last executing test programs: 8m14.234156461s ago: executing program 3 (id=702): syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x77}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) symlink(0x0, &(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) lsetxattr$security_capability(0x0, &(0x7f0000000200), &(0x7f00000002c0)=@v2={0x2000000, [{0x6, 0x7}, {0x4, 0x4}]}, 0x14, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$6lowpan_control(r4, &(0x7f00000000c0)='connect aa:aa:aa:aa:aa:11 2', 0x1b) 8m12.310568953s ago: executing program 3 (id=707): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x2, r1, 0x2, &(0x7f0000000000)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0xfffffffc}, 0x10) r5 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r5, 0x1, 0x8, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x98}, 0x1, 0x0, 0x0, 0x20040800}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f030200", @ANYRES32=r7, @ANYBLOB="200001"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40840) 8m9.78849858s ago: executing program 3 (id=710): mkdir(0x0, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0) socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20050840) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc2041, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x6, 0xfffffffffffffffd}, 0x0, &(0x7f0000000040)={0x3ff, 0x0, 0x1, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 8m8.75804756s ago: executing program 3 (id=713): ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) munmap(&(0x7f0000c75000/0x4000)=nil, 0x4000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) read(0xffffffffffffffff, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket(0x10, 0x3, 0x0) write(r1, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, 0x0, 0x0) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000006c0)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f00000002800000129487a71fe2c251244961f2a74ac35ff5fc", 0x3e}], 0x1}, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf050005001206", 0x2e}], 0x1}, 0x48000) 8m5.068039175s ago: executing program 3 (id=725): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) flistxattr(r0, 0x0, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2) sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[], 0xd0}}, 0x0) 8m4.760601583s ago: executing program 3 (id=728): syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x910ec27568a00e35, 0x40000002, 0x0) r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card0/oss_mixer\x00', 0x2, 0x0) write$proc_mixer(r3, &(0x7f0000000280)=ANY=[@ANYBLOB='VOLUME \'Line\' 0000000'], 0x2a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x9}, 0x94) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'lo\x00', &(0x7f0000000380)=@ethtool_drvinfo={0x3, "ae37a5fee7f817d0e7c80c5e531c83ef941fd0e94c6071d4265aeea524c7baf5", "0c7829aeda9446f0e8cf944fbac5a72f154a5c2529c572cceeee9c61aaded410", "0c65a946e6cd2bea44adc1d1ab71e142d0111c20ce139373e647e119edbb66a3", "fec3f28745c3a8a5d6ddb195c8e8ca612bf943471cf9c6af9e075ad4d09d59ea", "a0f17d77c0d227f7ee532514c328d9b827496ff8f10f3356079dfa3457ecfb14", "fbf7d34f9695832c057dfaf6", 0xa4d, 0xffff, 0x0, 0xffffffff, 0xfffffffa}}) socket$inet6_udp(0xa, 0x2, 0x0) syz_usbip_server_init(0x2) openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x40841, 0x2) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, 0x0, 0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) 7m49.681109342s ago: executing program 32 (id=728): syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x910ec27568a00e35, 0x40000002, 0x0) r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card0/oss_mixer\x00', 0x2, 0x0) write$proc_mixer(r3, &(0x7f0000000280)=ANY=[@ANYBLOB='VOLUME \'Line\' 0000000'], 0x2a) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x9}, 0x94) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'lo\x00', &(0x7f0000000380)=@ethtool_drvinfo={0x3, "ae37a5fee7f817d0e7c80c5e531c83ef941fd0e94c6071d4265aeea524c7baf5", "0c7829aeda9446f0e8cf944fbac5a72f154a5c2529c572cceeee9c61aaded410", "0c65a946e6cd2bea44adc1d1ab71e142d0111c20ce139373e647e119edbb66a3", "fec3f28745c3a8a5d6ddb195c8e8ca612bf943471cf9c6af9e075ad4d09d59ea", "a0f17d77c0d227f7ee532514c328d9b827496ff8f10f3356079dfa3457ecfb14", "fbf7d34f9695832c057dfaf6", 0xa4d, 0xffff, 0x0, 0xffffffff, 0xfffffffa}}) socket$inet6_udp(0xa, 0x2, 0x0) syz_usbip_server_init(0x2) openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x40841, 0x2) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, 0x0, 0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) 3m47.560044626s ago: executing program 0 (id=1454): io_setup(0x800, &(0x7f0000000440)=0x0) r1 = eventfd(0xfff) r2 = syz_open_dev$loop(&(0x7f0000000040), 0x3, 0xa8000) io_submit(r0, 0x1, &(0x7f0000000300)=[&(0x7f0000000100)={0x0, 0x0, 0x8, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r1}]) 3m47.399932665s ago: executing program 0 (id=1455): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0}) r0 = syz_usbip_server_init(0x1) syz_mount_image$vfat(&(0x7f0000000640), &(0x7f0000000580)='./mnt\x00', 0x8000, &(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES64=0x0], 0x0, 0x2fe, &(0x7f0000000080)="$eJzs3c9LG1sUwPGTxJhEny8uHo/H4z24WCgtxcEEuuuiUhRKAy1qCrW0MNaxDRkTyQQhUqqLQv+HLlx0WQql0F03pXTrpn9Bf+3cuKsL6S2TmYkxScfYkqr1+1noMfecuTdzbzRezWTzQmyxuJAUj477gQxLVGJ+vCZn365/+H/6zR/e10pNjs9kskpFReTm/Wcjr6uD11/++SohG8O3N7eynzf+mxH5OnNPoqrgqJLWylRz5XI14hbPF5yiodQ12zIdSxVKjlWp+u3mnG2pBbu8tFRTZml+aGCpYjmOMks1VbRqqlpW1UpNmXfNQkkZhqGGBgT1yQpE29oiYYX5p9tay5bWWifWRGvdIXstCIK1kfi5weIoaZn/0Ny2xRHr5cjwK2zrvq7nH78f7/H/8THzfzJN35i9Mp7LTUzdUkmRxUfL+eW899lrfz8oBbHFkvWpc7M74q4Rn0Tcj5OXcxNjqm5YTi+u+vWry3nvh8P4gl+fkbT7PKWpXoL6jFev9tbHZaC5Pitp+atzfTaol2hTfb+cOdVUb0ha3t2Rstgy7z7Tbap/kFHq0tVcS/+peh4AAAAAAAAAAMeRoRp29+8jjT/1pgwjUf+Pj0Z7yr3ZzfMSGvvrY5KWnc7782Md9/f75N++Q7zjAAAAAACcIE5tpWjatlXpTRB7kgrpIi4ibiDycMQdTOgB//ZH3F3v/SLS3hRrdKH3PU7qvNff8yl/YNLLExUEyfCTsF8QvFijaNovgqaUdEqOHmgBjPZ3PPPJSkR6un72BNJNsiTD71fiO+WJrpdWaxDZCW75p2OOjux/HG3acavixFeKsjuDoVUXD/RwaAmKicYMtp6o0U/ece2QbxpfGlt8AAAAAI6Rpl+cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAIfmhK7EF1+3f2yT+W8S3X5Kt9X3iue4/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCPoWwAAAP//7Q6teg==") r1 = syz_pidfd_open(0x0, 0x0) setns(r1, 0x24020000) r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_pidfd_open(r2, 0x0) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8900, &(0x7f0000001dc0)={0x8f, 0x74, 0x100000}, 0x20) socket$packet(0x11, 0x2, 0x300) ioctl$PPPIOCCONNECT(r1, 0x4004743a, 0x0) bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r3, 0x11, 0xa, 0x0, 0x0) sendmsg(r3, &(0x7f0000002c40)={0x0, 0x0, 0x0}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0x7, 0x0, 0x0) write$usbip_server(r0, &(0x7f0000002680)=ANY=[@ANYBLOB="000000030000000100000000000000010000007f000000090000"], 0x30) 3m46.571499964s ago: executing program 0 (id=1459): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) pidfd_send_signal(0xffffffffffffffff, 0x21, 0x0, 0x4) 3m46.332281217s ago: executing program 0 (id=1460): syz_open_procfs(0x0, &(0x7f0000000000)='net/icmp6\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d00000000000057"], 0x0, 0x34}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000}, 0x94) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x800, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0xdafbe5d6891b6e4) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002240), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000040)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}}) read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2092) write$FUSE_INIT(r0, &(0x7f00000046c0)={0x50, 0x0, r1, {0x7, 0x9, 0x4, 0x403a1810, 0xfffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50) llistxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c000180"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r2, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002800500"], 0x48}}, 0x4084) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0) 3m42.988153112s ago: executing program 0 (id=1468): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = dup(r1) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040), 0x0) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x0) ioctl$UI_DEV_CREATE(r3, 0x5501) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xb, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x6, 0x0, 0x7fff0000}]}) close_range(r5, r5, 0x0) fanotify_init(0x200, 0x0) r6 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80}) io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) 3m42.473045612s ago: executing program 0 (id=1472): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) syz_emit_ethernet(0x8e, &(0x7f0000000280)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x58, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x2, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @window={0x3, 0x3, 0xd7}, @fastopen={0x22, 0x10, "910bdb835cfbe48eb10a29d0eb29"}, @md5sig={0x13, 0x12, "8098cf093cc9cd7b8ec814f9bcfdfea9"}, @sack={0x5, 0x1a, [0x8, 0xfffffffe, 0x3, 0x6, 0x1, 0x10001]}]}}}}}}}}, 0x0) 3m26.737705509s ago: executing program 33 (id=1472): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) syz_emit_ethernet(0x8e, &(0x7f0000000280)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x58, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x2, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @window={0x3, 0x3, 0xd7}, @fastopen={0x22, 0x10, "910bdb835cfbe48eb10a29d0eb29"}, @md5sig={0x13, 0x12, "8098cf093cc9cd7b8ec814f9bcfdfea9"}, @sack={0x5, 0x1a, [0x8, 0xfffffffe, 0x3, 0x6, 0x1, 0x10001]}]}}}}}}}}, 0x0) 8.851217674s ago: executing program 2 (id=2320): io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0x1, 0xa0002f8}) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x8000, 0x0) futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, 0x0, 0x0) r0 = socket(0x400000000010, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x170bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe5, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xfffd}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000001b80)) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_connect(0x2, 0x52, 0x0, 0x0) ioctl$HIDIOCGPHYS(0xffffffffffffffff, 0x80404812, 0x0) r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x8000, 0x0) ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0) setsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f00000037c0)=0x2, 0x4) getsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, 0x0, &(0x7f0000003840)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x5, 0x0) 7.20287772s ago: executing program 1 (id=2335): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="280000006800010000000000fd5bdf250a0000000000000008000500", @ANYRES32=0x0, @ANYBLOB="06000780"], 0x28}}, 0x0) 7.060252709s ago: executing program 1 (id=2336): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f00000000c0), 0x0}, 0x20) 7.059846499s ago: executing program 1 (id=2337): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='uid_map\x00') ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f00000003c0)={'syztnl0\x00', 0x0, 0x4, 0x92, 0xe, 0x2, 0x2, @ipv4={'\x00', '\xff\xff', @local}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1, 0x1, 0x100, 0x9}}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x4, 0x1}}]}}, 0x0, 0x32, 0x0, 0x1, 0xfffffa12, 0x10000}, 0x28) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r1 = epoll_create1(0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a}) read$char_usb(r2, &(0x7f0000000100)=""/162, 0xa2) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, 0xfffffffffffffffe}, 0x8f) epoll_pwait(r1, 0x0, 0x0, 0x7, 0x0, 0x0) syz_usbip_server_init(0xa343a993be6ba7ec) 6.639843243s ago: executing program 6 (id=2340): socket(0x10, 0x80002, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8010) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc4, 0xc4, 0x4, [@union={0x2, 0x4, 0x0, 0x5, 0x0, 0x10000, [{0x5, 0x5, 0x8000}, {0x6, 0x2, 0x7}, {0x9, 0x0, 0x5}, {0x2, 0x3, 0x1}]}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {0xa, 0x2}, {0xb}]}, @restrict={0x2, 0x0, 0x0, 0xb, 0x2}, @restrict={0xf}, @typedef={0x5, 0x0, 0x0, 0x8, 0x5}, @int={0xe, 0x0, 0x0, 0x1, 0x0, 0x69, 0x0, 0x1c, 0x4}, @float={0x2, 0x0, 0x0, 0x10, 0x2}, @type_tag={0xa, 0x0, 0x0, 0x12, 0x1}, @decl_tag={0x10, 0x0, 0x0, 0x11, 0x5, 0x8}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000700)=""/115, 0xe0, 0x73, 0x1, 0x7f}, 0x28) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x2, 0x5, 0x2, 0x408, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0}, 0x50) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1b0000000000000000000000008000", @ANYBLOB="000000000000000001000040002cc0243a6de1ff15c1bf19bbee760d893f47191bc1e83495fbaea6aed10ace2f0b798e93afbfa3c56e663dff7eb89cadb836ddabf4f8ad8cf12d7b19", @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000340)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0xc, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd825}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0) r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000100)={@local}) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000808000400", @ANYRES32=r7, @ANYBLOB="06001500070000000c00168008000100"], 0x38}}, 0x10) 6.638857483s ago: executing program 6 (id=2341): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000b40)='source', 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x2) syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0) 4.763902463s ago: executing program 2 (id=2344): r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000280)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @multicast1}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200008c0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) fdatasync(r1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ftruncate(r1, 0x5) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e23, @multicast2}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x10) close(0x3) 4.407374123s ago: executing program 2 (id=2352): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x6) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000040)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="020f0000100000000000000000000000030005000000000002000000ffffffff0000000000000000080012000000010000000000000000000600000000000000000000000000000000000000000000000000000000000000fc0200000000000000000000000000000300060000000000020000df000000010000000000000000"], 0x80}}, 0x0) timer_create(0x3, 0x0, &(0x7f00000003c0)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)) timer_delete(0x0) fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) 4.087482762s ago: executing program 1 (id=2356): io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0x1, 0xa0002f8}) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x8000, 0x0) futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, 0x0, 0x0) r0 = socket(0x400000000010, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x170bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe5, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xfffd}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) clock_gettime(0x0, &(0x7f0000001b80)) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_connect(0x2, 0x52, 0x0, 0x0) ioctl$HIDIOCGPHYS(0xffffffffffffffff, 0x80404812, 0x0) r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x8000, 0x0) ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0) setsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f00000037c0)=0x2, 0x4) getsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, 0x0, &(0x7f0000003840)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x5, 0x0) 3.628126849s ago: executing program 4 (id=2360): syz_mount_image$ext4(&(0x7f0000000900)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000000c0)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@commit}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={0x0}}, 0x4000) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000180)={0x17c04, 0xffffffffffffffff, 0x84, 0x75ea, 0x800004}) 3.481729737s ago: executing program 6 (id=2361): r0 = socket$nl_audit(0x10, 0x3, 0x9) setresuid(0x0, 0xee00, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000040)=0x10, 0x4) 3.380711053s ago: executing program 6 (id=2362): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r1 = dup2(r0, r0) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1bf6c293"], 0x38}, 0x1, 0x0, 0x0, 0x845}, 0x4020) 3.222889742s ago: executing program 6 (id=2365): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x109301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x301, 0x0, 0x3e, 0x905, 0x0}) 3.09894235s ago: executing program 6 (id=2367): r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffefffffff7ffffc]}, 0x8, 0x800) r1 = syz_io_uring_setup(0xbd7, &(0x7f0000000040)={0x0, 0xe14f, 0x8, 0x1, 0x4000032f, 0x0, r0}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd=r0, 0xa, &(0x7f0000000100)=[{&(0x7f0000000400)=""/203, 0xcb}], 0x1}) prlimit64(0x0, 0xe, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x8b19, &(0x7f0000000000)) io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r4, 0xffffffffffffffff, 0x0) 2.840633285s ago: executing program 4 (id=2368): openat$ppp(0xffffffffffffff9c, 0x0, 0x161042, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000340), 0xfd, 0x564, &(0x7f0000000b00)="$eJzs3d9rW+UbAPDnpE33+7sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0mZlNFlGk461Dtwu3I03MgQRB8Nr9d7L4T/gXzHQwZBRFPEmctKTmK3JmnXZmprPB872vjkne8+T9zzv3jcnIQEMrYn0j1zECxHxZRJxsG3faGQ7J9aPW3twdS7dkqjXP/o9iSR7rHl8kv29L6v8PyJ+/jzieG5ju9WV1cXZUqm4lNUna+VLk9WV1RMXyrMLxYXixemZmVNvzEy//dabfYv11bN/fvPhnfdOfXF07esf7x26mcTp2J/ta4/jKVxrr0zERPaa5OP0IwdO9aGxQZJs9wmwJSNZnucjHQMOxkiW9cB/32cRUQeGVCL/YUg15wHNtX2f1sE7xv131xdAG+MfXX9vJHY31kZ715KHVkbpene8D+2nbfz0262b6Rb9ex8CYFPXrkfEydHRjeNfko1/W3eyh2MebcP4B8/PnXT+81qn+U+uNf+JDvOffR1ydys2z//cvT4001U6/3un4/y3ddNqfCSrHWjM+fLJ+QulYjq2/S8ijkV+V1p/3P2cU2t36932tc//0i1tvzkXzM7j3uiuh58zP1ubfZqY292/HvFix/lv0ur/pEP/p6/H2R7bOFK89XK3fZvH/2zVv4t4pWP/51vHJI+/PznZuB4mm1fFRn/cOPJLt/a3O/60//eux/9XtiRs9X9mPGm/X1t98jZu7/672G3fVq//seTjRnkse+zKbK22NBUxlnyw8fHpf5/brDePT+M/dvTx41+n639PRHzSY/w3Dv/w0tbjf7bS+Oc7Xv/d+v/JC3ff//Tbzq3f7rH/X4+k7QZzL+Nfryf4VC8eAAAAAAAADJhcROyPJFdolXO5QmH98x2HY2+uVKnWjp+vLF+cj8Z3Zccjn2ve6T7Y9nmIqezzsM369CP1mYg4FBFfjexp1AtzldL8dgcPAAAAAAAAAAAAAAAAAAAAA2Jfl+//p34d2e6zA545P/kNw2vT/O/HLz0BA8n//zC85D8ML/kPw0v+w/CS/zC85D8ML/kPw0v+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dPXMm3eprD67OpfX5yyvLi5XLJ+aL1cVCeXmuMFdZulRYqFQWSsXCXKW82b9XqlQuTU3H8pXJWrFam6yurJ4rV5Yv1s5dKH9/IKKYfy5RAQAAAAAAAAAAAAAAAAAAwM5SXVldnC2ViksKjcKuGIjT2EGF0cE4DYU+FzoMFmPbMEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQET8EwAA//+ndDnV") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_GET_DAEMON(r1, 0x0, 0x40) lremovexattr(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0)=@random={'trusted.', '\xb2\x00i'}) 2.588509729s ago: executing program 5 (id=2369): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x4}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB="00000000000000000000009aaff42a18f6e53b00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) write$dsp(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x801) r0 = socket$inet6(0xa, 0x1, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, &(0x7f0000000240)) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000340)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x50, r4, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x50}, 0x4, 0x700000000000000}, 0x0) 2.431166089s ago: executing program 5 (id=2370): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x401, 0xe4340000, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x23}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x2) 2.396619361s ago: executing program 5 (id=2371): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) r1 = gettid() bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x2f}, 0x20) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000340)=0x0) timer_settime(r2, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) creat(&(0x7f0000000200)='./file0\x00', 0x28) 2.22401305s ago: executing program 4 (id=2372): socket$inet6_udp(0xa, 0x2, 0x0) semop(0x0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}, {0x1, 0x5b7a, 0x800}], 0x2) semop(0x0, &(0x7f00000002c0)=[{0x1, 0xbbdd, 0x1000}, {0x3, 0x8, 0x1000}, {0x2, 0xffff}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff]) 2.012206483s ago: executing program 4 (id=2373): r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x20044004) getsockopt$sock_int(r0, 0x1, 0xc, 0x0, 0x0) openat$mice(0xffffff9c, &(0x7f0000000100), 0x0) shutdown(0xffffffffffffffff, 0x1) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$loop(0x0, 0x6, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf) msgrcv(0x0, 0x0, 0x0, 0x1, 0x0) msgctl$MSG_STAT(0x0, 0xb, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0xfffffffffffffffd, 0x1000001000, 0x45}, 0x0, 0x0, 0x0, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 494.083731ms ago: executing program 5 (id=2374): r0 = socket(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a3100000000080005"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4084) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) 384.788318ms ago: executing program 1 (id=2375): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_DEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0x6, 0xa8, @random='8\x00'}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x2, 0x128) io_setup(0x8, &(0x7f0000000180)=0x0) io_submit(r2, 0x0, &(0x7f00000000c0)) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r3) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_CHANINFO(r5, 0x80206403, &(0x7f000005cc00)={0x2, 0x0, 0x0, 0x0}) close(r4) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x3e, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40ffffff07000000400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x20004015}, 0x40) sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000c0a01010000000000f9ff000a0000090900020073797a31000000200900010073797a310000000014000380100000800c00018006000100582e000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4004850}, 0x40) r7 = dup(0xffffffffffffffff) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043) r8 = dup(0xffffffffffffffff) setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c) 268.264145ms ago: executing program 2 (id=2376): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000300)="ad22", 0x2}], 0x1}}], 0x1, 0x2090) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f00000000c0)=0x7, 0x4) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/4096, 0x1000, 0x1, 0x0}, &(0x7f0000000180)=0x40) 267.850975ms ago: executing program 4 (id=2377): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) sendmsg$tipc(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80) r2 = dup3(r0, r1, 0x0) setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) 246.649886ms ago: executing program 4 (id=2378): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000200)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@prjquota}, {@bsdgroups}, {@oldalloc}, {@errors_continue}]}, 0x2, 0x45d, &(0x7f0000000ac0)="$eJzs3M1vFOUfAPDvzLaFH2/tD/EFRG1CDI0vLS2oHLxoNPGA0UQPeKzbQggLNbQmQohUY/BiYoh6Nh5N/Ce8GPVk4lXvhoQoF9BTzczOwHbZLSxddiv7+SQDz7PzdJ/n22eemWfm2W0AA2s8+yeJ2BYRv0XEaD27usB4/b/rV89X/756vprEyspbfyZ5uWtXz1fLouXPbS0yE2lE+klSVLLa4tlzJ2drtfkzRX5q6dR7U4tnzz174tTs8fnj86dnDh8+dHD6hednnutKnFlc1/Z8uLB392vvXHq9evTSuz99l7V3W7G/MY5uGc8C/2sl17zvyW5X1mfbG9LJUB8bQkcqEZF113A+/kejEjc7bzRe/bivjQPuqezatKn97uUV4D6WRL9bAPRHeaHP7n/LrUdTjw3hykv1G6As7uvFVt8zFGlRZrjp/rabxiPi6PI/X2db3KPnEAAAjT6rfnUknmk1/0vjoYZyO4o1lLGI+H9E7IyIByJiV0Q8GJGXfTgiHumw/ualoVvnP+nluwrsDmXzvxeLta3V879y9hdjlSK3PY9/ODl2ojZ/oPidTMTwpiw/vUYd37/y6+ft9jXO/7Itq7+cCxbtuDzU9IBubnZpNp+UdsGVjyL2DLWKP7mxEpBExO6I2NPZW+8oEyee+nZvu0K3j38NXVhnWvkmYn+9/5ejKf5Ssvb65NTmqM0fmCqPilv9/MvFN9vVv674uyDr/y2rj//mImNJ43rtYud1XPz907b3NHd7/I8kb+fno7KjPphdWjozHTGSHMlfHCnK5q/P3PzZMl+Wz+Kf2Nd6/O+MmxU8GhHZQfxYRDweEU8UbS+Pkn1rxP/jy+33bYT+n2t5/rtx/Df1f+eJyskfYnOb+u+s/w/lqYnilfz8dxt32sB1/fIAAADgPyLNPwOfpJM30mk6OVn/DP+u2JLWFhaXnj628P7pufpn5cdiOC2fdI02PA+dTpaLd6znZ4pnxeX+g8Vz4y8r/8vzk9WF2lyfY4dBt7XN+M/8Uel364B7rtU62sxIHxoC9Fzz+E9XZy+80cvGAD3l+9owuG4z/tNetQPoPdd/GFytxv+Fpry1ALg/uf7D4DL+YXAZ/zC4jH8YSOv5Xv8gJco/krpR2tP/RKQbohmdJcor3UZpT/cT+7+oR7juN+znWQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKB7/g0AAP//0TLrKA==") prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x8, 0x399}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) io_uring_enter(r0, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd) 188.994689ms ago: executing program 2 (id=2379): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48) 164.925691ms ago: executing program 5 (id=2380): socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x4}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB="00000000000000000000009aaff42a18f6e53b00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) write$dsp(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x801) r0 = socket$inet6(0xa, 0x1, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, 0x0, &(0x7f0000000240)) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f0000000340)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x50, r4, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r6}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x50}, 0x4, 0x700000000000000}, 0x0) 72.179416ms ago: executing program 2 (id=2381): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") fgetxattr(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='se'], 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40e8662e, &(0x7f0000000000)={0x9, 0x4000009, 0x7fffffffffffffff, 0x3, 0xffffffff, 0xa}) 71.289276ms ago: executing program 1 (id=2382): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14) getsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000680), &(0x7f00000006c0)=0x4) socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmmsg(0xffffffffffffffff, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1, &(0x7f0000000800)=ANY=[], 0x70}}], 0x1, 0x1) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x24e, &(0x7f0000000b80)="$eJzs3T9oJFUcB/DvzO7emcsipzaC+AdERAPh7ASbs1E4kOMQEVQ4EbFR7oQzwS6xsrHQWiWVTRA7o6WkCTaKYBU1RWwEDRYGCy1WdifR/FlNyK47R+bzgcnMy7yZ3xt2vm+3md0AjXU+ycUkrSQzSTpJir0d7quW8zvNpam1q0mv9/SvxaBf1a7sHjedZDHJo0lWyyKvtpP5lec3f19/8sF35joPfLTy3NREL3LH1ubGU9sfXn7700uPzH/97c+Xi1xMd991jV8x5H/tIrn9/yh2kyjadY+A47jy5iff9XN/R5L7B/nvpEz14r1748xqJw9/8G/HvvfLN3dNcqzA+PV6nf574GIPaJwySTdFOZuk2i7L2dnqM/z3rXPla9dvvDHzyvW5ay/XPVMB49JNNp74/Oxn0wfy/1Oryj9wevXz/8yV5R/629utukcDTMTd1aqf/5kXFx6K/EPjyD80l/xDc8k/NJf8Q3PJPzSX/MMp1vnv3fIPzSX/0FzyD821N/8AQLP0ztb9BDJQl7rnHwAAAAAAAAAAAAAAAAAA4LClqbWru8ukan75frL1eJL2sPqtwe8RJ7cM/p77reh3+1tRHTaSF+4d8QQj+njiT1+f2de69cdJ19/vq3vqrb9wLVl8K8mFdvvw/Vfs3H8nd9sR+zsvjVjgH9PH6VQcaD/27Njqn8ify/XWv7SefNGffy4Mm3/K3DlYD59/ukd/xfKRXv9jxBMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX8FAAD//3mXbV0=") ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000b40)={{0x1, 0x1, 0x18}, './file1\x00'}) syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2b2, &(0x7f0000000880)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj") r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) close(0xffffffffffffffff) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="010000000d0000000000010000000000000001410000001c001708000000000000006574683a73797a6b616c"], 0x38}}, 0x0) socket$unix(0x1, 0x2, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x40, 0x0) fcntl$setlease(r2, 0x400, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000001e80)='./file1\x00', 0x0) 0s ago: executing program 5 (id=2383): r0 = socket$inet6(0x10, 0x3, 0x0) write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x84, 0x73, 0x0, 0x0, @time={0x86a, 0x81}, {0x4, 0x4}, {}, @raw32={[0x2600, 0x9]}}], 0x1c) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000019000100000000000000000002"], 0x2c}}, 0x0) sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) kernel console output (not intermixed with test programs): e=0x7ffc0000 [ 598.049626][ T26] audit: type=1326 audit(1770047155.022:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 598.074429][ T26] audit: type=1326 audit(1770047155.022:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 598.097152][ T26] audit: type=1326 audit(1770047155.142:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 598.188108][ T26] audit: type=1326 audit(1770047155.142:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 598.210988][ T26] audit: type=1326 audit(1770047155.142:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 598.236251][ T9608] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 598.253329][ T26] audit: type=1326 audit(1770047155.252:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 598.345343][ T9608] ext4 filesystem being mounted at /290/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 598.387869][ T26] audit: type=1326 audit(1770047155.252:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.1.1504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 598.501690][ T9629] EXT4-fs error (device loop4): ext4_empty_dir:3136: inode #12: comm syz.4.1505: invalid size [ 598.682726][ T9636] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1512'. [ 598.710054][ T4250] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 598.969333][ T9648] netlink: 'syz.1.1517': attribute type 3 has an invalid length. [ 599.025071][ T1108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 599.287778][ T1325] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 600.345788][ T21] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 600.557798][ T1325] usb 5-1: Using ep0 maxpacket: 16 [ 600.848272][ T1325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 601.148452][ T1325] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 601.172106][ T1325] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 601.208604][ T1325] usb 5-1: Product: syz [ 601.223876][ T1325] usb 5-1: Manufacturer: syz [ 601.244353][ T1325] usb 5-1: SerialNumber: syz [ 601.269628][ T1325] usb 5-1: config 0 descriptor?? [ 601.323960][ T1325] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 601.389266][ T1325] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 601.425221][ T1108] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 601.636199][ T9500] bond1: (slave syz_tun): Releasing active interface [ 601.660677][ T9668] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1526'. [ 601.759777][ T154] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 601.788951][ T9676] device syzkaller0 entered promiscuous mode [ 601.827323][ T154] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 601.856874][ T9660] chnl_net:caif_netlink_parms(): no params data found [ 601.953328][ T1325] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 602.028727][ T154] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.063852][ T9660] bridge0: port 1(bridge_slave_0) entered blocking state [ 602.071391][ T9660] bridge0: port 1(bridge_slave_0) entered disabled state [ 602.080627][ T9660] device bridge_slave_0 entered promiscuous mode [ 602.106048][ T9660] bridge0: port 2(bridge_slave_1) entered blocking state [ 602.113468][ T9660] bridge0: port 2(bridge_slave_1) entered disabled state [ 602.122487][ T9660] device bridge_slave_1 entered promiscuous mode [ 602.146762][ T9660] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 602.158850][ T9660] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 602.186504][ T9660] team0: Port device team_slave_0 added [ 602.196105][ T9660] team0: Port device team_slave_1 added [ 602.234382][ T154] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.291090][ T9660] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 602.313877][ T9660] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 602.382678][ T9660] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 602.430422][ T9660] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 602.648389][ T26] kauditd_printk_skb: 33 callbacks suppressed [ 602.648529][ T26] audit: type=1326 audit(1770047160.542:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 602.688986][ T26] audit: type=1326 audit(1770047160.552:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.007862][ T26] audit: type=1326 audit(1770047160.552:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.037837][ T9660] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 603.064421][ T1325] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 603.131352][ T1325] em28xx 5-1:0.0: board has no eeprom [ 603.140003][ T4257] kernel write not supported for file bpf-prog (pid: 4257 comm: kworker/1:5) [ 603.175803][ T26] audit: type=1326 audit(1770047160.552:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.204761][ T9660] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 603.217772][ T26] audit: type=1326 audit(1770047160.552:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.330305][ T4257] Bluetooth: hci3: command 0x0409 tx timeout [ 603.354475][ T9660] device hsr_slave_0 entered promiscuous mode [ 603.363864][ T26] audit: type=1326 audit(1770047160.552:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.386833][ T9660] device hsr_slave_1 entered promiscuous mode [ 603.387014][ T26] audit: type=1326 audit(1770047160.552:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.416270][ T26] audit: type=1326 audit(1770047160.562:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.440072][ T9660] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 603.448905][ T9660] Cannot create hsr debugfs directory [ 603.456753][ T9704] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1538'. [ 603.489014][ T26] audit: type=1326 audit(1770047160.562:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.524640][ T26] audit: type=1326 audit(1770047160.562:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9682 comm="syz.1.1531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 603.578322][ T1325] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 603.590880][ T1325] em28xx 5-1:0.0: dvb set to bulk mode. [ 603.635900][ T1325] em28xx 5-1:0.0: Binding DVB extension [ 604.508503][ T4190] usb 5-1: USB disconnect, device number 8 [ 604.516357][ T4190] em28xx 5-1:0.0: Disconnecting em28xx [ 604.546499][ T9715] loop1: detected capacity change from 0 to 512 [ 604.595796][ T9660] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 604.630167][ T1325] em28xx 5-1:0.0: Registering input extension [ 604.654187][ T9660] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 604.810489][ T9715] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 604.940765][ T9660] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 605.010420][ T9715] ext4 filesystem being mounted at /298/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 605.630048][ T4257] Bluetooth: hci3: command 0x041b tx timeout [ 606.128488][ T4190] em28xx 5-1:0.0: Closing input extension [ 606.372580][ T9660] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 606.565997][ T4190] em28xx 5-1:0.0: Freeing device [ 607.628999][ T154] IPVS: stopping master sync thread 5268 ... [ 607.640059][ T9769] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1549'. [ 607.651218][ T9769] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.659973][ T9769] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.668709][ T9769] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.677397][ T9769] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 607.933141][ T9783] loop4: detected capacity change from 0 to 512 [ 607.953306][ T9660] 8021q: adding VLAN 0 to HW filter on device bond0 [ 608.028426][ T9783] EXT4-fs (loop4): Ignoring removed orlov option [ 608.038827][ T154] device hsr_slave_0 left promiscuous mode [ 608.048079][ T4257] Bluetooth: hci3: command 0x040f tx timeout [ 608.060212][ T9783] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 608.079530][ T154] device hsr_slave_1 left promiscuous mode [ 608.091092][ T9783] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 608.112097][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 608.123592][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 608.127908][ T9783] EXT4-fs error (device loop4): ext4_iget_extra_inode:4566: inode #15: comm syz.4.1556: corrupted in-inode xattr [ 608.150725][ T9783] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1556: couldn't read orphan inode 15 (err -117) [ 608.164841][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 608.176319][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 608.184886][ T9783] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,debug,noblock_validity,noload,nombcache,orlov,min_batch_time=0x0000000000000002,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none. [ 608.212446][ T154] device bridge_slave_1 left promiscuous mode [ 608.251987][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 608.282306][ T154] device bridge_slave_0 left promiscuous mode [ 608.289917][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 608.330637][ T154] device veth1_macvtap left promiscuous mode [ 608.336882][ T154] device veth0_macvtap left promiscuous mode [ 608.343748][ T154] device veth1_vlan left promiscuous mode [ 608.350220][ T154] device veth0_vlan left promiscuous mode [ 609.398518][ T9815] loop2: detected capacity change from 0 to 512 [ 609.403025][ T154] bond1 (unregistering): Released all slaves [ 609.505861][ T9815] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 609.531791][ T9815] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 609.557340][ T154] team0 (unregistering): Port device team_slave_1 removed [ 609.592289][ T154] team0 (unregistering): Port device team_slave_0 removed [ 609.608961][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 609.629963][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 609.679022][ T154] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 609.751412][ T154] bond0 (unregistering): Released all slaves [ 609.804169][ T9800] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1558'. [ 609.852707][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 609.886343][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 609.937238][ T9660] 8021q: adding VLAN 0 to HW filter on device team0 [ 609.994818][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 610.003773][ T9827] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1563'. [ 610.013505][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 610.031556][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 610.038817][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 610.160002][ T4257] Bluetooth: hci3: command 0x0419 tx timeout [ 610.166468][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 610.182189][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 610.191887][ T9836] loop2: detected capacity change from 0 to 128 [ 610.202338][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 610.222251][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 610.229467][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 610.237502][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 610.247305][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 610.325810][ T9660] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 610.345765][ T9836] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 610.408248][ T9660] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 610.430468][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 610.439165][ T9836] FAT-fs (loop2): Filesystem has been set read-only [ 611.177824][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 611.195738][ T4336] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 611.218499][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 611.225040][ T4336] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 611.236015][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 611.276984][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 611.314917][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 611.336677][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 611.382706][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 611.450092][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 611.516210][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 611.605050][ T9864] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1576'. [ 612.040648][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 612.059004][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 612.072953][ T9660] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 612.774745][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 612.810079][ T9016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 613.018291][ T4257] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 613.317867][ T4257] usb 2-1: Using ep0 maxpacket: 16 [ 613.463789][ T9660] device veth0_vlan entered promiscuous mode [ 613.475531][ T9900] loop5: detected capacity change from 0 to 2048 [ 613.483046][ T4257] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 613.524102][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 613.548941][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 613.614201][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 613.622213][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 613.661245][ T9660] device veth1_vlan entered promiscuous mode [ 613.708108][ T4257] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 613.721074][ T4257] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 613.749692][ T4257] usb 2-1: Product: syz [ 613.752832][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 613.764720][ T9900] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 613.768535][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 613.810771][ T4257] usb 2-1: Manufacturer: syz [ 613.815428][ T4257] usb 2-1: SerialNumber: syz [ 613.868905][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 613.886696][ T4257] usb 2-1: config 0 descriptor?? [ 613.902623][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 613.940193][ T9660] device veth0_macvtap entered promiscuous mode [ 613.982647][ T4257] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 614.008374][ T9660] device veth1_macvtap entered promiscuous mode [ 614.021989][ T4257] em28xx 2-1:0.0: DVB interface 0 found: bulk [ 614.110768][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 614.151762][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.201516][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 614.226989][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.248165][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 614.272904][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.294794][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 614.319233][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.342371][ T9660] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 614.364105][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 614.419531][ T4227] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 614.440023][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.517751][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.561101][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.587785][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.605792][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.627460][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.638007][ T4257] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 614.672933][ T9660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 614.716773][ T9660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 614.796231][ T9660] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 614.809526][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 614.840318][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 614.890129][ T9660] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.927135][ T9660] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.979002][ T9660] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.093487][ T9660] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.918863][ T4257] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 615.989766][ T4257] em28xx 2-1:0.0: board has no eeprom [ 616.244726][ T4278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.267895][ T4257] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 616.282502][ T4257] em28xx 2-1:0.0: dvb set to bulk mode. [ 616.306602][ T4278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.346443][ T4257] em28xx 2-1:0.0: Binding DVB extension [ 616.361914][ T4278] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 616.378588][ T4302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.386983][ T4302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.465137][ T4302] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 616.473949][ T4250] usb 2-1: USB disconnect, device number 9 [ 616.481769][ T4250] em28xx 2-1:0.0: Disconnecting em28xx [ 616.754462][ T4257] em28xx 2-1:0.0: Registering input extension [ 616.761013][ T4250] em28xx 2-1:0.0: Closing input extension [ 617.167960][ T4412] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 617.457999][ T4412] usb 7-1: Using ep0 maxpacket: 8 [ 617.578267][ T4412] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 617.683911][ T4412] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.075954][ T4412] pvrusb2: Hardware description: Terratec Grabster AV400 [ 618.222478][ T4412] pvrusb2: ********** [ 618.292960][ T4412] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 618.466270][ T4412] pvrusb2: Important functionality might not be entirely working. [ 618.604557][ T4412] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 618.702369][ T4250] em28xx 2-1:0.0: Freeing device [ 618.865918][ T4412] pvrusb2: ********** [ 619.745193][ T9995] loop1: detected capacity change from 0 to 2048 [ 619.749023][ T2421] pvrusb2: Invalid write control endpoint [ 619.757776][ T4412] usb 7-1: USB disconnect, device number 2 [ 619.948311][ T2421] pvrusb2: Invalid write control endpoint [ 619.958399][ T9995] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 619.960792][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 619.979074][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 619.986647][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 620.002336][T10013] loop2: detected capacity change from 0 to 512 [ 620.054434][ T9995] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 620.102903][ T2421] pvrusb2: Device being rendered inoperable [ 620.121519][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 620.130732][T10016] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28 [ 620.152993][T10013] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: writeback. [ 620.166237][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 620.174965][T10016] EXT4-fs (loop1): This should not happen!! Data will be lost [ 620.174965][T10016] [ 620.185841][ T2421] pvrusb2: Attached sub-driver cx25840 [ 620.190249][T10013] ext4 filesystem being mounted at /344/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 620.192235][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 620.213176][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 620.278835][T10016] EXT4-fs (loop1): Total free blocks count 0 [ 620.347391][T10016] EXT4-fs (loop1): Free/Dirty block details [ 620.370935][T10016] EXT4-fs (loop1): free_blocks=4096 [ 620.380676][T10016] EXT4-fs (loop1): dirty_blocks=16 [ 620.420524][T10016] EXT4-fs (loop1): Block reservation details [ 620.456434][T10016] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 620.675971][ T144] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 620.756140][ T144] EXT4-fs (loop1): This should not happen!! Data will be lost [ 620.756140][ T144] [ 621.991790][T10045] loop1: detected capacity change from 0 to 512 [ 622.073375][T10045] EXT4-fs (loop1): Ignoring removed oldalloc option [ 622.107558][T10045] EXT4-fs (loop1): mounted filesystem without journal. Opts: acl,nodiscard,oldalloc,,errors=continue. Quota mode: none. [ 623.147930][ T4336] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 624.291627][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.298494][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.517866][ T4336] usb 3-1: Using ep0 maxpacket: 8 [ 624.647899][ T4336] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 624.687860][ T4336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.814988][ T4336] pvrusb2: Hardware description: Terratec Grabster AV400 [ 624.852976][ T4336] pvrusb2: ********** [ 624.873255][ T4336] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 624.941147][ T4336] pvrusb2: Important functionality might not be entirely working. [ 626.294142][ T4336] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 626.306757][ T4336] pvrusb2: ********** [ 626.329083][ T2421] pvrusb2: Invalid write control endpoint [ 626.335296][ T4336] usb 3-1: USB disconnect, device number 11 [ 626.518190][ T2421] pvrusb2: Invalid write control endpoint [ 626.523973][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 626.539810][T10095] pimreg: tun_chr_ioctl cmd 1074812118 [ 626.543533][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 626.548873][T10098] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1633'. [ 626.609263][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 626.720180][ T2421] pvrusb2: Device being rendered inoperable [ 626.726737][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 628.049137][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 628.144988][ T2421] pvrusb2: Attached sub-driver cx25840 [ 628.330312][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 628.403921][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 628.785678][T10122] vcan0: tx drop: invalid da for name 0x0000000000000002 [ 629.909833][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 629.909850][ T26] audit: type=1326 audit(1770047187.992:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 631.120376][ T26] audit: type=1326 audit(1770047187.992:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 631.288923][ T26] audit: type=1326 audit(1770047188.142:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 631.563286][ T26] audit: type=1326 audit(1770047188.142:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 631.596804][T10162] loop5: detected capacity change from 0 to 128 [ 631.729282][T10162] EXT4-fs (loop5): Ignoring removed nobh option [ 631.827904][ T26] audit: type=1326 audit(1770047188.142:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 631.868839][T10162] EXT4-fs (loop5): mounted filesystem without journal. Opts: nobh,abort,,errors=continue. Quota mode: none. [ 631.938688][T10162] ext4 filesystem being mounted at /185/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 632.056551][ T26] audit: type=1326 audit(1770047188.262:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 632.153500][T10170] loop4: detected capacity change from 0 to 512 [ 632.346289][ T26] audit: type=1326 audit(1770047188.262:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 632.482644][T10170] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback. [ 632.489577][ T26] audit: type=1326 audit(1770047188.262:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 632.641778][T10170] ext4 filesystem being mounted at /325/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 632.726049][T10170] EXT4-fs error (device loop4): ext4_get_inode_usage:835: inode #12: comm syz.4.1655: corrupted xattr block 6 [ 632.757403][ T26] audit: type=1326 audit(1770047188.402:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 633.041864][ T26] audit: type=1326 audit(1770047188.402:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10136 comm="syz.5.1647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 634.042765][ T1108] kernel write not supported for file /input/event0 (pid: 1108 comm: kworker/1:2) [ 639.740589][ T9061] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 639.997742][ T9061] usb 5-1: Using ep0 maxpacket: 8 [ 640.025532][T10261] loop5: detected capacity change from 0 to 128 [ 640.118095][ T9061] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 640.147765][ T9061] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 640.210229][ T9061] pvrusb2: Hardware description: Terratec Grabster AV400 [ 640.225876][ T9061] pvrusb2: ********** [ 640.230310][ T9061] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 640.238998][T10261] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 640.280435][T10261] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 640.319714][ T9061] pvrusb2: Important functionality might not be entirely working. [ 640.371762][ T9061] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 640.385477][T10261] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1680'. [ 640.447774][ T9061] pvrusb2: ********** [ 640.495714][ T2421] pvrusb2: Invalid write control endpoint [ 640.502839][ T9061] usb 5-1: USB disconnect, device number 9 [ 640.717838][ T2421] pvrusb2: Invalid write control endpoint [ 640.740754][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 640.824805][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 640.845319][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 640.862929][ T2421] pvrusb2: Device being rendered inoperable [ 640.869634][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 640.896271][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 640.916508][ T2421] pvrusb2: Attached sub-driver cx25840 [ 640.970348][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 641.076053][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 641.122527][T10298] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1690'. [ 641.222377][T10299] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1690'. [ 642.277795][ T4250] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 643.085022][T10350] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1707'. [ 643.975023][ T4250] usb 7-1: Using ep0 maxpacket: 8 [ 644.097232][T10357] loop5: detected capacity change from 0 to 512 [ 644.128192][ T4250] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 644.147652][ T4250] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.217090][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 644.217107][ T26] audit: type=1326 audit(1770047202.292:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 644.258405][T10357] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ec01c, mo2=0003] [ 644.266416][T10357] System zones: 1-2, 4-12, 8-8 [ 644.283468][ T4250] pvrusb2: Hardware description: Terratec Grabster AV400 [ 644.295932][ T4250] pvrusb2: ********** [ 644.344043][T10357] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.1709: iget: bad i_size value: 38620345925642 [ 644.351658][ T26] audit: type=1326 audit(1770047202.362:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 644.362338][ T4250] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 644.454754][T10357] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1709: couldn't read orphan inode 15 (err -117) [ 644.564361][T10357] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,delalloc,data_err=ignore,debug,usrjquota=,bsdgroups,,errors=continue. Quota mode: writeback. [ 644.732695][ T26] audit: type=1326 audit(1770047202.362:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 645.977794][T10368] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 647.953435][ T4250] pvrusb2: Important functionality might not be entirely working. [ 647.961334][ T4250] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 647.972966][ T4250] pvrusb2: ********** [ 647.987147][ T26] audit: type=1326 audit(1770047202.362:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 648.012364][ T4250] usb 7-1: USB disconnect, device number 3 [ 648.018478][ T26] audit: type=1326 audit(1770047202.362:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 648.041447][ T4250] pvrusb2: Device being rendered inoperable [ 648.049157][ T26] audit: type=1326 audit(1770047202.362:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 648.110012][ T26] audit: type=1326 audit(1770047202.362:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 649.284876][ T26] audit: type=1326 audit(1770047202.362:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 649.508034][ T26] audit: type=1326 audit(1770047202.362:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 649.685527][ T26] audit: type=1326 audit(1770047202.362:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 649.776250][ T26] audit: type=1326 audit(1770047202.362:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 649.840191][ T26] audit: type=1326 audit(1770047202.362:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 650.017906][ T26] audit: type=1326 audit(1770047202.372:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 650.144397][ T26] audit: type=1326 audit(1770047202.372:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 650.271562][ T26] audit: type=1326 audit(1770047202.372:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 650.309953][ T26] audit: type=1326 audit(1770047202.382:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10312 comm="syz.2.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 650.360609][T10408] xt_hashlimit: size too large, truncated to 1048576 [ 652.324104][T10425] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1723'. [ 655.646667][T10468] program syz.6.1731 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 655.787292][T10473] loop4: detected capacity change from 0 to 128 [ 655.851245][T10475] device batadv_slave_1 entered promiscuous mode [ 655.882535][T10471] device batadv_slave_1 left promiscuous mode [ 655.906615][T10477] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 655.915524][T10477] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 655.924358][T10477] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 655.933120][T10477] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 656.137970][T10473] EXT4-fs (loop4): Ignoring removed nobh option [ 656.152744][T10477] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.161871][T10477] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.170851][T10477] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.179839][T10477] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.274220][T10473] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,max_dir_size_kb=0x0000000000000004,,errors=continue. Quota mode: none. [ 656.321505][T10473] ext4 filesystem being mounted at /340/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 656.413922][T10491] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1736'. [ 656.498032][T10482] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 656.506866][T10482] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 656.516200][T10482] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 656.525118][T10482] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 656.746706][T10482] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.755823][T10482] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.764785][T10482] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 656.773732][T10482] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 657.913361][T10511] loop6: detected capacity change from 0 to 1024 [ 658.055550][T10511] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 658.476493][T10511] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3887: comm syz.6.1742: Allocating blocks 385-513 which overlap fs metadata [ 659.049509][T10511] EXT4-fs (loop6): pa ffff888073467ee0: logic 16, phys. 129, len 24 [ 659.058187][T10511] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4904: group 0, free 0, pa_free 8 [ 661.258158][T10545] overlayfs: missing 'lowerdir' [ 662.374406][T10560] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1751'. [ 663.471788][T10584] loop5: detected capacity change from 0 to 1024 [ 665.787859][T10584] EXT4-fs (loop5): Ignoring removed oldalloc option [ 666.328779][T10584] EXT4-fs (loop5): mounted filesystem without journal. Opts: stripe=0x0000000000000003,noauto_da_alloc,jqfmt=vfsold,sysvgroups,noauto_da_alloc,delalloc,resuid=0x0000000000000000,oldalloc,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 669.700367][T10628] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1766'. [ 671.019341][T10647] loop4: detected capacity change from 0 to 4096 [ 671.087866][T10647] EXT4-fs (loop4): Ignoring removed bh option [ 671.094457][T10647] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 672.017760][T10647] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,bh,grpquota,mblk_io_submit,,errors=continue. Quota mode: writeback. [ 672.114397][T10668] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 672.475482][T10647] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #15: comm syz.4.1773: corrupted inode contents [ 673.952146][T10647] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #15: comm syz.4.1773: mark_inode_dirty error [ 674.187844][T10647] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #15: comm syz.4.1773: corrupted inode contents [ 674.259306][T10647] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #15: comm syz.4.1773: mark_inode_dirty error [ 674.338223][T10647] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #15: comm syz.4.1773: corrupted inode contents [ 674.457801][T10647] EXT4-fs error (device loop4): ext4_truncate:4279: inode #15: comm syz.4.1773: mark_inode_dirty error [ 674.521656][T10647] EXT4-fs error (device loop4): ext4_evict_inode:293: comm syz.4.1773: couldn't truncate inode 15 (err -117) [ 674.886063][T10691] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1780'. [ 674.918172][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1780'. [ 674.967482][T10691] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.976616][T10691] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.985378][T10691] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 674.994115][T10691] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 675.209733][T10693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1780'. [ 675.263823][T10693] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1780'. [ 678.555077][ T26] audit: type=1800 audit(1770047236.632:453): pid=10741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1790" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 679.076029][ T26] audit: type=1326 audit(1770047237.152:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 679.190535][ T26] audit: type=1326 audit(1770047237.152:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 679.296822][ T26] audit: type=1326 audit(1770047237.152:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 679.444448][ T26] audit: type=1326 audit(1770047237.152:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 679.577818][ T26] audit: type=1326 audit(1770047237.152:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 679.686930][T10759] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1795'. [ 679.736682][ T26] audit: type=1326 audit(1770047237.152:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 679.791084][T10759] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1795'. [ 679.845897][ T26] audit: type=1326 audit(1770047237.152:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 679.893937][T10761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1795'. [ 679.936785][T10761] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1795'. [ 679.976654][ T26] audit: type=1326 audit(1770047237.152:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 680.098219][ T26] audit: type=1326 audit(1770047237.152:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10729 comm="syz.2.1791" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63e475beb9 code=0x7ffc0000 [ 680.559121][T10773] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1798'. [ 682.846030][T10801] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 682.853360][T10799] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1804'. [ 684.433972][T10815] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1808'. [ 684.443041][T10815] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1808'. [ 684.456566][T10815] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 684.465536][T10815] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 684.474387][T10815] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 684.483108][T10815] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 684.529601][T10817] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1808'. [ 684.638562][T10817] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1808'. [ 684.897323][T10828] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1812'. [ 685.729754][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.736224][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.116949][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 687.116964][ T26] audit: type=1800 audit(1770047245.192:470): pid=10834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1809" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 690.252863][ T26] audit: type=1326 audit(1770047248.332:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10844 comm="syz.1.1817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 690.466547][ T26] audit: type=1326 audit(1770047248.332:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10844 comm="syz.1.1817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 691.837046][T10878] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1824'. [ 694.345832][T10896] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1831'. [ 694.387013][T10896] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1831'. [ 694.472709][T10901] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1831'. [ 694.581905][T10901] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1831'. [ 696.630314][T10887] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 696.904671][T10915] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1837'. [ 697.363957][ T26] audit: type=1326 audit(1770047255.442:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 697.480866][ T26] audit: type=1326 audit(1770047255.442:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 697.526411][ T26] audit: type=1326 audit(1770047255.442:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 697.558370][ T26] audit: type=1326 audit(1770047255.442:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 697.591930][ T26] audit: type=1326 audit(1770047255.442:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 697.690865][ T26] audit: type=1326 audit(1770047255.442:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 697.771264][ T26] audit: type=1326 audit(1770047255.442:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 699.320223][ T26] audit: type=1326 audit(1770047255.442:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 699.651821][ T26] audit: type=1326 audit(1770047255.442:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 699.728110][ T26] audit: type=1326 audit(1770047255.442:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10906 comm="syz.6.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 700.235731][T10930] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1841'. [ 701.062961][T10938] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1845'. [ 701.523914][T10938] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1845'. [ 701.549008][T10944] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1845'. [ 701.587888][T10944] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1845'. [ 702.968119][T10948] overlayfs: missing 'workdir' [ 703.086296][T10951] loop2: detected capacity change from 0 to 512 [ 703.266022][T10951] EXT4-fs error (device loop2): ext4_xattr_inode_iget:406: comm syz.2.1848: error while reading EA inode 32 err=-116 [ 703.414443][T10951] EXT4-fs (loop2): Remounting filesystem read-only [ 704.237630][T10951] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2806: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 705.064561][T10951] EXT4-fs error (device loop2): ext4_xattr_inode_iget:406: comm syz.2.1848: error while reading EA inode 32 err=-116 [ 705.371036][T10951] EXT4-fs (loop2): Remounting filesystem read-only [ 705.467390][T10951] EXT4-fs (loop2): 1 orphan inode deleted [ 705.477171][T10951] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,discard,debug_want_extra_isize=0x000000000000005e,noauto_da_alloc,bsdgroups,jqfmt=vfsv1,abort,data_err=ignore,. Quota mode: none. [ 705.897212][T10985] loop1: detected capacity change from 0 to 256 [ 705.906401][T10986] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 705.959735][T10988] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1860'. [ 706.077226][T10985] FAT-fs (loop1): Directory bread(block 64) failed [ 706.137202][T10985] FAT-fs (loop1): Directory bread(block 65) failed [ 706.169342][T10990] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1862'. [ 706.186582][T10985] FAT-fs (loop1): Directory bread(block 66) failed [ 706.235991][T10985] FAT-fs (loop1): Directory bread(block 67) failed [ 706.252808][T10985] FAT-fs (loop1): Directory bread(block 68) failed [ 706.275716][T10985] FAT-fs (loop1): Directory bread(block 69) failed [ 706.303086][T10985] FAT-fs (loop1): Directory bread(block 70) failed [ 706.316787][T10985] FAT-fs (loop1): Directory bread(block 71) failed [ 706.336605][T10985] FAT-fs (loop1): Directory bread(block 72) failed [ 706.362463][T10985] FAT-fs (loop1): Directory bread(block 73) failed [ 706.588865][T10985] attempt to access beyond end of device [ 706.588865][T10985] loop1: rw=524288, want=1772, limit=256 [ 706.627984][T10985] attempt to access beyond end of device [ 706.627984][T10985] loop1: rw=0, want=1772, limit=256 [ 706.639572][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 706.639587][ T26] audit: type=1800 audit(1770047264.722:496): pid=10985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1858" name="file1" dev="loop1" ino=1048617 res=0 errno=0 [ 706.668051][T10985] attempt to access beyond end of device [ 706.668051][T10985] loop1: rw=0, want=1772, limit=256 [ 708.807802][ T26] audit: type=1326 audit(1770047266.872:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.099750][ T26] audit: type=1326 audit(1770047266.872:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.157575][T11018] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1872'. [ 709.207546][ T26] audit: type=1326 audit(1770047266.872:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.255096][T11020] loop5: detected capacity change from 0 to 128 [ 709.272585][ T26] audit: type=1326 audit(1770047266.872:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.335953][ T26] audit: type=1326 audit(1770047266.872:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.359042][T11020] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 709.494075][ T26] audit: type=1326 audit(1770047266.872:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.637417][ T26] audit: type=1326 audit(1770047266.872:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.721846][ T26] audit: type=1326 audit(1770047266.872:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 709.833476][ T26] audit: type=1326 audit(1770047266.872:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10993 comm="syz.4.1863" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 710.952573][T11048] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1883'. [ 710.993589][T11048] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1883'. [ 711.040332][T11049] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1883'. [ 711.091866][T11049] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1883'. [ 711.102122][T11051] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1884'. [ 712.126891][T11066] device syzkaller0 entered promiscuous mode [ 712.838979][T11070] loop4: detected capacity change from 0 to 8192 [ 713.547346][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 713.547364][ T26] audit: type=1326 audit(1770047271.622:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11074 comm="syz.5.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 713.709930][ T26] audit: type=1326 audit(1770047271.622:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11074 comm="syz.5.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 713.774128][T11080] loop4: detected capacity change from 0 to 2048 [ 713.799125][ T26] audit: type=1326 audit(1770047271.622:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11074 comm="syz.5.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 713.801211][T11079] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1896'. [ 713.822186][ T26] audit: type=1326 audit(1770047271.632:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11074 comm="syz.5.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 713.916511][T11080] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 713.938624][T11079] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1896'. [ 714.013030][T11084] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1896'. [ 714.029272][T11084] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1896'. [ 714.037943][ T26] audit: type=1326 audit(1770047271.632:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11074 comm="syz.5.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 714.108732][T11086] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1897'. [ 714.118574][ T26] audit: type=1326 audit(1770047271.632:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11074 comm="syz.5.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 714.162242][ T26] audit: type=1326 audit(1770047271.632:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11074 comm="syz.5.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 715.728419][T11112] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 716.033676][T11117] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1908'. [ 716.102697][T11117] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1908'. [ 716.118036][T11118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1908'. [ 716.143480][T11118] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1908'. [ 716.515146][T11122] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1910'. [ 719.827972][ T26] audit: type=1326 audit(1770047277.642:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 720.267953][ T26] audit: type=1326 audit(1770047277.642:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 720.290669][ T26] audit: type=1326 audit(1770047277.652:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 720.315317][ T26] audit: type=1326 audit(1770047277.652:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 720.357812][ T26] audit: type=1326 audit(1770047277.652:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 720.432219][ T26] audit: type=1326 audit(1770047277.652:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 720.536689][ T26] audit: type=1326 audit(1770047277.652:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 720.714464][T11181] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1932'. [ 721.481488][ T26] audit: type=1326 audit(1770047277.652:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 721.644336][ T26] audit: type=1326 audit(1770047277.652:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 721.933548][ T26] audit: type=1326 audit(1770047277.652:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11150 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 722.421757][T11197] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1937'. [ 722.518686][T11197] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1937'. [ 722.551710][T11198] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 722.618392][T11201] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1937'. [ 722.704558][T11201] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1937'. [ 723.700730][T11223] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1946'. [ 723.712918][ T6735] Bluetooth: hci3: command 0x0406 tx timeout [ 725.725392][T11240] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1951'. [ 725.725417][T11240] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1951'. [ 725.726123][T11240] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1951'. [ 725.726139][T11240] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1951'. [ 727.610664][T11263] xt_hashlimit: size too large, truncated to 1048576 [ 727.934335][T11265] ipt_CLUSTERIP: Please specify destination IP [ 729.797798][ T1107] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 730.097741][ T1107] usb 7-1: Using ep0 maxpacket: 8 [ 730.217825][ T1107] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 730.244728][ T1107] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 730.339435][ T1107] pvrusb2: Hardware description: Terratec Grabster AV400 [ 730.366448][ T1107] pvrusb2: ********** [ 730.397705][ T1107] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 730.427539][ T1107] pvrusb2: Important functionality might not be entirely working. [ 730.472840][ T1107] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 730.558617][ T1107] pvrusb2: ********** [ 730.618685][ T2421] pvrusb2: Invalid write control endpoint [ 730.627139][ T1107] usb 7-1: USB disconnect, device number 4 [ 730.781593][ T2421] pvrusb2: Invalid write control endpoint [ 730.796685][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 730.873814][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 730.897754][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 730.910304][T11279] IPVS: nq: FWM 3 0x00000003 - no destination available [ 730.930844][ T2421] pvrusb2: Device being rendered inoperable [ 730.936818][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 730.954792][ C1] IPVS: nq: FWM 3 0x00000003 - no destination available [ 730.963434][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 731.042140][ T2421] pvrusb2: Attached sub-driver cx25840 [ 731.074462][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 731.094953][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 732.012454][T11293] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 733.369978][T11295] loop2: detected capacity change from 0 to 7 [ 733.403301][T11295] Dev loop2: unable to read RDB block 7 [ 733.463708][T11295] loop2: AHDI p1 p2 p3 [ 733.487802][T11295] loop2: partition table partially beyond EOD, truncated [ 733.505073][T11295] loop2: p1 start 1818582900 is beyond EOD, truncated [ 733.542613][T11295] loop2: p3 start 335544320 is beyond EOD, truncated [ 734.549587][T11308] loop2: detected capacity change from 0 to 128 [ 734.689496][T11308] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 734.700510][T11308] ext4 filesystem being mounted at /429/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 736.577742][T10552] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 736.827799][T10552] usb 3-1: Using ep0 maxpacket: 8 [ 736.958160][T10552] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 736.987594][T10552] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 737.113462][T10552] pvrusb2: Hardware description: Terratec Grabster AV400 [ 737.121676][T10552] pvrusb2: ********** [ 737.130957][T10552] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 737.168202][T10552] pvrusb2: Important functionality might not be entirely working. [ 737.216787][T10552] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 737.257731][T10552] pvrusb2: ********** [ 737.340289][ T2421] pvrusb2: Invalid write control endpoint [ 737.349153][T10552] usb 3-1: USB disconnect, device number 12 [ 737.436032][ T2421] pvrusb2: Invalid write control endpoint [ 737.443399][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 737.510633][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 737.571661][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 737.657966][ T2421] pvrusb2: Device being rendered inoperable [ 737.696763][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 737.755063][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 737.780750][ T2421] pvrusb2: Attached sub-driver cx25840 [ 737.786265][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 737.847784][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 738.214229][T11331] loop6: detected capacity change from 0 to 2048 [ 738.398288][T11337] mmap: syz.2.1984 (11337): VmData 50147328 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data. [ 738.661349][T11333] loop4: detected capacity change from 0 to 8192 [ 738.695072][T11331] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,noload,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 738.801332][T11333] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 738.811396][T11333] FAT-fs (loop4): Filesystem has been set read-only [ 738.822025][T11333] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 739.069055][T11330] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 739.104942][T11330] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 452 with error 28 [ 739.185341][T11351] loop4: detected capacity change from 0 to 256 [ 739.196685][T11330] EXT4-fs (loop6): This should not happen!! Data will be lost [ 739.196685][T11330] [ 739.268813][T11330] EXT4-fs (loop6): Total free blocks count 0 [ 739.320988][T11330] EXT4-fs (loop6): Free/Dirty block details [ 739.363794][T11330] EXT4-fs (loop6): free_blocks=2415919504 [ 739.419597][T11330] EXT4-fs (loop6): dirty_blocks=1120 [ 739.446908][T11330] EXT4-fs (loop6): Block reservation details [ 739.482185][T11330] EXT4-fs (loop6): i_reserved_data_blocks=77 [ 740.408480][T11331] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28 [ 740.465605][T11331] EXT4-fs (loop6): This should not happen!! Data will be lost [ 740.465605][T11331] [ 741.017372][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1996'. [ 741.045616][T11380] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1996'. [ 741.148662][T11383] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2000'. [ 741.410146][T11399] Non-string source [ 743.057760][T10552] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 744.864487][T10552] usb 3-1: Using ep0 maxpacket: 8 [ 744.927878][T10552] usb 3-1: device descriptor read/all, error -71 [ 744.982546][T11416] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2012'. [ 745.019487][T11416] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2012'. [ 745.676269][T11448] loop2: detected capacity change from 0 to 512 [ 745.891447][T11448] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 745.989782][T11457] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2026'. [ 746.115287][T11448] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 746.137857][ T4250] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 746.163085][T11457] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2026'. [ 746.248828][T11448] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 746.365332][T11448] System zones: 0-2, 18-18, 34-35 [ 746.447818][ T4250] usb 5-1: Using ep0 maxpacket: 8 [ 746.585346][ T4250] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 747.173207][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.180571][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.361070][T11448] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 747.404704][ T4250] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 747.712763][ T4250] pvrusb2: Hardware description: Terratec Grabster AV400 [ 747.876985][ T4250] pvrusb2: ********** [ 747.964106][ T4250] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 748.170198][ T4250] pvrusb2: Important functionality might not be entirely working. [ 748.320946][ T4250] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 748.506483][ T4250] pvrusb2: ********** [ 748.591362][ T2421] pvrusb2: Invalid write control endpoint [ 748.614198][ T4250] usb 5-1: USB disconnect, device number 10 [ 748.622855][T11466] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2028'. [ 748.818299][ T2421] pvrusb2: Invalid write control endpoint [ 748.834433][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 748.884215][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 748.913668][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 748.946434][ T2421] pvrusb2: Device being rendered inoperable [ 748.970325][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 748.985975][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 749.015170][ T2421] pvrusb2: Attached sub-driver cx25840 [ 749.035922][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 750.471844][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 750.583405][T11495] loop6: detected capacity change from 0 to 512 [ 750.742220][T11495] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 750.742320][T11495] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 751.243805][T11521] loop6: detected capacity change from 0 to 1024 [ 751.288354][T11523] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2044'. [ 751.343245][T11521] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 751.446306][ T26] kauditd_printk_skb: 13 callbacks suppressed [ 751.446323][ T26] audit: type=1800 audit(1770047309.522:550): pid=11521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2043" name="bus" dev="loop6" ino=18 res=0 errno=0 [ 751.521580][ T26] audit: type=1800 audit(1770047309.592:551): pid=11521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2043" name="bus" dev="loop6" ino=18 res=0 errno=0 [ 751.644838][T11528] loop2: detected capacity change from 0 to 128 [ 751.716596][ T4173] udevd[4173]: incorrect ext4 checksum on /dev/loop2 [ 751.723737][T11528] EXT4-fs (loop2): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 751.899669][T11532] loop6: detected capacity change from 0 to 512 [ 751.991087][T11532] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2047'. [ 752.227105][T11539] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2051'. [ 752.293675][T11539] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2051'. [ 753.039531][T11554] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2056'. [ 753.078800][T11552] loop1: detected capacity change from 0 to 1024 [ 753.204731][T11552] EXT4-fs error (device loop1): ext4_quota_enable:6438: comm syz.1.2057: Bad quota inum: 2, type: 0 [ 753.236644][T11552] EXT4-fs warning (device loop1): ext4_enable_quotas:6486: Failed to enable quota tracking (type=0, err=-117, ino=2). Please run e2fsck to fix. [ 753.389708][T11552] EXT4-fs (loop1): mount failed [ 753.402905][T11559] loop2: detected capacity change from 0 to 512 [ 753.637855][T11559] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 753.655073][T11563] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2061'. [ 753.674983][T11559] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 753.717796][T11559] System zones: 1-12 [ 753.779269][T11559] EXT4-fs (loop2): orphan cleanup on readonly fs [ 753.828139][T11559] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #11: comm syz.2.2058: attempt to clear invalid blocks 1024 len 1 [ 753.857900][T11559] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.2058: bg 0: block 361: padding at end of block bitmap is not set [ 753.913676][T11559] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 753.954786][T11559] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2058: invalid indirect mapped block 1811939328 (level 0) [ 754.003260][T11559] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.2058: invalid indirect mapped block 2 (level 2) [ 754.045436][T11559] EXT4-fs (loop2): 1 truncate cleaned up [ 754.097742][T11559] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,,errors=continue. Quota mode: none. [ 754.539770][ T26] audit: type=1326 audit(1770047312.572:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 754.644598][ T26] audit: type=1326 audit(1770047312.572:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 754.761878][ T26] audit: type=1326 audit(1770047312.572:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 754.812360][ T26] audit: type=1326 audit(1770047312.572:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 754.835238][ T26] audit: type=1326 audit(1770047312.572:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 754.886626][ T26] audit: type=1326 audit(1770047312.572:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 754.967900][T11582] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2069'. [ 754.973679][ T26] audit: type=1326 audit(1770047312.572:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 754.973722][ T26] audit: type=1326 audit(1770047312.572:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11572 comm="syz.4.2065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 755.375376][T11596] loop6: detected capacity change from 0 to 1024 [ 755.448086][T11598] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2073'. [ 755.512634][T11596] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 756.609774][T11621] loop1: detected capacity change from 0 to 512 [ 756.661858][T11621] EXT4-fs (loop1): orphan cleanup on readonly fs [ 756.705691][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 756.705708][ T26] audit: type=1326 audit(1770047314.782:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 756.727194][T11621] EXT4-fs warning (device loop1): ext4_xattr_inode_get:492: inode #11: comm syz.1.2081: ea_inode file size=4 entry size=6 [ 756.760935][ T26] audit: type=1326 audit(1770047314.842:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 756.803776][T11621] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2806: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 756.828393][T11621] EXT4-fs error (device loop1): ext4_do_update_inode:5222: inode #15: comm syz.1.2081: corrupted inode contents [ 756.840534][ T26] audit: type=1326 audit(1770047314.842:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 756.893753][ T26] audit: type=1326 audit(1770047314.842:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 756.898968][T11621] EXT4-fs (loop1): Remounting filesystem read-only [ 756.946910][ T26] audit: type=1326 audit(1770047314.882:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 756.990346][T11621] EXT4-fs error (device loop1): ext4_dirty_inode:6058: inode #15: comm syz.1.2081: mark_inode_dirty error [ 757.027501][T11621] EXT4-fs (loop1): Remounting filesystem read-only [ 757.042373][T11621] EXT4-fs error (device loop1): ext4_do_update_inode:5222: inode #15: comm syz.1.2081: corrupted inode contents [ 757.055292][ T26] audit: type=1326 audit(1770047314.882:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 757.079876][ T26] audit: type=1326 audit(1770047314.882:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 757.102640][T11621] EXT4-fs (loop1): Remounting filesystem read-only [ 757.112708][T11621] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2951: inode #15: comm syz.1.2081: mark_inode_dirty error [ 757.133365][T11621] EXT4-fs (loop1): Remounting filesystem read-only [ 757.140600][ T26] audit: type=1326 audit(1770047314.882:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 757.175721][T11621] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2954: inode #15: comm syz.1.2081: mark inode dirty (error -117) [ 757.203688][T11621] EXT4-fs (loop1): Remounting filesystem read-only [ 757.215399][ T26] audit: type=1326 audit(1770047314.882:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 757.259941][T11621] EXT4-fs warning (device loop1): ext4_evict_inode:302: xattr delete (err -117) [ 757.291717][T11621] EXT4-fs (loop1): 1 orphan inode deleted [ 757.305930][T11621] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000005c,nouid32,resgid=0x0000000000000000,errors=remount-ro,init_itable=0x0000000000008d55,. Quota mode: none. [ 757.351715][ T26] audit: type=1326 audit(1770047314.882:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11624 comm="syz.6.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7faab51cceb9 code=0x7ffc0000 [ 758.705639][T11656] loop2: detected capacity change from 0 to 4096 [ 758.960236][T11656] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 759.096316][T11666] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2098'. [ 760.654369][T11706] loop4: detected capacity change from 0 to 736 [ 761.262725][T11721] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2116'. [ 761.310389][T11721] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2116'. [ 761.356166][T11722] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2116'. [ 761.407280][T11722] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2116'. [ 761.430864][T11719] loop4: detected capacity change from 0 to 8192 [ 761.526445][T11719] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 761.862255][ T26] kauditd_printk_skb: 42 callbacks suppressed [ 761.862272][ T26] audit: type=1326 audit(1770047319.942:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.031848][T11718] loop2: detected capacity change from 0 to 8192 [ 762.184243][T11734] loop6: detected capacity change from 0 to 1024 [ 762.205497][ T26] audit: type=1326 audit(1770047319.942:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.285409][ T26] audit: type=1326 audit(1770047319.942:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.308997][ T26] audit: type=1326 audit(1770047319.942:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.309035][ T26] audit: type=1326 audit(1770047319.942:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.309068][ T26] audit: type=1326 audit(1770047319.972:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.309100][ T26] audit: type=1326 audit(1770047319.972:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.309132][ T26] audit: type=1326 audit(1770047319.972:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.309163][ T26] audit: type=1326 audit(1770047319.972:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.309194][ T26] audit: type=1326 audit(1770047319.972:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11726 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 762.444994][T11734] EXT4-fs (loop6): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,noquota,delalloc,journal_dev=0x0000000000000009,nodioread_nolock,,errors=continue. Quota mode: none. [ 762.588765][T11734] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 762.751786][T11759] loop4: detected capacity change from 0 to 128 [ 762.827108][T11759] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 762.898340][T11759] ext4 filesystem being mounted at /434/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 762.951491][T11767] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2127'. [ 763.033919][T11767] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2127'. [ 763.050563][T11771] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2127'. [ 763.069092][T11771] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2127'. [ 763.178293][T11775] batman_adv: batadv0: Adding interface: dummy0 [ 763.184607][T11775] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 763.194275][T11782] loop6: detected capacity change from 0 to 512 [ 763.299145][T11775] batman_adv: batadv0: Interface activated: dummy0 [ 763.318307][T11780] batadv0: mtu less than device minimum [ 763.340579][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.353841][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.366702][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.379415][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.391975][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.404973][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.417799][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.430648][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.443322][T11780] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 763.500218][T11785] loop1: detected capacity change from 0 to 512 [ 763.653954][T11785] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 763.684169][T11785] ext4 filesystem being mounted at /390/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 763.996547][T11807] loop6: detected capacity change from 0 to 1024 [ 764.169161][T11807] EXT4-fs (loop6): Ignoring removed mblk_io_submit option [ 764.195964][T11813] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2145'. [ 764.198321][T11807] EXT4-fs (loop6): Ignoring removed nobh option [ 764.277745][T11813] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2145'. [ 764.300489][T11807] EXT4-fs (loop6): mounted filesystem without journal. Opts: mblk_io_submit,nobh,barrier,noquota,bsdgroups,,errors=continue. Quota mode: none. [ 764.343778][T11820] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2145'. [ 764.361836][T11820] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2145'. [ 764.555575][T11829] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2150'. [ 764.565100][T11829] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2150'. [ 764.596193][T11827] loop2: detected capacity change from 0 to 1024 [ 764.606517][T11831] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2152'. [ 764.744327][T11827] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 764.790195][T11837] loop1: detected capacity change from 0 to 2048 [ 764.857610][T11837] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 765.047011][T11837] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug_want_extra_isize=0x0000000000000004,usrquota,errors=remount-ro,dioread_lock,max_batch_time=0x0000000000000005,mblk_io_submit,minixdf,barrier=0x0000000000000000,nombcache,bsddf,. Quota mode: writeback. [ 765.082385][T11827] EXT4-fs (loop2): shut down requested (0) [ 765.131999][T11837] device syzkaller1 entered promiscuous mode [ 765.265747][T11847] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2157'. [ 765.643681][T11860] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2160'. [ 765.691761][T11860] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2160'. [ 766.347233][T11878] device syzkaller0 entered promiscuous mode [ 768.077913][ T4250] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 768.357776][ T4250] usb 2-1: Using ep0 maxpacket: 8 [ 768.494700][ T4250] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 768.836194][ T4250] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 769.181681][ T4250] pvrusb2: Hardware description: Terratec Grabster AV400 [ 769.264394][T11903] loop4: detected capacity change from 0 to 128 [ 769.284253][ T4250] pvrusb2: ********** [ 769.358218][ T4250] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 769.515243][T11903] EXT4-fs (loop4): Ignoring removed nobh option [ 769.543194][ T4250] pvrusb2: Important functionality might not be entirely working. [ 769.596949][T11903] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,abort,,errors=continue. Quota mode: none. [ 769.605427][ T4250] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 769.634936][ T4250] pvrusb2: ********** [ 769.654017][T11903] ext4 filesystem being mounted at /450/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 769.672788][ T2421] pvrusb2: Invalid write control endpoint [ 769.737453][T11903] EXT4-fs error (device loop4): __ext4_find_entry:1696: inode #2: comm syz.4.2177: checksumming directory block 0 [ 769.753801][ T4250] usb 2-1: USB disconnect, device number 10 [ 769.881583][ T2421] pvrusb2: Invalid write control endpoint [ 769.888256][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 769.898662][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 769.907062][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 769.987124][ T2421] pvrusb2: Device being rendered inoperable [ 769.993542][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 770.003817][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 770.018957][ T2421] pvrusb2: Attached sub-driver cx25840 [ 770.024593][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 770.042106][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 770.263165][T11928] __nla_validate_parse: 4 callbacks suppressed [ 770.263184][T11928] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2185'. [ 770.506835][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 770.507046][ T26] audit: type=1326 audit(1770047328.562:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 771.247929][ T26] audit: type=1326 audit(1770047328.562:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 771.274769][ T26] audit: type=1326 audit(1770047328.562:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 771.297604][ T26] audit: type=1326 audit(1770047328.562:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 772.424820][ T26] audit: type=1326 audit(1770047328.562:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 772.681398][ T26] audit: type=1326 audit(1770047328.572:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 772.927033][ T26] audit: type=1326 audit(1770047328.572:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 772.949742][ T26] audit: type=1326 audit(1770047328.572:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 772.977826][ T26] audit: type=1326 audit(1770047328.572:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 772.981883][T11944] loop4: detected capacity change from 0 to 512 [ 773.000558][ T26] audit: type=1326 audit(1770047328.572:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11923 comm="syz.1.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feaad993eb9 code=0x7ffc0000 [ 773.101891][T11951] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2193'. [ 773.111079][T11944] EXT4-fs (loop4): Ignoring removed bh option [ 773.119610][T11951] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2193'. [ 773.131048][T11951] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2193'. [ 773.146233][T11951] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2193'. [ 773.201872][T11944] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 773.252783][T11944] ext4 filesystem being mounted at /454/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 773.270090][T11959] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2196'. [ 773.279305][T11959] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2196'. [ 774.449281][ T4250] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 774.695886][ T4250] usb 3-1: Using ep0 maxpacket: 8 [ 774.808156][ T4250] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 774.808254][ T4250] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 774.902783][ T4250] pvrusb2: Hardware description: Terratec Grabster AV400 [ 774.903279][ T4250] pvrusb2: ********** [ 774.903716][ T4250] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 774.904205][ T4250] pvrusb2: Important functionality might not be entirely working. [ 774.904631][ T4250] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 774.905050][ T4250] pvrusb2: ********** [ 775.157741][T11969] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2198'. [ 775.319821][ T2421] pvrusb2: Invalid write control endpoint [ 775.327952][ T4250] usb 3-1: USB disconnect, device number 15 [ 775.359195][ T2421] pvrusb2: Invalid write control endpoint [ 775.527485][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 775.527501][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 775.527510][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 775.527520][ T2421] pvrusb2: Device being rendered inoperable [ 775.527592][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 775.532349][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 775.578205][ T2421] pvrusb2: Attached sub-driver cx25840 [ 775.578221][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 775.578230][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 777.308025][T11996] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2207'. [ 777.308052][T11996] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2207'. [ 777.308627][T11996] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2207'. [ 777.308645][T11996] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2207'. [ 777.730056][T12016] loop1: detected capacity change from 0 to 128 [ 777.794646][T12016] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 777.794767][T12016] ext4 filesystem being mounted at /409/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 779.978294][ T1107] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 780.267911][ T1107] usb 2-1: Using ep0 maxpacket: 8 [ 780.388536][ T1107] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 780.568904][ T1107] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 780.667778][ T1107] pvrusb2: Hardware description: Terratec Grabster AV400 [ 780.783788][ T1107] pvrusb2: ********** [ 780.808236][ T1107] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 780.910012][ T1107] pvrusb2: Important functionality might not be entirely working. [ 781.023513][ T1107] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 781.082356][ T1107] pvrusb2: ********** [ 781.123289][ T2421] pvrusb2: Invalid write control endpoint [ 781.124437][ T1107] usb 2-1: USB disconnect, device number 11 [ 781.151452][T12050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2222'. [ 781.160744][T12050] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2222'. [ 781.236137][T12057] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2222'. [ 781.257540][ T2421] pvrusb2: Invalid write control endpoint [ 781.269158][T12057] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2222'. [ 781.286659][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 781.337205][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 781.389237][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 781.483426][ T2421] pvrusb2: Device being rendered inoperable [ 781.493169][T12063] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2226'. [ 781.512811][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 781.536458][T12068] loop2: detected capacity change from 0 to 128 [ 781.563406][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 781.585077][T12069] loop1: detected capacity change from 0 to 1024 [ 781.604379][ T2421] pvrusb2: Attached sub-driver cx25840 [ 781.625460][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 781.638118][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 781.679892][T12069] EXT4-fs (loop1): Ignoring removed bh option [ 781.738289][T12068] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 781.776754][T12068] ext4 filesystem being mounted at /486/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 781.870573][T12069] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,abort,resgid=0x0000000000000000,bh,nouid32,,errors=continue. Quota mode: writeback. [ 781.956528][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 781.956543][ T26] audit: type=1326 audit(1770047340.032:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 781.991390][ T26] audit: type=1326 audit(1770047340.032:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.017592][ T26] audit: type=1326 audit(1770047340.032:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.054850][ T26] audit: type=1326 audit(1770047340.032:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.056955][ T26] audit: type=1326 audit(1770047340.032:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.073424][ T26] audit: type=1326 audit(1770047340.032:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.073457][ T26] audit: type=1326 audit(1770047340.042:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.073475][ T26] audit: type=1326 audit(1770047340.042:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.073493][ T26] audit: type=1326 audit(1770047340.042:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.073523][ T26] audit: type=1326 audit(1770047340.042:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12075 comm="syz.5.2230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f223fb77eb9 code=0x7ffc0000 [ 782.836079][T12104] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2238'. [ 782.964579][T12104] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2238'. [ 782.974240][T12105] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2238'. [ 782.983530][T12105] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2238'. [ 783.507826][ T9061] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 784.286908][ T9061] usb 5-1: Using ep0 maxpacket: 8 [ 784.768083][ T9061] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 784.828548][ T9061] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 785.192673][ T9061] pvrusb2: Hardware description: Terratec Grabster AV400 [ 785.213366][ T9061] pvrusb2: ********** [ 785.217372][ T9061] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 785.313168][T12121] loop2: detected capacity change from 0 to 512 [ 785.318978][ T9061] pvrusb2: Important functionality might not be entirely working. [ 785.384009][ T9061] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 785.401456][ T9061] pvrusb2: ********** [ 785.403413][T12123] loop1: detected capacity change from 0 to 128 [ 785.439421][T12121] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 785.439469][ T2421] pvrusb2: Invalid write control endpoint [ 785.481172][ T9061] usb 5-1: USB disconnect, device number 11 [ 785.502228][T12121] EXT4-fs (loop2): 1 truncate cleaned up [ 785.511117][T12123] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 785.524351][T12121] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,bsdgroups,errors=remount-ro,max_batch_time=0x0000000000000004,. Quota mode: none. [ 785.553131][T12123] ext4 filesystem being mounted at /414/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 785.711895][ T2421] pvrusb2: Invalid write control endpoint [ 785.726582][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 785.780952][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 785.840217][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 785.877771][ T2421] pvrusb2: Device being rendered inoperable [ 785.904751][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 785.910254][T12135] loop2: detected capacity change from 0 to 128 [ 785.927441][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 785.946122][ T2421] pvrusb2: Attached sub-driver cx25840 [ 785.965709][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 786.003567][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 786.074966][T12144] loop1: detected capacity change from 0 to 256 [ 786.136667][T12135] EXT4-fs (loop2): mounted filesystem without journal. Opts: usrquota,nodelalloc,,errors=continue. Quota mode: writeback. [ 786.160168][T12142] loop4: detected capacity change from 0 to 128 [ 786.195422][T12135] ext4 filesystem being mounted at /490/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 786.241121][T12142] EXT4-fs (loop4): Ignoring removed nobh option [ 786.324180][T12142] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,abort,,errors=continue. Quota mode: none. [ 786.390981][T12142] ext4 filesystem being mounted at /458/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 786.768620][T12162] loop4: detected capacity change from 0 to 128 [ 786.871247][T12166] loop1: detected capacity change from 0 to 512 [ 786.878830][T12162] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 786.961847][T12162] ext4 filesystem being mounted at /460/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 787.040920][T12166] EXT4-fs (loop1): mounted filesystem without journal. Opts: sb=0x0000000000000001,errors=remount-ro,. Quota mode: writeback. [ 787.065250][T12166] ext4 filesystem being mounted at /418/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 788.974412][T12203] loop1: detected capacity change from 0 to 512 [ 789.101088][T12203] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.2272: invalid indirect mapped block 256 (level 2) [ 789.128529][T12203] EXT4-fs (loop1): 2 truncates cleaned up [ 789.134598][T12203] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,auto_da_alloc,lazytime,journal_dev=0x0000000000000006,,errors=continue. Quota mode: writeback. [ 791.554302][T12228] loop1: detected capacity change from 0 to 128 [ 791.678350][T12234] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2282'. [ 791.701432][T12228] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 791.745196][T12228] ext4 filesystem being mounted at /427/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 792.061975][T12243] loop1: detected capacity change from 0 to 128 [ 792.189686][T12243] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 792.217844][T12243] ext4 filesystem being mounted at /428/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 794.679032][T12285] loop1: detected capacity change from 0 to 128 [ 796.171765][T12285] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 796.240228][T12285] ext4 filesystem being mounted at /432/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 796.314657][T12305] Invalid ELF header len 1 [ 796.512453][T12313] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2313'. [ 796.552003][T12313] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2313'. [ 796.625587][T12320] netlink: 'syz.6.2316': attribute type 6 has an invalid length. [ 798.376416][T12342] loop4: detected capacity change from 0 to 512 [ 798.415479][T12347] loop1: detected capacity change from 0 to 128 [ 798.499682][T12347] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 798.514308][T12347] ext4 filesystem being mounted at /436/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 798.724792][T12342] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 798.742200][T12342] ext4 filesystem being mounted at /476/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 799.073598][T12361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2329'. [ 799.156070][ T26] kauditd_printk_skb: 6 callbacks suppressed [ 799.156087][ T26] audit: type=1326 audit(1770047357.232:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.156230][T12361] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2329'. [ 799.171649][ T26] audit: type=1326 audit(1770047357.232:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.374353][ T26] audit: type=1326 audit(1770047357.272:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.402753][ T26] audit: type=1326 audit(1770047357.272:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.474320][T12365] loop4: detected capacity change from 0 to 512 [ 799.477782][ T26] audit: type=1326 audit(1770047357.272:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.565062][ T26] audit: type=1326 audit(1770047357.272:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.596819][T12365] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.2331: bg 0: block 393: padding at end of block bitmap is not set [ 799.656122][ T26] audit: type=1326 audit(1770047357.272:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.679114][T12365] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 799.695369][ T26] audit: type=1326 audit(1770047357.272:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.699234][T12365] EXT4-fs (loop4): 2 truncates cleaned up [ 799.720020][ T26] audit: type=1326 audit(1770047357.282:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.747980][T12365] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 799.762649][ T26] audit: type=1326 audit(1770047357.392:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12362 comm="syz.4.2330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f37ef3cdeb9 code=0x7ffc0000 [ 799.787769][T12371] loop6: detected capacity change from 0 to 1024 [ 799.916097][T12371] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 799.971853][T12371] ext4 filesystem being mounted at /125/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 800.175289][ T4227] EXT4-fs error (device loop6): ext4_map_blocks:739: inode #15: comm kworker/u4:4: lblock 0 mapped to illegal pblock 0 (length 1) [ 800.198049][ T4227] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 800.217999][ T4227] EXT4-fs (loop6): This should not happen!! Data will be lost [ 800.217999][ T4227] [ 800.346461][T12384] rtc_cmos 00:00: Alarms can be up to one day in the future [ 802.169391][ T1108] rtc_cmos 00:00: Alarms can be up to one day in the future [ 802.229522][ T1108] rtc_cmos 00:00: Alarms can be up to one day in the future [ 802.307749][ T6735] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 802.315801][ T1108] rtc_cmos 00:00: Alarms can be up to one day in the future [ 802.336781][T12397] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2343'. [ 802.345768][T12399] loop2: detected capacity change from 0 to 512 [ 802.358423][ T1108] rtc_cmos 00:00: Alarms can be up to one day in the future [ 802.373288][ T1108] rtc rtc0: __rtc_set_alarm: err=-22 [ 802.384864][T12399] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 802.402250][T12397] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2343'. [ 802.440670][T12399] EXT4-fs (loop2): 1 truncate cleaned up [ 802.446383][T12399] EXT4-fs (loop2): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000004000,errors=remount-ro,max_batch_time=0x0000000000000004,. Quota mode: none. [ 802.567990][ T6735] usb 7-1: Using ep0 maxpacket: 8 [ 802.606238][T12411] loop4: detected capacity change from 0 to 512 [ 802.675023][T12411] EXT4-fs (loop4): Ignoring removed oldalloc option [ 802.709617][ T6735] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 802.722834][ T6735] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 802.725943][T12411] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nodiscard,oldalloc,,errors=continue. Quota mode: none. [ 802.779197][ T6735] pvrusb2: Hardware description: Terratec Grabster AV400 [ 802.788620][ T6735] pvrusb2: ********** [ 802.796504][ T6735] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 802.811522][ T6735] pvrusb2: Important functionality might not be entirely working. [ 802.822466][ T6735] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 802.834306][ T6735] pvrusb2: ********** [ 803.030266][ T2421] pvrusb2: Invalid write control endpoint [ 803.047316][ T6735] usb 7-1: USB disconnect, device number 5 [ 803.128095][T12429] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2355'. [ 803.166714][ T2421] pvrusb2: Invalid write control endpoint [ 803.204037][ T2421] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 803.217558][T12433] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2357'. [ 803.242300][ T2421] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 803.294701][ T2421] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 803.327911][ T2421] pvrusb2: Device being rendered inoperable [ 803.334027][ T2421] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 803.341742][ T2421] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 803.350330][ T2421] pvrusb2: Attached sub-driver cx25840 [ 803.356100][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 803.372403][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 803.482087][T12440] loop4: detected capacity change from 0 to 1024 [ 803.513079][T12441] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 803.568964][T12440] EXT4-fs (loop4): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,delalloc,journal_dev=0x0000000000000009,commit=0x0000000000000000,,errors=continue. Quota mode: none. [ 803.649852][T12440] ext4 filesystem being mounted at /488/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 803.796520][T12448] EXT4-fs error (device loop4): ext4_map_blocks:739: inode #15: comm syz.4.2360: lblock 0 mapped to illegal pblock 0 (length 4) [ 803.818434][T12450] ieee802154 phy0 wpan0: encryption failed: -22 [ 803.851684][T12448] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117 [ 803.953723][T12448] EXT4-fs (loop4): This should not happen!! Data will be lost [ 803.953723][T12448] [ 804.258720][ T9016] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm kworker/u4:8: bg 0: block 112: padding at end of block bitmap is not set [ 804.335776][ T9016] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 28 with max blocks 4 with error 117 [ 804.388960][ T9016] EXT4-fs (loop4): This should not happen!! Data will be lost [ 804.388960][ T9016] [ 804.656607][T12464] loop4: detected capacity change from 0 to 1024 [ 804.746957][T12464] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 804.777415][T12464] EXT4-fs (loop4): shut down requested (1) [ 806.766009][T12479] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2374'. [ 806.795593][T12481] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2375'. [ 806.867951][T12479] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2374'. [ 806.906485][T12488] loop4: detected capacity change from 0 to 512 [ 806.972762][T12488] EXT4-fs (loop4): Ignoring removed oldalloc option [ 807.045235][T12488] ------------[ cut here ]------------ [ 807.067512][T12488] WARNING: CPU: 0 PID: 12488 at mm/page_alloc.c:5462 __alloc_pages+0x39f/0x480 [ 807.068406][T12495] loop2: detected capacity change from 0 to 128 [ 807.110618][T12488] Modules linked in: [ 807.114587][T12488] CPU: 0 PID: 12488 Comm: syz.4.2378 Not tainted syzkaller #0 [ 807.136478][T12497] loop1: detected capacity change from 0 to 128 [ 807.166552][T12495] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 807.199878][T12499] netlink: 87 bytes leftover after parsing attributes in process `syz.5.2383'. [ 807.225186][T12495] ext4 filesystem being mounted at /505/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 807.242439][T12488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 807.324345][T12497] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 807.361591][T12488] RIP: 0010:__alloc_pages+0x39f/0x480 [ 807.367055][T12488] Code: 31 ff e9 b1 fe ff ff e8 0f 83 07 08 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 4f fd ff ff 4c 89 e7 e8 e6 bd 09 00 e9 42 fd ff ff <0f> 0b 45 31 ff e9 ee fe ff ff 65 44 8b 2d 77 af 4d 7e 41 83 fd 08 [ 807.411462][T12497] ext4 filesystem being mounted at /444/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 807.495314][T12488] RSP: 0018:ffffc90003e6f380 EFLAGS: 00010246 [ 807.527749][T12488] RAX: ffffc90003e6f3c0 RBX: 1ffff920007cde74 RCX: 0000000000000000 [ 807.537386][T12488] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003e6f3e8 [ 807.547064][T12488] RBP: ffffc90003e6f470 R08: ffffc90003e6f3e7 R09: ffffc90003e6f3c0 [ 807.558911][T12488] R10: dffffc0000000000 R11: fffff520007cde7d R12: dffffc0000000000 [ 807.566947][T12488] R13: 0000000000000000 R14: 0000000000040c40 R15: 000000000000000c [ 807.575298][T12488] FS: 00007f37ed6296c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 807.597787][T12488] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 807.604560][T12488] CR2: 00007f63e49a2198 CR3: 000000001f426000 CR4: 00000000003506f0 [ 807.612922][T12488] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 807.621760][T12488] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 807.630277][T12488] Call Trace: [ 807.633607][T12488] [ 807.636558][T12488] ? zone_statistics+0x170/0x170 [ 807.641790][T12488] kmalloc_large_node+0x7d/0x190 [ 807.646755][T12488] __kmalloc_node+0x232/0x3b0 [ 807.651593][T12488] ext4_expand_extra_isize_ea+0xd26/0x19b0 [ 807.657480][T12488] __ext4_expand_extra_isize+0x301/0x3e0 [ 807.664017][T12488] __ext4_mark_inode_dirty+0x469/0x700 [ 807.670883][T12488] ext4_evict_inode+0xa8d/0x1090 [ 807.675850][T12488] ? _raw_spin_unlock+0x24/0x40 [ 807.681149][T12488] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 807.687149][T12488] ? do_raw_spin_unlock+0x11d/0x230 [ 807.692579][T12488] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 807.698620][T12488] evict+0x4c9/0x8d0 [ 807.702646][T12488] ? proc_nr_inodes+0x320/0x320 [ 807.707527][T12488] ? do_raw_spin_unlock+0x11d/0x230 [ 807.712853][T12488] ? _raw_spin_unlock+0x24/0x40 [ 807.718053][T12488] ? iput+0x706/0x8a0 [ 807.722055][T12488] ext4_orphan_cleanup+0xad2/0x1320 [ 807.727266][T12488] ? ext4_orphan_del+0xbf0/0xbf0 [ 807.742326][T12488] ? errseq_check_and_advance+0x62/0x120 [ 807.748245][T12488] ext4_fill_super+0x8e25/0x95a0 [ 807.753237][T12488] ? ext4_mount+0x40/0x40 [ 807.757566][T12488] ? set_blocksize+0x1f3/0x370 [ 807.762417][T12488] ? sb_set_blocksize+0xa5/0xe0 [ 807.767285][T12488] mount_bdev+0x287/0x3c0 [ 807.772419][T12488] ? ext4_mount+0x40/0x40 [ 807.776757][T12488] legacy_get_tree+0xe6/0x180 [ 807.782334][T12488] ? ext4_errno_to_code+0x160/0x160 [ 807.787539][T12488] vfs_get_tree+0x88/0x270 [ 807.792019][T12488] do_new_mount+0x24a/0xa40 [ 807.796656][T12488] __se_sys_mount+0x2e3/0x3d0 [ 807.801399][T12488] ? __x64_sys_mount+0xc0/0xc0 [ 807.806186][T12488] ? lockdep_hardirqs_on+0x94/0x140 [ 807.811566][T12488] ? __x64_sys_mount+0x1c/0xc0 [ 807.816358][T12488] do_syscall_64+0x4c/0xa0 [ 807.820860][T12488] ? clear_bhb_loop+0x30/0x80 [ 807.825552][T12488] ? clear_bhb_loop+0x30/0x80 [ 807.830279][T12488] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 807.836188][T12488] RIP: 0033:0x7f37ef3cf14a [ 807.840682][T12488] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 807.860544][T12488] RSP: 002b:00007f37ed628e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 807.869039][T12488] RAX: ffffffffffffffda RBX: 00007f37ed628ee0 RCX: 00007f37ef3cf14a [ 807.877207][T12488] RDX: 00002000000002c0 RSI: 00002000000001c0 RDI: 00007f37ed628ea0 [ 807.886089][T12488] RBP: 00002000000002c0 R08: 00007f37ed628ee0 R09: 0000000000800700 [ 807.895195][T12488] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 807.903268][T12488] R13: 00007f37ed628ea0 R14: 000000000000045d R15: 0000200000000200 [ 807.911310][T12488] [ 807.914335][T12488] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 807.921615][T12488] CPU: 1 PID: 12488 Comm: syz.4.2378 Not tainted syzkaller #0 [ 807.929091][T12488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 807.939261][T12488] Call Trace: [ 807.942557][T12488] [ 807.945484][T12488] dump_stack_lvl+0x188/0x250 [ 807.950169][T12488] ? show_regs_print_info+0x20/0x20 [ 807.955365][T12488] ? load_image+0x400/0x400 [ 807.959908][T12488] panic+0x2e5/0x810 [ 807.963802][T12488] ? bpf_jit_dump+0xd0/0xd0 [ 807.968332][T12488] ? __alloc_pages+0x39f/0x480 [ 807.973126][T12488] __warn+0x248/0x2b0 [ 807.977133][T12488] ? __alloc_pages+0x39f/0x480 [ 807.981896][T12488] report_bug+0x1b7/0x2e0 [ 807.986334][T12488] handle_bug+0x3a/0x70 [ 807.990602][T12488] exc_invalid_op+0x16/0x40 [ 807.995119][T12488] asm_exc_invalid_op+0x16/0x20 [ 807.999970][T12488] RIP: 0010:__alloc_pages+0x39f/0x480 [ 808.005344][T12488] Code: 31 ff e9 b1 fe ff ff e8 0f 83 07 08 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 4f fd ff ff 4c 89 e7 e8 e6 bd 09 00 e9 42 fd ff ff <0f> 0b 45 31 ff e9 ee fe ff ff 65 44 8b 2d 77 af 4d 7e 41 83 fd 08 [ 808.024955][T12488] RSP: 0018:ffffc90003e6f380 EFLAGS: 00010246 [ 808.031024][T12488] RAX: ffffc90003e6f3c0 RBX: 1ffff920007cde74 RCX: 0000000000000000 [ 808.038993][T12488] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003e6f3e8 [ 808.046973][T12488] RBP: ffffc90003e6f470 R08: ffffc90003e6f3e7 R09: ffffc90003e6f3c0 [ 808.054935][T12488] R10: dffffc0000000000 R11: fffff520007cde7d R12: dffffc0000000000 [ 808.062904][T12488] R13: 0000000000000000 R14: 0000000000040c40 R15: 000000000000000c [ 808.070919][T12488] ? zone_statistics+0x170/0x170 [ 808.075887][T12488] kmalloc_large_node+0x7d/0x190 [ 808.080826][T12488] __kmalloc_node+0x232/0x3b0 [ 808.085514][T12488] ext4_expand_extra_isize_ea+0xd26/0x19b0 [ 808.091344][T12488] __ext4_expand_extra_isize+0x301/0x3e0 [ 808.096981][T12488] __ext4_mark_inode_dirty+0x469/0x700 [ 808.102451][T12488] ext4_evict_inode+0xa8d/0x1090 [ 808.107383][T12488] ? _raw_spin_unlock+0x24/0x40 [ 808.112231][T12488] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 808.118307][T12488] ? do_raw_spin_unlock+0x11d/0x230 [ 808.123527][T12488] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 808.129444][T12488] evict+0x4c9/0x8d0 [ 808.133347][T12488] ? proc_nr_inodes+0x320/0x320 [ 808.138206][T12488] ? do_raw_spin_unlock+0x11d/0x230 [ 808.143405][T12488] ? _raw_spin_unlock+0x24/0x40 [ 808.148258][T12488] ? iput+0x706/0x8a0 [ 808.152232][T12488] ext4_orphan_cleanup+0xad2/0x1320 [ 808.157433][T12488] ? ext4_orphan_del+0xbf0/0xbf0 [ 808.162369][T12488] ? errseq_check_and_advance+0x62/0x120 [ 808.168000][T12488] ext4_fill_super+0x8e25/0x95a0 [ 808.173001][T12488] ? ext4_mount+0x40/0x40 [ 808.177347][T12488] ? set_blocksize+0x1f3/0x370 [ 808.182118][T12488] ? sb_set_blocksize+0xa5/0xe0 [ 808.187072][T12488] mount_bdev+0x287/0x3c0 [ 808.191416][T12488] ? ext4_mount+0x40/0x40 [ 808.195737][T12488] legacy_get_tree+0xe6/0x180 [ 808.200409][T12488] ? ext4_errno_to_code+0x160/0x160 [ 808.205617][T12488] vfs_get_tree+0x88/0x270 [ 808.210027][T12488] do_new_mount+0x24a/0xa40 [ 808.214532][T12488] __se_sys_mount+0x2e3/0x3d0 [ 808.219218][T12488] ? __x64_sys_mount+0xc0/0xc0 [ 808.224085][T12488] ? lockdep_hardirqs_on+0x94/0x140 [ 808.229276][T12488] ? __x64_sys_mount+0x1c/0xc0 [ 808.234043][T12488] do_syscall_64+0x4c/0xa0 [ 808.238484][T12488] ? clear_bhb_loop+0x30/0x80 [ 808.243168][T12488] ? clear_bhb_loop+0x30/0x80 [ 808.247855][T12488] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 808.253849][T12488] RIP: 0033:0x7f37ef3cf14a [ 808.258261][T12488] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 808.277879][T12488] RSP: 002b:00007f37ed628e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 808.286377][T12488] RAX: ffffffffffffffda RBX: 00007f37ed628ee0 RCX: 00007f37ef3cf14a [ 808.294427][T12488] RDX: 00002000000002c0 RSI: 00002000000001c0 RDI: 00007f37ed628ea0 [ 808.302395][T12488] RBP: 00002000000002c0 R08: 00007f37ed628ee0 R09: 0000000000800700 [ 808.310365][T12488] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 808.318423][T12488] R13: 00007f37ed628ea0 R14: 000000000000045d R15: 0000200000000200 [ 808.326419][T12488] [ 808.329801][T12488] Kernel Offset: disabled [ 808.339714][T12488] Rebooting in 86400 seconds..