5854] hub 7-1:0.0: config failed, can't read hub descriptor (err -90) [ 1143.095965][ T5854] hid-generic 0003:046D:C31C.003D: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.6-1/input0 [ 1143.391722][ T5854] usb 7-1: USB disconnect, device number 25 [ 1144.774906][ T5854] kernel write not supported for file bpf-prog (pid: 5854 comm: kworker/0:4) [ 1144.793826][T18862] loop2: detected capacity change from 0 to 512 [ 1144.803941][T18862] ext3: Unknown parameter 'uid<00000000000000000000' [ 1144.859565][ T5865] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 1145.021657][ T5865] usb 1-1: Using ep0 maxpacket: 8 [ 1145.044475][ T5865] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 1145.053688][ T5865] usb 1-1: config 179 has no interface number 0 [ 1145.060161][ T5865] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 1145.071627][ T5865] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 1145.083487][ T5865] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1145.097463][ T5865] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 1145.111004][ T5865] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1145.125736][ T5865] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 1145.135211][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1145.145829][ T5860] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 1145.176685][T18860] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1145.311854][ T5860] usb 6-1: Using ep0 maxpacket: 8 [ 1145.367363][ T5860] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2 [ 1145.377918][ T5860] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1145.387078][ T5860] usb 6-1: Product: syz [ 1145.392262][ T5860] usb 6-1: Manufacturer: syz [ 1145.400247][ T5860] usb 6-1: SerialNumber: syz [ 1145.449375][ T5865] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input63 [ 1145.472462][ T5860] usb 6-1: config 0 descriptor?? [ 1145.636754][T18860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1145.646874][T18860] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1145.726942][ T5860] usb 6-1: dvb_usb_v2: found a 'Terratec H7' in warm state [ 1145.749268][T18872] loop6: detected capacity change from 0 to 1024 [ 1145.881368][ C1] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 1145.881773][ T5854] usb 1-1: USB disconnect, device number 42 [ 1145.889948][ C1] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1146.078013][ T4495] hfsplus: b-tree write err: -5, ino 3 [ 1146.116162][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 1146.124266][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 1146.555318][ T5860] usb write operation failed. (-71) [ 1146.592518][ T5860] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1146.604613][ T5860] dvbdev: DVB: registering new adapter (Terratec H7) [ 1146.611846][ T5860] usb 6-1: media controller created [ 1146.616047][T18879] loop2: detected capacity change from 0 to 4096 [ 1146.648735][T18879] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 1146.661579][ T5860] usb read operation failed. (-71) [ 1146.674960][ T5860] usb write operation failed. (-71) [ 1146.721726][ T5860] dvb_usb_az6007 6-1:0.0: probe with driver dvb_usb_az6007 failed with error -5 [ 1146.772670][ T5860] usb 6-1: USB disconnect, device number 20 [ 1147.149103][T18885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5295'. [ 1147.179694][T18885] bridge0: entered promiscuous mode [ 1148.393234][T18907] syzkaller1: entered promiscuous mode [ 1148.399131][T18907] syzkaller1: entered allmulticast mode [ 1149.362473][T18919] input: syz1 as /devices/virtual/input/input64 [ 1150.707006][T18935] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5318'. [ 1150.786828][T18935] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5318'. [ 1150.796542][T18935] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5318'. [ 1151.677051][T18938] loop6: detected capacity change from 0 to 1764 [ 1151.901363][T18929] loop2: detected capacity change from 0 to 65536 [ 1151.948536][T18929] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1152.109257][T18929] XFS (loop2): Ending clean mount [ 1152.255575][T12886] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 1153.701154][ T5860] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 1153.882401][ T5860] usb 1-1: Using ep0 maxpacket: 32 [ 1153.913568][ T5860] usb 1-1: config 0 has an invalid interface number: 184 but max is 0 [ 1153.922386][ T5860] usb 1-1: config 0 has no interface number 0 [ 1153.928721][ T5860] usb 1-1: config 0 interface 184 has no altsetting 0 [ 1154.019634][ T5860] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 1154.029211][ T5860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1154.037608][ T5860] usb 1-1: Product: syz [ 1154.042231][ T5860] usb 1-1: Manufacturer: syz [ 1154.047013][ T5860] usb 1-1: SerialNumber: syz [ 1154.143309][ T5860] usb 1-1: config 0 descriptor?? [ 1154.163979][ T5860] smsc75xx v1.0.0 [ 1154.228553][T18968] input: syz1 as /devices/virtual/input/input65 [ 1154.535863][T18971] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5330'. [ 1154.824141][ T5860] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32 [ 1154.835648][ T5860] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1155.061925][ T5860] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71 [ 1155.073357][ T5860] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71 [ 1155.083338][ T5860] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 1155.094008][ T5860] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71 [ 1155.214793][ T5860] usb 1-1: USB disconnect, device number 43 [ 1157.141253][ T5854] usb 1-1: new low-speed USB device number 44 using dummy_hcd [ 1157.328407][ T5854] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 1157.337496][ T5854] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 1157.350349][ T5854] usb 1-1: config 0 has no interface number 0 [ 1157.356848][ T5854] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 1157.367414][ T5854] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1157.379629][ T5854] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1157.419340][ T5854] usb 1-1: config 0 descriptor?? [ 1157.437596][T19008] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1157.988536][T19022] loop8: detected capacity change from 0 to 8 [ 1158.014908][T19022] Dev loop8: unable to read RDB block 8 [ 1158.021090][T19022] loop8: unable to read partition table [ 1158.049395][T19022] loop8: partition table beyond EOD, truncated [ 1158.056195][T19022] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1158.148397][ T5854] input: USB Keyspan Remote 06cd:0202 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input66 [ 1158.415659][ T5860] usb 1-1: USB disconnect, device number 44 [ 1158.415743][ C0] keyspan_remote 1-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 1159.183587][T19038] loop3: detected capacity change from 0 to 512 [ 1159.355002][T19038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1159.368240][T19038] ext4 filesystem being mounted at /409/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 1159.548579][T19038] EXT4-fs error (device loop3): ext4_get_first_dir_block:3540: inode #12: comm syz.3.5358: directory missing '.' [ 1159.854477][T14009] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1159.886762][T19052] loop5: detected capacity change from 0 to 128 [ 1159.911698][T19052] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 1160.527402][T19060] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5366'. [ 1160.775257][T19063] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5368'. [ 1160.784632][T19063] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5368'. [ 1161.374428][ T5860] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 1161.459036][T19074] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5373'. [ 1161.541082][ T5860] usb 7-1: Using ep0 maxpacket: 32 [ 1161.554706][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1161.566456][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1161.579131][ T5860] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 1161.589314][ T5860] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1161.684182][ T5860] usb 7-1: config 0 descriptor?? [ 1161.696270][ T5860] hub 7-1:0.0: USB hub found [ 1161.951342][ T5860] hub 7-1:0.0: 1 port detected [ 1162.103367][T19082] loop5: detected capacity change from 0 to 64 [ 1162.310163][T19082] syz.5.5376: attempt to access beyond end of device [ 1162.310163][T19082] loop5: rw=2049, sector=161, nr_sectors = 1 limit=64 [ 1162.327039][T19082] buffer_io_error: 1150 callbacks suppressed [ 1162.327126][T19082] Buffer I/O error on dev loop5, logical block 161, lost async page write [ 1162.342306][T19082] syz.5.5376: attempt to access beyond end of device [ 1162.342306][T19082] loop5: rw=2049, sector=162, nr_sectors = 1 limit=64 [ 1162.358838][T19082] Buffer I/O error on dev loop5, logical block 162, lost async page write [ 1162.367751][T19082] syz.5.5376: attempt to access beyond end of device [ 1162.367751][T19082] loop5: rw=2049, sector=163, nr_sectors = 1 limit=64 [ 1162.384639][T19082] Buffer I/O error on dev loop5, logical block 163, lost async page write [ 1162.393538][T19082] syz.5.5376: attempt to access beyond end of device [ 1162.393538][T19082] loop5: rw=2049, sector=167, nr_sectors = 1 limit=64 [ 1162.412015][T19082] Buffer I/O error on dev loop5, logical block 167, lost async page write [ 1162.427924][T19082] syz.5.5376: attempt to access beyond end of device [ 1162.427924][T19082] loop5: rw=2049, sector=169, nr_sectors = 1 limit=64 [ 1162.442343][T19082] Buffer I/O error on dev loop5, logical block 169, lost async page write [ 1162.453883][T19082] syz.5.5376: attempt to access beyond end of device [ 1162.453883][T19082] loop5: rw=2049, sector=171, nr_sectors = 1 limit=64 [ 1162.467564][T19082] Buffer I/O error on dev loop5, logical block 171, lost async page write [ 1162.476424][T19082] syz.5.5376: attempt to access beyond end of device [ 1162.476424][T19082] loop5: rw=2049, sector=172, nr_sectors = 1 limit=64 [ 1162.495572][T19082] Buffer I/O error on dev loop5, logical block 172, lost async page write [ 1162.627222][T14535] hub 7-1:0.0: hub_ext_port_status failed (err = -71) [ 1162.630180][ T5854] usb 7-1: USB disconnect, device number 26 [ 1163.335579][T19094] loop5: detected capacity change from 0 to 512 [ 1163.515829][ T5854] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1163.553453][T19094] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1163.566953][T19094] ext4 filesystem being mounted at /354/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1163.781550][T19094] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.5381: corrupted inode contents [ 1163.782365][ T5854] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1163.822877][T19094] EXT4-fs error (device loop5): ext4_dirty_inode:6517: inode #2: comm syz.5.5381: mark_inode_dirty error [ 1163.930248][T19094] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #2: comm syz.5.5381: corrupted inode contents [ 1163.998004][T19094] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.5381: mark_inode_dirty error [ 1164.468682][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1164.486926][T18151] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1165.252449][ T5854] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 1165.523213][T18151] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1165.527842][ T5854] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1165.532458][T18151] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1165.545181][ T5854] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1165.560150][ T5854] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 1165.573379][ T5854] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1165.591177][ T5854] usb 7-1: config 0 descriptor?? [ 1165.735282][T18142] tipc: Subscription rejected, illegal request [ 1166.031930][ T5854] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 1166.039448][ T5854] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 1166.047025][ T5854] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 1166.057356][ T5854] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 1166.061831][T14535] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1166.064963][ T5854] cm6533_jd 0003:0D8C:0022.003E: unknown main item tag 0x0 [ 1166.194729][ T5854] cm6533_jd 0003:0D8C:0022.003E: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.6-1/input0 [ 1166.318542][ T5854] usb 7-1: USB disconnect, device number 27 [ 1166.550119][T19142] loop3: detected capacity change from 0 to 64 [ 1166.578361][T19142] hfs: Unknown parameter '01777777777777777777777' [ 1166.777924][T19144] loop5: detected capacity change from 0 to 764 [ 1168.906336][T19177] loop3: detected capacity change from 0 to 512 [ 1168.975580][T19177] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 1169.019852][T19177] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e11c, mo2=0002] [ 1169.040506][T19177] System zones: 1-12 [ 1169.056584][T19177] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1169.112390][T19177] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5417: bg 0: block 361: padding at end of block bitmap is not set [ 1169.145863][T19177] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 1169.170605][T19177] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5417: invalid indirect mapped block 12 (level 1) [ 1169.184861][T19183] loop2: detected capacity change from 0 to 1024 [ 1169.201973][T19177] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.5417: invalid indirect mapped block 2 (level 2) [ 1169.234471][ T9771] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 1169.242152][T19177] EXT4-fs (loop3): 1 truncate cleaned up [ 1169.244365][T19177] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 1169.362242][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1169.405370][T18142] hfsplus: b-tree write err: -5, ino 3 [ 1169.466664][ T9771] usb 1-1: Using ep0 maxpacket: 16 [ 1169.487090][ T9771] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1169.497746][ T9771] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1169.503860][T19188] loop6: detected capacity change from 0 to 2048 [ 1169.508997][ T9771] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1169.528321][ T9771] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 1169.538319][ T9771] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1169.596205][ T9771] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1169.606094][ T9771] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1169.617205][ T9771] usb 1-1: Manufacturer: syz [ 1169.626477][T14009] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 1169.654402][ T9771] usb 1-1: config 0 descriptor?? [ 1169.687433][T19188] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1169.790497][ T30] audit: type=1800 audit(1764538143.040:1120): pid=19188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5421" name="file1" dev="loop6" ino=1415 res=0 errno=0 [ 1169.815287][ T30] audit: type=1800 audit(1764538143.050:1121): pid=19188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5421" name="file1" dev="loop6" ino=1415 res=0 errno=0 [ 1169.945897][T12886] hfsplus: node 4:3 still has 1 user(s)! [ 1170.235841][ T9771] rc_core: IR keymap rc-hauppauge not found [ 1170.244777][ T9771] Registered IR keymap rc-empty [ 1170.250378][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.301276][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.325479][ T9771] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 1170.340683][ T9771] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input67 [ 1170.391473][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.433539][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.508476][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.527058][T19200] syzkaller1: entered promiscuous mode [ 1170.536079][T19200] syzkaller1: entered allmulticast mode [ 1170.551429][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.571549][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.596401][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.650359][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.723285][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.763323][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.811633][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.851175][ T9771] mceusb 1-1:0.0: Error: mce write submit urb error = -90 [ 1170.874920][ T9771] mceusb 1-1:0.0: Registered with mce emulator interface version 1 [ 1170.883465][ T9771] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1170.943741][T19204] loop6: detected capacity change from 0 to 164 [ 1170.955106][ T9771] usb 1-1: USB disconnect, device number 45 [ 1171.401422][T19211] loop6: detected capacity change from 0 to 128 [ 1171.574253][T19211] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1171.665610][T19211] ext4 filesystem being mounted at /338/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1171.684264][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1171.952019][T19220] netlink: 'syz.0.5433': attribute type 2 has an invalid length. [ 1172.091818][T19223] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5434'. [ 1172.160476][T14873] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1172.372032][T19222] bridge0: port 2(bridge_slave_1) entered disabled state [ 1172.380855][T19222] bridge0: port 1(bridge_slave_0) entered disabled state [ 1172.781274][T19222] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1172.808238][T19222] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1173.572476][T19246] loop3: detected capacity change from 0 to 1024 [ 1173.897403][T19223] geneve3: entered promiscuous mode [ 1173.902993][T19223] geneve3: entered allmulticast mode [ 1173.929219][T18142] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 58891 - 0 [ 1173.939585][T18142] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 58891 - 0 [ 1173.953242][T18142] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 58891 - 0 [ 1174.012168][T18142] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 58891 - 0 [ 1175.611496][T19264] loop2: detected capacity change from 0 to 256 [ 1176.241839][T19229] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 1176.445091][T19229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1176.455379][T19229] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 1176.464829][T19229] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1176.531808][T19229] usb 4-1: config 0 descriptor?? [ 1176.546486][T19226] usb 3-1: new full-speed USB device number 21 using dummy_hcd [ 1176.668482][T19276] loop5: detected capacity change from 0 to 164 [ 1176.750656][T19226] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1176.762637][T19226] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 1176.772218][T19226] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1176.841959][T19226] usb 3-1: config 0 descriptor?? [ 1176.852804][T19272] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1177.017824][T19229] lenovo 0003:17EF:6047.003F: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0 [ 1177.400047][T19226] elan 0003:04F3:0755.0040: unknown main item tag 0x0 [ 1177.407565][T19226] elan 0003:04F3:0755.0040: unknown main item tag 0x0 [ 1177.414790][T19226] elan 0003:04F3:0755.0040: unknown main item tag 0x0 [ 1177.422025][T19226] elan 0003:04F3:0755.0040: unknown main item tag 0x0 [ 1177.429064][T19226] elan 0003:04F3:0755.0040: unknown main item tag 0x0 [ 1177.462545][T19226] elan 0003:04F3:0755.0040: hidraw1: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0 [ 1177.737729][T19229] lenovo 0003:17EF:6047.003F: Fn-lock setting failed: -71 [ 1177.821825][T19229] lenovo 0003:17EF:6047.003F: Sensitivity setting failed: -71 [ 1178.082652][T19229] usb 4-1: USB disconnect, device number 24 [ 1178.123145][T19226] usb 3-1: USB disconnect, device number 21 [ 1178.449919][T19287] loop6: detected capacity change from 0 to 128 [ 1178.521582][T19287] FAT-fs (loop6): bogus number of FAT sectors [ 1178.527873][T19287] FAT-fs (loop6): Can't find a valid FAT filesystem [ 1179.265371][T19303] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5464'. [ 1179.583319][T19308] loop6: detected capacity change from 0 to 24 [ 1179.642237][T19308] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1180.636256][T19322] loop5: detected capacity change from 0 to 4096 [ 1180.705083][T19327] netlink: 360 bytes leftover after parsing attributes in process `syz.6.5474'. [ 1182.779490][T19357] loop6: detected capacity change from 0 to 4096 [ 1182.804552][T19357] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 1183.910262][T19375] input: syz0 as /devices/virtual/input/input68 [ 1184.013565][T19370] loop5: detected capacity change from 0 to 4096 [ 1184.039312][T19370] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 1184.074006][ T9771] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 1184.200101][T19370] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 1184.271433][ T9771] usb 7-1: Using ep0 maxpacket: 16 [ 1184.298668][ T9771] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1184.313686][ T9771] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1184.324891][ T9771] usb 7-1: New USB device found, idVendor=046d, idProduct=c091, bcdDevice= 0.00 [ 1184.337169][ T9771] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1184.396667][ T9771] usb 7-1: config 0 descriptor?? [ 1184.832654][T19226] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 1184.906532][ T9771] logitech-hidpp-device 0003:046D:C091.0041: hidraw0: USB HID v0.00 Device [HID 046d:c091] on usb-dummy_hcd.6-1/input0 [ 1185.022398][T19226] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023 [ 1185.034737][T19226] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 1185.047249][T19226] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121 [ 1185.104202][T19229] usb 7-1: USB disconnect, device number 28 [ 1185.139006][T19226] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 1185.149271][T19226] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1185.158564][T19226] usb 3-1: Product: syz [ 1185.163928][T19226] usb 3-1: Manufacturer: syz [ 1185.169818][T19226] usb 3-1: SerialNumber: syz [ 1185.187282][T19226] usb 3-1: config 0 descriptor?? [ 1185.194715][T19383] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1185.252224][T19383] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1185.279074][T19226] usb 3-1: ucan: probing device on interface #0 [ 1185.936657][T19226] ucan 3-1:0.0 can0: registered device [ 1186.127555][T19226] ucan 3-1:0.0 can0: firmware string: L>z^ɉw{f,=}̫eRJ(=#gE}ut+|H!R$8g[- }q>ArŴ,xp|JB *~|X8-eo! [ 1186.338138][T19226] usb 3-1: USB disconnect, device number 22 [ 1186.661874][T19405] Bluetooth: MGMT ver 1.23 [ 1187.793719][T19420] netlink: 'syz.5.5516': attribute type 39 has an invalid length. [ 1188.047791][T19427] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5518'. [ 1190.438248][T19447] loop5: detected capacity change from 0 to 16 [ 1190.478842][T19447] erofs (device loop5): mounted with root inode @ nid 36. [ 1190.770059][T19455] loop3: detected capacity change from 0 to 256 [ 1191.451401][ T9771] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 1191.519674][T19465] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5537'. [ 1192.032325][T19474] loop5: detected capacity change from 0 to 256 [ 1192.931690][T19479] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 1194.540923][T19484] loop6: detected capacity change from 0 to 1024 [ 1194.554602][T19484] EXT4-fs: Ignoring removed oldalloc option [ 1194.561357][T19484] EXT4-fs: Ignoring removed bh option [ 1194.684548][T19484] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1194.844503][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1195.198609][T19493] loop2: detected capacity change from 0 to 512 [ 1195.248151][T19493] EXT4-fs (loop2): Test dummy encryption mode enabled [ 1195.256057][T19493] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1195.324635][T19501] loop5: detected capacity change from 0 to 128 [ 1195.335723][T19493] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.5545: bad orphan inode 131083 [ 1195.372982][T19493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1195.821936][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1195.910269][T19508] loop3: detected capacity change from 0 to 512 [ 1196.012999][T19508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1196.081455][T19508] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.5553: invalid indirect mapped block 1280 (level 0) [ 1196.189189][T19511] loop5: detected capacity change from 0 to 128 [ 1196.224889][T19511] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1196.314630][T19511] ext4 filesystem being mounted at /392/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1196.377373][T14009] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1196.677413][T19521] misc userio: Begin command sent, but we're already running [ 1196.859796][T14576] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1197.239509][T19531] loop6: detected capacity change from 0 to 512 [ 1197.265591][T19531] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1197.354056][T19531] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000c018, mo2=0002] [ 1197.363333][T19531] System zones: 1-12 [ 1197.414283][T19531] EXT4-fs (loop6): 1 truncate cleaned up [ 1197.425716][T19531] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1197.687431][T19531] EXT4-fs (loop6): shut down requested (2) [ 1197.953592][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1198.511266][T19229] usb 4-1: new full-speed USB device number 25 using dummy_hcd [ 1198.512497][T19546] loop2: detected capacity change from 0 to 4096 [ 1198.551481][T19555] netlink: 'syz.6.5573': attribute type 9 has an invalid length. [ 1198.560037][T19555] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5573'. [ 1198.591206][T19555] hsr0: entered promiscuous mode [ 1198.597031][T19555] macvlan2: entered promiscuous mode [ 1198.604115][T19555] macvlan2: entered allmulticast mode [ 1198.609912][T19555] hsr0: entered allmulticast mode [ 1198.615552][T19555] hsr_slave_0: entered allmulticast mode [ 1198.621832][T19555] hsr_slave_1: entered allmulticast mode [ 1198.639952][T19546] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1198.755322][T19229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1198.767152][T19229] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 1198.777082][T19229] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1198.789825][T19546] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 1198.800487][T19229] usb 4-1: config 0 descriptor?? [ 1198.810462][T19550] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1199.306193][T19229] elan 0003:04F3:0755.0042: unknown main item tag 0x0 [ 1199.313859][T19229] elan 0003:04F3:0755.0042: unknown main item tag 0x0 [ 1199.321445][T19229] elan 0003:04F3:0755.0042: unknown main item tag 0x0 [ 1199.328816][T19229] elan 0003:04F3:0755.0042: unknown main item tag 0x0 [ 1199.336307][T19229] elan 0003:04F3:0755.0042: unknown main item tag 0x0 [ 1199.355176][T19229] elan 0003:04F3:0755.0042: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0 [ 1199.495210][T19559] loop6: detected capacity change from 0 to 4096 [ 1199.524316][T19229] usb 4-1: USB disconnect, device number 25 [ 1199.723077][T19559] ntfs3(loop6): ino=5, "/" mi_enum_attr [ 1200.457407][T19571] loop5: detected capacity change from 0 to 1024 [ 1200.583869][T19571] hfsplus: catalog searching failed [ 1200.809530][T18156] hfsplus: b-tree write err: -5, ino 3 [ 1200.847642][T14576] hfsplus: node 4:3 still has 1 user(s)! [ 1201.669295][T19590] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 1201.784107][T19593] input: syz0 as /devices/virtual/input/input70 [ 1202.294349][T19599] loop5: detected capacity change from 0 to 4096 [ 1202.374126][T19605] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1203.689470][T19592] Bluetooth: hci5: command 0x1003 tx timeout [ 1203.696149][ T5811] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1204.543948][T19635] loop2: detected capacity change from 0 to 1024 [ 1204.587006][T19635] EXT4-fs: Ignoring removed orlov option [ 1204.728702][T19635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1204.832529][ T30] audit: type=1326 audit(1764538178.090:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19643 comm="syz.0.5611" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f21539 code=0x0 [ 1204.876347][T19635] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5608: bg 0: block 232: padding at end of block bitmap is not set [ 1204.917869][T19648] batadv_slave_1: entered promiscuous mode [ 1204.927036][T19635] EXT4-fs (loop2): Remounting filesystem read-only [ 1204.936219][T19635] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 12, error -30) [ 1204.955689][T19646] batadv_slave_1: left promiscuous mode [ 1205.160706][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1205.194203][T19652] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5613'. [ 1205.517270][T19654] loop3: detected capacity change from 0 to 512 [ 1205.594764][T19654] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.5616: corrupted in-inode xattr: e_value size too large [ 1205.647322][T19654] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.5616: couldn't read orphan inode 15 (err -117) [ 1205.671416][T19654] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1206.216986][T14009] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1206.825877][T19676] loop6: detected capacity change from 0 to 1024 [ 1206.877760][T19676] EXT4-fs: Ignoring removed orlov option [ 1206.995815][T19676] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1207.441275][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1207.547996][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 1207.560582][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 1207.584389][ T9771] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 1207.771417][ T9771] usb 6-1: Using ep0 maxpacket: 8 [ 1207.803725][ T9771] usb 6-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 1207.813275][ T9771] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1207.824296][ T9771] usb 6-1: Product: syz [ 1207.828648][ T9771] usb 6-1: Manufacturer: syz [ 1207.833603][ T9771] usb 6-1: SerialNumber: syz [ 1207.883589][ T9771] usb 6-1: config 0 descriptor?? [ 1207.905754][T19692] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5632'. [ 1208.180458][ T9771] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 1208.256654][ T9771] gspca_sunplus: reg_w_riv err -71 [ 1208.262429][ T9771] sunplus 6-1:0.0: probe with driver sunplus failed with error -71 [ 1208.323249][ T9771] usb 6-1: USB disconnect, device number 21 [ 1208.543573][T19703] tipc: MTU too low for tipc bearer [ 1209.829670][T19720] loop6: detected capacity change from 0 to 16 [ 1209.858958][T19720] erofs (device loop6): unsupported chunk format 7ff of nid 36 [ 1209.906444][T19720] loop6: detected capacity change from 0 to 512 [ 1209.979362][T19720] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1209.986675][T19720] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1210.029304][T19720] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.5644: bad orphan inode 131083 [ 1210.063338][T19720] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1210.448267][T14873] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1211.178622][T19741] loop6: detected capacity change from 0 to 4096 [ 1211.230105][T19752] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1211.269311][T19741] NILFS (loop6): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 1211.272699][ T30] audit: type=1800 audit(1764538184.520:1123): pid=19741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5661" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 1211.279016][T19741] NILFS error (device loop6): nilfs_bmap_truncate: broken bmap (inode number=12) [ 1211.337269][T19741] Remounting filesystem read-only [ 1211.346838][T19741] NILFS (loop6): error -5 truncating bmap (ino=12) [ 1211.348067][T19753] netlink: 'syz.2.5655': attribute type 83 has an invalid length. [ 1211.617069][T14873] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer [ 1214.684614][T19793] loop5: detected capacity change from 0 to 1024 [ 1214.694445][T19793] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1214.746153][T19793] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 1214.746680][T19798] netlink: 'syz.6.5673': attribute type 10 has an invalid length. [ 1214.755579][T19793] System zones: 0-1, 3-36 [ 1214.777572][T19793] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1215.190186][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1215.629159][T19816] could not open pipe file descriptor [ 1216.110028][T19825] loop2: detected capacity change from 0 to 1024 [ 1216.124941][T19825] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1216.243684][T19825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1216.383402][ T5853] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0 [ 1216.405235][ T5853] hid-generic 0000:0000:0000.0043: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1216.425935][T19829] macvlan1: entered promiscuous mode [ 1216.439019][T19829] ipvlan0: entered promiscuous mode [ 1216.447153][T19831] loop5: detected capacity change from 0 to 1024 [ 1216.493467][T19829] ipvlan0: left promiscuous mode [ 1216.502616][T19825] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 1216.525729][T19829] macvlan1: left promiscuous mode [ 1216.725641][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1216.797991][T18161] hfsplus: b-tree write err: -5, ino 4 [ 1217.290248][T19845] loop3: detected capacity change from 0 to 512 [ 1217.310483][T19845] EXT4-fs: Ignoring removed nobh option [ 1217.382299][T19845] fscrypt (loop3, inode 2): Error -61 getting encryption context [ 1217.431518][T19845] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61 [ 1217.461528][T19844] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5694'. [ 1217.467555][T19845] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #13: comm syz.3.5692: inode has both inline data and extents flags [ 1217.561896][T19845] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.5692: couldn't read orphan inode 13 (err -117) [ 1217.628060][T19845] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1217.755578][T19850] loop2: detected capacity change from 0 to 512 [ 1217.820662][T19850] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.5695: corrupted in-inode xattr: invalid ea_ino [ 1217.851586][T19850] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5695: couldn't read orphan inode 15 (err -117) [ 1217.867065][T19850] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1217.946734][T14009] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1218.037597][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1218.062507][T19853] nbd: device at index 6 is going down [ 1218.923699][T19871] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5704'. [ 1218.924225][ T5853] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 1219.145333][ T5853] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1219.158573][ T5853] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1219.171985][ T5853] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 1219.184073][ T5853] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1219.197783][ T5853] usb 1-1: config 0 descriptor?? [ 1219.719786][ T5853] kovaplus 0003:1E7D:2D50.0044: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0 [ 1220.316935][ T5853] kovaplus 0003:1E7D:2D50.0044: couldn't init struct kovaplus_device [ 1220.328562][ T5853] kovaplus 0003:1E7D:2D50.0044: couldn't install mouse [ 1220.364052][ T5853] kovaplus 0003:1E7D:2D50.0044: probe with driver kovaplus failed with error -71 [ 1220.407211][ T5853] usb 1-1: USB disconnect, device number 46 [ 1221.092788][T19900] pimreg: entered allmulticast mode [ 1221.151848][T19899] pimreg: left allmulticast mode [ 1223.145538][T19592] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1223.154921][T19592] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1223.172349][T19592] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1223.185996][T19592] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1223.197306][T19592] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1223.754147][ T5853] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 1223.934330][ T5853] usb 1-1: Using ep0 maxpacket: 16 [ 1223.974085][ T5853] usb 1-1: config 128 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1223.985659][ T5853] usb 1-1: config 128 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1223.998770][ T5853] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 1224.008577][ T5853] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1224.302611][T19922] chnl_net:caif_netlink_parms(): no params data found [ 1224.596351][ T5853] mcp2221 0003:04D8:00DD.0045: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 1224.755377][ T5853] usb 1-1: USB disconnect, device number 47 [ 1225.285126][T19592] Bluetooth: hci2: command tx timeout [ 1225.293070][T19956] random: crng reseeded on system resumption [ 1225.525201][T19922] bridge0: port 1(bridge_slave_0) entered blocking state [ 1225.534441][T19922] bridge0: port 1(bridge_slave_0) entered disabled state [ 1225.542467][T19922] bridge_slave_0: entered allmulticast mode [ 1225.552335][T19922] bridge_slave_0: entered promiscuous mode [ 1225.586017][T19922] bridge0: port 2(bridge_slave_1) entered blocking state [ 1225.593924][T19922] bridge0: port 2(bridge_slave_1) entered disabled state [ 1225.608693][T19922] bridge_slave_1: entered allmulticast mode [ 1225.618635][T19922] bridge_slave_1: entered promiscuous mode [ 1225.851635][T19922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1226.051168][T19922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1226.308556][T19922] team0: Port device team_slave_0 added [ 1226.362097][T19922] team0: Port device team_slave_1 added [ 1226.562380][T19922] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1226.569743][T19922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1226.596219][T19922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1226.637635][T19971] loop2: detected capacity change from 0 to 256 [ 1226.656147][T19922] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1226.663452][T19922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1226.690526][T19922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1226.697278][T19971] exfat: Deprecated parameter 'utf8' [ 1226.813678][T19971] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1227.085100][T19922] hsr_slave_0: entered promiscuous mode [ 1227.095760][T19922] hsr_slave_1: entered promiscuous mode [ 1227.105069][T19922] debugfs: 'hsr0' already exists in 'hsr' [ 1227.111312][T19922] Cannot create hsr debugfs directory [ 1227.363750][T19592] Bluetooth: hci2: command tx timeout [ 1227.967487][ T5853] usb 1-1: new high-speed USB device number 48 using dummy_hcd [ 1228.011446][T19227] usb 3-1: new full-speed USB device number 23 using dummy_hcd [ 1228.160895][ T5853] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1228.172595][ T5853] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 1228.184699][ T5853] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1228.223177][ T5853] usb 1-1: config 0 descriptor?? [ 1228.227987][T19227] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1228.244495][T19227] usb 3-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 1228.255261][T19227] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1228.342596][T19227] usb 3-1: config 0 descriptor?? [ 1228.575575][T19922] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1228.693809][T19922] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1228.694853][ T5853] keytouch 0003:0926:3333.0046: fixing up Keytouch IEC report descriptor [ 1228.733574][ T5853] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0046/input/input71 [ 1228.764035][T19922] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1228.832197][ T5853] keytouch 0003:0926:3333.0046: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 1228.847938][T19922] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1228.883541][T19227] waltop 0003:172F:0037.0047: collection stack underflow [ 1228.891227][T19227] waltop 0003:172F:0037.0047: item 0 1 0 12 parsing failed [ 1229.007392][T19227] waltop 0003:172F:0037.0047: probe with driver waltop failed with error -22 [ 1229.161087][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 1229.252497][T19227] usb 3-1: USB disconnect, device number 23 [ 1229.436063][T19229] usb 1-1: USB disconnect, device number 48 [ 1229.441613][T19592] Bluetooth: hci2: command tx timeout [ 1229.800204][T20000] loop3: detected capacity change from 0 to 64 [ 1230.101186][T19229] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 1230.102400][T19922] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1230.268866][T19922] 8021q: adding VLAN 0 to HW filter on device team0 [ 1230.292104][T19229] usb 6-1: Using ep0 maxpacket: 16 [ 1230.312445][T18128] bridge0: port 1(bridge_slave_0) entered blocking state [ 1230.320108][T18128] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1230.361296][T19229] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1230.372693][T19229] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1230.382781][T19229] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1230.398015][T19229] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1230.407945][T19229] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1230.461914][T18128] bridge0: port 2(bridge_slave_1) entered blocking state [ 1230.469464][T18128] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1230.598388][T19229] usb 6-1: config 0 descriptor?? [ 1230.720042][T19226] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0 [ 1230.774829][T19226] hid-generic 0000:0000:0000.0048: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1231.060461][T19229] HID 045e:07da: Invalid code 65791 type 1 [ 1231.072493][T19229] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0049/input/input72 [ 1231.117748][T19229] microsoft 0003:045E:07DA.0049: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 1231.315522][T19226] usb 6-1: USB disconnect, device number 22 [ 1231.521512][T19592] Bluetooth: hci2: command tx timeout [ 1231.725603][T20020] loop2: detected capacity change from 0 to 512 [ 1231.803245][T20020] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1231.937027][T20020] EXT4-fs warning (device loop2): ext4_begin_enable_verity:135: inode #15: comm syz.2.5763: verity is only allowed on extent-based files [ 1231.988238][T19922] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1232.277737][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1233.122581][ C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured! [ 1233.550408][T20045] loop3: detected capacity change from 0 to 1024 [ 1233.756837][T20051] loop5: detected capacity change from 0 to 512 [ 1233.816436][T19922] veth0_vlan: entered promiscuous mode [ 1233.880509][T20051] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1233.902834][T19922] veth1_vlan: entered promiscuous mode [ 1234.152679][T18128] hfsplus: b-tree write err: -5, ino 3 [ 1234.247233][T19922] veth0_macvtap: entered promiscuous mode [ 1234.335114][T19922] veth1_macvtap: entered promiscuous mode [ 1234.510320][T19922] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1234.560236][T14576] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1234.592696][T19922] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1234.677092][T18161] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.686322][T18156] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.715105][T18161] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1234.717140][T18161] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1235.480711][T20064] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1236.151095][T20073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5781'. [ 1236.163792][T20073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5781'. [ 1237.080051][T20087] loop2: detected capacity change from 0 to 512 [ 1237.155899][T20087] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1237.295824][T20087] EXT4-fs (loop2): 1 orphan inode deleted [ 1237.302007][T20087] EXT4-fs (loop2): 1 truncate cleaned up [ 1237.310028][T20087] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1237.425730][T20094] netlink: 'syz.5.5790': attribute type 10 has an invalid length. [ 1237.509842][T20087] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.2.5786: path /573/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 1237.620015][T20087] EXT4-fs (loop2): Remounting filesystem read-only [ 1237.634248][T20096] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5788'. [ 1238.054250][T12886] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1238.293669][T20107] netlink: 'syz.3.5793': attribute type 12 has an invalid length. [ 1238.302687][T20107] netlink: 'syz.3.5793': attribute type 29 has an invalid length. [ 1238.310685][T20107] netlink: 148 bytes leftover after parsing attributes in process `syz.3.5793'. [ 1238.323085][T20107] netlink: 'syz.3.5793': attribute type 1 has an invalid length. [ 1238.331169][T20107] netlink: 'syz.3.5793': attribute type 2 has an invalid length. [ 1239.088633][T20119] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1239.538789][ T30] audit: type=1326 audit(1764538212.790:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20125 comm="syz.3.5798" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x0 [ 1239.796169][T18161] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1239.804490][T18161] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1239.956646][T18161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1239.967680][T18161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1240.694747][T20145] loop3: detected capacity change from 0 to 128 [ 1240.728543][T20145] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 1240.786496][T20145] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1240.969032][T20147] syzkaller1: entered promiscuous mode [ 1240.976320][T20147] syzkaller1: entered allmulticast mode [ 1241.026634][ C0] ===================================================== [ 1241.034015][ C0] BUG: KMSAN: uninit-value in bpf_prog_run_generic_xdp+0x1465/0x2000 [ 1241.042433][ C0] bpf_prog_run_generic_xdp+0x1465/0x2000 [ 1241.048383][ C0] do_xdp_generic+0xd52/0x1690 [ 1241.053454][ C0] __netif_receive_skb_core+0x2bc2/0x7150 [ 1241.059433][ C0] __netif_receive_skb+0xcc/0xac0 [ 1241.064750][ C0] process_backlog+0x485/0xa00 [ 1241.069689][ C0] __napi_poll+0xdd/0x8a0 [ 1241.074287][ C0] net_rx_action+0xbc8/0x1c30 [ 1241.079159][ C0] handle_softirqs+0x169/0x6e0 [ 1241.084274][ C0] __do_softirq+0x14/0x1b [ 1241.088815][ C0] do_softirq+0x99/0x100 [ 1241.093450][ C0] __local_bh_enable_ip+0xa1/0xb0 [ 1241.098676][ C0] tun_rx_batched+0x889/0x980 [ 1241.103668][ C0] tun_get_user+0x5d62/0x6d70 [ 1241.108532][ C0] tun_chr_write_iter+0x3e9/0x5c0 [ 1241.113852][ C0] vfs_write+0xbe2/0x15d0 [ 1241.118330][ C0] __ia32_sys_write+0x1f9/0x4d0 [ 1241.123448][ C0] ia32_sys_call+0x35bc/0x4310 [ 1241.128417][ C0] __do_fast_syscall_32+0xb0/0x150 [ 1241.133848][ C0] do_fast_syscall_32+0x38/0x80 [ 1241.138902][ C0] do_SYSENTER_32+0x1f/0x30 [ 1241.143736][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1241.150271][ C0] [ 1241.152797][ C0] Uninit was created at: [ 1241.157265][ C0] __kmalloc_node_track_caller_noprof+0xb4b/0x1ba0 [ 1241.164091][ C0] kmalloc_reserve+0x22f/0x4b0 [ 1241.169045][ C0] pskb_expand_head+0x1fc/0x1610 [ 1241.174294][ C0] do_xdp_generic+0xa79/0x1690 [ 1241.179251][ C0] __netif_receive_skb_core+0x2bc2/0x7150 [ 1241.185309][ C0] __netif_receive_skb+0xcc/0xac0 [ 1241.190472][ C0] process_backlog+0x485/0xa00 [ 1241.195499][ C0] __napi_poll+0xdd/0x8a0 [ 1241.199979][ C0] net_rx_action+0xbc8/0x1c30 [ 1241.204945][ C0] handle_softirqs+0x169/0x6e0 [ 1241.209897][ C0] __do_softirq+0x14/0x1b [ 1241.214524][ C0] [ 1241.216955][ C0] CPU: 0 UID: 0 PID: 20148 Comm: syz.5.5806 Tainted: G W syzkaller #0 PREEMPT(none) [ 1241.228209][ C0] Tainted: [W]=WARN [ 1241.232212][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1241.242491][ C0] ===================================================== [ 1241.249508][ C0] Disabling lock debugging due to kernel taint [ 1241.255884][ C0] Kernel panic - not syncing: kmsan.panic set ... [ 1241.262430][ C0] CPU: 0 UID: 0 PID: 20148 Comm: syz.5.5806 Tainted: G B W syzkaller #0 PREEMPT(none) [ 1241.273551][ C0] Tainted: [B]=BAD_PAGE, [W]=WARN [ 1241.278644][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1241.288816][ C0] Call Trace: [ 1241.292170][ C0] [ 1241.295088][ C0] __dump_stack+0x26/0x30 [ 1241.299578][ C0] dump_stack_lvl+0x53/0x270 [ 1241.304324][ C0] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1241.310295][ C0] dump_stack+0x1e/0x25 [ 1241.314603][ C0] vpanic+0x435/0xd30 [ 1241.318759][ C0] panic+0x15d/0x160 [ 1241.322859][ C0] kmsan_report+0x31c/0x320 [ 1241.327511][ C0] ? bpf_prog_run_generic_xdp+0x9b7/0x2000 [ 1241.333508][ C0] ? __msan_warning+0x1b/0x30 [ 1241.338309][ C0] ? bpf_prog_run_generic_xdp+0x1465/0x2000 [ 1241.344392][ C0] ? do_xdp_generic+0xd52/0x1690 [ 1241.349504][ C0] ? __netif_receive_skb_core+0x2bc2/0x7150 [ 1241.355600][ C0] ? __netif_receive_skb+0xcc/0xac0 [ 1241.360934][ C0] ? process_backlog+0x485/0xa00 [ 1241.366015][ C0] ? __napi_poll+0xdd/0x8a0 [ 1241.370638][ C0] ? net_rx_action+0xbc8/0x1c30 [ 1241.375634][ C0] ? handle_softirqs+0x169/0x6e0 [ 1241.380757][ C0] ? __do_softirq+0x14/0x1b [ 1241.385422][ C0] ? do_softirq+0x99/0x100 [ 1241.390012][ C0] ? __local_bh_enable_ip+0xa1/0xb0 [ 1241.395488][ C0] ? tun_rx_batched+0x889/0x980 [ 1241.400508][ C0] ? tun_get_user+0x5d62/0x6d70 [ 1241.405519][ C0] ? tun_chr_write_iter+0x3e9/0x5c0 [ 1241.410872][ C0] ? vfs_write+0xbe2/0x15d0 [ 1241.415503][ C0] ? __ia32_sys_write+0x1f9/0x4d0 [ 1241.420653][ C0] ? ia32_sys_call+0x35bc/0x4310 [ 1241.425781][ C0] ? __do_fast_syscall_32+0xb0/0x150 [ 1241.431260][ C0] ? do_fast_syscall_32+0x38/0x80 [ 1241.436468][ C0] ? do_SYSENTER_32+0x1f/0x30 [ 1241.441325][ C0] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1241.448013][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.453286][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.458573][ C0] ? __bpf_prog_run32+0xc2/0xf0 [ 1241.463553][ C0] ? kmem_cache_free+0x53a/0x1490 [ 1241.468736][ C0] ? skb_free_head+0x13c/0x3a0 [ 1241.473720][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.478995][ C0] __msan_warning+0x1b/0x30 [ 1241.483674][ C0] bpf_prog_run_generic_xdp+0x1465/0x2000 [ 1241.489685][ C0] do_xdp_generic+0xd52/0x1690 [ 1241.494655][ C0] ? __netif_receive_skb_core+0x21/0x7150 [ 1241.500611][ C0] ? filter_irq_stacks+0x49/0x190 [ 1241.505836][ C0] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1241.512437][ C0] __netif_receive_skb_core+0x2bc2/0x7150 [ 1241.518375][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.523643][ C0] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1241.529621][ C0] ? filter_irq_stacks+0x49/0x190 [ 1241.534865][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.540129][ C0] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1241.546106][ C0] __netif_receive_skb+0xcc/0xac0 [ 1241.551265][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.556566][ C0] process_backlog+0x485/0xa00 [ 1241.561510][ C0] ? __pfx_process_backlog+0x10/0x10 [ 1241.566940][ C0] __napi_poll+0xdd/0x8a0 [ 1241.571401][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.576668][ C0] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1241.582641][ C0] net_rx_action+0xbc8/0x1c30 [ 1241.587455][ C0] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1241.593557][ C0] ? sched_clock_cpu+0x59/0xa80 [ 1241.598567][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.603881][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 1241.609147][ C0] handle_softirqs+0x169/0x6e0 [ 1241.614133][ C0] __do_softirq+0x14/0x1b [ 1241.618629][ C0] do_softirq+0x99/0x100 [ 1241.623051][ C0] [ 1241.626052][ C0] [ 1241.629062][ C0] __local_bh_enable_ip+0xa1/0xb0 [ 1241.634448][ C0] ? tun_rx_batched+0x16c/0x980 [ 1241.639492][ C0] tun_rx_batched+0x889/0x980 [ 1241.644355][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.649641][ C0] tun_get_user+0x5d62/0x6d70 [ 1241.654501][ C0] ? stack_depot_save_flags+0x35/0x7b0 [ 1241.660122][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.665395][ C0] ? kmsan_get_metadata+0xfb/0x160 [ 1241.670666][ C0] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1241.677215][ C0] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1241.683558][ C0] tun_chr_write_iter+0x3e9/0x5c0 [ 1241.688811][ C0] vfs_write+0xbe2/0x15d0 [ 1241.693303][ C0] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 1241.699063][ C0] __ia32_sys_write+0x1f9/0x4d0 [ 1241.704093][ C0] ia32_sys_call+0x35bc/0x4310 [ 1241.709064][ C0] __do_fast_syscall_32+0xb0/0x150 [ 1241.714392][ C0] do_fast_syscall_32+0x38/0x80 [ 1241.719435][ C0] do_SYSENTER_32+0x1f/0x30 [ 1241.724119][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1241.730630][ C0] RIP: 0023:0xf703d539 [ 1241.734809][ C0] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1241.754652][ C0] RSP: 002b:00000000f540c55c EFLAGS: 00000206 ORIG_RAX: 0000000000000004 [ 1241.763228][ C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440 [ 1241.771312][ C0] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000000 [ 1241.779382][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1241.787452][ C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1241.795524][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1241.803629][ C0] [ 1241.807151][ C0] Kernel Offset: disabled [ 1241.811517][ C0] Rebooting in 86400 seconds..