last executing test programs: 11m4.43994447s ago: executing program 32 (id=387): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a4c000000030a0fdb00000000000000000a0020050900030073797a30000000000900010073797a31000000001400048008000240e7b140bb08000140000000030a000700726f75746500000014000000110001"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = socket(0xa, 0x3, 0xff) sendmsg$inet6(r1, &(0x7f0000001c00)={&(0x7f0000000140)={0xa, 0xa, 0x7, @mcast2}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000180)="671723d7c6012c", 0x7}, {&(0x7f0000000280)="9e91d91a92dc7c8fff658bb539e2ffb332c99223a7dfe52c1f51218206f5abfd2a33a3da57", 0x25}], 0x2}, 0x20008b88) 9m44.324458553s ago: executing program 33 (id=741): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x3, 0x11fb, 0x3, 0xaa}, 0x14) 7m54.731834027s ago: executing program 1 (id=1284): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x3, @empty, 0x6}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000100)=0x10000, 0x4) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000080), 0x4) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e20004db0"], 0x0) 7m54.122322761s ago: executing program 1 (id=1289): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000280)=@assoc_value={0x0}, &(0x7f0000000880)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={r2, 0x3fb, 0x7e7}, 0x8) 7m52.571385237s ago: executing program 1 (id=1295): r0 = syz_io_uring_setup(0x83b, &(0x7f0000000140)={0x0, 0x11e, 0x0, 0x1, 0x315}, &(0x7f0000000040)=0x0, &(0x7f0000000400)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000940)=@IORING_OP_FSYNC={0x3, 0x44, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r3}}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) 7m51.262966166s ago: executing program 1 (id=1302): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x8080, &(0x7f0000000380)={[{@norecovery}, {@sysvgroups}, {@sysvgroups}, {@lazytime}]}, 0xee, 0x49b, &(0x7f0000000a40)="$eJzs3EtsG0UYAOB/HefVBw2lPFpaCJRHBTRp0gc9cAGBxAEkJDgUcQppWpWmDWqCRKsICodyRJW4I45I3JE4wQUBB4TEFe6oUoVyaeG0aO1d10ls5+XGLf4+yc7M7joz/85OdjJjO4CuNZw9JRHbIuKPiNhRzS4+YLj64+bC/OQ/C/OTSaTpm38nleNuLMxPFocWr9tazaRpRH+W7G9Q7pV3Iiamp6cu5PnRuXPvj85evHTwzLmJ01Onp86PHz9+5PC+vmPjRyv70yb1710hvlL+M4vrxp6PZvbufvXtq69Pnrj67s/fZPXdlu+vj2Nd0uU1HK6e3aUezZ6e3FBhd5Rfs6ftdRuScvODRzahQqxeT0SUa/0oiZ4YrO3bEa982sGqAbdZmqZpo/tz1N23U+B/KtG/oUsV9/rs/9/isTkjjzvD9Rcj4mCeWZifvFmLv1ybO+hd8v9tOw1HxInL/36ZPaId8xAAACv4Phv/PNdo/FeKB+qOuydfQxmKiHsjYmdE3BcRuyLi/ojKsQ9GnHtojeUvXSFZPv4pXVtXYKuUjf9eyNe2bi4a/xWjvxjqyXPbK/H3JqfOTE8dys/Jgejtz/JjLcr44eXfPy/SA0v21Y//skdWfjEWzOtxrbxkgu7kxNxEJZGm6ccbCz+ufxKxp9wo/iSKZZwkInZHxJ51lnHmma/3Ntu3cvwttFhnWq30q4inq+1/efH4/1ZTJfXrk4MRUVufHHv+2PjR0YGYnjo0WlwVy/3y25U3mpW/ofjbIGv/LQ2v/9oq8FAyEDF78dLZynrt7NrLuPLnZ3V9etHqchZ/6duINV//fclblXRfvu3Dibm5C2MRfclry7eP33ptkS+Oz+I/sL9x/99ZV+OHIyK7iPdFxCP5Im7Wdo9FxOMRsb9F/D+99MR7zfY1b/9ms/LtdT0/US3bP+rbf+2JnrM/ftes/OF8DTLy89C4/Y9UUgfyLbW/fy2stoLrOmkAAABwlylV3gOflEZq6VJpZKT6Hv5dsaU0PTM79+ypmQ/On6y+V34oekvFTNeOuvnQsXxuuMiPL8kfzueNv+gZrORHJmemT3Y6eOhyW5v0/8xfPZ2uHXDbtWEdDbhL6f/QvfR/6F76P3Qv/R+6V6P+v9EPFgB3B/d/6F6V/v/U5U5XA+gA93/oXvo/dKWmn40vbegj/00TSbt/YcNE8d0Jm1HWyoniuyg2vfTBdb98YOVTF6XOntWuSZSXtUWU21pEf8NdHfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Eb/BQAA///i5tKw") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000480)='.\x00', 0x10000, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @a}}) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x100, 0x80) 7m50.16878504s ago: executing program 1 (id=1310): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000800), 0x8040, 0x0) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000840)=0x18000000) 7m49.255297988s ago: executing program 1 (id=1315): openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000318000/0x2000)=nil, 0x2000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 7m47.803495427s ago: executing program 34 (id=1315): openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000318000/0x2000)=nil, 0x2000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 5m3.884259813s ago: executing program 6 (id=2102): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file1\x00', 0x4, &(0x7f0000001180)={[{@fat=@discard}, {@fat=@nfs}, {@dots}, {}, {@dots}, {@nodots}, {@fat=@discard}, {@dots}]}, 0x1, 0x245, &(0x7f0000001200)="$eJzs3cFqE1EUBuBjmjShG7sWFwNuXAX1DYJUEANCZBa6cqC6aUWYbkZXeQyfwedx5WN01d2IndC0tYpi0zvT+T4Ic+AncO4md3NO5u39Dwf7H4/e19+/xGSSxTBiGScRuzGIrWjcWT0Hp/V2nLcMAKBrFotilroHNqssZ8UoIsa/JPnXJA0BAAAAAAAAAADw3/5t/n8QYf4fADrP/P/tV5azYme1v3mR+X8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgnZO6vlv/4ZO6PwDg+rn/AaB/3P8A0D9/e/+P0rYJAFyjV6/fvJjN53uLLJtEHC+rvMqbZ5M/ez7fe5Sd2l1/67iq8q2z/HGTZxfzUeys8idX5tvx8EGT/8yevpxfysexv/njAwAAAAAAAAAAAAAAAAAAQCtMszNX7vdPp7/Lm+rc/wNc2t8fxr3hjR0DAAAAAAAAAAAAAAAAAAAAOu3o0+eD4vDwXanoUvFt2Io2WlSMoxVt3J4i9S8TAAAAAAAAAAAAAAAAAAD0z3rpN3UnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJDO+v3/mytSnxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADohx8BAAD//86jkvk=") sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000140)='\\', 0x1}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.swap.events\x00', 0x275a, 0x0) 5m2.280035142s ago: executing program 6 (id=2106): r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x2, 0x0, 0x7}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1) r1 = fcntl$dupfd(r0, 0x0, r0) ppoll(&(0x7f0000000100)=[{r1, 0xa440}], 0x1, 0x0, 0x0, 0x0) 5m1.256886242s ago: executing program 6 (id=2107): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14", 0x3}], 0x1}}], 0x1, 0x20008000) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000a80)=@gcm_128={{0x303}, "9ff3d6661480294c", "5fa3c0bf46782bbee21b09b7446edc75", "5bee93e1", "f11bb8cba3046ce3"}, 0x28) 4m59.829478535s ago: executing program 6 (id=2115): mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file0\x00', 0x130800b, 0x0, 0x0, 0x0, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 4m59.223468076s ago: executing program 6 (id=2119): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x9}, 0x8) 4m58.659836634s ago: executing program 6 (id=2120): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f00000003c0)={[{@nobarrier}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@user_xattr}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x146) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000580)='5', 0x1}], 0x1, 0x7ffffe, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180), &(0x7f0000000380)=ANY=[], 0x25, 0x2) 4m57.345691619s ago: executing program 35 (id=2120): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f00000003c0)={[{@nobarrier}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@user_xattr}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x146) pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000580)='5', 0x1}], 0x1, 0x7ffffe, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180), &(0x7f0000000380)=ANY=[], 0x25, 0x2) 3m56.199903966s ago: executing program 2 (id=2391): openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0xa2042, 0x0) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0xb5e8, 0x80, 0x0, 0x8}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x3596, 0x0, 0x49, 0x0, 0x0) 3m55.539257832s ago: executing program 2 (id=2396): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@errors_remount}, {@nodelalloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@jqfmt_vfsv0}, {@quota}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") chdir(&(0x7f0000000140)='./file0\x00') syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000040)='./bus\x00', 0x2100000, 0x0, 0xff, 0x0, &(0x7f00000000c0)) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 3m54.508781355s ago: executing program 2 (id=2403): r0 = syz_io_uring_setup(0x83e, &(0x7f00000000c0)={0x0, 0x811b, 0x400, 0x3, 0x3c4}, &(0x7f0000000180)=0x0, &(0x7f0000000280)=0x0) r3 = socket(0x2a, 0x2, 0x6) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x100}) io_uring_enter(r0, 0x4ce1, 0x0, 0x0, 0x0, 0x0) 3m53.028278882s ago: executing program 2 (id=2408): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140)) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) mount$bind(&(0x7f0000000200)='.\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x2125099, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x9) 3m52.466583387s ago: executing program 2 (id=2410): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fsmount(r0, 0x0, 0x5) r1 = open(&(0x7f0000000140)='.\x00', 0x48100, 0x6) getdents(r1, &(0x7f0000000080)=""/45, 0x2d) 3m51.585793067s ago: executing program 2 (id=2415): syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000000c0)='./file1\x00', 0x204888, &(0x7f0000000380)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb42e2382d40feefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000"], 0x1, 0x336, &(0x7f0000000880)="$eJzs3cFrI1UcB/DfxrXdXe2mBxEUxIde9DK09R8wyC6IBaVuZfUgzNqphswmJRNWsoi7N/Hm37F49CaI4LkX79689eJxD4uRJm23ienBhTSWfD4Q3i/z8mXeJEz4XZJ3cPuHu63dKtvNe1F7N8XViKg9jliNWhy7dDTWhvVSnPYw3q7f/uO1jz/97IPG5uaNrZRuNm69s5FSuv76L19/8+Mbv/Ze+OSn6z8vx/7q5wd/bfy5//L+Kwd/3/qqWaVmldqdXsrTnU6nl98pi7TTrFpZSh+VRV4Vqdmuiu7Y/G7Z2dvrp7y9s3Jtr1tUVcrb/dQq+qnXSb1uP+Vf5s12yrIsrVyLxfIs17v9aGsrb8xgMZyj7ycPXB1/2u028sN7ePlfye1HM10YAPC/NNn/1+LK8Pic+v/jFuW/9/+XFr3/fxb6/0Vw2P8vHd2/4/T/AAAAAAAAAAAAAABwETweDOqDwaB+PE4+5r0+Zsvnv9hO/XDvSkT53b3te9ujcTTf2I1mlFHEWtTjScTgxKi++f7mjbU0tBordx+M8ofjc+P59ajH6vT8ekpp8CCl8fzzw3+0OMlvRD1emp7fGJ1/Ir8Ub715Kp9FPX7/IjpRxk4cZp/mv11P6b0PNyfyy8PXAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAYsnRi6v79WXbW/Ch/sr/+WtTjyfT9+dem7s9/OV69PN9rBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjVf9+Ky/Lonv+xcM4Y2pwZF4LO/8iYman+O3FOOt9VijOLub9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn7+mm3/NeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPNU9e+38rIsujMs5n2NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8k/AQAA//8A7ioD") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 3m49.781341363s ago: executing program 36 (id=2415): syz_mount_image$vfat(&(0x7f0000000300), &(0x7f00000000c0)='./file1\x00', 0x204888, &(0x7f0000000380)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d757466382c0097b75cbdde02821d0f899c2377ee9577397fc18b433d0c59e692b381740ca495e1c145c5922679338b5ff21c0653a98440a5725268a242c0263564f988d3c178704feaf8a412df818275708882ea9a4048c6e458a1f05b83f2e69b965b1df203b21de2b0ee375647f886a5310889982079aa7b1fb42e2382d40feefe7f768eec58b19cf50faaf129503175f4262df740183df51d3641ff78b86127c1db8ef165bfa3bd20797fde6ff91a0e45d3d7c1c6d1ce0a72be8c1fdb00000000"], 0x1, 0x336, &(0x7f0000000880)="$eJzs3cFrI1UcB/DfxrXdXe2mBxEUxIde9DK09R8wyC6IBaVuZfUgzNqphswmJRNWsoi7N/Hm37F49CaI4LkX79689eJxD4uRJm23ienBhTSWfD4Q3i/z8mXeJEz4XZJ3cPuHu63dKtvNe1F7N8XViKg9jliNWhy7dDTWhvVSnPYw3q7f/uO1jz/97IPG5uaNrZRuNm69s5FSuv76L19/8+Mbv/Ze+OSn6z8vx/7q5wd/bfy5//L+Kwd/3/qqWaVmldqdXsrTnU6nl98pi7TTrFpZSh+VRV4Vqdmuiu7Y/G7Z2dvrp7y9s3Jtr1tUVcrb/dQq+qnXSb1uP+Vf5s12yrIsrVyLxfIs17v9aGsrb8xgMZyj7ycPXB1/2u028sN7ePlfye1HM10YAPC/NNn/1+LK8Pic+v/jFuW/9/+XFr3/fxb6/0Vw2P8vHd2/4/T/AAAAAAAAAAAAAABwETweDOqDwaB+PE4+5r0+Zsvnv9hO/XDvSkT53b3te9ujcTTf2I1mlFHEWtTjScTgxKi++f7mjbU0tBordx+M8ofjc+P59ajH6vT8ekpp8CCl8fzzw3+0OMlvRD1emp7fGJ1/Ir8Ub715Kp9FPX7/IjpRxk4cZp/mv11P6b0PNyfyy8PXAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAYsnRi6v79WXbW/Ch/sr/+WtTjyfT9+dem7s9/OV69PN9rBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBjVf9+Ky/Lonv+xcM4Y2pwZF4LO/8iYman+O3FOOt9VijOLub9zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn7+mm3/NeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPNU9e+38rIsujMs5n2NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8k/AQAA//8A7ioD") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 2m3.618655384s ago: executing program 4 (id=2882): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x3, 0x1, 0x246, 0x7fffffffffffffff, 0xfffffffffffffffa, 0xffffffffffffffff, 0x0, 0x7fff, 0x9b}) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f0000000100), &(0x7f0000001400)=ANY=[], 0x835, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x40000, 0x0, 0x1, 0x0, 0x0) 2m2.349546816s ago: executing program 4 (id=2885): openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', &(0x7f0000000400)=ANY=[], 0x0, 0x1400) 2m0.168412953s ago: executing program 4 (id=2891): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f00000000c0)='./file1\x00', 0x1000812, &(0x7f0000001cc0)=ANY=[@ANYBLOB="71756965742c636f6465706167653d63703836302c696f636861727365743d63703836312c00808fead042bd35dc78f7f06333a5e7165b8271e41aee85e59cbb6c2df3d4e4c16b06c73f2e3b348a7fba46e286378a15ee516bac8d4813c9c3d9cee1ddb95d1bbcf504e065b3749a1cbd841e685a558598cf0db10b55885946e678d0a71877037a090000000700848879ef1604cadc1faca3aa22a576750d559c4e124d4cb7293e7393b77286fa8c6dc449eda0a03d342382e84d6d3c29ab95cc923fbe25e134d1c421320a3bffaa17fcd6b5178e322cc47133b3811e3d3bc34998dc7ed029834ad591d9d56c41063d8de2d50a2398e73ff2913a9fe8e954a4e4ca99ceb5737e57193c5f47fd63b16c8b34f256dbac0e5ebd009078df2cb1ca1051ad091adbfee5126d8a59fa5438734bc3e8cc7b7edc10716a0a9b711952cdf96586e06fbace21dc04bdb4a1a2072ce5f72cf0", @ANYRESOCT, @ANYRES32, @ANYRES32=0x0, @ANYRESHEX=0x0, @ANYBLOB="0bffd5ece651e2a4648f9b08ce06626a8efcc3bee3ccef03f1e2279d8dc44bc4bd6a5d445b3f4f75b30ef3cc0a9d3c338a26ff996b57afbe65c46e61b66cf778b449292592952663ac34eb94f6fd4cfbda2af6c85c6e135955ca064c546ab638c56d2432e45e6d333181ee921f9f26a8ef"], 0x1, 0x305, &(0x7f0000000340)="$eJzs3U1rE1scx/HfmaRNepvbmz5cLtxltaAb0boRNxHJWxDEhWjbCMVQUSuoG1NxJaJ7974FX4QbxTegKxfiC2g3jpwzD8kkk5k0JB2D3w+Ik8n85/zPPP5PoBwB+GNdbX55d/Gb/WekkkrSy8uSJ6kqlSX9q/+qj/b2d/fbrZ2sHZVchI58GQWRZmCb7b2W+/8gudrGuYhQ3X4qq9a7DtPh+/6Vr33rvnsFJYPCuLs/hSdVwrvTfV898cyyHYwZ15lwHrPGHOpQj7VUdB4AgGLZ9/9BUPjb93wtrN89T9oIX/u/5ft/XIdFJzB1fua3Pe9/N8ryjT2//7ivuuM9N4Sz33vRKHGUluf6Ps8rKCQTBaZJH1V2h3wuF2/hzm67dW77XnvH03M1Qj0Ba3ELIXuF5mS7njI2zTBC301qRRmk5c3ZPmwOyX91zBYzDAzfEifEfDCfzE1T11vtxPVf2Tc2W5dwve9MBfmfH97eoouyWyl8bDQaDc/tKLLsGvk/eaZyellNH5EoOrDLSv5AUM/L00Wt9EUFvbuQGlCJo1ZTozajT0PaWktE2d7EV/PwLKfNvDbXzbp+6L2aPfW/Z/Pb0PA7M/GLjtkIbjR3xIP+zKc3V3b7rA+8OTq6UUuuiY9iZVjqR9nPNIwgOoevtKVLWnr45OndUrvdemAXbqcs3K/Fa+ZeSKnbFLygTndNRb4zsHH0DEyEL4Qrp5TY2Ynu0D4/cje2d9mJHPneKyG6YSfWhLziL62sa6P5se9CmtiCX5nwDn/6Y0T9fcIPJRSle9KLzgQFsXWXCcZ/rpIP631Xr9lq4VpleJ0eFWRpJZur3sM9+rbGjkdA1UT8ilv6K1lG54wNFsM6JmUc19FoY65TZ6TTo7dYD/OcDf6znA1MU591i9//AQAAAAAAAAAAAAAAAAAAZs3x/65g4dhRRfcRAAAAAAAAAAAAAAAAAAAAAIBZF8//q2j+X402/2//VCzh/L9V5cz/uzWYw8D8v2/2ZDoS8/8C0/UrAAD///8sd7M=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000010140)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964dee674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a7986cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25afd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e5706000", 0x1000}}, 0x1006) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x803053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40)) 1m59.28950939s ago: executing program 4 (id=2896): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x8040, &(0x7f0000000500)={[{@noblock_validity}, {@nombcache}, {@nodiscard}]}, 0x3, 0x45c, &(0x7f0000000940)="$eJzs281vFGUYAPBnZtsCArYifvChVtHY+NFSQOXgQY0mHjAx0YMem7YQZKGG1kQIUTAGT8aYeDce/Rc86cUYTyZe9W5IiOECeFozuzN0d9ld6LLbLezvlwy873z0fZ6deXffmXc3gKE1mf2TRGyLiL8iYrxWbdxhsvbftSvn5q9fOTefRKXy3r9Jdb+rV87NF7sWx23NK1NpRPplEntatLt85uyJuXJ58XRen1k5+fHM8pmzLx4/OXds8djiqQOHDx86OPvKywde6kmeWUxXd3+2tHfX2x9++86Rr7N1aZF/Ux49Mtlp4zOVSo+bG6ztdeVkZICBsCaliMhO12i1/49HKVZP3ni89cVAgwP6qlKpVLa233y+AtzDkmis6/IwLIoP+uz+t1iaBwGv9W/4MXCXX6/dAGV5X8uX2paR6vOByO+Ntvep/cmI+OD8f99nS/TnOQQAQIOfs/HPC63Gf2k8XLff/fnc0EREPBAROyLiwYjYGREPRVT3fSQiHl1j+82TJDePf9JLXSV2m7Lx36v53Fbj+K8Y/cVEKa9tr+Y/mhw9Xl7cn78mUzG6KavPdmjjlzf//KbdtvrxX7Zk7RdjwTyOSyObGo9ZmFuZu5Oc612+ELF7pFX+yY2ZgCQidkXE7i7bOP7cj3vbbbt1/h30YJ6p8kPEs7Xzfz6a8i8knecnZzZHeXH/THFV3Oz3Py6+2679O8q/B7Lzf1/L6/9G/hNJ/Xzt8trbuPj3V23vabq9/seS96vlsXzdp3MrK6dnI8aSI7Wg69cfWD22qBf7Z/lP7Wvd/3fE6iuxJyKyi/ixiHg8Ip7IY38yIp6KiH0d8v/tjac/6j7//sryX1jT+V8tjEXzmtaF0olff2podOKm/K93Pv+HqqWpfM3tvP/dTlzdXc0AAABw90kjYlsk6fSNcppOT9e+L78zIi0vLa88f3Tpk1MLtd8ITESkxZOu8brnobP5bX2tfiEial8tKLYfzJ8bf1faUq1Pzy+VFwadPAy5rW36f+af0qCjA/rO77VgeOn/MLxu1f8/X6c4gPXn8x+GV4v+v2UQcQDrbVPLz39jfhgOTf3ftB8Mkab+v3lQcQDrr/vnf2M9jQNYf57/w1Ba3hK3/pF8x0Lxl7o8/J4txOiGCKNvhUg3RBgbtjB6l/eLwb0nAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9NL/AQAA//8kV94B") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x48) syz_clone(0x1000000, 0x0, 0xfffffd11, 0x0, 0x0, 0x0) getdents(r0, 0x0, 0x58) getdents64(r0, &(0x7f00000000c0)=""/116, 0x74) 1m57.836123603s ago: executing program 4 (id=2901): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) fstatfs(r0, &(0x7f0000000100)=""/107) r1 = socket(0x2, 0x80805, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, 0x0, &(0x7f0000000140)) 1m56.442816602s ago: executing program 9 (id=2908): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000000)=0x7, 0x4) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f00000000c0)=0xf2b, 0x4) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000001500)=""/7, &(0x7f0000000080)=0xffffffffffffffb3) 1m56.435529629s ago: executing program 4 (id=2909): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000540)="09000000e70014000000d93bfbf788a83baa88a84215dd4700008100000088a8", 0x20, 0x40408c0, &(0x7f0000000000)={0x11, 0x88a8, r2, 0x1, 0xc, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x47}}, 0x14) 1m54.936860804s ago: executing program 37 (id=2909): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000540)="09000000e70014000000d93bfbf788a83baa88a84215dd4700008100000088a8", 0x20, 0x40408c0, &(0x7f0000000000)={0x11, 0x88a8, r2, 0x1, 0xc, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x47}}, 0x14) 1m54.895067325s ago: executing program 9 (id=2914): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf910000000000007b020000000000008500000084000000790000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1m54.4126142s ago: executing program 9 (id=2917): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x2000) ioctl$TUNSETNOCSUM(r2, 0xff04, 0x1) 1m53.828981324s ago: executing program 9 (id=2919): r0 = socket$inet6_udp(0xa, 0x2, 0x0) close(r0) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x439a, 0x4) 1m53.331697069s ago: executing program 9 (id=2922): syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0]) mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040)) chdir(&(0x7f0000000080)='./file0\x00') syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000000c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@noquota}]}, 0x1, 0x440, &(0x7f0000000780)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=") 1m52.359703877s ago: executing program 9 (id=2926): pipe(&(0x7f0000000080)) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0xfffffffe, 0xfffe}) lsetxattr$security_capability(&(0x7f0000000280)='./file1\x00', &(0x7f0000000080), 0x0, 0x0, 0x1) 1m37.077285145s ago: executing program 38 (id=2926): pipe(&(0x7f0000000080)) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0xfffffffe, 0xfffe}) lsetxattr$security_capability(&(0x7f0000000280)='./file1\x00', &(0x7f0000000080), 0x0, 0x0, 0x1) 17.822176904s ago: executing program 3 (id=3317): rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r0 = getpid() r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0xb, &(0x7f0000000080)={0x0, 0x0, 0x3}) r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8) read(r2, &(0x7f0000000740)=""/377, 0x179) 17.035878463s ago: executing program 3 (id=3322): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000100)="2e1221b23bb601c477d3df163e75963d86ddf06712e9000d2f8db0049d90491c3248040000dbb8a10000", 0x2a}, {&(0x7f0000000200)="242dfcb354b3", 0x6}, {&(0x7f0000000240)="a43b2eaab4000000000080006558", 0xe}, {&(0x7f0000000080)="f9ae", 0x2}, {&(0x7f0000000480)="cc86", 0x2}, {&(0x7f0000000180)="12396ff5df1a1c8ce1df38116c2c", 0xe}], 0x6) 15.447522795s ago: executing program 3 (id=3328): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3c, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 13.454462533s ago: executing program 3 (id=3339): socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect(0x0, 0x48, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000183b9220b11342002b58010203010902"], 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x29e9c934, 0x8, 0x0, 0x5}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a0000000c0000800800", @ANYRES16=r0], 0x20}, 0x1, 0x0, 0x0, 0x200c0801}, 0x0) 12.316149179s ago: executing program 3 (id=3343): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x20004080) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r2, 0x0, 0x0) 7.171570389s ago: executing program 8 (id=3364): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000080)={0x1, {{0xa, 0x4e21, 0xb14, @mcast2}}, {{0xa, 0x4e20, 0x8, @private0}}}, 0x108) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x8000002, 0x0, @mcast1}, 0x1c) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000001bbbbbbbbbbbb86dd60cb800000383aff00000000000000000000ffffac1e0001ff020000000000000000000000000001"], 0x0) 6.338922831s ago: executing program 8 (id=3368): bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(morus1280)\x00'}, 0x58) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62) ioctl$int_in(r0, 0x5421, &(0x7f0000000140)=0x6) listen(r0, 0x0) accept4(r0, 0x0, 0x0, 0x80800) 6.228457283s ago: executing program 7 (id=3370): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @none}, 0x8) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r1, &(0x7f00000004c0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8) listen(r1, 0xc) listen(r0, 0x0) 5.533019819s ago: executing program 8 (id=3372): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2982, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x804000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) ioctl$TCFLSH(r1, 0x540b, 0x2) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) 5.304963086s ago: executing program 7 (id=3373): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x5, 0x7fc00007}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) r1 = epoll_create1(0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x2007}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000140)) 5.252666508s ago: executing program 0 (id=3374): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000380)={0x10000008}) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x10, 0x0) umount2(&(0x7f00000001c0)='./file0\x00', 0x0) 5.124240849s ago: executing program 3 (id=3375): socket$qrtr(0x2a, 0x2, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = syz_io_uring_setup(0x497, &(0x7f0000000340)={0x0, 0x293e, 0x100, 0x1, 0x80000124}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x351a, 0x100, 0x0, 0x0, 0x0) 4.660507869s ago: executing program 8 (id=3377): openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_usb_connect$rtl8150(0x6, 0x0, 0x0, 0x0) r0 = syz_io_uring_setup(0xbdc, &(0x7f00000002c0)={0x0, 0xd20a, 0x80, 0x3, 0x35d}, &(0x7f00000006c0)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6000, @fd, 0x1, 0x0, 0x0, 0x6}) io_uring_enter(r0, 0x6e69, 0x0, 0xe, 0x0, 0x0) 4.290046983s ago: executing program 0 (id=3378): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000772904202404019957c2010203010902240001000010000904430002317d5500090502020002020000090582020002"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f0000000940)=ANY=[], 0x0) syz_usb_connect(0x2, 0x24, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000a00)={0x44, &(0x7f00000004c0)={0x20, 0x0, 0x1f, "298c16ed746fc242bd304deadabc14425469adc4bf162e4e8c5659a5e8aa2a"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0x2}, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x40, 0x9, 0x1, 0x9}, 0x0, &(0x7f0000000740)={0x40, 0xf, 0x2, 0x3}, &(0x7f0000000800)={0x40, 0x13, 0x6, @remote}, &(0x7f0000000840)={0x40, 0x17, 0x6, @random="ad82a9315d3a"}, &(0x7f0000000880)={0x40, 0x19, 0x2, "5dfc"}, 0x0, 0x0, &(0x7f0000000980)={0x40, 0x1e, 0x1, 0x2}, &(0x7f00000009c0)={0x40, 0x21, 0x1, 0x2c}}) syz_usb_control_io$uac2(r0, 0x0, &(0x7f0000000780)={0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="070004000000feffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.016255932s ago: executing program 5 (id=3379): syz_emit_ethernet(0x46, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) r0 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace(0x8, r0) wait4(0x0, 0x0, 0x0, 0x0) 3.659764052s ago: executing program 7 (id=3380): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) r1 = accept4(r0, 0x0, 0x0, 0x80000) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$inet6(r2, &(0x7f0000003b80)=[{{0x0, 0xd, &(0x7f00000003c0)=[{&(0x7f00000000c0)="e6", 0x29}], 0x1, 0x0, 0x0, 0x7000300}}, {{0x0, 0x500, &(0x7f0000000740)=[{&(0x7f0000000440)='&', 0x23fff}], 0x1}, 0xff03}], 0x4000070, 0x8000) 3.339841181s ago: executing program 5 (id=3381): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r1, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000340)) r2 = dup(r0) ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r2}) 3.02968238s ago: executing program 0 (id=3382): r0 = socket(0x10, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000002c0)=0x9, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a14000000090a010200070000000000000a000003240000000c0a0500000000000000000000000002040003800900020073797a3200000000140000001100c64354ab0020000000000100000a"], 0x60}}, 0x4000800) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000d80)=@newqdisc={0x4c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x8, 0x1000, 0x1, 0x9, 0xff, 0x3}}}}]}, 0x4c}}, 0x24044092) 2.591797875s ago: executing program 5 (id=3383): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000100)="2e1221b23bb601c477d3df163e75963d86dd606712e9000d2f8db0049d90491c3248040000dbb8a10000", 0x2a}, {&(0x7f0000000280)="89cca9ad7f624c06000085087509000000008100", 0x14}], 0x2) 2.443289885s ago: executing program 7 (id=3384): socket$nl_generic(0x10, 0x3, 0x10) socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=@newtaction={0x98, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x80d, 0x0, 0x10000000, 0x5, 0x4}, 0x1, r2}}]}, {0x0, 0xa}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x1}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x4008001}, 0x0) 2.286502841s ago: executing program 0 (id=3385): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, 0x94) r0 = syz_io_uring_setup(0x10c2, &(0x7f0000002340)={0x0, 0x815e, 0x180, 0x0, 0x2fe}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x2000, @fd=r0, 0x8, 0x0, 0x0, 0x8, 0x0, {0x1}}) io_uring_enter(r0, 0x47bc, 0x0, 0x40, 0x0, 0x0) 1.654647535s ago: executing program 7 (id=3386): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf0b, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}}, 0x4000000) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000007000010010ab4be68e8da23507000000", @ANYRES32=r2, @ANYBLOB="10000180"], 0x28}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.574963694s ago: executing program 8 (id=3387): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1) getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x437, 0x170bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x50483}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24044090}, 0x4080) sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=@newtaction={0x68, 0x30, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x7fc0, 0x7, 0xa, 0x7}, 0x3, r2}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 1.556483428s ago: executing program 5 (id=3388): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r0 = userfaultfd(0x80801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) 982.916813ms ago: executing program 7 (id=3389): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000002c0)={[{@init_itable_val={'init_itable', 0x3d, 0xe94}}, {@grpquota}, {@min_batch_time={'min_batch_time', 0x3d, 0xb}}, {@delalloc}]}, 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") mkdir(&(0x7f0000000400)='./file1\x00', 0x180) creat(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1f1) renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x2) 883.269831ms ago: executing program 0 (id=3390): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x200}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000400)={&(0x7f000092b000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x1000}) madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x19) 834.392928ms ago: executing program 5 (id=3391): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r1 = socket(0x11, 0x3, 0x0) dup3(r0, r1, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bind$packet(r1, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x11, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}, 0x14) 413.644692ms ago: executing program 8 (id=3392): r0 = socket$kcm(0x2, 0x5, 0x84) connect$unix(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x0, 0x12, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@getchain={0x24, 0x11, 0x43d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xc, 0xfff3}}}, 0x24}}, 0x0) 118.867697ms ago: executing program 5 (id=3393): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TCSBRKP(r0, 0x5425, 0x1) r2 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r2, 0xa) 0s ago: executing program 0 (id=3394): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) sendto$inet6(r0, 0x0, 0x0, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x4e22, 0x4, @private2, 0x80100001}, 0x1c) sendto$inet6(r0, &(0x7f0000001cc0)="2501d77b330b7e73d6b1d1b8a473ff7420b4b43ce0861f000000714fa228ee1f5b48", 0xfffffffffffffe57, 0x8000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002003, 0x0) kernel console output (not intermixed with test programs): D: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 713.935116][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 713.948673][T12801] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.957927][T12801] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.007978][T12806] netlink: 44 bytes leftover after parsing attributes in process `syz.8.2495'. [ 714.965589][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 714.976061][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 715.573962][ T5838] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 715.781567][ T5838] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 715.834652][ T5838] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 715.900136][ T5838] usb 8-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00 [ 715.978544][ T5838] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 716.005476][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 716.015406][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 716.068267][ T5838] usb 8-1: config 0 descriptor?? [ 716.598186][ T5838] hid-steam 0003:28DE:1102.0014: unbalanced delimiter at end of report description [ 716.718603][ T5838] hid-steam 0003:28DE:1102.0014: steam_probe:parse of hid interface failed [ 716.771293][ T5838] hid-steam 0003:28DE:1102.0014: probe with driver hid-steam failed with error -22 [ 716.823669][T12554] veth0_vlan: entered promiscuous mode [ 716.856183][ T5838] usb 8-1: USB disconnect, device number 17 [ 716.976565][T12554] veth1_vlan: entered promiscuous mode [ 717.045227][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 717.054790][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 717.410269][T12843] loop0: detected capacity change from 0 to 8192 [ 717.413174][T12554] veth0_macvtap: entered promiscuous mode [ 717.492417][T12843] FAT-fs (loop0): bogus logical sector size 516 [ 717.518011][T12843] FAT-fs (loop0): Can't find a valid FAT filesystem [ 717.562032][T12554] veth1_macvtap: entered promiscuous mode [ 717.785035][T12854] debugfs: Invalid gid '0x00000000ffffffff' [ 717.904173][T12554] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 718.077495][T12554] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 718.086994][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 718.096369][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 718.269199][ T9] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 718.345546][ T60] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.395999][ T60] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.465065][ T60] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.504297][ T9] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 718.553569][ T60] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 718.585844][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 718.706997][ T9] usb 8-1: config 0 descriptor?? [ 718.771727][ T9] cp210x 8-1:0.0: cp210x converter detected [ 719.125271][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 719.134686][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 719.188058][ T9] cp210x 8-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 719.555897][ T9] usb 8-1: cp210x converter now attached to ttyUSB0 [ 719.729542][ T9] usb 8-1: USB disconnect, device number 18 [ 719.785739][ T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 719.884518][ T9] cp210x 8-1:0.0: device disconnected [ 720.165663][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 720.175001][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 720.406366][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 720.891891][T12897] loop8: detected capacity change from 0 to 128 [ 721.046899][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 721.205194][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 721.214388][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 721.580546][T12901] loop0: detected capacity change from 0 to 2048 [ 721.683061][T12905] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 722.567278][ T29] audit: type=1326 audit(1773804617.770:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12906 comm="syz.8.2526" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58f6c code=0x7fc00000 [ 723.098317][ T29] audit: type=1326 audit(1773804618.310:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.177035][T12922] genirq: Flags mismatch irq 4. 00200000 (aio_iiro_16) vs. 00200080 (ttyS0) [ 723.207535][ T29] audit: type=1326 audit(1773804618.310:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.283110][ T29] audit: type=1326 audit(1773804618.350:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.315567][ C1] net_ratelimit: 3 callbacks suppressed [ 723.315641][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 723.330794][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 723.343978][ T29] audit: type=1326 audit(1773804618.360:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.466530][ T29] audit: type=1326 audit(1773804618.360:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.587336][ T29] audit: type=1326 audit(1773804618.390:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.740676][ T29] audit: type=1326 audit(1773804618.420:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.839834][ T29] audit: type=1326 audit(1773804618.420:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 723.988505][ T29] audit: type=1326 audit(1773804618.450:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12921 comm="syz.0.2531" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f36f6c code=0x7ffc0000 [ 724.056819][T12931] netlink: 56 bytes leftover after parsing attributes in process `syz.8.2535'. [ 724.335305][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 724.345892][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 725.365570][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 725.374986][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 725.717720][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 725.774190][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 726.089627][ T9] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 726.186003][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 726.226705][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 726.267432][T12958] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.296684][ T9] usb 9-1: Using ep0 maxpacket: 8 [ 726.349899][ T9] usb 9-1: config 0 interface 0 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 726.395208][ T9] usb 9-1: config 0 interface 0 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0 [ 726.415305][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.424740][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 726.430909][ T9] usb 9-1: config 0 interface 0 has no altsetting 0 [ 726.505440][ T9] usb 9-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00 [ 726.547319][ T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 726.605972][ T9] usb 9-1: config 0 descriptor?? [ 727.100354][ T9] smartjoyplus 0003:6666:8804.0015: unknown main item tag 0x2 [ 727.190811][ T9] smartjoyplus 0003:6666:8804.0015: hidraw0: USB HID v0.00 Device [HID 6666:8804] on usb-dummy_hcd.8-1/input0 [ 727.235685][ T9] smartjoyplus 0003:6666:8804.0015: no output reports found [ 727.378548][ T9] usb 9-1: USB disconnect, device number 3 [ 727.445784][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 727.785339][T12966] fido_id[12966]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 728.485522][ C1] net_ratelimit: 1 callbacks suppressed [ 728.485596][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 728.501430][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 729.525402][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 729.534787][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 729.619881][T12998] netlink: 'syz.7.2567': attribute type 4 has an invalid length. [ 729.642122][T12998] netlink: 'syz.7.2567': attribute type 8 has an invalid length. [ 729.692118][T12998] netlink: 'syz.7.2567': attribute type 1 has an invalid length. [ 729.738345][T12998] netlink: 176 bytes leftover after parsing attributes in process `syz.7.2567'. [ 729.800062][T12998] NCSI netlink: No device for ifindex 0 [ 730.279113][T13008] loop8: detected capacity change from 0 to 256 [ 730.338532][T13008] exfat: Deprecated parameter 'utf8' [ 730.364179][T13008] exfat: Deprecated parameter 'utf8' [ 730.389609][T13008] exfat: Deprecated parameter 'namecase' [ 730.565559][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 730.575527][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 730.664147][T13008] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 731.605675][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 731.615225][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 731.796277][T13027] loop8: detected capacity change from 0 to 1024 [ 731.969532][T13027] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 732.253564][T13027] EXT4-fs error (device loop8): ext4_xattr_inode_iget:441: comm syz.8.2566: inode #779706732: comm syz.8.2566: iget: illegal inode # [ 732.319130][T13027] EXT4-fs error (device loop8): ext4_xattr_inode_iget:446: comm syz.8.2566: error while reading EA inode 779706732 err=-117 [ 732.497959][T13042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 732.555111][T13042] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 732.645966][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 732.656339][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 732.741536][T11658] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 733.353216][T13050] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 733.685306][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 733.695106][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 734.331976][T13066] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 734.362103][T13066] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 734.725822][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 734.735458][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 735.765358][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 735.775017][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.412482][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.416786][T13094] loop3: detected capacity change from 0 to 7 [ 736.510068][T13094] Dev loop3: unable to read RDB block 7 [ 736.540878][T13094] loop3: unable to read partition table [ 736.566826][T13094] loop3: partition table beyond EOD, truncated [ 736.594186][T13094] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 736.805762][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 736.815856][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 737.193215][T13102] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2585'. [ 737.224194][T13102] netlink: 'syz.4.2585': attribute type 7 has an invalid length. [ 737.232146][T13102] netlink: 'syz.4.2585': attribute type 8 has an invalid length. [ 737.266563][T13102] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2585'. [ 737.845494][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 737.919623][T13112] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2600'. [ 737.939077][T13112] block nbd0: Unsupported socket: should be TCP or UNIX. [ 738.454276][ T24] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 738.602820][T13125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2593'. [ 738.639356][ T24] usb 9-1: config index 0 descriptor too short (expected 30768, got 18) [ 738.673890][ T24] usb 9-1: config 102 has too many interfaces: 102, using maximum allowed: 32 [ 738.718253][ T24] usb 9-1: config 102 has an invalid descriptor of length 102, skipping remainder of the config [ 738.761499][ T24] usb 9-1: config 102 has 0 interfaces, different from the descriptor's value: 102 [ 738.865804][ T24] usb 9-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac [ 738.885805][ C1] net_ratelimit: 1 callbacks suppressed [ 738.885870][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 738.900840][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 738.943601][ T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 738.983866][ T24] usb 9-1: Product: syz [ 738.988213][ T24] usb 9-1: Manufacturer: syz [ 739.039128][ T24] usb 9-1: SerialNumber: syz [ 739.680657][ T24] usb 9-1: USB disconnect, device number 4 [ 739.925416][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 739.934753][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 740.034519][T13147] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2601'. [ 740.975326][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 740.993463][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 741.684590][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 742.005522][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 742.014778][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 742.985449][T13195] loop8: detected capacity change from 0 to 256 [ 743.045305][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 743.515331][T13203] loop9: detected capacity change from 0 to 2048 [ 743.653418][T13203] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 743.869581][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 743.869650][ T29] audit: type=1800 audit(1773804639.080:236): pid=13203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2620" name=08 dev="loop9" ino=1386 res=0 errno=0 [ 744.086923][ C1] net_ratelimit: 3 callbacks suppressed [ 744.086991][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 744.104978][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 744.540804][T13216] loop0: detected capacity change from 0 to 2048 [ 744.668564][T13216] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 745.135422][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 745.144877][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 745.666848][T13231] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 745.676759][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 746.165408][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 746.175919][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 746.502108][T13246] loop4: detected capacity change from 0 to 128 [ 746.554288][T13246] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 746.766506][T13246] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 746.860320][T13246] ext2 filesystem being mounted at /573/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 747.205936][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 747.215620][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 747.300881][T13254] loop9: detected capacity change from 0 to 2048 [ 747.382024][ T5781] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 747.445922][T13254] UDF-fs: error (device loop9): udf_process_sequence: Primary Volume Descriptor not found! [ 747.528452][T13254] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 748.182337][T13260] loop7: detected capacity change from 0 to 4096 [ 748.570730][T13260] ntfs3(loop7): ino=5, "/" mi_enum_attr [ 748.603990][T13260] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 748.685136][T13260] ntfs3(loop7): ino=5, "/" mi_enum_attr [ 748.690929][T13260] ntfs3(loop7): ino=5, "/" mi_enum_attr [ 748.724863][ T5787] Bluetooth: hci3: command 0x0406 tx timeout [ 748.759660][T13260] ntfs3(loop7): ino=5, "/" mi_enum_attr [ 748.803598][T13260] ntfs3(loop7): ino=5, "/" mi_enum_attr [ 748.841945][T13260] ntfs3(loop7): ino=5, "/" attr_set_size_ex [ 749.216862][T13272] net_ratelimit: 2 callbacks suppressed [ 749.216941][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.285961][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.295573][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.330430][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.360059][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.381339][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.402242][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.462591][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.501448][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 749.522802][T13272] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 750.011853][T13281] netlink: 132 bytes leftover after parsing attributes in process `syz.7.2655'. [ 751.754131][T13304] input: syz1 as /devices/virtual/input/input23 [ 752.533001][T13316] netlink: 'syz.4.2662': attribute type 2 has an invalid length. [ 752.754072][ T24] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 752.774780][T12216] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 752.957722][ T24] usb 9-1: Using ep0 maxpacket: 8 [ 752.975354][T12216] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 752.999461][ T24] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 753.009320][T12216] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 753.019714][ T24] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 753.043534][T12216] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 753.052996][T12216] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 753.063980][ T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 753.106932][ T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 753.131419][T12216] usb 1-1: config 0 descriptor?? [ 753.175661][ T24] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 753.243971][ T24] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 753.253317][ T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 753.567562][ T24] usb 9-1: usb_control_msg returned -32 [ 753.584454][ T24] usbtmc 9-1:16.0: can't read capabilities [ 753.891906][T12216] usb 1-1: string descriptor 0 read error: -22 [ 754.305602][T12216] uclogic 0003:256C:006D.0016: failed retrieving string descriptor #100: -71 [ 754.326888][T12216] uclogic 0003:256C:006D.0016: failed retrieving pen parameters: -71 [ 754.361436][T12216] uclogic 0003:256C:006D.0016: failed probing pen v1 parameters: -71 [ 754.374443][T12216] uclogic 0003:256C:006D.0016: failed probing parameters: -71 [ 754.394494][T12216] uclogic 0003:256C:006D.0016: probe with driver uclogic failed with error -71 [ 754.462494][T12216] usb 1-1: USB disconnect, device number 24 [ 754.485222][ C1] net_ratelimit: 18 callbacks suppressed [ 754.485288][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 754.500519][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 754.594713][T13336] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2670'. [ 754.623477][T13335] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 754.804299][ T5787] Bluetooth: hci5: command 0x1003 tx timeout [ 754.806507][T11441] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 755.014628][T13340] loop9: detected capacity change from 0 to 128 [ 755.525349][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 755.544720][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 755.690506][T12216] usb 9-1: USB disconnect, device number 5 [ 756.022019][ T29] audit: type=1800 audit(1773804651.210:237): pid=13350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2675" name="controlC#" dev="devtmpfs" ino=4062 res=0 errno=0 [ 756.565384][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 756.575395][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 756.620217][T13358] loop7: detected capacity change from 0 to 512 [ 756.681662][T13358] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002] [ 756.735865][T13358] System zones: 1-12 [ 756.805022][T13358] EXT4-fs error (device loop7): ext4_iget_extra_inode:5025: inode #15: comm syz.7.2679: corrupted in-inode xattr: e_value size too large [ 756.911057][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 756.928806][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 756.975460][T13358] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 756.983815][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 756.999841][ C1] EXT4-fs (loop7): initial error at time 1773804652: ext4_iget_extra_inode:5025: inode 15 [ 757.010144][ C1] EXT4-fs (loop7): last error at time 1773804652: ext4_iget_extra_inode:5025: inode 15 [ 757.033912][T13358] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.2679: couldn't read orphan inode 15 (err -117) [ 757.056978][T13358] loop7: lost filesystem error report for type 5 error -117 [ 757.066566][T13358] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 757.544130][T13364] syzkaller1: entered promiscuous mode [ 757.571369][T13364] syzkaller1: entered allmulticast mode [ 757.605877][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 757.606307][ T9537] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.615615][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 757.725342][T13369] netlink: 64 bytes leftover after parsing attributes in process `syz.8.2684'. [ 758.563419][ T29] audit: type=1326 audit(1773804653.740:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13380 comm="syz.9.2689" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x0 [ 758.645289][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 758.654888][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 759.695613][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 759.704912][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 759.848155][T13400] loop0: detected capacity change from 0 to 128 [ 759.947896][T13400] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 759.992057][T13400] ext4 filesystem being mounted at /579/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 760.144552][T13400] EXT4-fs (loop0): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 760.707283][ T5778] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 760.725518][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 760.735706][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 760.746253][T13410] netlink: 'syz.4.2699': attribute type 4 has an invalid length. [ 761.143212][T13413] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2700'. [ 761.193968][T13413] bond0: option updelay: invalid value (18446744071951403948) [ 761.212151][T13413] bond0: option updelay: allowed values 0 - 2147483647 [ 761.765629][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 761.775280][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 762.034024][ T29] audit: type=1326 audit(1773804657.240:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13414 comm="syz.0.2701" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36f6c code=0x7fc00000 [ 762.805928][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 762.815679][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 762.914381][T13439] loop4: detected capacity change from 0 to 512 [ 762.960058][T13439] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 763.064417][T13439] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.2709: bg 0: block 104: invalid block bitmap [ 763.092858][T13439] loop4: lost filesystem error report for type 5 error -117 [ 763.093827][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 763.107931][ C0] EXT4-fs (loop4): initial error at time 1773804658: ext4_validate_block_bitmap:432 [ 763.117617][ C0] EXT4-fs (loop4): last error at time 1773804658: ext4_validate_block_bitmap:432 [ 763.124506][T13439] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 763.218445][T13439] loop4: lost filesystem error report for type 5 error -117 [ 763.223039][T13439] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.2709: invalid indirect mapped block 1 (level 1) [ 763.319325][T13439] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 763.320152][T13437] loop0: detected capacity change from 0 to 8192 [ 763.320861][T13439] EXT4-fs (loop4): 1 truncate cleaned up [ 763.395916][T13439] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 763.845518][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.854915][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 763.984533][ T5781] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 764.248245][T13447] loop7: detected capacity change from 0 to 2048 [ 764.318302][T13447] EXT4-fs: Ignoring removed oldalloc option [ 764.427022][T13447] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c028, mo2=0002] [ 764.474710][T13447] System zones: 0-7 [ 764.516532][T13447] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 764.590620][T13447] EXT4-fs (loop7): shut down requested (2) [ 764.885622][ C1] net_ratelimit: 1 callbacks suppressed [ 764.885693][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 764.900688][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 764.934823][ T9537] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 765.375424][T13462] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 765.927463][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 765.938146][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.884161][T12216] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 766.965563][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 766.975309][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 767.114527][T12216] usb 9-1: Using ep0 maxpacket: 16 [ 767.155677][T12216] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 767.189558][T12216] usb 9-1: config 0 has no interface number 0 [ 767.231800][T12216] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 767.344017][T12216] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 767.393914][T12216] usb 9-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 767.434001][T12216] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 767.483029][T12216] usb 9-1: config 0 descriptor?? [ 767.615512][T13485] loop9: detected capacity change from 0 to 2048 [ 767.790162][T13485] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 767.887063][ T29] audit: type=1800 audit(1773804663.100:240): pid=13485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2727" name="file1" dev="loop9" ino=1367 res=0 errno=0 [ 768.005390][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 768.014846][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 768.244247][T12216] uclogic 0003:28BD:0071.0017: pen parameters not found [ 768.258440][T13489] loop7: detected capacity change from 0 to 1024 [ 768.276113][T12216] uclogic 0003:28BD:0071.0017: interface is invalid, ignoring [ 768.336444][T13489] EXT4-fs: Ignoring removed mblk_io_submit option [ 768.443520][T12216] usb 9-1: USB disconnect, device number 6 [ 768.466835][T13489] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 768.531746][T13489] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 768.646812][T13489] EXT4-fs error (device loop7): ext4_ext_check_inode:521: inode #11: comm syz.7.2729: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 768.673556][T13489] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 768.675621][T13489] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.2729: couldn't read orphan inode 11 (err -117) [ 768.685211][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 768.685292][ C0] EXT4-fs (loop7): initial error at time 1773804663: ext4_ext_check_inode:521: inode 11 [ 768.685440][ C0] EXT4-fs (loop7): last error at time 1773804663: ext4_ext_check_inode:521: inode 11 [ 768.725838][T13489] loop7: lost filesystem error report for type 5 error -117 [ 768.728790][T13489] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 768.782750][T13489] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:483: comm syz.7.2729: Invalid block bitmap block 0 in block_group 0 [ 768.844671][T13489] Quota error (device loop7): write_blk: dquota write failed [ 768.852692][T13489] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 768.893301][T13489] EXT4-fs error (device loop7): ext4_acquire_dquot:7001: comm syz.7.2729: Failed to acquire dquot type 0 [ 768.973604][T13499] EXT4-fs error (device loop7): __ext4_get_inode_loc:4782: comm syz.7.2729: Invalid inode table block 8589934593 in block_group 0 [ 769.041657][T13489] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm syz.7.2729: Invalid inode bitmap blk 137438953472 in block_group 0 [ 769.065673][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 769.075537][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 769.290929][ T60] EXT4-fs error (device loop7): __ext4_get_inode_loc:4782: comm kworker/u8:5: Invalid inode table block 8589934593 in block_group 0 [ 769.398498][ T9537] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 770.085861][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 770.104999][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 770.373617][T13515] loop8: detected capacity change from 0 to 256 [ 771.135464][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 771.144948][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 771.502436][T13530] loop4: detected capacity change from 0 to 256 [ 771.631486][T13530] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x246f1341, utbl_chksum : 0xe619d30d) [ 772.165306][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 772.174905][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 772.301110][T13540] loop9: detected capacity change from 0 to 64 [ 772.579458][ T29] audit: type=1800 audit(1773804667.790:241): pid=13540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2749" name="file1" dev="loop9" ino=22 res=0 errno=0 [ 773.065729][T13547] netlink: 35284 bytes leftover after parsing attributes in process `syz.7.2751'. [ 773.161784][T13547] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2751'. [ 773.205405][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 773.214716][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 773.661328][T13552] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2753'. [ 774.008324][T13558] loop8: detected capacity change from 0 to 128 [ 774.078369][T13558] FAT-fs (loop8): bogus number of reserved sectors [ 774.117103][T13558] FAT-fs (loop8): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 774.154720][T13558] FAT-fs (loop8): Can't find a valid FAT filesystem [ 774.245256][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 774.255149][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 775.165752][T13579] loop9: detected capacity change from 0 to 8 [ 775.285470][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 775.294972][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 775.556570][T13586] netlink: 35284 bytes leftover after parsing attributes in process `syz.8.2767'. [ 775.594223][T13586] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2767'. [ 775.903202][T13588] loop4: detected capacity change from 0 to 512 [ 776.048709][T13588] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 776.152968][T13588] ext4 filesystem being mounted at /606/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 776.325818][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 776.335142][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 776.688504][ T5781] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 777.371390][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 777.381866][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 777.569802][T13609] loop9: detected capacity change from 0 to 1024 [ 778.227347][T13621] netlink: 35284 bytes leftover after parsing attributes in process `syz.4.2781'. [ 778.246264][T13621] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2781'. [ 778.405483][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 778.415416][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 778.675879][T13627] netlink: 'syz.7.2783': attribute type 1 has an invalid length. [ 778.730222][T13627] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 778.737821][T13627] IPv6: NLM_F_CREATE should be set when creating new route [ 779.445584][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 779.455881][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 780.485727][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 780.495191][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 780.679336][T13657] loop9: detected capacity change from 0 to 256 [ 780.866481][T13657] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xd22393c8, utbl_chksum : 0xe619d30d) [ 781.525469][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 781.534829][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 781.798954][T13671] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2798'. [ 782.565371][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 782.576629][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 782.725658][T13686] netlink: 'syz.4.2806': attribute type 1 has an invalid length. [ 782.792357][T13686] netlink: 'syz.4.2806': attribute type 2 has an invalid length. [ 783.433428][T13690] loop4: detected capacity change from 0 to 164 [ 783.594181][T13690] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 783.605808][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 783.615699][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 783.778769][T13692] sctp: [Deprecated]: syz.9.2809 (pid 13692) Use of struct sctp_assoc_value in delayed_ack socket option. [ 783.778769][T13692] Use struct sctp_sack_info instead [ 784.218273][T13696] input: syz0 as /devices/virtual/input/input24 [ 784.645243][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 784.654852][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 784.695788][T11668] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 784.899835][T11668] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 784.911312][T13708] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2826'. [ 784.935683][T13708] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2826'. [ 784.979199][T11668] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 785.010578][T11668] usb 10-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 785.047699][T11668] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 785.152326][T11668] usb 10-1: config 0 descriptor?? [ 785.640335][T11668] cp2112 0003:10C4:EA90.0018: unknown main item tag 0x0 [ 785.691923][T11668] cp2112 0003:10C4:EA90.0018: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.9-1/input0 [ 785.695637][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 785.712455][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 785.842016][T11668] cp2112 0003:10C4:EA90.0018: Part Number: 0x82 Device Version: 0xFE [ 785.974473][ T9] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 786.154022][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 786.229132][ T9] usb 9-1: config 0 has an invalid interface number: 67 but max is 0 [ 786.259648][T11668] cp2112 0003:10C4:EA90.0018: error setting SMBus config [ 786.283042][ T9] usb 9-1: config 0 has no interface number 0 [ 786.362999][T11668] cp2112 0003:10C4:EA90.0018: probe with driver cp2112 failed with error -71 [ 786.428185][ T9] usb 9-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 786.496454][ T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 786.505199][T11668] usb 10-1: USB disconnect, device number 2 [ 786.540839][ T9] usb 9-1: Product: syz [ 786.589060][ T9] usb 9-1: Manufacturer: syz [ 786.618597][ T9] usb 9-1: SerialNumber: syz [ 786.652900][ T9] usb 9-1: config 0 descriptor?? [ 786.725329][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 786.734735][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 787.000550][T13723] fido_id[13723]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory [ 787.604907][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 787.765723][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 787.775475][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 787.804507][ T9] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 787.842573][ T9] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 787.889433][ T9] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 787.947276][ T9] smsc95xx 9-1:0.67: probe with driver smsc95xx failed with error -71 [ 788.028231][ T9] usb 9-1: USB disconnect, device number 7 [ 788.805439][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 788.815130][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 789.193597][T13747] Bluetooth: MGMT ver 1.23 [ 789.808724][T13757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 789.820825][T13757] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 789.845489][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 790.206529][T13761] loop9: detected capacity change from 0 to 1024 [ 790.285023][T13761] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 790.451940][T13761] EXT4-fs error (device loop9): mb_free_blocks:2047: group 0, inode 15: block 145:freeing already freed block (bit 9); block bitmap corrupt. [ 790.768159][T12554] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 790.885791][ C1] net_ratelimit: 1 callbacks suppressed [ 790.885860][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 790.901882][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 791.779908][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 791.802953][T13779] loop4: detected capacity change from 0 to 512 [ 791.925520][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 791.935869][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 791.956484][T13779] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -13 [ 792.044240][T13779] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.2847: iget: bad i_size value: 12154757448730 [ 792.117005][T13779] loop4: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 792.123841][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 792.139713][ C1] EXT4-fs (loop4): initial error at time 1773804687: ext4_orphan_get:1391: inode 13 [ 792.149580][ C1] EXT4-fs (loop4): last error at time 1773804687: ext4_orphan_get:1391: inode 13 [ 792.182149][T13779] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2847: couldn't read orphan inode 13 (err -117) [ 792.223941][T13779] loop4: lost filesystem error report for type 5 error -117 [ 792.236165][T13779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 792.768323][ T5781] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 792.965201][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 792.974925][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 793.054794][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 793.555395][T13794] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2854'. [ 793.612824][T13794] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2854'. [ 793.693594][T13794] loop7: detected capacity change from 0 to 128 [ 793.806034][T13794] FAT-fs (loop7): bogus number of FAT structure [ 793.838428][T13794] FAT-fs (loop7): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 793.878867][T13794] FAT-fs (loop7): Can't find a valid FAT filesystem [ 794.005604][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 794.015134][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 794.628276][T13798] loop4: detected capacity change from 0 to 4096 [ 794.709383][T13798] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 794.758823][T13798] NILFS (loop4): mounting unchecked fs [ 794.932781][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 794.941788][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 794.950807][T13798] NILFS (loop4): recovery complete [ 794.999955][T13806] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 795.045405][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 795.055997][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 795.110263][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 795.612149][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 796.085728][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 796.097961][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 796.269749][T13822] loop7: detected capacity change from 0 to 128 [ 797.125535][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 797.134988][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 797.423519][ T29] audit: type=1326 audit(1773804692.620:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 797.486847][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.486847][ T60] loop7: rw=1, sector=145, nr_sectors = 16 limit=128 [ 797.528815][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.528815][ T60] loop7: rw=1, sector=169, nr_sectors = 8 limit=128 [ 797.566996][ T29] audit: type=1326 audit(1773804692.620:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 797.614073][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.614073][ T60] loop7: rw=1, sector=185, nr_sectors = 8 limit=128 [ 797.654947][ T29] audit: type=1326 audit(1773804692.660:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 797.679034][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.679034][ T60] loop7: rw=1, sector=201, nr_sectors = 8 limit=128 [ 797.744317][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.744317][ T60] loop7: rw=1, sector=217, nr_sectors = 8 limit=128 [ 797.778883][ T29] audit: type=1326 audit(1773804692.660:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 797.834630][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.834630][ T60] loop7: rw=1, sector=233, nr_sectors = 8 limit=128 [ 797.906386][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.906386][ T60] loop7: rw=1, sector=249, nr_sectors = 8 limit=128 [ 797.924088][ T29] audit: type=1326 audit(1773804692.680:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=247 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 797.984308][ T60] kworker/u8:5: attempt to access beyond end of device [ 797.984308][ T60] loop7: rw=1, sector=265, nr_sectors = 8 limit=128 [ 798.044453][ T29] audit: type=1326 audit(1773804692.720:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 798.085898][ T60] kworker/u8:5: attempt to access beyond end of device [ 798.085898][ T60] loop7: rw=1, sector=281, nr_sectors = 8 limit=128 [ 798.143458][ T60] kworker/u8:5: attempt to access beyond end of device [ 798.143458][ T60] loop7: rw=1, sector=297, nr_sectors = 8 limit=128 [ 798.165710][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 798.172135][ T29] audit: type=1326 audit(1773804692.720:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 798.175089][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 798.344840][ T29] audit: type=1326 audit(1773804692.720:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=248 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 798.441786][ T29] audit: type=1326 audit(1773804692.720:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 798.549724][ T29] audit: type=1326 audit(1773804692.730:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13833 comm="syz.4.2870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7165cab code=0x7ffc0000 [ 799.164167][ T24] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 799.205598][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 799.215188][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 799.282997][T13859] loop4: detected capacity change from 0 to 512 [ 799.352033][ T24] usb 9-1: Using ep0 maxpacket: 8 [ 799.395786][ T24] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 799.445991][ T24] usb 9-1: config 0 has no interfaces? [ 799.491589][ T24] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 799.525574][ T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 799.540071][T13859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 799.570055][ T24] usb 9-1: config 0 descriptor?? [ 799.587277][T13859] ext4 filesystem being mounted at /632/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 799.639943][T13865] loop7: detected capacity change from 0 to 128 [ 799.869766][T13851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 799.965620][T13851] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 800.208614][ T24] usb 9-1: USB disconnect, device number 8 [ 800.245631][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 800.258697][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 801.037901][T13933] FAT-fs (loop7): error, invalid FAT chain (i_pos 548, last_block 8) [ 801.166547][ T5781] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 801.210161][T13933] FAT-fs (loop7): Filesystem has been set read-only [ 801.285921][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 801.295866][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 801.328552][T13933] FAT-fs (loop7): error, corrupted file size (i_pos 548, 522) [ 802.325280][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 802.334757][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 802.916398][T13953] loop4: detected capacity change from 0 to 64 [ 803.237218][T11668] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 803.365409][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 803.374904][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 803.464225][T11668] usb 10-1: Using ep0 maxpacket: 16 [ 803.492655][T11668] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 803.552398][T11668] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 803.586140][T11668] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 803.625544][T11668] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 803.709508][T11668] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 803.766566][T11668] usb 10-1: config 0 descriptor?? [ 803.794868][T13964] loop4: detected capacity change from 0 to 512 [ 803.838530][T13964] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 803.851882][T13966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 803.862081][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 803.994161][T13964] EXT4-fs (loop4): 1 truncate cleaned up [ 804.012769][T13964] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 804.274744][T13973] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.4.2896: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 804.402143][T11668] input: HID 05ac:8241 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:05AC:8241.0019/input/input26 [ 804.425397][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 804.434730][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 804.470096][T13977] overlayfs: failed to clone upperpath [ 804.660375][T11668] appleir 0003:05AC:8241.0019: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.9-1/input0 [ 804.801302][T11668] usb 10-1: USB disconnect, device number 3 [ 804.808994][ T5781] EXT4-fs error (device loop4): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 805.611438][T13979] fido_id[13979]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory [ 805.720764][T11755] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.067723][T13989] overlayfs: failed to clone upperpath [ 806.279720][T11703] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.472237][T11703] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.495407][ C1] net_ratelimit: 3 callbacks suppressed [ 806.495476][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 806.513440][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 806.740180][T11703] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.919818][T11703] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 807.293223][T11703] bridge_slave_1: left allmulticast mode [ 807.302571][T11703] bridge_slave_1: left promiscuous mode [ 807.310185][T11703] bridge0: port 2(bridge_slave_1) entered disabled state [ 807.331371][T11703] bridge_slave_0: left allmulticast mode [ 807.337612][T11703] bridge_slave_0: left promiscuous mode [ 807.344627][T11703] bridge0: port 1(bridge_slave_0) entered disabled state [ 807.525600][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 807.534922][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 807.889447][T14000] overlayfs: failed to clone upperpath [ 807.973275][T11703] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 808.052234][T11703] bond_slave_0: left promiscuous mode [ 808.136563][T11703] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 808.191974][T11703] bond_slave_1: left promiscuous mode [ 808.217653][T11703] bond0 (unregistering): Released all slaves [ 808.565451][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 808.575098][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 808.650359][T11703] tipc: Disabling bearer [ 808.674522][T11703] tipc: Left network mode [ 809.074899][ T5787] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 809.084613][ T5787] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 809.098944][ T5787] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 809.123053][ T5787] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 809.144218][ T5787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 809.293462][T14020] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.346011][T14020] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.381224][T14020] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.428108][T14020] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 809.690134][T14027] loop9: detected capacity change from 0 to 512 [ 809.754966][T14027] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 809.870521][T14027] EXT4-fs (loop9): 1 truncate cleaned up [ 809.916910][T11703] hsr_slave_0: left promiscuous mode [ 809.930982][T14027] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 810.027870][T11703] hsr_slave_1: left promiscuous mode [ 810.089419][T11703] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 810.136899][T11703] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 810.214981][T11703] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 810.222565][T11703] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 810.307487][T12554] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 810.338098][T11703] veth1_macvtap: left promiscuous mode [ 810.392317][T11703] veth0_macvtap: left promiscuous mode [ 810.411007][T11703] veth1_vlan: left promiscuous mode [ 810.421647][T11703] veth0_vlan: left promiscuous mode [ 810.584091][ T24] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 810.760424][ T24] usb 9-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 810.800637][ T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 810.858910][ T24] usb 9-1: config 0 descriptor?? [ 810.913585][ T24] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 811.204505][T11441] Bluetooth: hci2: command tx timeout [ 811.338462][ T24] cpia1 9-1:0.0: unexpected state after lo power cmd: 00 [ 811.685869][ C1] net_ratelimit: 6 callbacks suppressed [ 811.685949][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 811.700988][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 811.796960][T11703] team0 (unregistering): Port device team_slave_1 removed [ 811.869236][T11703] team0 (unregistering): Port device team_slave_0 removed [ 811.980187][ T24] gspca_cpia1: usb_control_msg 05, error -71 [ 812.006456][ T24] cpia1 9-1:0.0: unexpected systemstate: 00 [ 812.079088][ T24] usb 9-1: USB disconnect, device number 9 [ 812.274485][T14052] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2928'. [ 812.725443][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 812.734988][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 813.032781][T11703] IPVS: stop unused estimator thread 0... [ 813.283989][T11441] Bluetooth: hci2: command tx timeout [ 813.764204][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 813.772875][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 813.782530][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 813.887992][T14013] chnl_net:caif_netlink_parms(): no params data found [ 813.910744][T14073] netlink: 'syz.0.2935': attribute type 1 has an invalid length. [ 813.929372][T14073] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2935'. [ 814.018033][T14073] netlink: 'syz.0.2935': attribute type 1 has an invalid length. [ 814.044574][T14073] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2935'. [ 814.804094][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 814.812750][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 814.822386][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 815.363990][T11441] Bluetooth: hci2: command tx timeout [ 815.397929][T14013] bridge0: port 1(bridge_slave_0) entered blocking state [ 815.422770][T14013] bridge0: port 1(bridge_slave_0) entered disabled state [ 815.459425][T14013] bridge_slave_0: entered allmulticast mode [ 815.496840][T14013] bridge_slave_0: entered promiscuous mode [ 815.564929][T14013] bridge0: port 2(bridge_slave_1) entered blocking state [ 815.599700][T14013] bridge0: port 2(bridge_slave_1) entered disabled state [ 815.633058][T14013] bridge_slave_1: entered allmulticast mode [ 815.643611][T14013] bridge_slave_1: entered promiscuous mode [ 815.938261][T14013] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 816.010566][T14013] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 816.292639][T14013] team0: Port device team_slave_0 added [ 816.382860][T14013] team0: Port device team_slave_1 added [ 816.646227][T14013] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 816.653330][T14013] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 816.743049][T14013] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 816.835291][T14013] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 816.842399][T14013] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 816.884076][ C1] net_ratelimit: 3 callbacks suppressed [ 816.884150][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 816.898553][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 816.913429][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 816.928619][T14122] netlink: 600 bytes leftover after parsing attributes in process `syz.8.2948'. [ 816.930356][T14013] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 816.970791][T14118] netlink: 'syz.8.2948': attribute type 29 has an invalid length. [ 817.012418][T14119] netlink: 'syz.8.2948': attribute type 29 has an invalid length. [ 817.381104][T14013] hsr_slave_0: entered promiscuous mode [ 817.425309][T14013] hsr_slave_1: entered promiscuous mode [ 817.444414][T11441] Bluetooth: hci2: command tx timeout [ 817.468138][T14013] debugfs: 'hsr0' already exists in 'hsr' [ 817.479330][T14013] Cannot create hsr debugfs directory [ 817.713959][ T24] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 817.894153][ T24] usb 8-1: Using ep0 maxpacket: 32 [ 817.924207][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 817.932882][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 817.942509][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 817.969086][T14135] loop8: detected capacity change from 0 to 256 [ 817.984362][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 818.018650][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 818.057971][ T24] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 818.103996][ T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 818.138642][ T24] usb 8-1: config 0 descriptor?? [ 818.347006][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 818.790845][ T24] savu 0003:1E7D:2D5A.001A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.7-1/input0 [ 818.964032][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 818.972660][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 818.982303][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 819.008336][ T24] usb 8-1: USB disconnect, device number 19 [ 819.011840][T14144] overlayfs: statfs failed on './file0' [ 819.439151][T14142] fido_id[14142]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 819.511697][T14150] netlink: 'syz.0.2958': attribute type 11 has an invalid length. [ 820.004370][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 820.065942][T14157] loop7: detected capacity change from 0 to 256 [ 820.192978][T14159] loop8: detected capacity change from 0 to 256 [ 820.292089][T14013] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 820.372975][T14159] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 820.397276][T14013] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 820.512749][T14159] exFAT-fs (loop8): valid_size(150994954) is greater than size(10) [ 820.569544][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 820.569611][ T29] audit: type=1800 audit(1773804715.780:260): pid=14159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2962" name="file1" dev="loop8" ino=1048766 res=0 errno=0 [ 820.605477][T14013] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 820.700230][T14013] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 821.760663][T14177] pim6reg1: entered promiscuous mode [ 821.778815][T14177] pim6reg1: entered allmulticast mode [ 822.084094][ C1] net_ratelimit: 7 callbacks suppressed [ 822.084164][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 822.098447][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 822.107888][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 822.438233][T14013] 8021q: adding VLAN 0 to HW filter on device bond0 [ 822.640532][T14013] 8021q: adding VLAN 0 to HW filter on device team0 [ 822.730910][T13915] bridge0: port 1(bridge_slave_0) entered blocking state [ 822.738485][T13915] bridge0: port 1(bridge_slave_0) entered forwarding state [ 822.910072][T13915] bridge0: port 2(bridge_slave_1) entered blocking state [ 822.917630][T13915] bridge0: port 2(bridge_slave_1) entered forwarding state [ 823.134037][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 823.142581][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 823.152210][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 823.632061][T14196] loop7: detected capacity change from 0 to 128 [ 823.698744][T14196] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 823.866933][ T29] audit: type=1800 audit(1773804719.080:261): pid=14196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2974" name="file1" dev="loop7" ino=1048768 res=0 errno=0 [ 824.164103][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 824.172810][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 824.182490][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 825.144282][T14013] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 825.204133][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 825.662526][T14013] veth0_vlan: entered promiscuous mode [ 825.877118][T14013] veth1_vlan: entered promiscuous mode [ 826.448615][T14013] veth0_macvtap: entered promiscuous mode [ 826.561367][T14013] veth1_macvtap: entered promiscuous mode [ 826.631374][T14234] loop8: detected capacity change from 0 to 512 [ 826.780856][T14234] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.2986: inode has both inline data and extents flags [ 826.884831][ T5787] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 826.896161][T11668] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 826.905210][ T5787] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 826.918172][ T5787] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 826.956466][T14234] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 826.958556][ T5787] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 826.976112][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 826.982691][ C1] EXT4-fs (loop8): initial error at time 1773804722: ext4_orphan_get:1391: inode 15 [ 826.992431][ C1] EXT4-fs (loop8): last error at time 1773804722: ext4_orphan_get:1391: inode 15 [ 827.026201][T14234] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.2986: couldn't read orphan inode 15 (err -117) [ 827.027427][ T5787] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 827.040020][T14234] loop8: lost filesystem error report for type 5 error -117 [ 827.084075][T11668] usb 8-1: Using ep0 maxpacket: 8 [ 827.088737][T14013] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 827.112022][T14234] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 827.126015][T11668] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 827.154294][T11668] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 827.224198][T11668] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 827.284224][ C1] net_ratelimit: 5 callbacks suppressed [ 827.284297][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 827.298722][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 827.308841][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 827.322031][T14013] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 827.330500][T11668] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 827.388746][T11668] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 827.411962][T11668] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 827.484240][T11658] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 827.613123][T13929] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.684253][T13929] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.693544][T14245] 9p: Bad value for 'rfdno' [ 827.765972][T11668] usb 8-1: usb_control_msg returned -32 [ 827.821586][T11668] usbtmc 8-1:16.0: can't read capabilities [ 827.844005][T13929] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 827.844392][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 827.917694][T13915] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 828.167508][T14250] usbtmc 8-1:16.0: usb_control_msg returned -32 [ 828.190431][T12216] usb 8-1: USB disconnect, device number 20 [ 828.323950][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 828.332416][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 828.341894][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 829.213945][ T5787] Bluetooth: hci5: command tx timeout [ 829.364055][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 829.372588][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 829.382091][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 829.564702][T14270] loop7: detected capacity change from 0 to 1024 [ 829.827113][T14270] hfsplus: b-tree write err: -5, ino 2 [ 829.867617][T14270] hfsplus: b-tree write err: -5, ino 26 [ 830.536481][T13925] hfsplus: b-tree write err: -5, ino 25 [ 830.558517][T14242] chnl_net:caif_netlink_parms(): no params data found [ 830.584681][T13925] hfsplus: b-tree write err: -5, ino 4 [ 830.590501][T13925] hfsplus: b-tree write err: -5, ino 2 [ 830.624290][T13925] hfsplus: b-tree write err: -5, ino 26 [ 830.708038][T13925] hfsplus: b-tree write err: -5, ino 27 [ 830.828939][T13917] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 830.993950][T11668] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 831.174898][T11668] usb 9-1: Using ep0 maxpacket: 8 [ 831.196015][T13917] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 831.221460][T11668] usb 9-1: config 0 has an invalid interface number: 55 but max is 0 [ 831.221586][T11668] usb 9-1: config 0 has no interface number 0 [ 831.221690][T11668] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 831.221810][T11668] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 831.221942][T11668] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 831.222075][T11668] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 831.222272][T11668] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 831.222397][T11668] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 831.233383][T11668] usb 9-1: config 0 descriptor?? [ 831.284178][T11441] Bluetooth: hci5: command tx timeout [ 831.295713][T11668] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 831.438342][T13917] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 831.528626][ C0] ldusb 9-1:0.55: usb_submit_urb failed (-19) [ 831.528730][T11668] usb 9-1: USB disconnect, device number 10 [ 831.539714][T11668] ldusb 9-1:0.55: LD USB Device #0 now disconnected [ 831.648488][T13917] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 832.234460][T13917] bridge_slave_1: left allmulticast mode [ 832.458204][T13917] bridge_slave_1: left promiscuous mode [ 832.484050][ C1] net_ratelimit: 6 callbacks suppressed [ 832.484115][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 832.498736][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 832.508599][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 832.532221][T13917] bridge0: port 2(bridge_slave_1) entered disabled state [ 832.633536][T13917] bridge_slave_0: left allmulticast mode [ 832.641097][T13917] bridge_slave_0: left promiscuous mode [ 832.686234][T13917] bridge0: port 1(bridge_slave_0) entered disabled state [ 833.364898][T11441] Bluetooth: hci5: command tx timeout [ 833.524099][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 833.533497][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 833.543471][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.002077][T13917] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 834.065003][T13917] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 834.109923][T13917] bond0 (unregistering): Released all slaves [ 834.256851][T11441] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 834.270900][T11441] CPU: 1 UID: 0 PID: 11441 Comm: kworker/u9:0 Tainted: G W L syzkaller #0 PREEMPT(full) [ 834.271079][T11441] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 834.271128][T11441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 834.271223][T11441] Workqueue: hci0 hci_rx_work [ 834.271373][T11441] Call Trace: [ 834.271417][T11441] [ 834.271463][T11441] __dump_stack+0x26/0x30 [ 834.271608][T11441] dump_stack_lvl+0x14c/0x1c0 [ 834.271754][T11441] dump_stack+0x1e/0x25 [ 834.271887][T11441] sysfs_create_dir_ns+0x46c/0x540 [ 834.272090][T11441] kobject_add_internal+0x1084/0x19b0 [ 834.272294][T11441] kobject_add+0x2c1/0x410 [ 834.272476][T11441] ? kmsan_get_metadata+0xf1/0x160 [ 834.272664][T11441] device_add+0xa70/0x1c00 [ 834.272841][T11441] hci_conn_add_sysfs+0x159/0x2e0 [ 834.272983][T11441] le_conn_complete_evt+0x1d0a/0x2250 [ 834.273193][T11441] hci_le_conn_complete_evt+0x157/0x260 [ 834.273380][T11441] hci_le_meta_evt+0x6eb/0x960 [ 834.273533][T11441] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 834.273709][T11441] hci_event_packet+0xce2/0x1e40 [ 834.273843][T11441] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 834.274032][T11441] hci_rx_work+0x8c3/0xfc0 [ 834.274186][T11441] ? kmsan_get_metadata+0xf1/0x160 [ 834.274363][T11441] ? __pfx_hci_rx_work+0x10/0x10 [ 834.274509][T11441] process_scheduled_works+0xb82/0x1e80 [ 834.274708][T11441] worker_thread+0xee4/0x1590 [ 834.274885][T11441] kthread+0x53f/0x600 [ 834.275043][T11441] ? __pfx_worker_thread+0x10/0x10 [ 834.275194][T11441] ? __pfx_kthread+0x10/0x10 [ 834.275340][T11441] ret_from_fork+0x20f/0x910 [ 834.275475][T11441] ? __switch_to+0x51c/0x750 [ 834.275636][T11441] ? __pfx_kthread+0x10/0x10 [ 834.275782][T11441] ret_from_fork_asm+0x1a/0x30 [ 834.275965][T11441] [ 834.455062][T11441] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 834.469662][T11441] Bluetooth: hci0: failed to register connection device [ 834.563991][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.572516][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.581953][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 834.894529][T14242] bridge0: port 1(bridge_slave_0) entered blocking state [ 834.901987][T14242] bridge0: port 1(bridge_slave_0) entered disabled state [ 834.957819][T14242] bridge_slave_0: entered allmulticast mode [ 834.991470][T14242] bridge_slave_0: entered promiscuous mode [ 835.082831][T14334] ceph: No mds server is up or the cluster is laggy [ 835.147440][T14242] bridge0: port 2(bridge_slave_1) entered blocking state [ 835.234858][T14242] bridge0: port 2(bridge_slave_1) entered disabled state [ 835.268141][T14242] bridge_slave_1: entered allmulticast mode [ 835.307845][T14242] bridge_slave_1: entered promiscuous mode [ 835.469940][ T5787] Bluetooth: hci5: command tx timeout [ 835.605894][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 835.830732][T13917] hsr_slave_0: left promiscuous mode [ 835.871110][T13917] hsr_slave_1: left promiscuous mode [ 835.895377][T13917] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 835.913415][T13917] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 835.936575][T14350] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3013'. [ 835.998516][T13917] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 836.031113][T13917] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 836.123179][T13917] veth1_macvtap: left promiscuous mode [ 836.152203][T13917] veth0_macvtap: left promiscuous mode [ 836.160973][T13917] veth1_vlan: left promiscuous mode [ 836.180443][T13917] veth0_vlan: left promiscuous mode [ 836.269292][T14355] fuse: Bad value for 'fd' [ 836.764759][T14361] sg_write: data in/out 33554396/10 bytes for SCSI command 0xff-- guessing data in; [ 836.764759][T14361] program syz.8.3017 not setting count and/or reply_len properly [ 837.684042][ C1] net_ratelimit: 7 callbacks suppressed [ 837.684111][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 837.698392][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 837.708780][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 837.771339][T13917] team0 (unregistering): Port device team_slave_1 removed [ 837.881263][T13917] team0 (unregistering): Port device team_slave_0 removed [ 838.406568][T14382] virtiofs: Unknown parameter 'always0000000 0 [ 838.406568][T14382] 20 batadv0 : 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 21 vxcan0 : 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 22 vxcan1 : 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 23 veth0 : 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 24 veth1 : 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 25 veth0_to_bridge: 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 26 bridge_slave_0: 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 27 veth1_to_bridge: 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 28 bridge_slave_1: 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 29 veth0_to_bond: 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 30 bond_slave_0: 1 V3 [ 838.406568][T14382] 010000E0 1 0:00000000 0 [ 838.406568][T14382] 31 veth1_to_bond: 1 V3 [ 838.406568][T14382] 010000' [ 838.550303][T14242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 838.612146][T14242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 838.724077][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 838.732932][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 838.742470][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.102470][T14242] team0: Port device team_slave_0 added [ 839.194397][T14242] team0: Port device team_slave_1 added [ 839.296472][T14391] loop8: detected capacity change from 0 to 512 [ 839.455158][T14391] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 839.579304][T14391] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 839.754747][T14242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 839.764203][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.772805][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.782227][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.797595][T14242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 839.923304][T14242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 840.043581][T14242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 840.071622][T14242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 840.072655][T11658] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 840.162396][T14242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 840.680554][T14242] hsr_slave_0: entered promiscuous mode [ 840.691410][T14413] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3028'. [ 840.710467][T14242] hsr_slave_1: entered promiscuous mode [ 840.746699][T14242] debugfs: 'hsr0' already exists in 'hsr' [ 840.759860][T14242] Cannot create hsr debugfs directory [ 840.776483][T14412] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3029'. [ 840.799155][T14412] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3029'. [ 840.808980][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 840.864168][T13923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 840.924462][T13923] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 841.588625][T13929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 841.615967][T13929] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 842.258040][ T40] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 842.465687][ T40] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 842.497526][ T40] usb 8-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00 [ 842.536223][ T40] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 842.592540][ T40] usb 8-1: config 0 descriptor?? [ 842.646377][ T40] usbhid 8-1:0.0: couldn't find an input interrupt endpoint [ 842.884042][ C1] net_ratelimit: 14 callbacks suppressed [ 842.884115][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 842.898563][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 842.908357][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.417008][ T9] usb 8-1: USB disconnect, device number 21 [ 843.924176][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.932805][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.942110][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 844.251094][T14242] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 844.389952][T14463] loop7: detected capacity change from 0 to 128 [ 844.422215][T14242] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 844.599796][T14242] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 844.745156][T14242] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 844.964094][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 844.972713][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 844.983116][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.229689][T14474] loop8: detected capacity change from 0 to 128 [ 845.334161][T14474] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 845.391648][T14474] hpfs: filesystem error: improperly stopped [ 845.421832][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.436045][T14474] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 845.480912][T14474] hpfs: You really don't want any checks? You are crazy... [ 845.528062][T14474] hpfs: hpfs_map_sector(): read error [ 845.579199][T14474] hpfs: code page support is disabled [ 845.624315][T14474] hpfs: hpfs_map_4sectors(): unaligned read [ 845.654241][T14474] hpfs: hpfs_map_4sectors(): unaligned read [ 845.664043][T14474] hpfs: filesystem error: unable to find root dir [ 846.459538][T14242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 846.725312][T14242] 8021q: adding VLAN 0 to HW filter on device team0 [ 846.887342][T13915] bridge0: port 1(bridge_slave_0) entered blocking state [ 846.894903][T13915] bridge0: port 1(bridge_slave_0) entered forwarding state [ 847.000591][T13921] bridge0: port 2(bridge_slave_1) entered blocking state [ 847.008213][T13921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 847.903472][T14479] net_ratelimit: 964 callbacks suppressed [ 847.903545][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 847.946116][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 847.967612][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.004541][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.034206][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.043354][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.084015][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.092640][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.101879][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.114355][T14479] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.923578][T14242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 849.327347][T14523] loop7: detected capacity change from 0 to 22 [ 849.361926][T14523] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 849.825479][T14530] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3064'. [ 850.040174][T14527] loop3: detected capacity change from 0 to 4096 [ 851.191874][T14549] loop7: detected capacity change from 0 to 256 [ 851.499591][T14242] veth0_vlan: entered promiscuous mode [ 851.600629][T14242] veth1_vlan: entered promiscuous mode [ 852.175128][T14242] veth0_macvtap: entered promiscuous mode [ 852.232467][T14242] veth1_macvtap: entered promiscuous mode [ 852.451122][T14242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 852.650232][T14242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 852.776788][T13921] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 852.867596][T13921] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 852.898777][T13921] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 852.940902][T13925] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 853.284038][ C1] net_ratelimit: 71 callbacks suppressed [ 853.284107][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 853.298606][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 853.308143][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.221903][T14590] loop3: detected capacity change from 0 to 2048 [ 854.306679][T14590] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 854.324201][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.333005][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.343867][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.450482][T14597] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 855.281909][T14607] could not allocate digest TFM handle -¿ÆqøêÊâ4¿OÃ(0&qú´f·=¯*΀¯òøj„¸$€ŒÆª­ü€«;º}'üj°O [ 855.374030][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 855.382693][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 855.392088][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 856.122172][T14624] loop7: detected capacity change from 0 to 256 [ 856.404116][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 857.073615][T14636] loop3: detected capacity change from 0 to 22 [ 857.155884][T14636] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 857.785301][T12866] usb 9-1: new high-speed USB device number 11 using dummy_hcd [ 857.986560][T12866] usb 9-1: Using ep0 maxpacket: 32 [ 858.035169][T12866] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 858.094352][T12866] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 858.132810][T12866] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 858.173418][T12866] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 858.210912][T12866] usb 9-1: config 0 descriptor?? [ 858.484107][ C1] net_ratelimit: 5 callbacks suppressed [ 858.484175][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.498537][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.508112][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.896592][T12866] koneplus 0003:1E7D:2D51.001B: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.8-1/input0 [ 859.231583][ T40] usb 9-1: USB disconnect, device number 11 [ 859.359271][T12866] usb 8-1: new high-speed USB device number 22 using dummy_hcd [ 859.373482][T14660] loop3: detected capacity change from 0 to 4096 [ 859.462025][T14665] fido_id[14665]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 859.524059][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 859.532920][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 859.543848][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 859.557521][T12866] usb 8-1: Using ep0 maxpacket: 8 [ 859.586511][T12866] usb 8-1: config index 0 descriptor too short (expected 74, got 45) [ 859.641357][T12866] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 859.694236][T12866] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 859.751985][T12866] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024 [ 859.833998][T12866] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 859.884074][T12866] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 859.945487][ T29] audit: type=1804 audit(1773804755.160:262): pid=14660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3102" name="/newroot/19/bus/file1" dev="loop3" ino=33 res=1 errno=0 [ 859.959520][T12866] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 860.056239][T12866] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 860.189613][T13923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 860.261247][T13923] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 860.405375][T12866] usb 8-1: usb_control_msg returned -32 [ 860.411211][T12866] usbtmc 8-1:16.0: can't read capabilities [ 860.564077][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 860.572844][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 860.582239][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 860.661757][T13915] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 860.681304][ T29] audit: type=1326 audit(1773804755.860:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14676 comm="syz.8.3106" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f58f6c code=0x0 [ 860.737516][T13915] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 861.604185][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 862.370637][ T9916] usb 8-1: USB disconnect, device number 22 [ 863.304742][T12866] usb 9-1: new high-speed USB device number 12 using dummy_hcd [ 863.367210][T14719] loop5: detected capacity change from 0 to 512 [ 863.415821][T14719] EXT4-fs: Ignoring removed oldalloc option [ 863.499520][T12866] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 863.521910][T12866] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 863.536166][T14719] EXT4-fs (loop5): 1 truncate cleaned up [ 863.544626][T12866] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 863.583864][T12866] usb 9-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00 [ 863.585971][T14719] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 863.605135][T12866] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 863.650547][T12866] usb 9-1: config 0 descriptor?? [ 863.684077][ C1] net_ratelimit: 5 callbacks suppressed [ 863.684148][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 863.698586][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 863.708462][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 863.842777][ T29] audit: type=1800 audit(1773804759.040:264): pid=14719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3119" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 863.945328][T14732] EXT4-fs error (device loop5): ext4_find_dest_de:2050: inode #2: block 13: comm syz.5.3119: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0 [ 864.144090][T14732] EXT4-fs (loop5): Remounting filesystem read-only [ 864.236058][T12866] steelseries 0003:1038:1410.001C: missing HID_OUTPUT_REPORT 0 [ 864.426191][T12866] usb 9-1: USB disconnect, device number 12 [ 864.567342][T14242] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 864.724074][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 864.732667][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 864.742071][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 865.427022][T14748] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3126'. [ 865.571258][T14748] netlink: 'syz.7.3126': attribute type 2 has an invalid length. [ 865.666367][T14748] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3126'. [ 865.764084][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 865.772822][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 865.782383][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 866.254331][T12866] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 866.464392][T12866] usb 6-1: Using ep0 maxpacket: 8 [ 866.535758][T12866] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 866.564263][T12866] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 866.634179][T12866] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 866.664138][T12866] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 866.700115][T12866] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 866.743898][T12866] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 866.804108][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 866.812694][T12866] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 867.158200][T12866] usb 6-1: usb_control_msg returned -32 [ 867.200513][T12866] usbtmc 6-1:16.0: can't read capabilities [ 867.926818][T14781] usbtmc 6-1:16.0: usb_clear_halt returned -32 [ 868.134482][T12866] usb 6-1: USB disconnect, device number 3 [ 868.894979][ C1] net_ratelimit: 11 callbacks suppressed [ 868.895050][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 868.909488][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 868.918979][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.396673][T14803] loop5: detected capacity change from 0 to 512 [ 869.428805][T14803] EXT4-fs (loop5): Test dummy encryption mode enabled [ 869.455162][T14806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.488445][T14803] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 869.504881][T14806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.549536][T14806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.583056][T14803] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.3144: bad orphan inode 131083 [ 869.593223][T14806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.614125][T14803] loop5: lost filesystem error report for type 5 error -117 [ 869.623761][ C1] EXT4-fs (loop5): error count since last fsck: 1 [ 869.637904][ C1] EXT4-fs (loop5): initial error at time 1773804764: ext4_orphan_get:1417 [ 869.646674][ C1] EXT4-fs (loop5): last error at time 1773804764: ext4_orphan_get:1417 [ 869.737885][T14806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.789530][T14803] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 869.811575][T14806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.890589][T14806] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 870.028851][T14811] loop7: detected capacity change from 0 to 256 [ 870.118975][T14811] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 870.254714][T14811] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 870.358726][T14242] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 871.234772][T14826] ptrace attach of "./syz-executor exec"[14013] was attempted by ""[14826] [ 872.234307][T12866] usb 8-1: new high-speed USB device number 23 using dummy_hcd [ 872.439767][T12866] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 872.518755][T12866] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 872.571400][T12866] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 872.613032][T12866] usb 8-1: Product: syz [ 872.633022][T12866] usb 8-1: Manufacturer: syz [ 872.653096][T12866] usb 8-1: SerialNumber: syz [ 872.757086][T12866] cdc_ncm 8-1:1.0: skipping garbage [ 873.854890][T12866] cdc_ncm 8-1:1.0: bind() failure [ 873.925668][T12866] cdc_ncm 8-1:1.1: probe with driver cdc_ncm failed with error -71 [ 873.978521][T12866] cdc_mbim 8-1:1.1: probe with driver cdc_mbim failed with error -71 [ 874.044560][T12866] usbtest 8-1:1.1: probe with driver usbtest failed with error -71 [ 874.084113][ C1] net_ratelimit: 1029 callbacks suppressed [ 874.084187][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 874.099683][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 874.109786][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 874.123329][T12866] usb 8-1: USB disconnect, device number 23 [ 874.169827][T14858] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3163'. [ 874.639766][T14870] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3167'. [ 874.672480][T14870] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3167'. [ 875.123993][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 875.132781][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 875.142332][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 876.164088][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 876.172902][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 876.182410][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 877.204922][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 877.244267][T14900] loop8: detected capacity change from 0 to 4096 [ 877.480149][T14912] Process accounting resumed [ 879.058915][T14936] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3190'. [ 879.104064][T14936] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3190'. [ 879.294038][ C1] net_ratelimit: 5 callbacks suppressed [ 879.294110][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.308467][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.318270][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.503520][T14943] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3193'. [ 879.786847][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 880.318788][T14955] loop5: detected capacity change from 0 to 1024 [ 880.334056][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 880.342789][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 880.352118][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 880.356384][T14955] EXT4-fs: Ignoring removed orlov option [ 880.440726][T14955] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 880.540771][T14955] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 881.059999][T14242] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 881.363999][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.372791][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.382415][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.464346][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.535988][T14977] overlayfs: failed to clone upperpath [ 882.192261][T14986] loop7: detected capacity change from 0 to 512 [ 882.297539][T14986] EXT4-fs (loop7): Test dummy encryption mode enabled [ 882.340306][T14986] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 882.434267][T14986] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.3210: bad orphan inode 131083 [ 882.573203][T14986] loop7: lost filesystem error report for type 5 error -117 [ 882.573785][ C0] EXT4-fs (loop7): error count since last fsck: 1 [ 882.587980][ C0] EXT4-fs (loop7): initial error at time 1773804777: ext4_orphan_get:1417 [ 882.596838][ C0] EXT4-fs (loop7): last error at time 1773804777: ext4_orphan_get:1417 [ 882.755727][T14986] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 882.929147][T14998] ptrace attach of "./syz-executor exec"[11658] was attempted by ""[14998] [ 883.322036][ T9537] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 883.620307][T15008] loop5: detected capacity change from 0 to 256 [ 883.924308][T15008] FAT-fs (loop5): Directory bread(block 64) failed [ 883.961990][T15008] FAT-fs (loop5): Directory bread(block 65) failed [ 884.004166][T15008] FAT-fs (loop5): Directory bread(block 66) failed [ 884.031647][T15008] FAT-fs (loop5): Directory bread(block 67) failed [ 884.068204][T15008] FAT-fs (loop5): Directory bread(block 68) failed [ 884.097896][T15008] FAT-fs (loop5): Directory bread(block 69) failed [ 884.128877][T15008] FAT-fs (loop5): Directory bread(block 70) failed [ 884.170444][T15008] FAT-fs (loop5): Directory bread(block 71) failed [ 884.222760][T15008] FAT-fs (loop5): Directory bread(block 72) failed [ 884.264322][T15008] FAT-fs (loop5): Directory bread(block 73) failed [ 884.494114][ C1] net_ratelimit: 7 callbacks suppressed [ 884.494181][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 884.508560][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 884.517810][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 885.524785][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 885.533340][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 885.542797][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 886.085556][T15043] input: syz0 as /devices/virtual/input/input27 [ 886.092133][T15045] ptrace attach of "./syz-executor exec"[14242] was attempted by ""[15045] [ 886.207654][T15047] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3229'. [ 886.564018][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 886.572647][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 886.582092][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 887.604055][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 888.051587][T15068] loop5: detected capacity change from 0 to 4096 [ 888.254086][T15076] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 888.360094][T15068] overlayfs: upper fs does not support tmpfile. [ 888.444373][T15068] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 888.451611][T15068] overlayfs: failed to set xattr on upper [ 888.468396][T15077] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 888.547983][T15068] overlayfs: ...falling back to redirect_dir=nofollow. [ 888.592311][T15068] overlayfs: ...falling back to index=off. [ 888.646144][T15068] overlayfs: ...falling back to uuid=null. [ 889.634014][ T9] usb 9-1: new high-speed USB device number 13 using dummy_hcd [ 889.684043][ C1] net_ratelimit: 6 callbacks suppressed [ 889.684115][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.698625][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.708041][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.844168][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 889.879467][ T9] usb 9-1: config 0 has an invalid interface number: 132 but max is 0 [ 889.936211][T15096] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.945225][ T9] usb 9-1: config 0 has no interface number 0 [ 889.951527][ T9] usb 9-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 890.020180][T15096] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.084946][T15096] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.119501][ T9] usb 9-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 890.145123][T15100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.174131][ T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 890.215751][T15100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.231061][ T9] usb 9-1: Product: syz [ 890.251823][ T9] usb 9-1: Manufacturer: syz [ 890.274499][T15100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.299618][ T9] usb 9-1: SerialNumber: syz [ 890.327223][T15100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 890.346299][ T9] usb 9-1: config 0 descriptor?? [ 890.429198][ T9] em28xx 9-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 890.463129][ T9] em28xx 9-1:0.132: Video interface 132 found: [ 890.854547][ T9] em28xx 9-1:0.132: unknown em28xx chip ID (0) [ 890.958494][T15108] loop7: detected capacity change from 0 to 128 [ 890.978070][T15108] EXT4-fs: Ignoring removed nobh option [ 891.055821][T15108] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 891.090081][T15108] ext4 filesystem being mounted at /361/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 891.284630][ T9] em28xx 9-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=0) [ 891.316074][ T9] em28xx 9-1:0.132: board has no eeprom [ 891.563918][ T9] em28xx 9-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 891.614823][ T9] em28xx 9-1:0.132: analog set to bulk mode. [ 891.679253][T11668] em28xx 9-1:0.132: Registering V4L2 extension [ 891.735635][ T9] usb 9-1: USB disconnect, device number 13 [ 891.785347][ T9] em28xx 9-1:0.132: Disconnecting em28xx [ 891.796642][T15108] syz.7.3249 (15108) used greatest stack depth: 3176 bytes left [ 891.930070][ T9537] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 893.136858][T11668] em28xx 9-1:0.132: Config register raw data: 0xffffffed [ 893.195718][T11668] em28xx 9-1:0.132: AC97 chip type couldn't be determined [ 893.203035][T11668] em28xx 9-1:0.132: No AC97 audio processor [ 893.312458][T11668] usb 9-1: Decoder not found [ 893.348566][T11668] em28xx 9-1:0.132: failed to create media graph [ 893.401771][T11668] em28xx 9-1:0.132: V4L2 device video103 deregistered [ 893.466331][T11668] em28xx 9-1:0.132: Remote control support is not available for this card. [ 893.543197][ T9] em28xx 9-1:0.132: Closing input extension [ 893.609115][ T9] em28xx 9-1:0.132: Freeing device [ 894.884031][ C1] net_ratelimit: 12 callbacks suppressed [ 894.884101][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 894.898503][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 894.908112][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 895.924088][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 895.932688][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 895.942393][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 896.964039][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 896.972860][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 896.982181][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 897.264227][T15197] 9pnet: p9_errstr2errno: server reported unknown error 0x0000 [ 898.003964][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 898.071875][T15209] loop7: detected capacity change from 0 to 128 [ 899.441106][T15229] netlink: 67 bytes leftover after parsing attributes in process `syz.7.3288'. [ 900.084021][ C1] net_ratelimit: 12 callbacks suppressed [ 900.084094][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 900.098631][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 900.108419][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 900.765660][T15245] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 900.774676][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 901.124003][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 901.132782][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 901.142551][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 902.004320][ T29] audit: type=1326 audit(1773804797.210:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 902.174038][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 902.182606][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 902.192588][ T29] audit: type=1326 audit(1773804797.230:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 902.343833][ T29] audit: type=1326 audit(1773804797.230:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 902.507368][ T29] audit: type=1326 audit(1773804797.240:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 902.631933][ T29] audit: type=1326 audit(1773804797.240:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 902.723140][ T29] audit: type=1326 audit(1773804797.250:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 902.844004][ T29] audit: type=1326 audit(1773804797.250:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 902.992511][ T29] audit: type=1326 audit(1773804797.250:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 903.055963][T15275] netlink: 428 bytes leftover after parsing attributes in process `syz.7.3306'. [ 903.110106][T15275] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3306'. [ 903.127563][ T29] audit: type=1326 audit(1773804797.260:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 903.349740][ T29] audit: type=1326 audit(1773804797.270:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15259 comm="syz.3.3301" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f18f6c code=0x7ffc0000 [ 903.698063][T15287] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3309'. [ 903.760960][T15287] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3309'. [ 904.750257][T15305] netlink: 27 bytes leftover after parsing attributes in process `syz.7.3316'. [ 905.284047][ C1] net_ratelimit: 7 callbacks suppressed [ 905.284118][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 905.298853][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 905.308528][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 906.324062][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 906.332883][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 906.342534][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 907.364052][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 907.372668][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 907.382240][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 908.404016][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 910.486557][ C1] net_ratelimit: 5 callbacks suppressed [ 910.486626][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 910.500965][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 910.511418][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 911.524083][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 911.532737][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 911.542498][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 912.472208][T15412] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3350'. [ 912.565286][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 912.573986][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 912.584914][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 913.145653][T15420] loop7: detected capacity change from 0 to 128 [ 913.250870][T15420] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 913.393455][T15420] ext4 filesystem being mounted at /381/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 913.604031][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 913.694455][T15420] EXT4-fs (loop7): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro. [ 914.095620][ T9537] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 915.464151][T15453] syz_tun: entered allmulticast mode [ 915.504559][T15450] syz_tun: left allmulticast mode [ 915.684019][ C1] net_ratelimit: 5 callbacks suppressed [ 915.684091][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 915.698273][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 915.708860][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 916.078300][T15460] overlayfs: failed to clone upperpath [ 916.411246][T15464] loop5: detected capacity change from 0 to 64 [ 916.724068][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 916.732639][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 916.742172][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.084607][ T5787] Bluetooth: hci0: Invalid handle: 0x306c > 0x0eff [ 917.764026][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.772767][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.782627][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 918.804059][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 920.601511][T15515] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3384'. [ 920.655739][T15515] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3384'. [ 920.684150][T15515] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3384'. [ 920.719970][T15515] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3384'. [ 921.330403][T15522] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3386'. [ 922.109885][T15531] loop7: detected capacity change from 0 to 512 [ 922.454305][T15531] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 922.545670][T15531] ext4 filesystem being mounted at /390/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 922.610704][T15531] EXT4-fs error (device loop7): ext4_do_update_inode:5569: inode #2: comm syz.7.3389: corrupted inode contents [ 922.754082][T15531] EXT4-fs error (device loop7): ext4_dirty_inode:6450: inode #2: comm syz.7.3389: mark_inode_dirty error [ 922.776695][T15540] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3392'. [ 922.844432][T15531] EXT4-fs error (device loop7): ext4_do_update_inode:5569: inode #2: comm syz.7.3389: corrupted inode contents [ 922.916051][T15531] EXT4-fs error (device loop7): __ext4_ext_dirty:207: inode #2: comm syz.7.3389: mark_inode_dirty error [ 923.001791][T15541] EXT4-fs warning (device loop7): ext4_es_cache_extent:1082: inode #2: comm syz.7.3389: ES cache extent failed: add [0,1,21,0x1] conflict with existing [0,8,576460752303423487,0x18] [ 923.001791][T15541] [ 923.092697][T13927] ===================================================== [ 923.100344][T13927] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xe7b/0xc820 [ 923.112116][T13927] n_tty_receive_buf_standard+0xe7b/0xc820 [ 923.119269][T13927] n_tty_receive_buf_common+0x1a59/0x2610 [ 923.125335][T13927] n_tty_receive_buf2+0x4c/0x60 [ 923.130341][T13927] tty_ldisc_receive_buf+0xc6/0x2c0 [ 923.135926][T13927] tty_port_default_receive_buf+0xd7/0x1a0 [ 923.141932][T13927] flush_to_ldisc+0x43e/0xe40 [ 923.147157][T13927] process_scheduled_works+0xb82/0x1e80 [ 923.153033][T13927] worker_thread+0xee4/0x1590 [ 923.157943][T13927] kthread+0x53f/0x600 [ 923.162256][T13927] ret_from_fork+0x20f/0x910 [ 923.167138][T13927] ret_from_fork_asm+0x1a/0x30 [ 923.172079][T13927] [ 923.174604][T13927] Uninit was stored to memory at: [ 923.179849][T13927] n_tty_receive_buf_standard+0xe74/0xc820 [ 923.185902][T13927] n_tty_receive_buf_common+0x1a59/0x2610 [ 923.191781][T13927] n_tty_receive_buf2+0x4c/0x60 [ 923.196900][T13927] tty_ldisc_receive_buf+0xc6/0x2c0 [ 923.202280][T13927] tty_port_default_receive_buf+0xd7/0x1a0 [ 923.208412][T13927] flush_to_ldisc+0x43e/0xe40 [ 923.216551][T13927] process_scheduled_works+0xb82/0x1e80 [ 923.222266][T13927] worker_thread+0xee4/0x1590 [ 923.227896][T13927] kthread+0x53f/0x600 [ 923.232135][T13927] ret_from_fork+0x20f/0x910 [ 923.237031][T13927] ret_from_fork_asm+0x1a/0x30 [ 923.241989][T13927] [ 923.244458][T13927] Uninit was created at: [ 923.248937][T13927] __kmalloc_noprof+0x486/0x1680 [ 923.254113][T13927] __tty_buffer_request_room+0x3d4/0x7a0 [ 923.259921][T13927] __tty_insert_flip_string_flags+0x157/0x6e0 [ 923.266263][T13927] uart_insert_char+0x368/0x930 [ 923.271314][T13927] serial8250_read_char+0x1ba/0x670 [ 923.276781][T13927] serial8250_handle_irq+0x930/0x1110 [ 923.282327][T13927] serial8250_default_handle_irq+0x116/0x370 [ 923.290575][T13927] serial8250_interrupt+0xcb/0x420 [ 923.296451][T13927] __handle_irq_event_percpu+0x13c/0xf90 [ 923.302230][T13927] handle_irq_event+0xe0/0x2a0 [ 923.307219][T13927] handle_edge_irq+0x2a9/0xb30 [ 923.312147][T13927] __common_interrupt+0x9d/0x180 [ 923.320544][T13927] common_interrupt+0x94/0xb0 [ 923.326225][T13927] asm_common_interrupt+0x2b/0x40 [ 923.331393][T13927] [ 923.334578][T13927] CPU: 1 UID: 0 PID: 13927 Comm: kworker/u8:29 Tainted: G W L syzkaller #0 PREEMPT(full) [ 923.346026][T13927] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 923.351302][T13927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 923.361561][T13927] Workqueue: events_unbound flush_to_ldisc [ 923.367685][T13927] ===================================================== [ 923.374793][T13927] Disabling lock debugging due to kernel taint [ 923.391160][T13927] Kernel panic - not syncing: kmsan.panic set ... [ 923.397718][T13927] CPU: 1 UID: 0 PID: 13927 Comm: kworker/u8:29 Tainted: G B W L syzkaller #0 PREEMPT(full) [ 923.409115][T13927] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP [ 923.415621][T13927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 923.425793][T13927] Workqueue: events_unbound flush_to_ldisc [ 923.431796][T13927] Call Trace: [ 923.435147][T13927] [ 923.438144][T13927] __dump_stack+0x26/0x30 [ 923.442607][T13927] dump_stack_lvl+0x50/0x1c0 [ 923.447331][T13927] ? dump_stack+0x12/0x25 [ 923.451795][T13927] dump_stack+0x1e/0x25 [ 923.456094][T13927] vpanic+0x7b4/0x1430 [ 923.460327][T13927] panic+0x15d/0x160 [ 923.464403][T13927] kmsan_report+0x31a/0x320 [ 923.469070][T13927] ? kmsan_get_metadata+0xf1/0x160 [ 923.474337][T13927] ? __msan_warning+0x1b/0x30 [ 923.479157][T13927] ? n_tty_receive_buf_standard+0xe7b/0xc820 [ 923.485299][T13927] ? n_tty_receive_buf_common+0x1a59/0x2610 [ 923.491442][T13927] ? n_tty_receive_buf2+0x4c/0x60 [ 923.496621][T13927] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 923.502172][T13927] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 923.508423][T13927] ? flush_to_ldisc+0x43e/0xe40 [ 923.513430][T13927] ? process_scheduled_works+0xb82/0x1e80 [ 923.519388][T13927] ? worker_thread+0xee4/0x1590 [ 923.524374][T13927] ? kthread+0x53f/0x600 [ 923.528762][T13927] ? ret_from_fork+0x20f/0x910 [ 923.533656][T13927] ? ret_from_fork_asm+0x1a/0x30 [ 923.538764][T13927] ? ret_from_fork_asm+0x1a/0x30 [ 923.543885][T13927] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 923.550414][T13927] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 923.556670][T13927] ? __mutex_unlock_slowpath+0x3f7/0x530 [ 923.562476][T13927] ? kmsan_get_metadata+0x146/0x160 [ 923.567854][T13927] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 923.573853][T13927] ? n_tty_receive_char+0x1223/0x14f0 [ 923.579380][T13927] ? kmsan_get_metadata+0xf1/0x160 [ 923.584669][T13927] __msan_warning+0x1b/0x30 [ 923.589322][T13927] n_tty_receive_buf_standard+0xe7b/0xc820 [ 923.595399][T13927] ? kmsan_get_metadata+0xf1/0x160 [ 923.600673][T13927] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 923.607178][T13927] ? kmsan_get_metadata+0xf1/0x160 [ 923.612472][T13927] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 923.618714][T13927] n_tty_receive_buf_common+0x1a59/0x2610 [ 923.624653][T13927] ? n_tty_receive_buf_common+0x731/0x2610 [ 923.630621][T13927] n_tty_receive_buf2+0x4c/0x60 [ 923.635602][T13927] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 923.641279][T13927] tty_ldisc_receive_buf+0xc6/0x2c0 [ 923.646653][T13927] tty_port_default_receive_buf+0xd7/0x1a0 [ 923.652647][T13927] flush_to_ldisc+0x43e/0xe40 [ 923.657500][T13927] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 923.664091][T13927] ? __pfx_flush_to_ldisc+0x10/0x10 [ 923.669492][T13927] process_scheduled_works+0xb82/0x1e80 [ 923.675229][T13927] worker_thread+0xee4/0x1590 [ 923.680072][T13927] kthread+0x53f/0x600 [ 923.684283][T13927] ? __pfx_worker_thread+0x10/0x10 [ 923.689536][T13927] ? __pfx_kthread+0x10/0x10 [ 923.694270][T13927] ret_from_fork+0x20f/0x910 [ 923.698985][T13927] ? __switch_to+0x51c/0x750 [ 923.703740][T13927] ? __pfx_kthread+0x10/0x10 [ 923.708482][T13927] ret_from_fork_asm+0x1a/0x30 [ 923.713421][T13927] [ 923.716786][T13927] Kernel Offset: disabled [ 923.721145][T13927] Rebooting in 86400 seconds..